Financial crime isn’t standing still, and neither can regulated firms. From money laundering to fraud and terrorist financing, the threats are evolving faster than traditional compliance processes can handle. Regulatory expectations are tightening, supervision is becoming more proactive, and gaps in AML frameworks can carry serious consequences for both organisations and individuals.

This guide breaks down the latest UK, EU, and global developments in AML regulation, from FCA business plans and Companies House reforms to EU AML directives and FATF updates.

The UK AML regulatory landscape

FCA strategy, business plans & supervisory priorities

The Financial Conduct Authority continues to set the tone for how financial crime is tackled across the UK. Its business plans consistently point back to a clear objective: reducing and preventing serious harm, with financial crime sitting firmly at the centre of that ambition. Firms are expected to have strong systems and controls in place, backed by data, oversight, and senior accountability.

Recent updates reinforce a shift towards outcomes rather than box-ticking. The FCA has made it clear that simply having policies isn’t enough. What matters is how those controls perform in practice, how quickly risks are identified, and how effectively firms respond. Supervisory activity reflects this thinking, with more proactive use of data, targeted interventions, and a willingness to step in earlier where weaknesses appear.

There’s also a growing focus on how financial crime links to broader priorities like consumer protection and market integrity. This means AML isn’t treated in isolation anymore. It sits alongside conduct, governance, and operational resilience, which raises expectations across the board for compliance teams.

UK AML regulatory framework

The UK’s AML framework is built on a mix of legislation, oversight bodies, and supervisory coordination. At its core sit the Money Laundering Regulations 2017, which set out the baseline requirements for customer due diligence, risk assessments, and ongoing monitoring.

Oversight is shared. The FCA supervises financial services firms, while professional body supervisors are monitored by the Office for Professional Body Anti-Money Laundering Supervision. Sitting above this, HM Treasury shapes policy and legislative direction, working alongside law enforcement and intelligence bodies.

This structure has been under steady pressure to evolve. Reviews have highlighted inconsistency in supervision across sectors, particularly in legal and accountancy services. That’s led to proposals for a more centralised model, aiming to tighten oversight and create a more uniform standard of supervision across the UK.

For firms, this layered framework means dealing with multiple expectations at once. Regulatory alignment, reporting obligations, and supervisory scrutiny can come from different angles, which makes clarity and coordination inside the business even more important.

Post-Brexit regulatory direction & divergence

Since leaving the EU, the UK has started to shape its own path on AML policy, although much of the existing framework still reflects earlier European directives. There’s a clear intention to retain high standards while allowing room for flexibility where it suits the UK market.

In practice, this creates a balancing act. On one hand, the UK continues to align with global standards set by bodies like the FATF. On the other, there’s increasing willingness to refine rules domestically, particularly where regulators see opportunities to improve effectiveness or reduce friction for firms.

This gradual divergence isn’t happening overnight, but it’s enough to require attention. Firms operating across jurisdictions need to keep track of where UK requirements begin to differ from EU expectations, especially in areas like beneficial ownership, reporting thresholds, and supervisory approaches.

What’s emerging is a system that still feels familiar but is starting to move in its own direction. For compliance teams, that means keeping one eye on UK-specific developments while staying connected to the wider international picture.

Structural reforms in UK AML requirements and supervision

FCA as Single Professional Services Supervisor (SPSS)

Plans to appoint the FCA as the Single Professional Services Supervisor mark a significant shift in how AML supervision is organised in the UK. Bringing oversight of professional services under one regulator is intended to address inconsistencies and raise standards across sectors.

The move reflects long-standing concerns about variation in supervision, particularly among professional body supervisors. A centralised model is expected to create a more consistent approach, with clearer expectations and stronger accountability.

Evolution of the UK supervisory model

“The UK’s supervisory framework has historically relied on a mix of regulators and professional body supervisors. While this model allowed for sector-specific expertise, it also led to uneven standards and gaps in oversight.

Over time, pressure has built for change. Reviews and assessments have pointed to the need for greater consistency, leading to a gradual shift towards centralisation. The proposed reforms are the clearest sign yet that the current model is being reshaped to address those concerns.

A shift in how company data is trusted

Changes at Companies House mark a clear move away from the old model where information could be filed with very little friction. The focus now is on improving the reliability of the register, with identity verification sitting at the centre of that shift.

