Share
In early September 2025, HM Treasury published a draft version of the Money Laundering and Terrorist Financing (Amendment and Miscellaneous Provision) Regulations (2025) (the “Draft Regulations”).
This was accompanied by a policy paper setting out its policy intention. The proposed amendments followed a public consultation on ‘Improving the Effectiveness of the Money Laundering Regulations’ (MLRs) with the Government’s aim being to close regulatory loopholes, address proportionality concerns, and account for evolving risks in money laundering and terrorist financing.
The key measures of the Draft Regulations and the connected policy intent are as follows:
Making customer due diligence more proportionate and effective
Policy intent: ensure customer due diligence (“CDD”) triggers are clear and consistent across all sectors.
- The Draft Regulations align transaction-based CDD requirements for letting agents and art market participants with those for high value dealers.
Policy intent: facilitate continued access to banking services for customers following a bank or building society insolvency event, while maintaining AML safeguards.
- New provisions will allow credit institutions, in specific circumstances following a bank insolvency, to verify the identity of customers from insolvent banks after account opening. This is provided that ID verification is completed as soon as practicable (subject to specific safeguards including that onboarding firms must notify the FCA, to allow supervision ).
Policy intent: ensure enhanced due diligence measures are targeted, evidence-based, and proportionate, so that firms can focus their efforts on the transactions and jurisdictions that present the greatest risk.
- The Draft Regulations narrow the EDD requirement to only “Financial Action Task Force (FATF) call for action countries,” thus ensuring firms focus resources on the highest-risk jurisdictions for the UK.
- The Draft Regulations also clarify that EDD is required only where transactions are unusually complex or large relative to sector norms or the nature of the deal.
Policy intent: increase the supply and accessibility of PCAs for businesses with a legitimate need, while maintaining robust risk-based controls.
- The Draft Regulations decouple pooled client accounts (PCAs) from the simplified due diligence (“SDD”) framework, removing the requirement for banks to treat PCAs as “low risk” or only offer them to AML/CTF-regulated customers.
It is proposed that financial and credit institutions take reasonable steps to understand the purpose of a PCA, gather sufficient information on the customer’s business, assess account risk, and apply extra controls where needed. - It is also proposed that PCA holders, on request, provide the bank with information about the identity of persons whose funds are held in the account.
- For businesses operating in the relevant sectors (letting agents, art market participants and credit institutions), or those dealing with persons in ‘high risk countries’ and PCAs, the proposed changes may necessitate an assessment and re-calibration of their various due diligence frameworks.
Strengthening system coordination
Policy intent: strengthen cooperation and information sharing between AML/CTF supervisors and other public bodies.
- The Draft Regulations impose a duty upon Companies House to cooperate with AML supervisors, reflecting its strengthened role in corporate transparency and the UK’s AML framework.
- The Financial Regulators Complaints Commissioner is to be added to the list of relevant authorities eligible for information sharing under the regulations (with a view to ensure more effective oversight in the AML framework).
- The Draft Regulation expands the FCA’s ability to share confidential information to include crypto asset firm supervision. The Draft Regulation also updates the defence for confidentiality breaches to align with Financial Services and Markets Act 2000 (FSMA).
Providing clarity on scope and registration issues
Policy intent: simplify compliance by reducing conversion complexity and reflect UK market practice post-EU exit.
- The Draft Regulations convert all monetary thresholds for CDD, reporting, and transaction triggers from euros to sterling with some thresholds adjusted to ensure that the UK continues to meet international standards set by the FATF.
Policy intent: close a gap in the MLRs by ensuring that CDD is carried out across the full range of TCSP services.
- The Draft Regulations make selling ‘off-the-shelf firms’ a regulated activity for Trust and Company Service Providers (TCSP), ensuring compliance with the MLRs, including CDD and ongoing monitoring.
Policy intent: amend registration and change-in-control thresholds for crypto asset firms with FSMA, ensuring consistency and capturing complex ownership structures in fit and proper checks.
- The Draft Regulations update the fit and proper person test and change of control notification requirements for crypto asset firms to align with the FMSA. This includes shifting the focus from beneficial owners to FSMA-defined controllers and harmonising thresholds for pre and post-FSMA regimes. This will commence when the forthcoming FSMA crypto asset authorisation regime comes into force. The FCA will, however, continue to apply the fit and proper test to a beneficial owner where the crypto asset business is registered under the MLRs before the new regime commences.
- Companies may wish to update their CDD policies to align them with the new post-EU exit practice. Further, those TCSPs may wish to create new policies outlining their CDD practice and approach when selling off the shelf firms, as a new regulated activity is created.
Reforming registration requirements for the Trust Registration Service
Policy intent: improve the effectiveness of the Trust Registration Service by closing loopholes that could be leveraged to obscure asset ownership, improving transparency of beneficial ownership of trusts with significant UK connections and refining registration requirements for other types of trust.
Proposed further MLRs revisions
The Draft Regulations also make various other additional minor and technical changes to the MLRs in order to ensure consistency, clarity and a risk-based approach, including those relating to:
- Updating exemptions for overseas sovereign wealth funds
- Ensuring that reinsurance contracts are not subject to AML requirements in place for direct insurance providers
- Requiring crypto asset exchange providers and custodian wallet providers to apply enhanced due diligence in correspondent relationships
- Amending the MLRs so that FCA-supervised money service businesses or trust and company service providers which have provided the FCA with information under that regulation are required to report to the FCA any inaccuracies in that information (in line with the FSMA 2000 (Regulated Activities and Miscellaneous Provisions) (Crypto asset) Order 2025).
Some of the key changes for clients to be aware of are those relating to crypto asset exchange providers (who must review their correspondent relationships, applying EDD). Money-service businesses who are FCA supervised must report any inaccuracies in information previously provided. Detailed assessments of historic information supplied to the FCA should be reviewed in compliance.
Comment
The above developments formed part of a wider technical consultation, which closed at the end of September 2025, with a final instrument expected to be laid in early 2026. Businesses should therefore begin working to renew policies and undertake reviews of historic frameworks and transactions, so that they can update their procedures seamlessly upon the legislation changing.
Kennedys Tax Disputes and Investigations team has a wealth of experience in providing advice to companies operating across all sectors in respect with their MLR compliance. For further information on the changes, how these may apply to your business, and what risks they pose, please get in contact with a member of our team.
Related article:
United Kingdom