CFOtech UK - Technology news for CFOs & financial decision-makers
United Kingdom
International Women’s Day
392 opinions Read now

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
health technologies

Search

Uk bank night office compliance chaos money laundering risk
#
Data Protection
#
Fintech
#
MarTech

Poor data drives FCA AML fines totalling GBP £430m

Fri, 30th Jan 2026
Author image
By Catherine Knowles, News Editor

Data weaknesses contributed to more than two-thirds of UK anti-money laundering fines issued by the Financial Conduct Authority between 2020 and 2025, according to analysis by company data provider Kyckr.

Kyckr reviewed 22 FCA Final Notices over the period and found data deficiencies featured in 68% of enforcement cases for AML non-compliance. The penalties covered by those notices totalled more than £430 million.

The analysis points to recurring problems in how firms collect, maintain and validate customer and company information. It also indicates a regulatory focus on whether institutions keep customer information current in day-to-day operations, rather than only relying on formal policies.

Four failure areas

Kyckr grouped the data weaknesses it identified into four categories, each linked with a share of fines in the reviewed notices.

The most common category was outdated and missing information. Kyckr said this featured in 45% of fines. It included reliance on outdated Politically Exposed Persons and investor lists. It also included cases where firms did not collect sufficient information on customers to contextualise transactions.

A second category related to failures to identify ultimate beneficial owners. Kyckr said this contributed to 32% of fines. It described situations where firms did not know who ultimately controls an entity. It also described gaps in ownership mapping.

A third category involved weak verification of wealth and funds. Kyckr said this contributed to 32% of fines. It described cases where firms did not know how much money a business had at its disposal. It linked that to an inability to contextualise customer transactions.

The fourth category involved discrepancies between customer declarations and public records. Kyckr said this contributed to 18% of fines. It described failures to detect mismatches between what a customer declared and what public records showed.

Operational emphasis

The company said the findings reflected a shift in what supervisors and enforcement teams look for during investigations.

Kyckr said enforcement action now focuses on whether institutions can obtain, verify and continuously update accurate information in practice. It contrasted that with an approach based on policies and procedures that exist on paper.

The review covered FCA Final Notices, which set out the regulator's findings and the reasons for penalties. Final Notices typically describe the control failures that led to breaches. They can include issues in customer due diligence, risk assessment, monitoring and record keeping.

Vendor view

Kyckr sells access to company registry data and services built around it. It said financial institutions often rely on fragmented processes for collecting and refreshing information.

"The problem firms face is that they are relying on outdated or incomplete data retrieved from siloed workflows. If poor data quality is a major contributor to AML fines, the solution isn't more staff or bigger frameworks: it's direct and ongoing access to authoritative company data," said Steve Lamb, Chief Executive Officer, Kyckr.

Lamb also pointed to the importance of demonstrating that data checks happen on an ongoing basis.

"These findings show that policy alone isn't enough and that data quality now plays a significant role in AML effectiveness. Financial institutions must be able to prove that their customer information is both accurate and verified in real time. Kyckr helps firms close this data blind spot by connecting directly to authoritative company registries, giving compliance teams instant, audit-ready access to verified information from over 300 global sources," said Lamb.

Method and scope

Kyckr said it assessed 22 Final Notices issued by the FCA over the five-year period and identified issues that it categorised as stemming directly from insufficient data and information. The firm linked those issues to the four categories described in its report.

Kyckr described itself as an information services company that aggregates and structures company data from primary sources. It said it draws verified information from more than 300 global sources, including company registries.

Financial institutions have increased spending on AML controls in recent years as enforcement and supervisory scrutiny have remained high. Firms have also faced pressure to demonstrate robust processes for identifying beneficial ownership and for updating customer risk profiles over time.

The company said the reviewed cases show that institutions face penalties when information gaps affect the quality of customer due diligence and the ability to assess and monitor risks.

Related stories
saas.group tops USD $100m ARR as AI drives next phase
UK unveils TechFirst push to boost women in digital jobs
Iranian cyber shift raises risk to Western infrastructure
AI agents tipped to reshape enterprise eCommerce by 2027
Sage expands AccountsPrep to help firms scale for MTD

Top stories

AI-fuelled crime drives illicit funds to $4.4 trillion
Cryptio raises USD $45m to scale digital asset ERP tools
Modern Treasury joins Mastercard crypto partner push
Deep Green opens rapid AI-ready colocation in Manchester
Experian launches postcode credit score app in ChatGPT