AML Legal Framework for Credit Institutions in the UK
AML Legal Framework for Credit Institutions in the UK: What is in Store
- The UK maintains a comprehensive AML Legal Framework to prevent the misuse of Credit Institutions for Money Laundering, Terrorism Financing and Proliferation Financing activities.
- SAMLA 2018, MLR 2017, POCA 2002, TACT 2000 and several other acts together shape the AML Legal Framework for Credit Institutions in the UK.
- The Financial Conduct Authority (FCA) supervises Credit Institutions in the UK for AML Compliance.
- The AML Legal Framework for Credit Institutions in the UK requires Credit Institutions to adhere to various compliance measures such as Risk Assessment, CDD, Policies, Procedures, SAR Reporting, Record-Keeping, etc.
Who are Credit Institutions under the UK’s AML Legal Framework?
The UK’s primary Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Counter-Proliferation Financing (CPF) legal framework defines Credit Institutions by their core functions and legal status.
Regulation 8 of MLR, 2017, has listed out a wide range of businesses and professionals that are covered under the ambit of AML/CFT/CPF framework. These regulated sectors are termed “Relevant Persons”, and Credit Institutions are one of them.
While Regulation 8 lists out a Credit Institution as a Relevant Person for AML/CFT/CPF compliance, Regulation 10(1) of MLR, 2017 outlines an explicit definition of who to consider as a Credit Institution.
A Credit Institution is legally defined as,
- An institution defined in Article 4.1 (1) of the Capital Requirements Regulation
- A branch of such an institution located in the United Kingdom, regardless of where the head office is located
An organisation is classified as a Credit Institution when it performs the following core activities:
- Accepting deposits or other repayable funds from the public
- Granting credits for its own account
- Bidding directly in the auctions on behalf of clients in accordance with the emission allowance auctioning regulations
It is important to note that under the UK’s AML/CFT/CPF regime, Credit Institutions and Financial Institutions are defined separately. Unlike general phenomena, these two sectors are treated as distinct regulated categories under the UK’s AML/CFT/CPF legal framework.
Key AML Laws and Regulations Applicable to Credit Institutions in the UK
The AMLLegal Framework for Credit Institutions in the UK primarily comprises the following laws and regulations:
- Credit Institutions in the UK are required to adhere to the obligations laid down under the SAMLA, 2018.
- This law establishes the UK’s independent framework for imposing sanctions and making AML regulations after Brexit.
- For Credit Institutions, this act forms the legal basis for financial sanctions compliance.
- The obligations to screen customers against sanctions lists, freeze assets of a designated person and prohibit any business relationship with a designated person arise from this act for Credit Institutions.
- The MLR, 2017 is the core AML/CFT/CPF regulation applicable to Credit Institutions in the UK. As “Relevant Persons”, Credit Institutions must comply with all AML/CFT/CPF obligations laid down under this law.
- The key obligations for Credit Institutions under MLR, 2017 include Risk Assessment, Customer Due Diligence, Policies and Procedures, Ongoing Monitoring, Record-Keeping, Staff Training and Suspicious Activity Disclosures requirements.
- POCA, 2002, forms the core criminal law framework for Credit Institutions pertaining to Money Laundering in the UK.
- For Credit Institutions, this act creates a legal obligation to report Suspicious Activities to National Crime Agencies.
- The Credit Institutions under this act may face criminal liability if they knowingly or negligently assist in procuring the offence of Money Laundering.
- This act also categorises “Tipping off” as a criminal offence.
- Terrorism Act, 2000, establishes primary legal basis for Terrorist Financing offenses for Credit Institutions in the UK.
- Credit Institutions under this act have an obligation to report suspicions related to terrorist property and terrorism financing; failing to do so may result in criminal liability.
- The Counter Terrorism (Sanctions) (EU Exit) Regulations 2019 require Credit Institutions to identify accounts or assets belonging to designated persons, freeze such assets without delay and report any dealings with these persons to the relevant authorities.
- These regulations establish the UK’s post-Brexit terrorist asset-freezing regime under SAMLA.
- The Economic Crime (Transparency and Enforcement) Act, 2022, introduces measures to increase transparency in property ownership for Credit Institutions.
- Under this act, Credit Institutions must consider the Register of Overseas Entities when conducting due diligence on customers involved in UK property transactions and apply enhanced scrutiny where beneficial ownership structures are unclear.
- The Economic Crime and Corporate Transparency Act, 2023, strengthens corporate transparency for Credit Institutions and improves the reliability of information held by Companies House.
- Credit Institutions under this act must consider new identity verification requirements for company directors and persons with significant control when conducting CDD on corporate clients.
