The European Securities and Markets Authority (ESMA) has published its second consolidated report on sanctions and measures imposed by national competent authorities in Member States in 2024. The report reveals that over 970 administrative sanctions and measures were issued in financial sectors under ESMA's remit, with the total aggregated value of administrative fines exceeding EUR100 million, an increase compared to 2023. The highest number of administrative sanctions and measures were imposed under the Market Abuse Regulation (MAR), the Markets in Financial Instruments Directive (MiFID) and the Markets in Financial Instruments Regulation (MiFIR).

The highest amounts of administrative fines for 2024 were imposed under MAR. The more granular data shows that over 60% of all administrative sanctions and measures imposed in 2024 were administrative fines, and 10% were issued using settlement procedures. ESMA also reports that no sanctions or measures were imposed under the Securities Financing Transactions Regulation (SFTR) or the Markets in Crypto-Assets Regulation (MiCAR), while a measure was issued for the first time under the European Crowdfunding Service Providers Regulation. ESMA highlights discrepancies in sanctioning powers across jurisdictions, including differences in the amounts of fines, number and types of sanctions and measures, and use of settlements.

HM Treasury has published guidance confirming that from 28 January 2026, the UK Sanctions List (UKSL) will become the sole official source for UK sanctions designations, replacing the OFSI Consolidated List of Asset Freeze Targets. From this date, all new sanctions entries will appear only on the UKSL, which will include clearer identifiers and will be available in a more user-friendly format. An updated search tool and designation notices for all types of sanctions designations will also be introduced to make it easier to understand who is sanctioned and why. Businesses are encouraged to start updating their systems now to avoid disruption and prepare for the formal closure of the OFSI Consolidated List.

The European Banking Authority (EBA) has published a report addressing money laundering and terrorist financing (ML/TF) risks in crypto-asset services, including issuance, trading and service provision. Drawing on lessons from recent supervisory cases across the EU and engagement with national supervisors, the report identifies vulnerabilities in the sector and offers guidance to strengthen compliance and oversight. It examines strategies used by certain crypto-asset service providers and issuers to side-step national AML/CFT supervision, including through unauthorised operations, forum shopping and improper use of certain regulatory exemptions. The report also outlines safeguards introduced by MiCAR and the AML/CFT regime, stating that effective implementation will depend on proactive monitoring of unauthorised activities, continuous risk identification and strong cross-border cooperation, amongst others.

The Financial Markets Standards Board (FMSB) has released its finalised Statement of Good Practice (SoGP) on Unauthorised Trading Frameworks. The SoGP, consulted on in July, aims to support firms in developing robust oversight and control mechanisms to mitigate the risk of unauthorised trading in wholesale financial markets. It provides practical recommendations on areas related to: (i) governance (including firm governance frameworks, understanding of the authorisation perimeter and accountability for unauthorised trading controls); (ii) controls and monitoring (including pre-trade and point-of-trade controls to mitigate unauthorised trading, post-trade controls to signal potential unauthorised trading and analytics across the front-to-back trade lifecycle); and (iii) intervention and reporting (including escalation in the case of a potential or actual unauthorised trading event and periodic management reporting). The SoGP is applicable to all types of trading.

The European Banking Authority (EBA) has published its final report, concluding a six-year review of the effectiveness of national competent authorities (NCAs) approaches to the anti-money laundering and countering the financing of terrorism (AML/CFT) supervision of banks across the EU/EEA. This final report evaluates the actions taken by NCAs in response to the interim bilateral findings and recommendations the EBA provided to NCAs during the course of its review. The report highlights significant progress by NCAs in adopting risk-based approaches, developing targeted supervisory strategies and enhancing cooperation at both national and international levels, as well as aligning their national strategies and practices with EBA standards.

Enhanced supervisory manuals have contributed to more consistent and effective AML/CFT supervision, and supervisory tools are now being used more strategically. While NCAs have made efforts to strengthen information exchange with their national public authorities and NCAs in other EU jurisdictions and third countries, some jurisdictions continue to face challenges in ensuring effective cooperation, particularly in coordinating with prudential supervisors. This report will form part of the EBA's handover to the new EU Anti-Money Laundering Authority (AMLA), providing a comprehensive overview of current supervisory practices and will serve as a foundation for future indirect supervision under the revised EU AML/CFT framework.

The UK Financial Conduct Authority (FCA) has published consultation paper CP25/25 (CP), alongside a press release, setting out its proposed regulatory framework for cryptoasset activities under the Financial Services and Markets Act 2000 (FSMA). This follows HM Treasury's (HMT) draft statutory instrument (SI) to bring qualifying cryptoasset activities within the scope of the Regulated Activities Order 2001 (RAO) and under the FCA's remit. Qualifying cryptoasset activities will include issuing qualifying stablecoins, safeguarding qualifying cryptoassets and specified investment cryptoassets, operating a qualifying cryptoasset trading platform (CATP), intermediation and staking. Firms and individuals undertaking these activities will require FCA authorisation before operating by way of business in the UK.

