CLOSE

close

CLOSE

EN

State of Play for AML, part 3: What the 2025 MLR consultation response means for UK compliance

Recommended
State of Play for AML, part 3: What the 2025 MLR consultation response means for UK compliance

State of Play for AML, part 3: What the 2025 MLR consultation response means for UK compliance
The EU’s new anti corruption directive: What comes next

The EU’s new anti corruption directive: What comes next
State of play for AML, part 2: Translating the UK’s AML updates into effective compliance

State of play for AML, part 2: Translating the UK’s AML updates into effective compliance

The UK Government’s 2025 response to its consultation on the Money Laundering Regulations (MLRs), indicates that its AML regime is moving away from prescriptive, process-driven compliance towards a more targeted, proportionate and risk-based system designed to tackle the most serious vulnerabilities. This third and final instalment in our State of play for AML series continues to build on what we explored in part  2, where we examined the updated National Risk Assessment (NRA) and what it revealed about the UK’s evolving financial crime landscape.

 

In part 2, we highlighted how the NRA signals a more intelligence-led approach, one that recognises emerging risks, prioritises higher-harm sectors and encourages firms to move beyond box-ticking towards genuine risk understanding. The government’s response to the MLR consultation continues that shift, translating the NRA’s insights into concrete regulatory reforms that are set to reshape obligations across the legal, financial, property, crypto asset and professional services sectors.

 

Now we are looking at what those changes mean in practice. From refined CDD expectations and narrower EDD triggers to digital identity guidance, clarification of pooled client accounts and heightened due diligence for crypto counterparties, the proposals mark a significant recalibration of the UK’s AML framework. Some amendments promise long-awaited clarity and reduced friction while others raise expectations around firms’ judgement, documentation and sector-specific awareness.

 

So, what exactly is changing and how should businesses prepare? We break down the key proposals and unpack their implications for regulated firms over the next year. Now is the time for organisations to assess their exposure, update their controls and align with the government’s shift toward a more practical, risk-based AML regime.

 

A big step towards change

 

The UK government’s 2025 response to the consultation on the MLRs is a key step in recalibrating the UK’s AML regime to make it more risk-based, proportionate and effective across all regulated sectors. This follows a broad consultation with industry, including the legal profession, and aligns with the NRA’s focus on emerging risks and practical vulnerabilities.

 

What does this mean for the AML state of play in the UK and for regulated businesses?

 

Here are the key changes the government intends to make following its consultation on improving the MLRs.

 

More targeted and proportionate Customer Due Diligence (CDD)

The government intends to refine CDD obligations to reduce unnecessary burdens. For instance:

  • Enhanced Due Diligence (EDD) will no longer be automatically required for all “complex” transactions but will only apply where complexity is considered unusual or high-risk.
  • Firms must continue to assess risk on a case-by-case basis, with tailored approaches to transaction context and customer profiles.

 

What this means: Firms must continue conducting robust CDD but can expect more nuanced and risk-based rules, reducing “tick-box” compliance and allowing better allocation of compliance resources.

 

EDD for high-risk jurisdictions

  • Mandatory EDD for high-risk third countries (HRTCs) will now only apply to those on the FATF call for action list which are currently North Korea, Iran and Myanmar.
  • Countries on the FATF increased monitoring list will be treated through firms’ internal risk assessments, not automatically triggering EDD.
  • Supervisors will be expected to align guidance with the UK’s National Risk Assessment (NRA) to reflect jurisdictions that pose the greatest actual threat to the UK.

 

What this means: Firms will face less volatility and unnecessary workload due to frequently changing FATF lists, but must now actively integrate NRA findings into their jurisdictional risk assessments.

 

CDD carve-out for bank insolvency

  • A new provision will allow expedited onboarding of customers from a bank that has entered insolvency under the Banking Act 2009.
  • These customers can be temporarily onboarded without full ID verification.
  • Banks must notify the FCA, which will monitor use of the carve-out.

 

What this means: Banks and financial institutions will have a practical route to maintain customer continuity in the event of an insolvency while maintaining regulatory oversight through FCA notification.

 

Pooled Client Accounts (PCAs)

  • New rules will clarify CDD obligations for PCAs held for unregulated customers.
  • These will be separated from the simplified due diligence provisions to eliminate previous uncertainty.

 

What this means: Law firms, estate agents and other professionals handling client funds will benefit from clearer CDD expectations when opening and operating PCAs, reducing regulatory uncertainty.

 

Digital identity verification

  • The government will work with the Department for Science, Innovation and Technology to produce joint guidance on how firms can use digital ID verification tools to meet their obligations under the Regulations.

