Meet anti-money laundering requirements
- 21 steps
UK Statutory Instrument
2017
United Kingdom
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017
At a glance
Enforced by
HMRC, FCA, SRA, LSB, Home Office
What's here
105 compliance obligations, 16 practical guides across 4 topics · 9 journeys
Penalty landscape
17 of 105 obligations carry an unlimited fine. 16 carry different penalties and 72 have no criminal penalty — flagged in the list below.
Who this Act binds
Business-side actors with duties under this Act, ranked by how often they appear.
- Any Person 34
- Trader 24
- Responsible Person 11
- Director or Officer 5
- Trustee 3
- Employer 1
- Operator 1
Plus 26 non-business duties on Crown ministers, regulators, local authorities or tribunals — shown collapsed under each section below.
Step-by-step journeys using this legislation
Walkthroughs that take you from a real business situation to compliance.
Manage your export compliance
- 4 steps
Export controlled goods and dual-use items
- 3 steps
Start a financial services business
- 2 steps
Start a fintech business
- 1 step
Ongoing compliance for law firms
- 3 steps
Relevant guidance
Practical guides for businesses affected by this Act, ordered by how closely they engage with it.
Direct — cites this Act
7 guidesAnti-money laundering (AML) compliance
Anti-money laundering compliance for law firms
Cryptoasset Business Regulation
Legal professional privilege and SAR reporting: when the exemption applies
Managing export business risk and corruption
Set up a property letting business
UK sanctions compliance for businesses
Supporting — topic alignment
7 guidesAnnual compliance checklist for law firms
Gambling and betting compliance checklist
Meet your gambling licensing and regulatory duties
Register a money service business or crypto-asset business for AML supervision
Run an accountancy, audit or insolvency practice
Run an estate agency: rules for selling property
Mentioned in related content
2 guidesOther Acts binding the same actors
For each actor bound by this Act, the other UK Acts that bind them most often. Useful for understanding the full compliance landscape facing each role.
Any Person also bound by 749 other Acts (top 5 shown)
- Human Medicines Regulations 2012 2012 110 duties
- Licensing Act 2003 2003 105 duties
- Merchant Shipping Act 1995 1995 97 duties
- Road Traffic Act 1988 1988 95 duties
- Air Navigation Order 2016 2016 86 duties
Traders also bound by 219 other Acts (top 5 shown)
- Value Added Tax Regulations 1995 1995 952 duties
- TULRCA 1992 1992 39 duties
- Companies Act 2006 2006 39 duties
- Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 2013 39 duties
- The Customs (Import Duty) (EU Exit) Regulations 2018 2018 33 duties
Responsible Persons also bound by 56 other Acts (top 5 shown)
- MH(CT)(S)A 2003 2003 45 duties
- Climate Change Levy (General) Regulations 2001 2001 24 duties
- Regulatory Reform (Fire Safety) Order 2005 (England/Wales comparison) 2005 22 duties
- The Offshore Installations (Prevention of Fire and Explosion, and Emergency Response) Regulations 1995 1995 21 duties
- The Offshore Installations and Pipeline Works (Management and Administration) Regulations 1995 1995 16 duties
Directors and Officers also bound by 224 other Acts (top 5 shown)
- Insolvency (England and Wales) Rules 2016 2016 75 duties
- Companies Act 2006 2006 63 duties
- Insolvency Act 1986 1986 46 duties
- CCBSA 2014 2014 22 duties
- CAICEA 2004 2004 18 duties
Trustees also bound by 8 other Acts (top 5 shown)
- Charities Act 2011 2011 25 duties
- Insolvency (England and Wales) Rules 2016 2016 11 duties
- Charities (Accounts and Reports) Regulations 2008 2008 10 duties
- Insolvency Act 1986 1986 5 duties
- Inheritance Tax Act 1984 1984 1 duty
Employers also bound by 171 other Acts (top 5 shown)
- Provision and Use of Work Equipment Regulations 1998 1998 204 duties
- The Income Tax (Pay As You Earn) Regulations 2003 2003 201 duties
- Electricity at Work Regulations 1989 1989 55 duties
- Fire Safety (Scotland) Regulations 2006 2006 51 duties
- TULRCA 1992 1992 47 duties
Operators also bound by 125 other Acts (top 5 shown)
- Space Industry Regulations 2021 2021 71 duties
- Payment Services Regulations 2017 2017 41 duties
- Air Navigation Order 2016 2016 34 duties
- The Quarries Regulations 1999 1999 31 duties
- Reservoirs Act (Northern Ireland) 2015 2015 22 duties
What this Act requires
Sections that create concrete duties on businesses or carry penalties. Procedural and definitional sections are folded into the “Browse other sections” expander at the bottom of each group. Click any section title to read the source text on legislation.gov.uk.