Read more.

The Wolfsberg Group has published comprehensive guidance on managing financial crime risks for financial institutions (FIs) that provide banking services to fiat-backed stablecoin issuers. While recognising the legitimate benefits of stablecoins, such as pseudonymity, rapid settlement and global reach, the Group also highlights that these same benefits introduce unique risks. The guidance therefore introduces a risk-based framework for assessing and monitoring relationships with issuers operating in regulated jurisdictions. It notes that although existing financial crime risk management principles remain applicable, existing controls may require adapting to address the specific risks posed by stablecoin issuers. The guidance introduces the relevant terminology used by the Group on stablecoins and describes the typical fiat-based services an FI may offer to a stablecoin issuer, highlighting how financial crime-related controls may require adjustment. It also explains how, under a risk-based approach, an FI may evaluate the issuer's compliance obligations on the blockchain. Ultimately, the Group's view is that the approach to banking a stablecoin issuer mirrors that of any customer relationship: firstly to identify and understand the risks associated with both the customer and the nature of the relationship, as well as evaluate how the issuer manages those risks; secondly to determine whether the issuer's risk profile and mitigation strategies align with its own risk appetite; and finally, the FI should implement a proportionate risk management framework that enables ongoing monitoring of the issuer's behaviour and supports timely corrective action when necessary.

The UK Financial Conduct Authority (FCA) has published Market Watch 83, sharing findings from a series of reviews on market abuse risks and related systems and controls at corporate finance firms that provide advisory and corporate broking services to small and mid-cap companies.

The FCA has observed the following in relation to market soundings:

• Disclosing Market Participants (DMPs) extending their market soundings to a relatively large number of Market Sounding Recipients (MSRs) without a process for considering the appropriateness or the number of MSRs contacted. The FCA highlights that a good practice was a simple governance process where a senior employee or relevant committee approved the initial proposed list of MSRs, as well as any additions to it. The FCA encourages firms to consider whether their policies and procedures help effectively manage the number of MSRs to control the flow of inside information.

Read more.

HM Treasury (HMT) has published the draft Money Laundering and Terrorist Financing (Amendment and Miscellaneous Provision) Regulations 2025, accompanied by a policy note, for technical consultation. This follows HMT's 2024 consultation on improving the effectiveness of the UK Money Laundering Regulations (MLRs), with the government's response published in July this year. The consultation identified key weaknesses in the UK's anti-money laundering (AML) regime, including issues with pooled client accounts, trust registration, cryptoasset regulation and the practicalities of customer due diligence (CDD). The draft statutory instrument (SI) proposes targeted amendments to the MLRs 2017 and related legislation to address these concerns. The key changes are set out below.

Read more.

The UK Home Office has published a progress report on the outcomes framework of the 2023 Economic Crime Plan 2 (ECP2). The ECP2 set out strategic objectives to reduce economic crime, safeguard national security and promote legitimate economic growth in the UK. The progress report sets out insights gathered to date under the ECP2, including: a 36% increase in prosecutions and 7% increase in convictions for money laundering offences in 2024; indications that Suspicious Activity Reports are having a positive effect on asset recovery; and evidence of improved transparency in company ownership, with 32,000 entities having registered on the Companies House Register of Overseas Entities as of 31 March. The report acknowledges a comprehensive assessment of progress towards ECP2 outcomes is constrained by data limitations, with steps being taken to address these data gaps, including through HM Treasury's Effectiveness Framework and the Home Office's Economic Crime Survey 2024. The Home Office plans to publish a further update to the progress report in 2027.

Read more.

The Financial Action Task Force (FATF) has announced the launch of a new National Risk Assessment (NRA) toolkit aimed at enhancing countries' ability to identify and address money laundering risks. The toolkit supports a risk-based approach aligned with FATF Standards and provides cross-country insights into predicate offences, laundering methods, and proceeds of crime. It focuses on four priority areas that are currently consistently challenging to assess, including: corruption, virtual assets and service providers, legal persons and arrangements, and the informal economy. Quick guides, which include practical examples, have also been published to support risk assessment in each priority area. The toolkit draws on good practices from FATF member jurisdictions and is designed to be flexible and adaptable to country-specific needs. It can be integrated into a full NRA, applied to sectoral or thematic assessments, or used to strengthen broader efforts to improve risk understanding. Coinciding with the launch, on the same day, the FATF has also updated its NRA guidance, to reflect recent changes made to its Recommendation 1 standard and guidance on financial inclusion and anti-money laundering and counter terrorist financing measures.

