Staying Ahead of the AML and Treasury Curve
Published: April 15, 2025
In June 2021, law firm Norton Rose Fulbright published an article looking at how treasury functions are exposed to money-laundering risks through their customers, products and services, geographical footprint and delivery channels. The world has changed much since then. Hannah Meakin, Partner, Norton Rose Fulbright provides an update for treasurers subject to UK AML law.
The main point stressed in the 2021 article was that much of the AML regime applies to unregulated as well as regulated companies. Is this still the case, and are there any exceptions likely to affect treasury?
Yes, it is still the case that much of the AML regime in the UK applies to unregulated firms, so not much has changed in this respect. There is no notable exception that will affect treasury functions specifically – this means that firms undertaking treasury-related activities will need to remain aware of strengthened regulatory scrutiny in this area.
The Proceeds of Crime Act 2002 (POCA) deals with, among other topics, the general money-laundering offences (s327 to 329) that apply to the unregulated and regulated sectors. The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the MLRs) provide for regulatory requirements for specific types of entities that are considered at higher risk of enabling illicit finance. These are set out in the MLRs and include credit and FIs but also company service providers, art market participants and real estate agents.
What are the main legislative changes in the money-laundering arena since the 2021 article?
In terms of UK AML and financial crime developments more broadly, the Economic Crime and Corporate Transparency Act (ECCTA) received royal assent in October 2023 and sets out wide-ranging reforms to tackle economic crime and improve transparency over corporate entities. ECCTA contains various amendments to POCA, including new information-sharing provisions for AML-regulated firms and amendments to support the recovery of crypto assets. In addition, ECCTA reforms corporate criminal liability laws for economic crimes (with changes to the identification doctrine) and also introduces a new “failure to prevent fraud” offence, which comes into effect on 1 September 2025.
There have also been UK developments with regards to the treatment of Politically Exposed Persons (PEPs). With effect from 10 January 2024, the MLRs were amended to clarify in law that, for the purposes of applying the MLRs, domestic PEPs pose a lower risk of money laundering and terrorist financing than non-domestic PEPs. It also stipulated that the extent of enhanced due diligence measures applied to those customers by firms regulated under the MLRs should be less, unless other risk factors unrelated to their position as a domestic PEP apply. This provision was already established in Financial Conduct Authority (FCA) guidance.
Following this, in July 2024 the FCA published the results of a multi-firm review on how effectively firms are following the FCA’s guidance on the treatment of PEPs for AML purposes. While the review found that most firms had systems and controls to implement the guidance, it concluded that all those it assessed were required to make improvements. For example, the review found that most firms would benefit from improving their staff training and that some organisations needed to update their policies to reflect the recent legislative amendments.
Based on the findings of the review, the FCA expected all firms to check that their policies, procedures, and controls are in line with FCA guidance. The FCA also launched a consultation on proposed clarifications to its guidance, which closed in October 2024. After it has assessed the responses, the FCA will publish a new version of the guidance.
Other recent FCA developments for authorised firms to be aware of regarding AML include its recent Money Laundering Through the Markets (MLTM) report, which aims to help firms better understand and mitigate the risk of MLTM, as well as FCA Policy Statement PS24/17, published in November 2024. This contains updates to the FCA’s Financial Crime Guide, introducing enhancements across multiple areas including in relation to sanctions, proliferation financing, transaction monitoring, crypto asset business, and the Consumer Duty.
What specific money-laundering risks are today associated with treasury activities – and how are these evolving?
We see a somewhat sliding scale here. Some AML risks likely to affect treasury activities are of concern to financial services and professional services firms more broadly, for example ensuring compliance in KYC/onboarding processes and undertaking ongoing client due diligence.
However, certain treasury activities may carry a higher money-laundering risk, especially where transactions are structured/complex and/or take place on a cross-border basis. This can make compliance with AML requirements more difficult (due, for example, to the origin of funds being obscured, or due to difficulties in carrying out transaction monitoring).
The biggest risk is associated with the development and deployment of new technologies. They are changing, and will continue to change, the AML landscape and firms must monitor these new developments in order to be able to identify any potential AML risks. This is challenging given the speed of those developments, which will increase the compliance burden.
The increased use of digital currencies and securities create new challenges with regard to detecting financial crime, especially given that the regulatory framework surrounding these newer financial products is less well established. Data privacy and cybercrime may also be a concern in treasury – the use of virtual private networks (VPNs), for instance, may mean customer location/origin of funds are obscured.
That said, technology such as AI is also providing new ways to understand clients and their businesses better and to perform functions such as transaction monitoring more effectively.
What emerging or anticipated legislative developments, in response to the evolving landscape, do you see as being most likely to impact treasury activities?
In terms of upcoming UK AML developments, in March 2024, HM Treasury published a consultation paper that sought feedback on proposals to improve the effectiveness of the MLRs. The consultation covered four core themes: making customer due diligence more proportionate and effective; strengthening system co-ordination; providing clarity on the scope of the MLRs; and finally, reforming registration requirements for the Trust Registration Service. The consultation closed in June 2024 and it is expected that HM Treasury will consider responses and publish a response to these in due course.
What actions should treasury be taking within the AML arena to remain compliant, both at a transactional level and more generally?
The rapid development and the use of new technologies is posing a significant challenge, because compliance functions will need to understand how those technologies are deployed at a transaction level and more generally in order to identify any AML risks. Firms will need to monitor the developments in this area and adapt their internal procedures and policies, where necessary.