Examples of Regulatory Fines
At VigilantCDD, we believe that successful compliance and GRC rely on a blend of strong systems, skilled professionals, and clearly defined policies and procedures to manage customer onboarding and ongoing monitoring effectively.
VigilantCDD Concierge deliver a comprehensive range of services on a variety of topics including:
- AML
- CDD
- KYC Screening and monitoring
- Biometric Identity verification (worldwide)
- Risk Management
- Internet Investigations
- Enhanced Due Diligence
Monetary penalties for financial sanctions breaches The Policing and Crime Act 2017 (the “2017 Act’) contains powers for HM Treasury to impose monetary penalties for breaches of financial sanctions. The Sanctions and Anti-Money Laundering Act (2018) (“SAMLA”) amended the 2017 Act. Those amendments ensured the majority of provisions in regulations made under SAMLA fall within the 2017 Act definition of ‘Financial sanctions legislation’, which in turn ensures that where there has been a breach of those provisions a monetary penalty under the 2017 Act can be applied.
Organisations face increased pressure to comply with myriad regulatory requirements. Managing compliance internally is challenging enough, but how do you meet the demands of global compliance when it comes to engaging with third parties? Tracking this much data manually is time-consuming—and you risk missing important information. Without a doubt, technology has made it easier than ever to conduct business globally. But it’s not enough just to have a process – it is important to make sure adequate internal controls and monitoring systems are also in place to prevent and report any suspicious activity.
The FCA engages with the Serious Fraud Office, the National Crime Agency, the City of London Police, and other enforcement agencies to take action against firms that commit financial crime. With the Fifth Money Laundering Directive, https://www.gov.uk/government/consultations/transposition-of-the-fifth-money-laundering-directive now in effect, conducting PEP checks has been extended to include not just international but also domestic PEPs.
Alongside tougher criminal sanctions targeted at corporate and senior management misconduct, it seems that there will be an increase in criminal prosecutions within the financial services industry. Given the FCA’s track record, this could mean more fines for lax controls in management. They will continue to take action against firms that fail to implement the necessary systems and controls to prevent financial crime, but hold senior management to account for failure to prevent it. Firms should act now to analyse any gaps in compliance and take appropriate corrective action
AML Fines of 2025
Barclays £42 million
The FCA has fined Barclays Bank UK PLC and Barclays Bank PLC a total of £42 million for separate instances of failings in its financial crime risk management.
Monzo £21m
https://www.fca.org.uk/news/press-releases/fca-fines-monzo-21m-failings-financial-crime-controls
The FCA has fined Monzo Bank Ltd £21,091,300 for its inadequate anti-financial crime systems and controls between October 2018 and August 2020.
Celton Manx £5.6m discounted by 30% £3.9m
https://www.isleofmangsc.com/gambling/enforcement/public-statements/
Celton Manx, which operates international online sports bookmaker SBOBet, last month surrendered the licence it had held with the Gambling Supervision Commission (GSC) since August 2008.
At the time, the GSC said a licence holder may surrender their licence for various reasons, and it was unable to discuss individual circumstances.
However, the regulator has now issued a public statement stating that Celton Manx has been ordered to pay a discretionary civil penalty of £5,625,000, discounted by 30% to £3,937,500 due to its early cooperation with the investigation.
The fine follows a regulatory inspection, which identified a significant number of contraventions of the Gambling (Anti-Money Laundering and Countering the Financing of Terrorism) Code.
These included a failure to carry out an assessment of risk posed by a customer or conduct enhanced due diligence despite the clients being identified as posing a higher risk of money laundering and/or terrorist financing.
Celton Manx did not establish, record, maintain, or operate sufficient controls to verify the identity of customers. It was unable to demonstrate that its procedures outlined the action to be taken when suspicious activity was discovered.
RL360 £1.95m
RL360 agrees £1.95m settlement with Isle of Man regulator relating to AML procedures
The IFSA has been conducting a review of AML procedures for Isle of Man-based companies and has already issued fines to other financial services companies based on the island, with RL360 being the largest so far.
Isle of Man Headquartered RL360 has agreed to pay the Isle of Man Financial Services Authority (IFSA) a total of £1.95m in a civil penalty relating to historic anti-money laundering procedures.
SK IOM Limited – £100k
https://www.isleofmangsc.com/gambling/enforcement/public-statements
Following a regulatory inspection of SK IOM, which identified prima facie contraventions of the Gambling (Anti-Money Laundering and Countering the Financing of Terrorism) Code 2019 (the “Code”), the Commission initiated an investigation into SK IOM. This Public Statement details the conclusions and outcomes of that investigation.
In light of the same, the Commission has determined that it would be reasonable and proportionate, in all the circumstances, that SK IOM be required to pay a discretionary civil penalty in connection with these contraventions in the sum of £100,000 discounted by 30% to £70,000 (the “Civil Penalty”).
OKX Crypto Exchange – $500m fine
OKX, one of the world’s largest cryptocurrency exchanges, has admitted to violating U.S. anti-money laundering (AML) laws and will pay over $504 million in fines. For more than seven years, the exchange failed to implement required AML policies, allowing over $5 billion in suspicious transactions.
Prosecutors revealed that OKX knowingly permitted U.S. users to trade on its platform despite restrictions and even guided them on how to bypass know-your-customer (KYC) protocols. While OKX attributed these violations to “legacy compliance gaps,” the case underscores the ongoing regulatory scrutiny in the cryptocurrency industry. Meanwhile, other exchanges, such as Robinhood and Coinbase, have recently seen U.S. investigations against them dropped.
UAE Exchange House – £41m fine
The UAE Central Bank has fined an unnamed exchange house Dh200 million (~£41m) for serious failures in its anti-money laundering (AML) and counter-terrorism financing (CFT) framework. A branch manager was also fined Dh500,000 and permanently barred from working at any licensed financial institution in the UAE.