On 20 August, Commission Delegated Regulation (EU) 2025/885 supplementing the Markets in Crypto-assets Regulation with regard to regulatory technical standards specifying the arrangements, systems, and procedures for persons to prevent, detect, and report market abuse, the templates to be used for reporting suspected market abuse, and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations, has been published in the Official Journal of the European Union (OJ). The Delegated Regulation enters into force on the twentieth day following its publication in the OJ, being 9 September.

The European Banking Authority (EBA) has published a report on the use of SupTech tools in anti-money laundering and countering the financing of terrorism (AML/CFT) supervision, as well as a press release. In November 2024, the EBA surveyed competent authorities on their use of SupTech tools and in January 2025, a workshop was held on AML/CFT SupTech. The EBA's report provides its findings from both programs, considers the current use of SupTech tools at EU level and how the tools are implemented. The EBA concludes that SupTech tools can improve the effectiveness of AML/CFT supervision and competent authorities have identified benefits such as enhanced collaboration, improved data quality and analytics, and the ability to scale supervision under the new EU AML/CFT framework, particularly with the establishment of the Authority for Anti-Money Laundering and Countering the Financing of Terrorism, known as AMLA. Poor data quality and governance, limited resources, legal uncertainty, operational risks, and friction related to institutional transformation are recognised as potentially impeding progress. Various good practices have emerged, including promoting a digital-first culture, adopting structured change management strategies, enhancing data governance and interoperability and leveraging synthetic data to safeguard privacy.

The UK Financial Conduct Authority (FCA) has published a new "Wholesale banks supervision" webpage which consolidates insights from the FCA's multi-firm and other supervisory work involving wholesale banks. The webpage covers a range of topics and the outcome of FCA multi-firm reviews, which we summarise here.

Read more.

The European Banking Authority (EBA) has published its fifth opinion on money laundering and terrorist financing (ML/TF) risks. In the report, the EBA highlights the growing vulnerabilities in the EU financial sector arising from the growth of technologies, new financial products such as crypto-assets, and the increasing interconnection of financial products and services across sectors. The EBA states that while tools such as RegTech and AI offer potential for enhanced compliance, their improper implementation (often due to lack of expertise and oversight) has led to serious compliance failures. Competent authorities have reported high or rising ML/TF risks in Fintech firms and crypto-asset service providers linked to weak AML/CFT controls and governance. Additionally, the use of AI by criminals to automate laundering and forge documents is outpacing institutional defences. The EBA notes that supervisory engagement has improved the capability of some sectors to fight financial crime. The EBA emphasises the importance for consistent application of the new EU AML/CFT legal framework.

The UK Office of Financial Sanctions Implementation (OFSI) has updated its general guidance on financial sanctions, introducing a new licensing ground under Section 6.6, permitting the return of funds from designated Money Service Businesses (MSBs) to non-designated persons, subject to strict conditions. To qualify, the MSB must be registered in the UK under the Money Laundering Regulations 2017, the recipient must not be a designated person and no payments will be made to a designated person (whether directly or indirectly), the original payment must have been made prior to the MSB's designation without breaching asset freeze restrictions and the repayment must not undermine efforts to prevent or detect serious crime. OFSI will consult law enforcement authorities to assess crime risk before granting a licence, and only MSBs defined and registered under the 2017 Regulations are eligible. OFSI emphasises that as licensing grounds and exceptions can vary between regimes, it remains essential to consult the relevant, up-to-date legislation.

The Financial Markets Standards Board (FMSB) has published a transparency draft of its Statement of Good Practice (SoGP) on Unauthorised Trading Frameworks for consultation. This draft, which builds on FMSB's prior work on Front Office Supervision, sets out a series of principles-based measures designed to strengthen oversight and control mechanisms aimed at mitigating the persistent risks of unauthorised trading in wholesale financial markets. FMSB notes that, despite the existence of significant risk management frameworks, unauthorised trading continues to pose risks that can result in material financial, reputational and regulatory harm. The SoGP has been designed to promote consistent expectations across jurisdictions and has been developed with input from buy-side and sell-side firms, as well as support from the global regulatory community. The deadline for comments is 15 September.

The Wolfsberg Group (the Group) has released a statement reaffirming its commitment to the risk-based approach (RBA) for financial crime risk management. Further to its 2006 RBA guidance, and in line with the Financial Action Task Force, the Group emphasises that an effective RBA requires financial institutions to identify, assess and understand their exposure to financial crime risks, and to take proportionate, prioritised and outcome-focused action. It outlines three core elements that financial institutions should demonstrate when designing their risk-based programme, including proportionality in programme design, prioritisation of higher-risk areas and a focus on effectiveness over rigid rule-based compliance. The Group confirms it will be updating its 2006 RBA guidance and 2015 FAQs on risk assessments. It encourages stakeholders to consider this statement alongside the broader resources listed therein, to support efforts in addressing financial crime and enhancing collaboration.