- FSMA, 2000 grants the Financial Conduct Authority (FCA) oversight power through which it supervises Credit Institutions.
- The Anti-Terrorism, Crime and Security Act, 2001 frames the obligations for Credit Institutions to comply with asset freezing orders and forbids the provision of funds or economic resources to prohibited parties.
- The European Communities Act 1872 provided the original legal basis, before Brexit, for the Treasury to introduce MLRs applicable to Credit Institutions.
- Many AML obligations previously applied to Credit Institutions through EU-derived regulations introduced under this act before Brexit.
The Counter Terrorism Act, 2008, allows the Treasury to require Credit Institutions to apply enhanced due diligence or restrict business with persons linked to high-risk jurisdictions. It also addresses risks relating to proliferation financing and weapons development.
- Although primarily for national security, this law puts an obligation on Credit Institutions to ensure that their services are not used to facilitate transactions linked to prohibited biological weapons activities or Proliferation Financing.
- This Act prohibits the development, production, acquisition, or possession of biological weapons and related agents except for peaceful purposes.
- Violations can result in severe criminal penalties for Credit Institutions, including life imprisonment.
- Under the Chemical Weapons Act, 1996, Credit Institutions must remain vigilant for transactions that may indicate Proliferation Financing or the funding of activities connected to chemical weapons development or procurement.
- This Act implements international obligations relating to chemical weapons and criminalises their development, production, possession, or use.
Build a Strong AML Legal Framework for Your Credit Institution
Establish a Robust Compliance Structure to Meet Your Regulatory Obligations and Mitigate Financial Crime Risks.
AML Guidance Applicable to Credit Institutions
Under the AML Legal Framework for Credit Institutions in the UK, the following are the general and sector-specific guidance issued by various authorities:
General Guidance:
- UK Financial Sanctions General Guidance January 2026
- HMT Risk assessment of proliferation financing September 2021
- HMT AML and CFT: Supervision Report: 2022-23 (May 2024)
- HM Government Economic Crime Plan 2 2023-26
- Economic Crime Survey 2024
- FDCO OFSI OTSI DoT HMT DBT Starter Guide to UK Sanctions January 2026
- OFSI HMT Guidance Reporting Information to OFSI July 2025
- HMT Guidance Using digital identities with the Money Laundering Regulations February 2026
- MHCLG HE MHCLG DLUHC Guide on ’Know your customer’ guidance - October 2016
Specific Guidance:
- FCA Sourcebook FCG Financial Crime Guide: A firm’s guide to countering financial crime risks (FCG) February 2026
- OFSI Financial Services Threat Assessment February 2025
- FCA Guidance on Treatment of Politically Exposed Persons (PEPs) for AML Purposes (July 2025)
- Joint Money Laundering Steering Group (JMLSG) Guidance 2025
Supervisory Authority for Credit Institutions within AML/ CFT/ CPF Legal Framework for Credit Institutions in the UK
The Financial Conduct Authority (FCA) oversees compliance with the AML Legal Framework for Credit Institutions in the UK.
As part of their AML obligation, Credit Institutions must register with the FCA.
The FCA’s responsibility towards Credit Institutions includes:
- Monitor the AML compliance of Credit Institutions
- Issue guidelines and other directives for Credit Institutions pertaining to AML obligations
- Conduct regular inspections of Credit Institutions
- Impose penalties or other enforcement actions for regulatory breaches on Credit Institutions
Evaluate Your AML Compliance Readiness
Examine AML Program of Your Business to Uncover Internal Vulnerabilities Before It Reaches the Eyes of Regulators
AML Law Enforcement Agencies for Credit Institutions in the UK
Financial crime intelligence and investigations in the UK are handled by several designated Law Enforcement Agencies, which are as follows:
- National Crime Agency (NCA)
- UK Financial Intelligence Unit (UKFIU)
- Office of Financial Sanctions Implementation (OFSI)
- Office of Trade Sanctions Implementation (OTSI)
- National Economic Crime Centre (NECC)
- Crown Prosecution Service (CPS)
- Serious Fraud Office (SFO)
- Border Force
- Regional Organised Crime Units (ROCUs)
- Metropolitan Police Service (Counter Terrorism Command)
- Companies House
- Insolvency Service
Implications of the UK’s National Risk Assessment on Credit Institutions
The UK’s recent National Risk Assessment of Money Laundering and Terrorist Financing, July 2025, issued by HM Treasury, identifies Credit Institutions as a high-risk sector for ML/TF/PF activities.