Part 1 — Introduction
Supervisory authorities
- Identify which regulator supervises your anti-money laundering compliance Responsible Person
Browse 6 other sections in this Part — procedural / definitional / commencement
Part 2 — Money Laundering and Terrorist Financing
Risk assessment by the Treasury and Home Office
Other duties (1) — Crown / regulator
- HM Treasury and Home Office must conduct and publish UK money laundering risk assessments Crown / Minister / Government department
Risk assessment by supervisory authorities
Other duties (1) — Crown / regulator
- Supervisors must assess sector risks and provide guidance to businesses Statutory regulator
Risk assessment by relevant persons
Unlimited fine- Assess your business risks for money laundering and terrorist financing Responsible Person
- Carry out and record a money‑laundering risk assessment Any Person
Policies, controls and procedures
Unlimited fine- Establish and maintain anti-money laundering policies and procedures Responsible Person
- Establish, maintain and update AML policies, controls and procedures Trader
Policies, controls and procedures: group level
- Establish and maintain anti-money laundering procedures across your group Director or Officer
- Implement and maintain AML policies across the whole group Director or Officer
Internal controls
- Set up internal anti-money laundering controls and appointments Responsible Person
Training
- Train relevant staff and agents on anti-money laundering requirements Responsible Person
Supervisory action
- Follow FCA supervisory directions Employer
Other duties (1) — Crown / regulator
- Supervisors must review and may restrict high-risk overseas operations Statutory regulator
Prohibitions and approvals
2 years imprisonment- Act as manager/officer or be beneficial owner without regulator approval Any Person
- Operating a regulated business without proper management approval Any Person
Policies, controls and procedures in relation to proliferation financing
Unlimited fine- Establish and maintain proliferation financing policies and controls Responsible Person
- Maintain policies and controls to prevent proliferation financing Trader
Risk assessment by relevant persons in relation to proliferation financing
Unlimited fine- Assess and record proliferation financing risks Any Person
- Assess your business risk for proliferation financing Responsible Person
Risk assessment by the Treasury
Other duties (1) — Crown / regulator
- The Treasury must assess risks related to weapons of mass destruction financing Crown / Minister / Government department
Browse 11 other sections in this Part — procedural / definitional / commencement
Application
Carrying on business in the United Kingdom
Credit institutions and financial institutions
Auditors and others
Independent legal professionals and trust or company service providers
Estate agents and letting agents
High value dealers, casinos, auction platforms and art market participants
Exclusions
Central contact points: electronic money issuers and payment service providers
Requirement on authorised person to inform the FCA
Cryptoasset exchange providers and custodian wallet providers
Part 3 — Customer Due Diligence
Timing of verification
- Verify customer and beneficial‑owner identity before doing business Any Person
- Verify customer identity before starting a business relationship Responsible Person
Enhanced customer due diligence: credit institutions, financial institutions and correspondent relationships
- Perform enhanced due diligence on overseas banking partners Any Person
- Apply enhanced due diligence to third‑country correspondent relationships and avoid shell banks Trader
Application of simplified customer due diligence
Unlimited fine- Assess and apply simplified customer due diligence for low-risk clients Responsible Person
- Apply simplified due diligence only where risk is low Any Person
Requirement to report discrepancies in registers
Unlimited fine- Check ownership registers and report discrepancies Responsible Person
- Report material discrepancies in beneficial‑ownership registers Any Person
Browse 9 other sections in this Part — procedural / definitional / commencement
Customer due diligence
Customer due diligence measures
Additional customer due diligence measures: credit institutions and financial institutions
Requirement to cease transactions etc
Exception for trustees of debt issues
Obligation to apply enhanced customer due diligence
Enhanced customer due diligence: politically exposed persons
Politically exposed persons: other duties
Electronic money
Part 4 — Reliance and Record-keeping
Data Protection
- Provide data‑protection statement to new customers Any Person
