Money Laundering Amendment Regulations 2026 - AML Framework Overhauled
HM Treasury laid the Money Laundering and Terrorist Financing (Amendment) Regulations 2026 before Parliament on 25 March 2026. The draft SI implements HMT's response to its 2024 consultation on improving the effectiveness of the Money Laundering Regulations 2017 (MLRs), introducing targeted changes to customer due diligence, enhanced due diligence, information sharing, obligations for crypto asset firms, and trust registration requirements. Most provisions are expected to come into force in May–June 2026.
Context:
Laid before Parliament on 25 March 2026, the Money Laundering and Terrorist Financing (Amendment) Regulations 2026 represent the most significant amendment to the UK's AML framework in nearly a decade. The instrument implements HMT's response to its 2024 consultation on improving the effectiveness of the MLRs 2017, building on a 2022 review that identified weaknesses in both the substance and supervision of the UK's regime. Unlike the EU's simultaneous AML package (MLD VI and the new AML Regulation), the UK's approach is broadly deregulatory, it seeks to sharpen the risk-based approach, reduce over-compliance burden, and close specific loopholes rather than introduce sweeping new prescriptive requirements.
The regulations are subject to the draft affirmative parliamentary procedure, meaning they must be approved by both Houses before being made. Assuming parliamentary approval proceeds on schedule, most provisions are expected to come into force approximately 21 days after being made, pointing to an implementation window of May–June 2026. Provisions specifically relating to crypto-asset firms will follow a separate timeline, aligning with the commencement of the FSMA crypto-asset regulatory perimeter in October 2027.
For financial services firms, the key changes operate across five dimensions: (1) refined CDD and EDD thresholds and processes; (2) strengthened information sharing between AML supervisors, including with Companies House and the Financial Regulators Complaints Commissioner; (3) updated obligations for crypto-asset firms; (4) expanded Trust Registration Service scope with targeted low-risk exemptions; and (5) miscellaneous clarifications including the conversion of euro-denominated thresholds to sterling and the exclusion of reinsurance from the definition of 'insurance undertaking' for AML purposes.
Rules and Guidelines:
Customer due diligence (CDD): refined thresholds and processes, including clearer definitions of 'unusually complex or unusually large' transactions; updated requirements for high-risk jurisdictions and pooled client accounts
Enhanced due diligence (EDD): updated requirements for additional due diligence on unusual transactions and high-risk situations, including onboarding customers following a bank insolvency
Cryptoasset firms: strengthened AML obligations, including change-in-control provisions; alignment with the forthcoming FSMA cryptoasset perimeter (commencement from October 2027 for crypto-specific provisions)
Information sharing: Companies House added to the AML supervisor cooperation obligation; the Financial Regulators Complaints Commissioner becomes eligible for information sharing; FCA's powers to share information in its cryptoasset supervision function expanded
Trust Registration Service (TRS): scope of trusts required to register is expanded; targeted exclusions introduced for low-risk, low-value trusts and trusts relating to estate administration
Euro-to-sterling conversion: euro-denominated monetary thresholds in the MLRs are converted to sterling, removing ongoing currency ambiguity for UK firms
Insurance: definition of 'insurance undertaking' clarified to exclude reinsurance contracts, confirming AML obligations apply only to direct insurance providers
Off-the-shelf company formation: the sale of pre-formed 'shelf companies' is brought within trust and company service provider (TCSP) AML obligations
Businesses Affected:
All MLR-regulated firms, including banks, building societies, credit institutions, payment service providers, e-money institutions, investment firms, asset managers, insurance companies, and lawyers
Cryptoasset firms registered with the FCA for AML purposes are facing strengthened obligations and change-in-control requirements ahead of full FSMA authorisation from October 2027
Compliance and MLRO (Money Laundering Reporting Officer) teams who must update firm-wide AML policies, procedures, and training materials
Banks and wealth managers with pooled client accounts. New CDD guidance for these structures requires review
Insurance companies (direct insurers only) and reinsurers are now expressly excluded from MLR AML obligations
Trust and company service providers (TCSPs), off-the-shelf company formation is now explicitly in scope; trust registration obligations expand
Private client banks and wealth managers with trust structures in the scope of TRS, new registration requirements apply with targeted low-risk exemptions
Next Steps:
MLROs and compliance teams should carry out a line-by-line review of the draft regulations against their current AML policies and procedures to identify all required updates
Complete policy and procedure updates before the expected May–June 2026 implementation date
Update CDD and EDD process documentation, particularly for pooled client accounts, high-risk jurisdiction processes, and unusual transaction assessment criteria
Legal and compliance teams should review trust structures held by clients against the new Trust Registration Service scope and identify any newly in-scope trusts requiring registration
Cryptoasset compliance teams should review the new MLR obligations now, but note that the most significant crypto-specific provisions commence with the FSMA perimeter in October 2027
Insurance teams should document the reinsurance exclusion to ensure clarity in scope definitions and supervisory submissions
Brief boards and risk committees on the regulatory timeline and key compliance obligations, the AML change is systemic and will require MLRO sign-off on updated policies
Source | HM Treasury, Draft Statutory Instrument
