After a headline-heavy January, the focus shifted to structural developments that will shape how AML frameworks operate over the next few years.
Here’s a look at the February developments shaping compliance priorities and what they mean in practice for regulated firms.
Catch up on January’s regulatory roundup here.
The United Kingdom
Companies House identity verification and ACSP roll-out
In the UK, February has been quieter in headline terms, but not in workload. The reform agenda driven by the Economic Crime and Corporate Transparency Act continues to roll through Companies House.
Identity verification requirements and the authorised corporate service provider (ACSP) regime are progressing. From spring 2026, regulated agents such as accountants and lawyers will need to register as ACSPs to file or act for clients. The direction of travel is clear: stronger corporate transparency and clearer accountability for those interacting with the register.
You may also like: Identity verification for UK directors and PSCs: What the new rules mean for you
Preparations for AML supervisory consolidation under the FCA
In parallel, the government’s reform programme will begin transferring AML supervisory responsibilities from professional body supervisors to the Financial Conduct Authority. Planning and transition work are under way throughout 2026.
If your firm is currently supervised for AML purposes by a professional body, you should be preparing for a different style of supervision. The FCA is likely to apply a more data-led, outcomes-focused approach, with greater emphasis on senior manager accountability, management information and reviews.
This is the time to assess how your AML governance would look through an FCA lens. Board reporting, escalation frameworks and documented risk appetite statements should be reviewed with that future supervisory relationship in mind. Waiting until formal migration notices arrive would leave you on the back foot.
The European Union
AMLA starts to show its teeth
February 2026 feels like the month the EU’s new AML architecture moved from theory to delivery. The European Anti-Money Laundering Authority (AMLA) has published three consultation papers on draft regulatory technical standards under Sixth Money Laundering Directive and the directly applicable AML regulation.
These standards are where the detail lives and where high-level political agreement turns into expectations on compliance, risk assessment, customer due diligence and controls.
AMLA has also set out its 2026 – 2028 plan, under which it will finalise its risk‑assessment methodology in 2026, begin selecting directly supervised institutions in 2027, and is expected be fully operational by 2028 (overseeing around 40 high‑risk EU financial institutions).
Updated high-risk third-country list takes effect
From 29 January 2026, amendments to Delegated Regulation (EU) 2016/1675 brought an updated EU list of high-risk third countries into force. The change stems from Delegated Regulations (EU) 2026/46 and 2026/83 and affects 26 jurisdictions.
Bolivia, the British Virgin Islands, and the Russian Federation have been added to the list, while the following countries will be removed from the list: Burkina Faso, Mali, Mozambique, Nigeria, South Africa, and Tanzania.
This has immediate consequences for onboarding and monitoring processes. Where customers, beneficial owners or counterparties are linked to a listed jurisdiction, enhanced due diligence and increased transaction scrutiny are mandatory. That translates into deeper source-of-funds checks, more comprehensive documentation and potentially shorter review cycles.
Screening tools need to reflect the update, but that is only the starting point. Risk ratings may need to shift. Monitoring scenarios should be reviewed to confirm that flows involving newly listed countries trigger appropriate alerts. Senior management will expect comfort that exposure has been identified and controlled.
The United States
FinCEN delays the investment adviser AML rule
Across the Atlantic, the most material development affecting February planning was the January decision by the Financial Crimes Enforcement Network to extend the effective date of its final AML/CFT rule for SEC-registered and exempt reporting investment advisers from 1 January 2026 to 1 January 2028.
The rule would have required advisers to implement Bank Secrecy Act-compliant AML programmes, including suspicious activity monitoring and reporting, and potentially customer identification requirements developed jointly with the U.S. Securities and Exchange Commission. The two-year delay provides breathing space, but it also creates uncertainty. FinCEN has indicated it will reassess the rule and may adjust its scope or burden during this period.
Strengthen Your AML, KYC and KYB framework for 2026
If you’re reviewing your KYC and KYB controls in light of these changes, now is the time to sense-check how your customer due diligence, beneficial ownership verification and monitoring frameworks stand up to what regulators are signalling.
To explore how smarter KYC and KYB processes can support stronger AML compliance in 2026, request a demo to see how our end-to-end platform can support your team.