- Limit use of anti-money laundering data and notify customers Responsible Person
Browse 2 other sections in this Part — procedural / definitional / commencement
Reliance
Record-keeping
Part 5 — Beneficial Ownership Information
Corporate bodies: obligations
- Provide corporate and ownership information to business partners or authorities Any Person
Trustee obligations
- Maintain and disclose trust beneficial ownership records Trustee
- Maintain and provide records of trust beneficial owners Any Person
Register of beneficial ownership
Unlimited fine- Register your trust and its beneficial owners with HMRC Trustee
- Provide and keep up‑to‑date information on taxable trusts to HMRC Any Person
Access to information on the register
Other duties (1) — Crown / regulator
- HMRC must provide trust register information to persons with a legitimate interest Statutory regulator
Register of beneficial ownership: additional types of trust
- Register non-taxable express trusts with HMRC Trustee
Browse 1 other section in this Part — procedural / definitional / commencement
Application of this Part
Part 5A — Requests for information about accounts and safe-deposit boxes
Duty to establish mechanism for requests
Unlimited fine- Cryptoasset businesses must set up a system for information requests Trader
- Set up a system to handle information requests Trader
Duty to respond to requests for information
Unlimited fine- Provide information to regulator when requested Any Person
- Respond to information requests from cryptoasset regulators Trader
Browse 5 other sections in this Part — procedural / definitional / commencement
Access to requests and responses, guidance and review
Record keeping
Requests for information about accounts
Requests for information about safe-deposit boxes
Requirements for making a request for information
Part 6 — Money Laundering and Terrorist Financing: Supervision and Registration
Duties of supervisory authorities
Other duties (1) — Crown / regulator
- Supervisory authorities must monitor and enforce anti-money laundering rules Statutory regulator
Duties of supervisory authorities: information
Other duties (1) — Crown / regulator
- Supervisors must provide up-to-date money laundering risk information Statutory regulator
Duties of the FCA: guidance on politically exposed persons
Other duties (1) — Crown / regulator
- FCA must provide detailed guidance on Politically Exposed Persons (PEPs) Statutory regulator
Duties of self-regulatory organisations
Unlimited fine- Put in place governance and resources for AML supervisory duties Any Person
Other duties (1) — Crown / regulator
- Self-regulatory bodies must ensure independent and effective anti-money laundering supervision Statutory regulator
Duty to co-operate
Other duties (1) — Crown / regulator
- Supervisory authorities must co-operate and share information Statutory regulator
Regulatory information
Other duties (1) — Crown / regulator
- Supervisory authorities must collect and share regulatory information Statutory regulator
Duty to maintain registers of certain relevant persons
Other duties (1) — Crown / regulator
- FCA and HMRC must maintain registers of money laundering regulated businesses Statutory regulator
Power to maintain registers
Other duties (1) — Crown / regulator
- FCA and HMRC may maintain registers of certain financial and business types Statutory regulator
Applications for registration in a register maintained under regulation 54 or 55
- Register your business and keep registration details up to date Any Person
Cancellation and suspension of registration in a register under regulation 54 or 55
Other duties (1) — Crown / regulator
- Regulators may suspend or cancel your money laundering registration Statutory regulator
Annual reports by self-regulatory organisations
- Publish an annual AML report Any Person
Other duties (1) — Crown / regulator
- Self-regulatory organisations must publish annual anti-money laundering reports Statutory regulator
Disclosure by cryptoasset businesses
- Inform customers about lack of regulatory protection Trader
- Inform customers when activity is not covered by FOS or FSCS Trader
Obligation of confidentiality: offence
2 years imprisonment- Disclose confidential AML information Any Person
- Unlawfully disclose confidential anti-money laundering information Any Person
Browse 9 other sections in this Part — procedural / definitional / commencement
Disclosure by supervisory authorities and other relevant authorities
Interpretation
Requirement to be registered
Fit and proper test
Determination of applications for registration under regulations 54 and 55
Changes in control of registered cryptoasset businesses