For a long time, one of the biggest criticisms of the UK system was how easy it was to set up and run companies using false or misleading details. The new reforms aim to close that gap by introducing mandatory identity checks for directors and others involved in company management. It’s a significant change in tone, with a stronger emphasis on accountability and transparency.

Identity verification requirements at Companies House

Under the new requirements, individuals acting as company directors will need to verify their identity before they can be appointed and continue in their role. This applies not only to new appointments but also to existing directors, as part of a wider effort to clean up the register. Verification can be carried out directly through Companies House or via an authorised intermediary, such as an agent already involved in company filings.

The process is designed to confirm that individuals are who they claim to be, reducing the risk of fictitious or impersonated directors appearing on the register. There’s also a broader scope beyond directors. People with significant control and those filing information on behalf of companies are expected to fall within the same framework, which tightens oversight across the full lifecycle of a company.

EU AML directives and regulatory frameworks

5th Anti-Money Laundering Directive (5AMLD)

The 5th Anti-Money Laundering Directive marked a turning point in how transparency is handled across the EU. One of its most talked-about changes was the push for greater visibility over beneficial ownership, particularly through central registers. The idea was simple on paper: make it harder to hide behind complex corporate structures and easier for firms and authorities to see who’s really in control.

In practice, it introduced tighter expectations around due diligence, especially when dealing with higher-risk jurisdictions and sectors. It also expanded the scope of AML rules to cover areas like virtual currencies and prepaid instruments, reflecting how financial crime risks were evolving at the time.

The debate around rules versus a risk-based approach didn’t disappear, though. While 5AMLD added more prescriptive elements, firms were still expected to apply judgement. That tension between clear rules and flexible risk assessment continues to shape how AML frameworks are applied across Europe.

6th Anti-Money Laundering Directive (6AMLD)

The 6th Anti-Money Laundering Directive built on earlier directives by focusing more heavily on enforcement and criminal liability. While previous frameworks concentrated on prevention, 6AMLD sharpened the legal consequences of getting it wrong.

It introduced a more harmonised definition of money laundering offences across the EU, along with stricter minimum penalties. This was aimed at reducing variation between member states and making enforcement more consistent.

For firms, the shift was clear. AML isn’t only about systems and controls; it also carries direct legal implications for organisations and individuals involved in failures.

The next phase: EU AMLA and a more centralised model

The EU is now moving towards a more centralised system with the creation of the Anti-Money Laundering Authority. This new authority is designed to strengthen supervision and improve consistency across member states, addressing long-standing concerns about uneven enforcement.

AMLA will have direct supervisory powers over certain high-risk financial institutions, while also coordinating national regulators and supporting joint supervisory actions. Alongside this, the EU is introducing a single rulebook, replacing the directive-based approach with regulations that apply more uniformly across all member states.

This marks a notable shift. Instead of relying heavily on national implementation, the EU is moving towards a system with more central oversight and fewer gaps between jurisdictions.

For firms operating across Europe, this means closer alignment of rules but also tighter supervision. Expectations are becoming more consistent, and the margin for interpretation is starting to narrow.

Global AML standards and FATF developments

FATF recommendations and updates

At a global level, the benchmark for AML standards comes from the Financial Action Task Force. Its recommendations set the baseline for how countries design their AML and counter-terrorist financing frameworks, and they influence everything from local legislation to supervisory expectations.

These recommendations aren’t static. They’re updated to reflect new risks, changes in financial systems, and gaps identified through mutual evaluations. Recent updates have focused on areas like virtual assets, beneficial ownership transparency, and the role of gatekeepers such as legal and professional services firms.

For compliance teams, FATF guidance often sits behind domestic regulation. Even when not directly referenced, it shapes the direction regulators take, which makes it worth tracking closely.

Grey list and blacklist monitoring

One of the FATF’s most visible tools is its monitoring of jurisdictions through what are commonly known as the grey list and blacklist. These lists highlight countries with strategic deficiencies in their AML frameworks, either under increased monitoring or subject to more serious countermeasures.

The FATF Grey List includes countries that have committed to addressing weaknesses within agreed timeframes. The FATF Blacklist, on the other hand, identifies those with more significant concerns, where enhanced due diligence and, in some cases, restrictions are expected.

These lists are updated regularly, and changes can have immediate implications. A jurisdiction moving onto the grey list can quickly shift how firms assess risk, while removal can ease certain controls, depending on internal policies.