HM Treasury (HMT) has published a consultation paper on proposed reforms to the Office of Financial Sanctions Implementation's (OFSI) civil enforcement processes. The aim is to improve the efficiency, transparency and effectiveness of OFSI's enforcement activities. The reforms would apply solely to OFSI's civil enforcement powers concerning financial sanctions breaches, including Russia-related designated person asset reporting and the UK Maritime Services Ban and Oil Price Cap exception, excluding criminal enforcement or non-financial sanctions.

Read more.

The UK Office of Financial Sanctions Implementation (OFSI), part of HM Treasury, has published a sector-specific threat assessment report highlighting significant compliance risks facing UK cryptoasset firms in relation to financial sanctions. Covering the period from January 2022 to May of this year, the report concludes it is "almost certain" that UK cryptoasset firms have underreported suspected sanctions breaches since being designated as "relevant firms" under the UK sanctions regulations, in August 2022. OFSI identifies inadvertent non-compliance due to direct and indirect exposure to designated persons (DPs) and sanctioned entities such as the Russian exchange Garantex, cyber threats from DPRK-linked hackers exploiting cryptoassets to evade sanctions and transfers to Iranian cryptoasset firms with suspected links to DPs. The report emphasises the importance of timely and accurate reporting, enhanced due diligence and the use of blockchain analytics to detect and mitigate sanctions risks. OFSI urges firms to adopt a risk-based approach, conduct retrospective reviews and report any suspected breaches to OFSI, the UK Financial Conduct Authority and the National Crime Agency.

The National Crime Agency (NCA) and the UK Financial Conduct Authority (FCA) have jointly published a set of nine system priorities to combat economic crime in the UK, in line with the UK's second Economic Crime Plan and the National Risk Assessment. Backed by the Home Office, HM Treasury, the National Economic Crime Centre and UK Finance, the priorities seek to enhance public-private collaboration, enabling regulated firms to allocate resources more effectively while maintaining compliance. Key focus areas include money laundering through UK corporate structures linked to certain jurisdictions; fraud originating from international offenders; exploitation of money mules; and criminal cash consolidation via UK banking channels.

Additional priorities target terrorist financing; sanctions evasion by professional enablers; abuse of power by overseas Politically Exposed Persons; and the resilience of the cryptoasset ecosystem against criminal abuse. The only predicate offences explicitly listed in these priorities are those which fall under the definition of economic crimes—namely fraud, sanctions evasion and terrorist financing. However, the priorities concerning money laundering methods are intended to apply to all potential predicate offences, including but not limited to organised immigration crime, drug and firearms offences and human trafficking. A newly established System Prioritisation Governance Group will oversee governance of the priorities, with further guidance expected to be published in due course to support firms in aligning with these objectives.

HM Treasury has published its latest 2025 National Risk Assessment (NRA) of Money Laundering and Terrorist Financing, offering a comprehensive review of the UK's exposure to financial crime. Building on the 2015, 2017, and 2020 assessments, the 2025 NRA evaluates: (i) the UK's AML/CFT framework and the government's response to the 2020 NRA; (ii) overarching money laundering (ML) risks; (iii) overarching terrorist financing (TF) risks; (iv) sector-specific ML/TF risks under the Money Laundering Regulations (MLRs); and (v) emerging cross-cutting risks outside MLR-regulated sectors.

Read more.

HM Treasury (HMT) has published its consultation response in relation to its 2024 consultation on proposals to improve the effectiveness of the UK Money Laundering Regulations (MLRs). The consultation concentrated on four areas: (i) customer due diligence; (ii) system coordination around economic crime; (iii) clarifying scope; and (iv) registration requirements for the Trust Registration Service. The response confirms that a number of updates will be made to the MLRs and associated guidance. On customer due diligence, in particular, the following key changes were confirmed as set out below.

Read more.

The Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025 has been made and published with an accompanying explanatory memorandum. The legislation increases the financial threshold under sections 339A(2) and 339A(6A) of the Proceeds of Crime Act 2002 (POCA) from GBP1,000 to GBP3,000. These thresholds apply to two key exemptions for regulated businesses, such as banks, electronic money institutions and payment institutions, among others set out in schedule 9 of POCA, enabling them to (i) operate a customer account; or (ii) return funds when terminating a customer relationship, without committing a money laundering offence, even where criminal property is suspected (i.e., property believed to represent the proceeds of crime), provided the amount involved is below the threshold. The change aims to reduce the volume of low-value Defence Against Money Laundering (DAML) Suspicious Activity Reports (SAR), which in 2024 accounted for 23,000 submissions but only 0.1% of assets denied. A DAML SAR can be submitted for transactions above the threshold, which means a criminal offence will not be committed by the regulated entity, although the transaction is frozen pending the outcome of the review of the transaction or the lapse of three months. A review of the exit and pay away exemption introduced via the Economic Crime and Corporate Transparency Act 2023 is scheduled for 2026.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on supervisory practices to prevent and detect market abuse under the Markets in Crypto-Assets Regulation (MiCAR). The guidelines, initially released in April through a final report, outline general principles to promote high-quality and effective supervision of market abuse in crypto-assets, alongside more targeted practices to support national competent authorities (NCAs) in detecting and preventing such abuse. The guidelines will now apply from 9 October, being three months after their publication in all official EU languages. NCA's shall confirm by 9 September whether they comply or intend to comply with the guidelines. If an NCA does not comply or does not plan to comply, it must notify ESMA, providing the reasons for its position. ESMA will subsequently publish this information on its website.

