Anti-money laundering (AML) is the discipline of preventing, detecting and reporting attempts to disguise the proceeds of crime as legitimate funds. It is not a single rule but a layered framework. In the UK the principal sources are the Proceeds of Crime Act 2002 (POCA), which creates the money-laundering offences and the duty to report suspicion, and the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the MLRs), which require regulated firms to maintain risk assessments, customer due diligence, ongoing monitoring and reporting systems. The FCA supervises most financial-services firms for AML compliance.
Why AML matters
AML controls are a legal obligation, not a discretionary policy. A firm that fails to maintain adequate systems and controls can be fined under the FCA’s powers and Regulation 76 of the MLRs 2017, while individuals can commit criminal offences under POCA for laundering, failure to disclose or tipping off. The FCA has repeatedly fined firms for weak AML frameworks, and senior managers can be held personally accountable under SM&CR.
How AML differs from specific regulations
It is important to distinguish the discipline from its instruments. The MLRs 2017 set out the preventive systems-and-controls obligations; POCA 2002 creates the substantive criminal offences and the suspicious activity reporting regime; the Terrorism Act 2000 addresses terrorist financing; and OFSI administers financial sanctions. AML is the umbrella under which all of these sit, alongside firms’ own risk-based policies.
Who it applies to
All firms within the regulated sector under Schedule 9 of POCA and the MLRs 2017 (banks, insurers, investment firms, payment and e-money institutions, and many professional-services firms), together with their senior managers, MLROs and front-line staff.