FCA Hits Barclays with Solid £42 Million Fine over Financial Crime Lapses

barclays fca penalty aml failure fincrime fine

This image is AI-generated.

Barclays has once again found itself at the center of a major financial crime compliance controversy after the UK Financial Conduct Authority (FCA) imposed a hefty £42 million penalty on its UK entities for fundamental lapses in anti-money laundering (AML) controls. The 2025 action, which follows a series of previous enforcement measures, targeted failures related to client onboarding, transaction monitoring, and risk management involving WealthTek and Stunt & Co. The FCA’s move highlights persistent risks in the UK banking sector and signals growing intolerance for compliance shortcomings among large financial institutions.

Barclays Bank UK PLC and Barclays Bank PLC were penalized for separate but related failings, both centered on their handling of client relationships with entities later linked to significant money laundering schemes. The FCA investigation demonstrated how insufficient due diligence and a lack of proactive monitoring enabled illicit financial activity to flow through the bank’s systems, ultimately facilitating large-scale criminal activity and causing financial harm to clients and the wider market. This case underscores the need for continuous improvement in AML programs and sets a new benchmark for regulatory expectations in the UK and beyond.

Barclays WealthTek Case: Missed Red Flags in Client Onboarding

Barclays Bank UK PLC’s relationship with WealthTek exposed serious weaknesses in the bank’s initial risk assessment and client onboarding processes. Despite WealthTek not being authorized by the FCA to hold client money, Barclays failed to perform basic verification checks that would have revealed the firm’s regulatory status and client money permissions. A simple review of the Financial Services Register, a core step under the FCA’s Senior Management Arrangements, Systems and Controls (SYSC) rules, would have highlighted the risks and potentially prevented the subsequent misappropriation of client funds.

Instead, the bank allowed WealthTek to open a client money account, which subsequently received £34 million in deposits. Without a proper understanding of WealthTek’s business model, and lacking robust source-of-funds verification, Barclays exposed itself to the risk of facilitating money laundering and the misuse of client assets. These gaps contravened the UK Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, particularly regarding customer due diligence and ongoing monitoring requirements.

The WealthTek matter escalated further when the FCA charged the firm’s principal partner with criminal offences, including money laundering and fraud, in late 2024. The scale of the exposure and the direct link to criminal investigations prompted Barclays to make a voluntary payment of £6.3 million to cover shortfalls suffered by affected clients. The FCA acknowledged Barclays’ extensive cooperation and willingness to remediate as factors leading to a reduction in the original fine, but the case remains a stark illustration of the consequences when banks bypass or inadequately implement AML controls.

Barclays, Stunt & Co, and Fowler Oldfield: Failure to Act on Known Risks

The second case involved Barclays Bank PLC’s relationship with Stunt & Co and the high-risk flows originating from Fowler Oldfield, a now-notorious UK-based money laundering operation. Despite substantial intelligence from law enforcement and clear signals from police raids on both Stunt & Co and Fowler Oldfield, Barclays did not take sufficient steps to understand the nature of its client’s activities or review ongoing account activity. Over just 13 months, Stunt & Co received £46.8 million from Fowler Oldfield, much of which authorities later determined was linked to criminal activity.

The FCA’s investigation found that Barclays failed to perform effective enhanced due diligence, as required by Regulation 33 of the UK Money Laundering Regulations, even after receiving direct warnings about Fowler Oldfield’s involvement in money laundering. The bank did not reassess its exposure or take remedial action until the FCA announced criminal proceedings against another institution, NatWest, for similar failures. This reactive rather than proactive approach meant Barclays played a role in facilitating the movement of illicit funds, despite the clear availability of risk information.

Notably, James Stunt, Director of Stunt & Co, was acquitted of money laundering charges related to the funds received from Fowler Oldfield, yet the directors of Fowler Oldfield were convicted and sentenced to lengthy prison terms. This case demonstrates the complexity of financial crime investigations and the difficulties banks face in tracing ultimate beneficial ownership and the true nature of complex transactions, especially where criminal networks employ layered structures to conceal illicit proceeds.

Regulatory Expectations, Previous Enforcement, and Barclays’ Ongoing Remediation

Barclays is no stranger to FCA enforcement for AML failings, having been fined for financial crime control breaches in both 2015 and 2022. The latest FCA Final Notices referenced prior failings and stressed that repeat shortcomings in client due diligence, transaction monitoring, and ongoing risk assessments would not be tolerated. The regulator continues to emphasize AML controls as a supervisory priority in its 2024–2025 retail banking strategy, warning that banks are expected to deploy robust systems and controls in line with SYSC requirements and the Joint Money Laundering Steering Group (JMLSG) guidance.

The 2025 penalties for Barclays were mitigated somewhat by the bank’s cooperation during the FCA’s three-month investigation and its voluntary payment to WealthTek clients. However, the regulator’s Final Notices make clear that prompt action, transparency, and substantive remediation efforts are now essential to limit both reputational and financial impact. Barclays has since embarked on a comprehensive overhaul of its AML control framework, including enhanced client onboarding procedures, new risk scoring tools, and updated transaction monitoring technologies. These measures are designed to close historic gaps and prevent future regulatory breaches, although the effectiveness of the remediation will only become clear through ongoing supervisory assessments.

The Wider Impact on UK AML Compliance and Financial Crime Risk

This case illustrates the persistent challenges banks face in balancing commercial opportunities with the requirement for rigorous financial crime controls. Both incidents at Barclays reveal how lapses in basic due diligence and failure to respond quickly to warning signs can create opportunities for criminal exploitation. The rapid movement of large sums through client accounts, especially where source-of-funds checks are weak or ongoing monitoring is not performed, continues to be a core vulnerability exploited by money launderers.

For the wider sector, the Barclays enforcement action underscores the FCA’s resolve to hold even the largest and most established banks to account for compliance failings. The size of the penalty, the speed of the investigation, and the detailed requirements set out in the Final Notices send a clear message that regulatory expectations are only rising. Banks and other regulated firms must ensure their AML programs are not only compliant on paper but genuinely effective in practice. This requires continuous investment in training, technology, and oversight, as well as a culture of escalation and transparency when risks are detected.

Furthermore, as the regulatory environment evolves in response to new typologies and emerging risks, institutions are expected to align quickly with updated guidance and legal requirements. The upcoming Economic Crime and Corporate Transparency Act, together with increased cross-agency collaboration between the FCA, National Crime Agency, and HM Treasury, will likely drive even more rigorous supervision and enforcement in the coming years. The Barclays case is likely to be studied widely as an example of both failings and the pathway to remediation.

Conclusion: Lessons for Financial Crime Risk Management

The 2025 FCA penalty against Barclays highlights the critical need for continuous vigilance, robust processes, and a strong culture of compliance in financial institutions of all sizes. Key lessons for the sector include the importance of verifying client credentials, conducting ongoing monitoring, responding rapidly to risk information, and maintaining open lines of communication with regulators. Voluntary cooperation and swift remediation may help mitigate penalties, but cannot substitute for strong controls at the outset.

As regulatory scrutiny intensifies, banks must treat financial crime risk management as an enterprise-wide priority, supported by investments in technology, skilled personnel, and clear governance structures. The consequences of failing to do so are now clear: not only significant financial penalties, but also reputational damage and ongoing supervisory attention. Barclays’ experience should serve as a wake-up call to the industry—complacency in AML compliance carries a high price.

Source: FCA

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand with us or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.