The European Commission (EC) has adopted a Delegated Regulation amending a Delegated Regulation it adopted on 10 June, to introduce a review clause requiring the EC to independently assess countries that may pose a threat to the EU financial system, even if they are not publicly identified by the Financial Action Task Force (FATF). The Delegated Regulation adopted on 10 June amended the list of high-risk third countries laid down in Commission Delegated Regulation 2016/1675. The EC states that countries that are not publicly identified as being subject to calls for action or increased monitoring by the FATF might still pose a threat to the integrity of the EU financial system. Where membership of such countries to the FATF is suspended because of gross violations of core principles upon which that standard-setter is built, the threat to the EU financial system is likely to increase. The proposed review clause would require the EC to complete an autonomous assessment of whether such countries are high-risk third countries as referred to in Article 9 of Directive 2015/849 by 31 December.

The UK Financial Conduct Authority (FCA) has published finalised guidance on the treatment of Politically Exposed Persons (PEPs) under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The guidance is intended to help firms apply a proportionate and risk-based approach to managing money laundering risks associated with PEPs, their relatives and close associates.

Read more.

The European Central Bank (ECB) has published a Memorandum of Understanding (MoU) (dated 27 June) that the ECB has entered into with the European Union's Anti-Money Laundering Authority (AMLA) to enhance cooperation between prudential and anti-money laundering supervision. The MoU establishes practical arrangements for cooperation and information exchange, aiming to enhance supervisory effectiveness, maximise efficiency and avoid duplication of efforts. Under the MoU, the AMLA will directly supervise certain high-risk financial institutions (referred to as "selected obliged entities") that are particularly exposed to cross-border money laundering. These include payment institutions, crypto-asset service providers and, in some cases, banks that also fall under the ECB's prudential supervision. Article 92(3) of the AMLA Regulation requires the AMLA and the ECB to conclude a MoU setting out the practical modalities for cooperation and for exchanging information in the performance of their respective tasks by 27 June.

The European Supervisory Authorities (the European Banking Authority, European Insurance and Occupational Pensions Authority and European Securities Markets Authority—the ESAs) have announced the signing of a multilateral Memorandum of Understanding (MoU) (dated 27 June) with the European Union's Anti-Money Laundering Authority (AMLA). The agreement establishes a framework for effective cooperation and information exchange among the four institutions. The MoU outlines practical arrangements for collaboration, aiming to enhance supervisory convergence across the EU's financial sector. It also seeks to facilitate the sharing of relevant information, promote cross-sectoral learning and support capacity building in areas of mutual interest. The agreement is a key component of the AMLA's broader cooperation framework with the financial sector, as required under Article 91 of the AMLA Regulation, which mandates the conclusion of a multilateral MoU with the ESAs by 27 June.

The UK All-Party Parliamentary Group (APPG) on Fair Banking has published its latest report, "No Half Measures – A Blueprint to Beat APP Fraud", alongside a press release. The report assesses the UK's response to authorised push payment (APP) fraud and the early impact of the mandatory reimbursement requirement (MRR) introduced by the UK Payment Systems Regulator (PSR) in October 2024. The APPG recognises the MRR as a step forward in consumer protection but emphasises that it is not a complete solution to fraud. Key gaps remain, particularly in areas such as cryptocurrency platforms and international transfers, which remain outside the scope of the current reimbursement framework. The APPG calls for a balanced, system-wide approach, urging collaboration to effectively combat APP fraud rather than placing disproportionate expectations on financial institutions alone. In Q4 2025, there will be an independent one-year review assessing the impact of the MRR, as well as the PSR's wider policy approach to APP fraud.

Read more.

A Corrigendum to Regulation (EU) 2024/2987, referred to as the revised European Market Infrastructure Regulation (EMIR 3), has been published in the Official Journal of the European Union. This Regulation amends Regulations (EU) No 648/2012 (EMIR), No 575/2013 (Capital Requirements Regulation) and (EU) 2017/1131 (Money Market Fund Regulation) to introduce measures aimed at mitigating excessive exposures to third-country central counterparties. The Corrigendum corrects a legal reference concerning the identification of high-risk third countries for anti-money laundering and counter-terrorist financing purposes. Specifically, it replaces an incorrect reference to Regulation (EU) 2024/1624 with the correct citation to Directive (EU) 2015/849, known as the Anti-Money Laundering Directive.