There are various reasons in the NRA findings to deem Credit Institutions as high-risk. One of the major reasons is that they are the primary entry point for illicit funds into the formal financial system. The findings suggest that criminals require bank accounts to integrate illegitimate funds into the legitimate economy.
The NRA also identifies Money Muling as a growing concern, where individuals allow miscreants to move illegal funds via their personal accounts. The increasing use of digital banking has also created new vulnerabilities for ML/TF activities, according to the NRA.
The NRA also pinpoints ML/TF risks associated with correspondent banking relationships, specifically where UK banks maintain accounts for foreign banks.
Credit Institutions are required under the AML Legal Framework for Credit Institutions in the UK to consider these findings of NRA when conducting their Firm-Wide Risk Assessment. These entities must implement appropriate policies, procedures and controls to mitigate the ML/TF risks emphasised in the National Risk Assessment.
Enhance Your AML Compliance Controls
Implement Well-Designed Policies, Procedures and Controls that Support Effective Compliance
FATF Recommendations Concerning Credit Institutions in the UK
The UK is a dedicated member of the Financial Action Task Force (FATF). By virtue of this, the Credit Institutions in the UK must follow the recommendations of FATF alongside the UK’s domestic legislation for the AML compliance program.
FATF Recommendations mandate Credit Institutions to implement the following measures to alleviate ML/TF/PF risks pertaining to their sector:
- Adherence to the UK’s national AML laws and regulations
- Assessment of an ML/TF/PF risk exposure of the business and adoption of a Risk-Based Approach
- Establishment of AML policies, controls and procedures
- Undertaking Customer Due Diligence
- Application of Targeted Financial Sanctions on designated persons in the UNSC Consolidated List and the UK’s national List
- Administering Enhanced Due Diligence on high-risk customers such as PEPs, clients from high-risk jurisdictions, etc.
- Reporting Suspicious Activities or Transactions to the authorities
- Maintaining Records of measures taken
The AML Legal Framework for Credit Institutions in the UK mandates them to comply with these measures.
Roadmap to Navigate this Guide
Follow the map to discover the sector-specific AML legal and compliance framework for Credit Institutions.
| Central Framework | Relevant Person | Supervisory Authority | Sector-Specific Legal Framework | Sector-Specific Compliance Requirements |
|---|---|---|---|---|
| AML/CFT/CPF Legal Framework in UK | Credit Institution | FCA | AML/CFT/CPF Legal Framework for Credit Institutions in the UK | AML/CFT/CPF Compliance Requirements for Credit Institutions in the UK |
How AML Consultants UK Supports Smooth Implementation of AML Legal Framework for Credit Institutions in the UK
Complying with the UK’s AML framework requires Credit Institutions to adopt an approach that translates into effective internal controls and practical implementation of obligatory measures.
AML Consultants UK assists Credit Institutions to conduct comprehensive ML/TF/PF Business-Risk Assessment, develop appropriate policies, procedures and controls that echo the stance of the UK’s AML legal framework.
Additionally, it provides services such as KYC Remediation and Customer Due Diligence and helps with filing Suspicious Activity Reports.
AML Consultants UK, equipped with a team of experts in the AML Compliance field, also offers extensive Training on the AML legal framework for Credit Institutions in the UK.
Develop AML Awareness Across Your Organisation
Provide Your Team with Practical Insights and Skills Needed to Support Day-to-Day AML Compliance
FAQs: AML Laws for Credit Institutions
What is the AML Legal Framework for Credit Institutions in the UK?
The Sanctions and Anti-Money Laundering Act, 2018, The Money Laundering, Terrorism Financing, Transfer of Funds (Information on the Payer) Regulations 2017, Proceeds of Crime, 2002 and several other acts together primarily form the AML Legal Framework for the Credit Institutions in the UK.
Which authorities supervise compliance with AML Legal Framework for Credit Institutions in the UK?
Compliance with AML Legal Framework for Credit Institutions in the UK is supervised by the Financial Conduct Authority (FCA).
Are UK Credit Institutions required to report suspicious activities related to Money Laundering?
Yes, UK credit institutions are required to report suspicious activity related to Money Laundering. MLR, 2017, lays down the compliance requirement for Suspicious Activity Disclosures, and POCA, 2002, mandates a legal obligation for Credit Institutions to report Suspicious Activities to the National Crime Agency (NCA) through their SAR Portal.
How does the AML Legal Framework for Credit Institutions in the UK address Terrorist Financing risks?
AML Legal Framework for Credit Institutions in the UK addresses Terrorist Financing risks through the MLR, 2017 and Terrorism Act, 2000. These acts lay down compliance requirements and legal obligations to mitigate the TF-related risks.