Fit and proper test: cryptoasset businesses
Obligation of confidentiality
Transitional provision for existing cryptoasset businesses: requirement to register
Part 7 — Transfer of Funds (Information on the Payer) Regulations
Duties of transfer of funds supervisory authorities
Other duties (1) — Crown / regulator
- Supervisory authorities must monitor and enforce payment service compliance Statutory regulator
Obligations of payment service providers
Unlimited fine- Be able to respond quickly to authorised law‑enforcement enquiries Trader
- Respond to law enforcement enquiries about fund transfers Operator
Browse 2 other sections in this Part — procedural / definitional / commencement
Part 7A — Cryptoasset Transfers
Information accompanying an inter-cryptoasset business transfer
- Include and verify required information for cryptoasset transfers Trader
Missing information: intermediaries
Unlimited fine- Check and obtain required information before transferring cryptoassets Trader
- Verify cryptoasset transfer information as an intermediary Trader
Missing or non-corresponding information: the cryptoasset business of a beneficiary
- Verify cryptoasset transfer information and manage discrepancies Trader
- Verify and manage information for incoming cryptoasset transfers Trader
Provision of information
Unlimited fine- Provide requested information to law enforcement promptly Trader
- Respond to law enforcement requests for cryptoasset information Trader
Requesting information: unhosted wallet transfers and cryptoasset businesses
Unlimited fine- Request AML information for unhosted wallet transfers Trader
- Assess risks and restrict unhosted wallet transfers Trader
Retention of information with an inter-cryptoasset business transfer: intermediaries
Unlimited fine- Pass on information during cryptoasset transfers Trader
- Ensure required information travels with cryptoasset transfers Trader
Browse 2 other sections in this Part — procedural / definitional / commencement
Application of this Part
Interpretation
Part 8 — Information, Investigation and Directions
Retention of documents taken under regulation 66 or 70
- Cooperate with the retention of records seized during inspections Any Person
Directions: cryptoasset businesses
- Comply with FCA directions and respond to notices Trader
Other duties (1) — Crown / regulator
- FCA may issue specific directions to cryptoasset businesses Statutory regulator
Report by a skilled person: cryptoasset businesses
Unlimited fine- Appoint a skilled person and cooperate with FCA report request Trader
Other duties (1) — Crown / regulator
- FCA may require a skilled person's report on your cryptoasset business Statutory regulator
Reporting requirements: cryptoasset businesses
- Provide information to the FCA on request Trader
- Provide information to the FCA when requested Trader
Browse 9 other sections in this Part — procedural / definitional / commencement
Interpretation
Power to require information
Requests in support of other authorities
Requests to other authorities
Entry, inspection of premises without a warrant etc
Entry of premises under warrant
Provision of information and warrants: safeguards
Admissibility of statements
Powers of relevant officers
Part 9 — Enforcement
Power to impose civil penalties: fines and statements
Unlimited fine- Breach of money laundering and terrorist financing regulations Director or Officer
Power to impose civil penalties: suspension and removal of authorisation
- Serious or systematic failure to provide fund transfer information Any Person
Power to impose civil penalties: prohibitions on management
- Employing an individual banned from management roles Any Person
The Commissioners: disciplinary measures (procedure)
Other duties (1) — Crown / regulator
- HMRC must follow specific procedures when imposing money laundering sanctions Statutory regulator
Publication: the FCA
- Keep FCA warning notices confidential Any Person
Other duties (1) — Crown / regulator
- FCA must publish details of money laundering decision and final notices Statutory regulator
Publication: the Commissioners
Other duties (1) — Crown / regulator
- HMRC must publish details of money laundering sanctions and breaches Statutory regulator
Criminal offence
2 years imprisonment- Breach of money laundering or terrorist financing requirements Any Person
- Fail to comply with money‑laundering requirements Any Person
Offences of prejudicing investigations
2 years imprisonment- Interfering with money laundering investigations Any Person
- Prejudice a money‑laundering investigation Any Person
Information offences
2 years imprisonment- Provide false information or disclose restricted info to regulators Any Person