 

What this means: Firms will soon have official guidance enabling greater use of digital identity tools, helping streamline onboarding and improve CDD efficiency.

 

Crypto asset businesses and new counterparty due diligence

  • Crypto firms will be required to conduct counterparty due diligence, including assessing the AML/CTF controls and supervision of those they transact with, similar to the rules for correspondent banking.
  • There will be no immediate change to dual registration under FSMA and the MLRs. This will be addressed separately through financial services reform.

 

What this means: Crypto businesses must elevate their due diligence to align with traditional financial institutions and prepare for future alignment of regulatory frameworks.

 

Clarity and scope amendments

  • References to monetary thresholds will be converted from EUR to GBP (for example, EUR 1,000 becomes GBP 1,000).
  • The scope of Trust and Company Service Providers (TCSPs) will be extended to include sale of off-the-shelf companies.
  • The definition of insurance undertakings will be clarified to exclude reinsurance of long-term contracts.

 

What this means: These clarifications will help reduce technical ambiguity, bring TCSPs into fuller scope, and ensure UK alignment with FATF standards without regulatory overreach.

 

Changes to the Trust Registration Service (TRS)

  • Non-UK express trusts with non-UK trustees that hold UK property must now register.
  • New exemptions from registration will apply for:
    • Low-asset-value trusts without UK tax liabilities
    • Scottish survivorship destination trusts
    • Trusts triggering only Stamp Duty Reserve Tax (SDRT) liability

 

What this means: Firms working with cross-border or low-risk trusts will need to update trust risk assessments and registration procedures, with some relief for low-value or low-risk structures.

 

Strengthening AML system coordination

  • Although no regulatory amendment will be made, the government emphasises that regulated firms will need to use both the NRA and future Economic Crime Plan priorities to guide AML strategy.
  • Further guidance will be issued to help firms integrate these sources of information effectively.

 

What this means: Firms must prepare to align compliance priorities with evolving national AML objectives and integrate both static NRA content and future policy updates.

 

What does this mean for your business?

Now is the time to reassess and prepare

Use the consultation response as a signal to review internal AML frameworks, especially around:

  • How CDD and EDD decisions are justified and documented
  • Whether AML controls are proportional to the size and nature of the business
  • Where improvements can be made in outsourcing, training, and supervision

 

Move toward risk-based compliance

The government’s direction is clear: They want effectiveness over formality. Firms are expected to show:

  • Judgement and documentation in their decisions
  • Sector-specific awareness, especially in sectors like legal, real estate and crypto
  • A shift from box-ticking to risk-thinking

 

Engage early with changes

Though changes to the MLRs are not immediate, firms should start aligning policies now with what’s coming, especially as supervisors may begin adjusting their expectations in light of the response.

 

A more practical regime

 

The 2025 MLR consultation response marks a turning point in UK AML regulation. The government is moving toward a more proportionate, practical regime that rewards genuine risk understanding over technical compliance. For regulated firms, this is both an opportunity and a challenge: lighter touch in some areas, but higher expectations in others.

 

Firms that invest now in tailored risk assessments, proactive CDD strategies and meaningful staff training will be better placed to meet evolving expectations and demonstrate real AML resilience.

 

A turning point for UK AML

 

This final part of our State of play for AML series brings the journey full circle. In part 1, we mapped the shifting foundations of the UK’s AML landscape. In part 2, we examined the evolving risk picture through the lens of the NRA. 

 

And now, in Part 3, we see how the government intends to translate those insights into regulatory reform through a more proportionate, intelligence-led Money Laundering Regulations framework.

 

The UK is moving toward an AML regime that rewards genuine risk understanding, not procedural compliance, and places greater trust in firms’ judgement, sector awareness and ability to adapt in real time. The reforms promise a more practical system but one that also raises expectations around how businesses justify decisions, document risk reasoning and embed AML thinking into day-to-day operations.

 

For regulated firms, this is not a moment to wait and see. It is time to reassess. The coming year will demand refreshed risk assessments, smarter CDD strategies, tighter governance, and better alignment with national priorities. Firms that lean into these changes will not only meet regulatory expectations but also build more resilient, efficient and credible compliance frameworks. Because as the UK’s AML approach evolves so too do the risks of financial crime. Businesses that think beyond the rules and into the risks will be best placed to navigate what comes next. 

 

This concludes our three-part series. But it marks the beginning of a new chapter for AML compliance in the UK.

 

Our Conversational Learning course on AML due diligence turns passive training into active engagement. Through rich, multimedia scenarios and guidance from our AI experts, you’ll explore fundamental AML principles with the ability to adapt to your experience, role and level of understanding. Try it now.