The Financial Action Task Force (FATF) has published its sixth targeted update on the implementation of its standards for virtual assets (VAs) and virtual asset service providers (VASPs), alongside an updated webpage. The report assesses global progress in applying anti-money laundering and counter-terrorist financing (AML/CFT) measures to VAs and VASPs, noting improvements in regulation and enforcement. However, challenges remain and the report sets out key recommendations on: (i) risk assessment and policy approach to VASPs; (ii) licensing/registering and supervising VASPs; (iii) implementation of the Travel Rule; (iv) addressing emerging and increasing risks related to stablecoins and decentralised finance arrangements; and (v) recommendations for the private sector.

In parallel, FATF has also released Best Practices on Travel Rule Supervision, providing more detailed guidance to assist jurisdictions in effectively supervising compliance with the Travel Rule for VASPs. The guidance offers practical examples and supervisory approaches to address common implementation challenges.

The Financial Action Task Force (FATF) has published updated guidance accompanied by a press release, on financial inclusion and anti-money laundering and counter terrorist financing measures (AML/CFT). The update follows the enhancement of Recommendation 1 of the FATF Standards earlier this year, to emphasise the need for a risk-based approach to AML/CFT controls in a manner that promotes global financial inclusion, without undermining the effectiveness of the measures for the purpose of combatting crime. The guidance now includes practical case studies and sets out ways that national regulators and firms can leverage a risk-based approach to foster financial inclusion while safeguarding financial integrity. Examples of best practice in applying the risk-based approach are included in an Annex to the report.

The Financial Action Task Force (FATF) has published a report and accompanying press release, highlighting significant vulnerabilities in the global financial system's ability to combat proliferation financing (PF) and sanctions evasion. The report finds that only 16% of assessed jurisdictions are effectively implementing targeted financial sanctions. It discusses, amongst other things, trends and methods of sanctions evasion, challenges and good practices in mitigating PF risk and identifies four recommendations for further FATF work on counter proliferation financing.

Read more.

The Economic Crime and Corporate Transparency Act 2023 (Commencement No. 5) Regulations have been made under the Economic Crime and Corporate Transparency Act 2023 (ECCTA). These regulations, made on 10 June, bring into force the following provisions: (i) section 194 which requires the Lord Chancellor to make Civil Procedure Rules enabling courts to dismiss strategic litigation against public participation (SLAPP) claims before trial in certain circumstances and to make certain costs orders; and (ii) section 195, which defines what constitutes a SLAPP claim. The regulations, along with relevant amendments to the Civil Procedure Rules 1998, entered into force on 18 June.

The Financial Action Task Force (FATF) has published revised standards and an accompanying explanatory note, updating its comprehensive framework on recommendations to strengthen global efforts in anti-money laundering, counter-terrorist financing and counter-proliferation financing, as announced during the joint FATF-MONEYVAL Plenary meeting. The FATF update includes amendments to Recommendation 16, which governs the transparency of wire transfers through the payment chain and is commonly referred to as the "Travel Rule. The revised recommendation is aimed to modernise FATF standards in response to the evolving payments landscape, which now includes a broader range of products and services, technologies and business models.

Read more.

The joint FATF-MONEYVAL Plenary meeting, hosted by the Council of the European Union and chaired by FATF President Elisa de Anda Madrazo and MONEYVAL Chair Nicola Muccioli, concluded with significant progress in global efforts towards anti-money laundering (AML), counter-terrorist financing (CFT) and counter-proliferation financing (CPF) efforts.

Key takeaways include:

• The approval of changes to the FATF Standards to enhance cross-border payment security, supporting the G20 initiative to make payments faster, cheaper, more transparent and accessible.
• The adoption of Latvia's mutual evaluation report which assessed the effectiveness of the country's AML, CFT and CPF measures; the report will be published later this year.

Read more.

The European Commission (EC) has adopted a Delegated Regulation amending Delegated Regulation (EU) 2016/1675 to update the list of high-risk third countries with strategic deficiencies in their anti-money laundering and countering the financing of terrorism (AML/CFT) regimes, pursuant to article 9 of the Anti-Money Laundering and Terrorist Financing Directive VI. The amendment has added Algeria, Angola, Côte d'Ivoire, Kenya, Laos, Lebanon, Monaco, Namibia, Nepal and Venezuela to the list. These jurisdictions have made high-level political commitments to address these deficiencies and have developed action plans in cooperation with the Financial Action Task Force (FATF). The EC urges the timely and effective completion of these respective action plans. Barbados, Gibraltar, Jamaica, Panama, the Philippines, Senegal, Uganda and the United Arab Emirates have been removed from the list, having demonstrated significant improvements in their AML/CFT frameworks following the implementation of their respective FATF-agreed action plans. The Regulation will enter into force on the twentieth day following that of its publication in the Official Journal of the European Union, which is on 30 June.

