AML & KYC Compliance UK —
Stay Compliant, Protect Your Business

The most common AML compliance failure is having no written policy. Verbal awareness of AML obligations is not sufficient — HMRC and professional body supervisors require a documented, written policy covering all required elements. An AML inspection without a written policy almost always results in a compliance notice and fine.

Client Due Diligence must be conducted on every client before establishing a business relationship — not just on clients that appear suspicious. Selective CDD based on gut feel is non-compliant. We implement systematic CDD procedures covering all new clients with risk-based EDD triggered for higher-risk situations.

All staff involved in regulated activities must receive AML training — including senior management. Many businesses train their MLRO but not front-line staff who first interact with clients. Training records must be maintained for supervisory inspection.

Failure to file a Suspicious Activity Report (SAR) with the National Crime Agency (NCA) when there is knowledge or suspicion of money laundering is a criminal offence. Many businesses are unaware of the reporting obligation or the process. We establish SAR procedures and train staff on when and how to report.

The regulated sector includes: banks and financial institutions, external accountants and tax advisers, auditors, insolvency practitioners, estate agents, trust or company service providers, high-value dealers (cash transactions above €10,000), gambling operators and crypto asset businesses. If your business falls within any of these categories, the Money Laundering Regulations 2017 apply and AML compliance is a legal requirement.

CDD is the process of verifying the identity of your clients and understanding the nature of the business relationship. Standard CDD requires: verifying the client’s identity (government ID, photo ID), verifying their address (utility bill, bank statement), understanding the purpose and nature of the business relationship, and for corporate clients, verifying the identity of ultimate beneficial owners (above 25% ownership). Enhanced CDD (EDD) applies to higher-risk clients, politically exposed persons and non-EEA correspondent relationships.

HMRC is the AML supervisor for businesses that are not supervised by a recognised professional body (FCA, ICAEW, Law Society, etc.). HMRC-supervised business types include trust or company service providers, high-value dealers, estate agents (for rental above certain thresholds) and other businesses not supervised elsewhere. HMRC-supervised businesses must register with HMRC before commencing regulated activity and pay an annual supervision fee.

A SAR is a report filed with the National Crime Agency (NCA) via the Suspicious Activity Reporting Online portal when a regulated business has knowledge or suspicion that another person is engaged in money laundering or terrorist financing. Filing a SAR provides a ‘defence’ against money laundering charges for the reporting business. Failing to report when there are grounds for suspicion is a criminal offence under the Proceeds of Crime Act 2002.

There is no prescribed frequency in the regulations, but HMRC and professional body guidance suggests annual refresher training as a minimum — with additional training whenever there are significant regulatory changes or when staff join. Training records (dates, content, attendees) must be maintained for supervisory inspection. We provide annual AML training updates for all client businesses.