Impact on cross-border compliance and risk exposure

For firms operating internationally, FATF developments feed directly into cross-border risk management. Exposure to higher-risk jurisdictions often triggers enhanced due diligence, additional monitoring, and closer scrutiny of transactions.

This isn’t limited to direct relationships. Indirect exposure, such as customers with links to listed jurisdictions or complex ownership structures spanning multiple countries, also needs to be considered.

Regulators expect firms to stay on top of these changes and reflect them in their risk frameworks. That includes updating country risk ratings, adjusting onboarding controls, and reviewing existing relationships where necessary.

Jurisdictional risk management

Managing jurisdictional risk has become a more active process. Static country risk lists are giving way to more dynamic models that take into account political developments, regulatory changes, and enforcement activity.

Firms are expected to go beyond simply noting whether a country appears on a FATF list. There needs to be a broader understanding of the risk environment, including corruption levels, sanctions exposure, and the effectiveness of local AML regimes.

This level of detail supports more informed decision-making, particularly when entering new markets or maintaining relationships that carry higher levels of risk. It also helps demonstrate to regulators that risk assessments are grounded in current, relevant information rather than outdated assumptions.

What this means for your firm’s AML compliance

All of these updates, from UK reforms through to EU developments and global standards, point in the same direction. Expectations are rising, supervision is becoming more hands-on, and there’s less tolerance for gaps that have been overlooked in the past. For compliance teams, the focus now is on making sure frameworks stand up in practice, not just in policy documents.

A good starting point is reviewing your risk assessment. It needs to reflect current threats, including exposure to higher-risk jurisdictions flagged by the Financial Action Task Force, as well as any sector-specific risks highlighted by the Financial Conduct Authority. If it hasn’t been updated recently, it’s likely already out of step with regulatory expectations.

Customer due diligence processes also need a closer look. With changes like identity verification reforms at Companies House, there’s an opportunity to strengthen how ownership and control are verified. At the same time, firms should be checking that enhanced due diligence is being applied consistently where it’s needed, particularly for complex structures or cross-border relationships.

There’s real value in stepping back and testing how your AML controls perform day to day. That means looking at transaction monitoring, sanctions screening, and escalation processes to see where issues are missed or handled too slowly. Weaknesses here are often what regulators focus on first.

Documentation is another area that tends to fall short. It’s not enough to make the right decision; firms need to show how and why that decision was made. Clear audit trails, well-documented risk ratings, and consistent application of policies all play into how a firm is assessed under scrutiny.

Training should also reflect what’s actually happening in the business. Generic sessions don’t go far. Teams need to understand the specific risks they deal with and how those risks show up in real scenarios.

Global AML compliance FAQs

What is global AML compliance?

Global AML compliance refers to the standards, regulations, and frameworks that organisations follow to prevent money laundering and terrorist financing across multiple jurisdictions. It involves aligning with international guidelines, such as those set by the FATF, while meeting the specific requirements of each country where a business operates.

Why do international AML frameworks matter?

International AML frameworks provide consistency and guidance for detecting and preventing financial crime across borders. They help reduce risks associated with complex ownership structures, cross-border transactions, and exposure to high-risk jurisdictions, making it easier for firms to manage compliance and demonstrate due diligence globally.

What role does the FATF play in global AML regulation?

The Financial Action Task Force (FATF) sets international AML standards, issues recommendations, and monitors compliance through mutual evaluations. Its guidance shapes national regulations and helps countries and firms maintain alignment with global best practices, including monitoring high-risk jurisdictions and emerging threats.

What are FATF grey and blacklists?

FATF grey and blacklists identify jurisdictions with weaknesses in their AML frameworks. Grey-listed countries are under increased monitoring to address deficiencies, while blacklisted countries are considered high-risk with strategic shortcomings. Firms use these lists to adjust due diligence measures and manage cross-border risk exposure.

How do regional regulations like the EU AMLA affect global compliance?

Regional bodies like the EU Anti-Money Laundering Authority (AMLA) introduce centralised supervision and harmonised rules across member states. Firms operating in multiple countries must adapt their AML frameworks to comply with these regulations while remaining aligned with domestic rules, creating a more consistent but closely monitored compliance environment.

What are the practical implications for firms?

Firms must integrate global AML standards into their policies, conduct thorough risk assessments for cross-border relationships, monitor changes in high-risk jurisdictions, and maintain clear documentation of due diligence measures. Staying proactive helps reduce regulatory exposure and strengthens overall financial crime resilience.