The International Organization of Securities Commissions (IOSCO) has issued a statement calling for platform providers to take stronger action against rising investment fraud, driven by increased retail investor activity on digital platforms. It encourages platform providers to leverage the IOSCO International Securities and Commodities Alerts Network (I-SCAN)—a database launched in March that identifies unlicensed firms or those engaging in illegal activities—to block, warn against or remove illegal investment offerings from their platforms. In the statement, IOSCO has also highlighted effective measures used in some jurisdictions to combat online harm involving financial misconduct, including due diligence on unauthorised offerings, rigorous enforcement of compliance with terms of service, strong processes for detecting scams and proactive engagement with financial regulators and government authorities, including referrals of fraudulent activity.

The European Securities and Markets Authority (ESMA) has published its final report providing technical advice to the European Commission (EC) on changes made by the Listing Act to the Market Abuse Regulation (MAR) and the Markets in Financial Instruments Directive (MiFID II) in relation to small and medium enterprise (SME) growth markets. The Listing Act seeks to promote better access to public capital markets for EU companies, in particular SMEs, by simplifying requirements and reducing administrative burden. ESMA consulted on the advice in December 2024 and this final report includes feedback received in response to the consultation. Much of the MAR technical advice concerns the rules for disclosing inside information during a protracted process. It also covers the approach for identifying trading venues with a significant cross-border dimension under the new cross market order book mechanism (article 25a MAR). The MiFID technical advice concerns the category of multilateral trading facilities (MTF) labelled SME growth markets and the requirements that such an MTF (or MTF segment) must comply with under article 33 MiFID II. In giving its technical advice, ESMA suggests amendments to Commission Delegated Regulation 2017/565 (known as the MiFID Org Reg) or otherwise confirms its view where no amendments would be needed. The EC will adopt the delegated acts for which the technical advice was requested by July 2026.

The European Commission (EC) has adopted a Delegated Regulation supplementing Regulation (EU) 2023/1114 on markets in cryptoassets (MiCAR), with regard to regulatory technical standards (RTS) specifying the arrangements, systems and procedures for persons to prevent, detect and report market abuse, the templates to be used for reporting suspected market abuse and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations. Article 92(1) of MiCAR mandates that persons professionally arranging or executing transactions (PPAETs) in cryptoassets must have effective arrangements, systems and procedures to prevent and detect market abuse. These persons are required to report any reasonable suspicion of market abuse to the competent authority. This includes suspicions regarding an order or transaction, as well as other aspects of the functioning of the distributed ledger technology, where there may be indications that market abuse has been committed, is being committed or is likely to be committed. The Council of the EU and the European Parliament will now scrutinise the Delegated Regulation. The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal of the European Union.

The European Banking Authority (EBA) has issued its final report on draft regulatory technical standards (RTS) amending Commission Delegated Regulation (EU) 2018/1108, on the criteria for the appointment of central contact points for electronic money issuers and payment service providers and with rules on their functions under Article 45(10) of Directive (EU) 2015/849 (MLD4). The draft RTS extend the amended Delegated Regulation to define when cryptoasset service providers (CASPs) must appoint a central contact point. A central point contact can help to ensure compliance with local Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) obligations in cases where a CASP authorised in one EU Member State is providing services to another EU member state. The RTS set out: (i) the conditions under which CASPs should appoint a central contact point; and (ii) the roles and responsibilities of that central contact point. The draft RTS will be submitted to the Commission for endorsement, following which it will be put to the European Parliament and the Council for scrutiny, before being published in the Official Journal of the European Union.

The Financial Services Regulatory Initiatives Forum (the Forum) has published the Regulatory Initiatives Forum Grid (the Grid), with the UK Financial Conduct Authority (FCA) also updating its webpage. The previous Grid was due to be published in May 2024 but was postponed due to the General Election, meaning the Forum published only an interim update in October 2024.

The 2025 Grid sets out the regulatory pipeline for the next 24 months and reflects the reprioritisation that has taken place since the new government came into power. Notable initiatives include:

• motor finance commission review: the FCA intends to confirm, within six weeks of the Supreme Court's decision on past use of discretionary commission arrangements by motor finance firms, whether it will propose a redress scheme;
• liquidity risk management in funds: the FCA will consult on refined proposals regarding liquidity risk management in funds to implement FSB and IOSCO guidelines;
• Consumer Composite Investments (CCI) Regulation: the FCA published a second consultation paper on the new CCI regime on 16 April (see our update) and plans to issue a Policy Statement with final rules in late 2025;

Read more.