- Provide false or misleading information or unlawful disclosure Any Person
Offence by bodies corporate, partnership or unincorporated association
2 years imprisonment- Officer liable for corporate money‑laundering offence Director or Officer
- Personal liability for officers behind company money laundering offences Director or Officer
Browse 8 other sections in this Part — procedural / definitional / commencement
Part 10 — Appeals
Review by the Commissioners
- Notify the Commissioners within 30 days if you want a review Any Person
Other duties (1) — Crown / regulator
- HMRC must review a decision if you accept their offer of a review Statutory regulator
Review out of time
- Request a review out of time Any Person
Other duties (1) — Crown / regulator
- HMRC must review a decision if a late request has a reasonable excuse Statutory regulator
Nature of review etc
Other duties (1) — Crown / regulator
- HMRC must conduct and notify the outcome of a manual review Statutory regulator
Appeals against decisions of the Commissioners: procedure
- Appeal a Commissioner decision within the prescribed time Any Person
Browse 4 other sections in this Part — procedural / definitional / commencement
Part 11 — Miscellaneous Provisions
Costs of supervision
- Pay FCA supervision charges when imposed Any Person
Other duties (1) — Crown / regulator
- FCA and HMRC may charge fees for anti-money laundering supervision Statutory regulator
Suspicious activity disclosures
Other duties (1) — Crown / regulator
- NCA must provide annual feedback on suspicious activity reports Statutory regulator
Browse 9 other sections in this Part — procedural / definitional / commencement
Recovery of charges and penalties through the court
Obligations on public authorities
Disclosure by the Commissioners
General restrictions
Transfers between the United Kingdom and the Channel Islands and the Isle of Man
Review
Consequential amendments
Revocation and saving provisions
The United Kingdom’s financial intelligence unit
Schedules
Relevant Offences
2 years imprisonment- Make a false statement under oath (perjury) Any Person
Changes in Control of Registered Cryptoasset Businesses
2 years imprisonment- Fail to notify FCA of acquisition or increase in control of a cryptoasset business Any Person
Browse 10 other Schedules — structural / supplementary
Professional Bodies
Listed Activities
Excluded Trusts
Material Discrepancies
High-Risk Third Countries
Supervisory Information
Connected Persons
Meaning of “relevant requirement”
The United Kingdom’s Financial Intelligence Unit
Consequential Amendments
Official guidance
Authoritative sources published by regulators or government explaining this legislation.
- HMRC: gambling duties (opens in a new tab) Detailed Guidance
- Gambling Commission: LCCP (opens in a new tab) Detailed Guidance
- Gambling Commission: getting a licence (opens in a new tab) Detailed Guidance
- FCA - Cryptoassets AML / CTF regime (opens in a new tab) from FCA Detailed Guidance
- HMRC - Money laundering supervision for money service businesses (opens in a new tab) Detailed Guidance
- Continuing competence (opens in a new tab) Detailed Guidance
- SRA Indemnity Insurance Rules 2019 (opens in a new tab) Detailed Guidance
- SRA Transparency Rules 2019 (opens in a new tab) Detailed Guidance
- SRA Accounts Rules 2019 (full text) (opens in a new tab) Detailed Guidance
- mySRA portal (opens in a new tab) Detailed Guidance
- ... and 11 more
Enforcement and responsible bodies
The regulators that administer or enforce this legislation.
HMRC
PrimaryHM Revenue & Customs
Tax collection, customs duties, national insurance, tax credits, and enforcement of the National Minimum Wage. Regulates all UK businesses for tax compliance …
Financial Conduct Authority
Regulation of financial services firms and markets. Supervises banks, insurers, investment firms, payment services, and cryptoasset businesses. Issues authorisations and enforces conduct …
Solicitors Regulation Authority
Regulates solicitors and law firms in England and Wales. Sets standards, authorises firms, investigates misconduct, and can impose sanctions including fines and …
Legal Services Board
Oversight regulator for legal services in England and Wales. Supervises approved regulators including SRA, Bar Standards Board, and CILEx. Ensures regulation serves …
Government department responsible for immigration, security, and law and order. Administers UK Visas and Immigration (UKVI), issues sponsor licences for employers hiring …
Explore more
Browse legislation
Find other UK business legislation with related guidance.
Regulators
Learn more about the bodies that enforce this legislation.