A&O Shearman | FinReg | UK FCA findings from multi-firm review on customer due diligence
Financial Regulatory Developments Focus
This links to the home page
Financial Regulatory Developments Focus
Filters
Recent Posts
UK FCA guidance on asset management authorisation applications
UK Risk Warnings Review final report published
UK FCA findings from multi-firm review on customer due diligence

  • UK FCA findings from multi-firm review on customer due diligence
    8 April 2026
    The UK Financial Conduct Authority (FCA) has published findings of a multi‑firm review of customer due diligence (CDD), enhanced due diligence (EDD) and ongoing monitoring controls, setting out examples of good and poor practice for firms. The FCA assessed CDD systems and controls through a questionnaire, a desk-based review of policies and procedures, customer file reviews and interviews with staff at firms.

    Key findings include:
    • Policies and procedures: Stronger firms demonstrated clear distinctions between standard CDD and EDD, applying risk based approaches to higher risk customers, including politically exposed persons. However, weaknesses included unclear guidance on additional EDD measures, review frequency and how staff should identify and verify customers who cannot provide standard forms of identification. In some cases, firms failed to follow their own policies and procedures, including in relation to periodic customer reviews.
    • CDD processes: Most firms tailored their approach to the risk profile of each customer, while stronger firms had clearly documented each step of the process. However, some firms failed to produce any evidence of what EDD measures had been taken and failed to record key information such as the details on the purpose and intended nature of the business. A further example of poor practice was a lack of evidenced effective governance and oversight, where requirements for senior management approval were not specified in the CDD processes.
    • Compliance monitoring and audit: Most firms had some form of compliance monitoring and audit in place, although the rigour of the reviews and independence of these arrangements varied. Some firms carried out regular reviews of their CDD frameworks, while others used sample-based monitoring and proportionate review cycles. Stronger firms operated independent third-line testing covering onboarding and due diligence controls. However, in some cases there was no independent second-line assurance, with the same staff responsible for onboarding and reviewing. Some firms also lacked document version control, limiting their ability to evidence an audit trail.
    The FCA encourages firms to consider these findings in the context of their own business. The FCA is working with certain firms on identified areas for improvement and will continue to monitor progress.

    Return to main website.
    Topic: Financial Crime and Sanctions