CLOSE

close

CLOSE

EN

State of play for AML, part 2: Translating the UK’s AML updates into effective compliance

Recommended
State of play for AML, part 2: Translating the UK’s AML updates into effective compliance

State of play for AML, part 2: Translating the UK’s AML updates into effective compliance
State of play: What’s happening in AML now

State of play: What’s happening in AML now
HMRC’s new handbook sheds light on growing trade-based money laundering risks

HMRC’s new handbook sheds light on growing trade-based money laundering risks

In Part 1 of this series, we explored the major reforms reshaping the UK’s anti-money laundering (AML) landscape, from an evolving threat picture to the government’s push for a more risk-based, intelligence-led regime. But understanding the changes is only half the battle.

 

We focus now on the next steps UK businesses should take. With the updated National Risk Assessment (NRA), ongoing reforms to the Money Laundering Regulations (MLRs) and a renewed regulatory focus on effectiveness of forms, organisations need to reassess their controls, risk assessments, and due diligence practices.

 

Whether you’re in financial services, legal, real estate, crypto or any other regulated profession, this is a moment to adapt. We break down what the new AML state of play means in practice and the steps UK businesses should take to strengthen compliance in 2026.

 

The steps to compliance

 

Risk assessments must be refreshed

Firms must now review and update their firm-wide risk assessments in light of the new NRA. This includes accounting for:

  • Changing typologies such as use of professional enablers, cryptoassets and AI 
  • Sector-specific threats 
  • Evolving geopolitical and regulatory context 

There is no room for complacency

The NRA specifically warns against a “tick box” approach. Supervisors will expect firms to:

  • Demonstrate active understanding of the risks relevant to their services 
  • Show evidence of tailored mitigations 
  • Provide regular staff training aligned to these emerging risks 

Higher expectations for public-private cooperation

The government encourages more dynamic information sharing and proactive use of intelligence. Firms should be prepared to work more closely with law enforcement and supervisors.

 

Changes to the MLRs 

The NRA is published alongside the government’s ongoing work to reform the Money Laundering Regulations, including:

  • Making CDD requirements more flexible and risk-based 
  • Clarifying obligations around beneficial ownership and reliance 
  • Strengthening supervision and aligning better with FATF standards 

Financial sector: Updated risk levels

  • Banks: High risk. From growing abuse of payment platforms to fraud proceeds to mule accounts, banks remain critical to money laundering despite strong controls. 
  • Money service businesses (MSBs): High risk remains. Use of cash-intensive models and links to higher-risk jurisdictions remain major vulnerabilities. 
  • Cryptoasset firms: Now assessed as high risk (up from “medium” in 2020). Risks include poor controls, anonymous transactions and fraud being quickly laundered via crypto. 
  • Challenger and digital-only banks: Newly highlighted as vulnerable to onboarding fraud and poor due diligence. Some firms are disproportionately exposed to mule accounts. 
  • Wealth management and private banking: High risk remains. There are continued threats from complex structures and high-risk clients, especially those linked to corruption. 

Non-financial sectors: Changes in risk levels

  • Trust and company service providers (TCSPs): Risk is now high, including UK and overseas-based firms. Abuse of company formation and nominee services is persistent. 
  • Estate agents and letting agents: 
    • Estate agents: Medium risk remains, but concerns around overseas buyers and opaque structures flagged. 
    • Letting agents: Upgraded to medium risk due to criminal use of rental properties as laundering channels. 
  • High-value dealers: Medium risk remains, but new attention is being paid to trade-based laundering and cultural goods. 
  • Legal sector: High risk remains especially for conveyancing, trust formation and client account misuse. 
  • Accountancy services: High risk remains. Small practices are especially vulnerable due to inconsistent controls. 

Cash and informal channels

  • Cash: Continues to be a major laundering channel. While declining in retail, it remains integral to street-level crime and informal value transfer. 
  • Hawala and IVTS: Maintained as high risk for laundering and terrorist financing. Often exploited to move criminal funds abroad. 

Fraud: A dominant predicate offence

  • Fraud is now seen as the most significant source of criminal funds, overtaking drugs. 
  • Online fraud, authorised push payment (APP) scams and romance fraud are key sources. 
  • Laundering often involves layering via digital platforms, shell companies, and crypto. 

Terrorist financing

  • Risk remains medium. 
  • Self-funded actors using low-level fraud, cash or online donations remain the dominant model. 
  • Abuse of charities is still rare but monitored. 
  • Crypto use by terrorist actors remains limited but growing in interest. 

Geographic Risk Trends

  • Sanctions evasion, especially linked to Russia, has intensified. 
  • Exposure to high-risk jurisdictions, including those under FATF or UK sanctions, remains a red flag. 
  • Some small UK firms still engage with high-risk clients without adequate controls. 

Notable additions 

  • Crypto mixers, privacy coins and DeFi now explicitly referenced as rising laundering risks. 
  • Widespread use of nominee directors and opaque ownership remains a core concern across sectors. 
  • Emerging technologies such as AI and instant payments are flagged as both opportunities and threats for AML/CFT.

 

An evolving threat

 

The latest NRA confirms that the AML threat in the UK is evolving but not diminishing. While many risks are familiar, they are now more complex, better resourced, and digitally enabled. For businesses, this means:

  • Staying vigilant, particularly in high-risk sectors 
  • Using the NRA proactively to drive smarter compliance and due diligence 
  • Preparing for regulatory changes that will demand more targeted, risk-based controls 

Those who don’t adapt, risk not only regulatory sanctions but also reputational damage and exposure to criminal exploitation. This is a time to strengthen defences, not relax them.

 

As the landscape continues to shift, it’s clear that the country’s AML regime is becoming more sophisticated, more dynamic and more demanding. The updated NRA and the forthcoming MLR reforms expect firms to demonstrate real understanding of their risks, not simply compliance with process. Those that invest now in refreshing their assessments, strengthening their controls and embedding risk-based thinking across their operations will be far better prepared for the regulatory expectations of 2026.

 

The challenge is significant, but so is the opportunity. Firms that adapt early will not only reduce their exposure to regulatory scrutiny and financial crime, but will also build more resilient, modern compliance frameworks capable of responding to increasingly complex threats.

 

In Part 3 of this series, we will explore what effective AML compliance looks like in practice, providing practical examples and frameworks to help organisations implement the changes required and move from awareness to action.

 

Our Conversational Learning course on AML due diligence turns passive training into active engagement. Through rich, multimedia scenarios and guidance from our AI experts, you’ll explore fundamental AML principles with the ability to adapt to your experience, role and level of understanding. Try it now.