In 2025, the UK’s Financial Conduct Authority (FCA) sent a clear and unmistakable message to regulated firms. Weaknesses in systems and controls, particularly those linked to financial crime and anti money laundering (AML), continue to attract serious regulatory consequences. By the end of the year, total FCA fines surpassed £124 million, with many of the most significant penalties tied directly to AML failures. Below, we examine the largest FCA fines of 2025, highlight the compliance gaps behind them, and explain what they reveal about the regulator’s expectations going forward.
The Largest FCA Fines of 2025
Barclays Bank plc (£39.3 million)
One of the most high profile penalties of the year was imposed on Barclays Bank plc. The FCA found that the bank failed to adequately identify, assess, and manage money laundering risks connected to a long standing corporate banking relationship. These weaknesses persisted over several years and pointed to fundamental shortcomings in risk assessment and ongoing monitoring. Compliance lesson: AML risk assessments must be continuously refreshed and supported by effective transaction monitoring. Static controls quickly become regulatory liabilities.Nationwide Building Society (£44.1 million)
The largest fine issued in 2025 was levied against Nationwide Building Society for breaches of Principle 3 relating to systems and controls. The FCA cited failures in governance and oversight, reinforcing that strong leadership and accountability are essential components of effective AML programs. Compliance lesson: Governance failures can be just as damaging as technical system gaps. Regulators expect senior management to actively oversee AML frameworks.Monzo Bank Limited (£21.1 million)
Digital challenger Monzo Bank Limited was fined following rapid customer growth that outpaced the maturity of its controls. The FCA emphasized that innovation and expansion do not reduce regulatory expectations, particularly where onboarding and monitoring volumes increase significantly. Compliance lesson: Growth amplifies financial crime risk. Transaction monitoring and customer due diligence must scale alongside business expansion.London Metal Exchange (£9.2 million)
The FCA also fined the London Metal Exchange for breaches related to market conduct and control frameworks. While not a traditional retail banking case, it highlights how broadly the FCA applies its financial crime expectations. Compliance lesson: AML and financial crime controls are not limited to banks. Market operators and non bank financial institutions face the same scrutiny.Barclays Bank UK plc (£3.1 million)
In a separate enforcement action, Barclays Bank UK plc was penalized for failures in account opening controls for client money accounts. Weak onboarding processes once again proved to be a recurring regulatory concern. Compliance lesson: Poor KYC and onboarding controls often lead to wider monitoring and reporting failures later in the customer lifecycle.What the FCA Is Targeting in 2025
Across these enforcement actions, several common themes emerge:- Inadequate transaction monitoring that failed to identify suspicious behavior
- Weak governance and oversight of AML frameworks
- Outdated customer risk assessments
- Deficiencies in regulatory reporting, including accuracy and timeliness
- Heavy reliance on manual processes that increased the risk of error