This enforcement action follows regulatory examinations and reflects the UAE’s intensified efforts to combat financial crime. The penalty is part of the country’s broader AML/CFT strategy, which includes the 2024–27 National Strategy and recent legal reforms aimed at aligning with global standards and safeguarding the integrity of the financial system.
Block – $40m fine
Block Inc., the parent company of Cash App, will pay a $40 million fine and appoint an independent monitor to settle allegations from New York’s Department of Financial Services (NYDFS) that it failed to prevent money laundering on its platform.
Regulators identified “critical gaps” in Block’s compliance with the Bank Secrecy Act, anti-money laundering (AML), and know-your-customer (KYC) requirements. Lapses included poor customer due diligence, weak risk controls, and insufficient oversight of Bitcoin transactions. These issues left Cash App vulnerable to criminal exploitation, including by a Russian network identified in a 2022 internal review.
This follows an $80 million settlement Block reached in January with 48 U.S. states over similar charges. While not admitting wrongdoing, Block said the latest settlement resolves all pending state money transmission license matters.
Robinhood – $30m penalties
Robinhood Financial LLC and its clearing affiliate, Robinhood Securities, have agreed to pay $29.75 million in penalties for regulatory violations, including failures in anti-money laundering (AML) compliance, inadequate clearing system oversight, and misleading customer disclosures. The Financial Industry Regulatory Authority (FINRA) imposed the penalties, which include a $26 million fine and $3.75 million in restitution to affected customers.
Among the violations, Robinhood failed to detect and report suspicious activity, safeguard customer accounts from hacking, and properly manage system delays during the 2021 trading surge. It also inaccurately disclosed how it handled market orders and failed to supervise misleading social media promotions. This latest settlement follows a $45 million SEC settlement in January and a $57 million FINRA fine in 2021, highlighting ongoing regulatory scrutiny of the brokerage’s operations.
Revolut – €3.5m fine
Revolut has been fined €3.5 million by the Bank of Lithuania for shortcomings in its AML procedures, following an inspection of its EU banking arm, Revolut Bank UAB.
While no actual money laundering was detected, regulators found that Revolut had deficiencies in monitoring transactions and customer activity, which at times hindered proper identification of suspicious operations.
Acknowledging the issues, Revolut cooperated with the central bank, initiated corrective actions, and agreed to an improvement plan. The fine represents just 0.38% of Revolut’s 2023 revenue, well below the potential 10% maximum under Lithuanian AML laws.
“Revolut Bank UAB is committed to the highest standards of regulatory compliance and cooperated with the Bank of Lithuania in taking immediate action to address the procedural deficiencies. We continue to invest to ensure we have best-in-class controls in the fight against financial crime”
– Spokesperson, Revolut
Admiral Casino – £1m fine
Greentube Alderney Limited, the operator of Admiral Casino, has been fined £1 million by the UK Gambling Commission (UKGC) for failing to meet AML and customer protection standards. This marks the second time the company has faced penalties, following a £685,000 fine in 2021 for similar breaches.
The UKGC found that Admiral Casino failed to identify and support vulnerable customers, delayed action on suspicious accounts, and ignored its own policies regarding high-risk professions. One case involved a customer with a negative bank balance who was permitted to deposit £4,000 over four months. Another involved a customer with over £100,000 in unusual bank transactions, which the casino only flagged after four months. The company also failed to identify an account linked to a convicted criminal, despite clear warning signs.
The UKGC has warned gambling operators that repeat violations will lead to harsher penalties. This fine comes as the UK prepares for new gambling regulations in 2025, aimed at increasing financial checks on players, banning high-speed gambling features, and tightening marketing rules. The case highlights the growing regulatory pressure on the gambling industry to prioritise player safety and compliance.
Morgan Stanley – £1m fine
Switzerland’s attorney general has fined Morgan Stanley’s Swiss operations $1 million for failing to prevent a client advisor from laundering money linked to bribery in Greece. The case involved former Greek Defence Minister Akis Tsohatzopoulos, who was convicted of money laundering in 2013.
Funds from the bribery scheme were funnelled through Swiss bank accounts belonging to Tsohatzopoulos’ cousin and a straw man, triggering an investigation. The bank’s previous entity, Bank Morgan Stanley (Switzerland) AG, was held responsible for failing to stop the advisor’s illicit activities. Morgan Stanley cooperated with prosecutors and agreed not to challenge the fine, which also includes covering legal costs.
Major Payment Institutions – $960k fine
The Monetary Authority of Singapore (MAS) has fined five major payment firms a total of $960,000 for breaches of anti-money laundering and countering the financing of terrorism (AML/CFT) rules.
Following inspections, MAS found serious compliance lapses at Remsea, Arcade Plaza Traders, J-Dee Remittance Services, Mobile Community Tech, and OxPay SG. The enforcement actions reflect the regulator’s commitment to upholding Singapore’s status as a trusted financial centre.
MAS emphasised that penalties are proportionate to the severity of the violations, with further measures—such as prohibition orders or criminal referrals—available when warranted.
Intercorp – €27k fine
Luxembourg’s financial regulator, CSSF, has fined Intercorp SA €27,000 for failing to meet AML and counter-financing of terrorism (CFT) obligations. The penalty, issued after an on-site inspection, cited deficiencies in customer due diligence, risk assessment, and suspicious transaction reporting.
The investigation found that Intercorp failed to verify the origin of client funds, neglected to clarify financial discrepancies in high-risk transactions, and delayed reporting suspicious activities to the Financial Intelligence Unit. Some reports were only submitted after regulatory intervention. The firm has since acknowledged the findings and implemented corrective measures.