The UK Financial Conduct Authority (FCA) has updated its webpage on cash-based money laundering and confirmed its intention to carry out a multi-firm review in this area in the financial year 2025/2026. The webpage sets out an overview of the FCA's work to reduce money laundering through cash deposit services such as those provided by the Post Office under the terms of the Banking Framework Agreement. The FCA sets out its expectations for firms who are part of the Banking Framework Agreement, including measures in relation to transaction verification and monitoring, deposit limits, suspicious activity reports, intelligence sharing and training. More broadly, the FCA expects firms to focus on communication with their customers. As mentioned above, the FCA also confirms that it is planning a multi-firm review in the financial year 2025/2026 in relation to the financial crime risks from cash-based money laundering. This review will be broader in scope than the Post Office and will consider other routes by which cash enters the financial system.

The UK Financial Intelligence Unit (UKFIU) has published its annual report on suspicious activity reports (SARs) for the period between April 2023 and March 2024. The annual report structure has been updated due to a number of key changes, including the new reporting portal which was introduced in September 2023, and changes to the UK anti-money laundering regulatory framework. Key points noted in the report were the uptick in the number of defence against money laundering (DAML) requests refused, indicating better quality DAML SARs were being submitted, and wider use of account freezing orders by law enforcement. In terms of the sector breakdown, banking and financial services firms (including e-money, payments and crypto) continue to comprise the majority of SAR reporters, being responsible for over 95% of SAR reports. The report also confirms that the UKFIU will continue to work towards delivery of the new SARs Digital Service, which will provide greater analytical capabilities.

The International Organization of Securities Commissions (IOSCO) has announced the launch of a new alert portal, which is aimed at strengthening the global fight against retail investment fraud. The International Securities & Commodities Alerts Network (I-SCAN) allows investors, online platform providers, banks and institutions to check if a financial regulator has a suspicious activity flag for a particular company or potential investment. I-SCAN is part of IOSCO's roadmap for retail investor online safety, which sets strategic initiatives for safeguarding retail investors worldwide from fraud, excessive risk and misinformation as digital trading and social media reshape the retail financial market.

The fourth commencement regulations made under the Economic Crime and Corporate Transparency Act 2023 (ECCTA) have been published. Regulation 2 brought into force on 18 March certain provisions in Parts 1 and 2 of the Act. Regulation 3 brings measures creating the new offence of failing to prevent fraud fully into force in all of the United Kingdom on 1 September. Regulation 4 amends the third set of commencement regulations which failed to comply with the requirement that guidance must be published before regulations bringing section 199 (failure to prevent fraud) of the Act into force are made. Guidance was published on 6 November 2024, the day after the third commencement regulations were made. Regulation 5 replaces references in certain regulations to the commencement of a provision with a reference to the actual date on which the provision came into force. The explanatory note also contains a table listing provisions of the ECCTA which have been brought into force by previous commencement regulations.

The Financial Conduct Authority (FCA) has published its Primary Market Bulletin 54 in which it discusses strategic leaks and unlawful disclosure. The FCA reports that it has seen an increase in instances where material information on live M&A transactions appears to have been deliberately leaked to the press. The FCA reminds issuers and advisers of best practice in mitigating unlawful disclosure and limiting market abuse as set out in Primary Market Bulletin 42, Primary Market Bulletin 52, Article 14 of the Market Abuse Regulation and Rule 2.1(a) of the Takeover Code. Anyone unlawfully disclosing inside information, deliberately or otherwise, risks being investigated for market abuse. The FCA stresses that written policies and procedures for identifying and handling inside information can have limited effectiveness if they are not accompanied by culture and practices which actively discourage leaks.

The European Banking Authority (EBA) has published a consultation on proposed regulatory technical standards (RTS) under the EU's 2024 anti-money laundering (AML) package. The AML package consists of a Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (AML Regulation), a Regulation establishing the Anti-Money Laundering Authority (AMLA) and the Sixth Money Laundering Directive (MLD6). The EBA is consulting on draft RTS that will inform its response to the European Commission's (EC's) call for advice, which it intends to submit to the EC on 31 October.

Read more.

The Register of Overseas Entities (Protection and Trusts) (Amendment) Regulations 2025 were published, alongside an explanatory memorandum. The Regulations amend the Register of Overseas Entities (Delivery, Protection and Trust Services) Regulations 2022 to allow anyone whose information could be published or disclosed by the registrar under Register of Overseas Entities (ROE) to apply to Companies House to have their information protected. The ROE was established in 2022 mainly to improve transparency regarding the beneficial ownership of overseas entities holding land in the UK. Overseas entities owning or buying property in the UK must provide information to the Registrar of companies and most of that information is publicly available. There is protection of information of those at serious risk of violence or intimidation. Prior to this amendment, only a registrable beneficial owner or managing officer could apply for protection if they, or anyone they live with, would be at serious risk of intimidation or violence if the information about them is published.

The Regulations also allow trust information that is currently not publicly available to be accessed by application if certain requirements are met. The Regulations enter into force from 28 February, except for the provisions relating to trusts which will enter into force on 31 August. Companies House has published guidance on how to apply to protect details on the ROE.