Presenter Notes — Slide 1
Opening: Welcome to Lesson 2. In Lesson 1 we covered what money laundering is and why it matters. Now we turn to the legal and regulatory framework that governs our obligations.
Key message: The UK has some of the toughest AML laws in the world. Understanding them is not optional — it is a legal obligation for every person in the regulated sector.
Transition: "Let's start with the cornerstone of UK AML law — the Proceeds of Crime Act."
Presenter Notes — Slide 2
POCA 2002: Creates three principal ML offences under sections 327-329. Each carries a maximum of 14 years' imprisonment. (Source: CPS Prosecution Guidance)
s.327: Concealing, disguising, converting, transferring, or removing criminal property from the UK.
s.328: Facilitating arrangements for criminal property — entering into or becoming concerned in an arrangement.
s.329: Acquiring, using, or possessing criminal property.
Key legal point: The prosecution does NOT need to prove the specific predicate offence. It is sufficient to show the property was derived from some form of criminal conduct. This is a deliberately broad test.
Transition: "But POCA goes further than just the principal offences. It also criminalises silence."
Presenter Notes — Slide 3
s.330 — Failure to disclose: Applies specifically to the regulated sector (including banking). You commit an offence if you know, suspect, or have REASONABLE GROUNDS to suspect ML, and you fail to report. (Source: CPS Prosecution Guidance)
Critical distinction: The "reasonable grounds" element is an OBJECTIVE test. Unlike principal offences (which require actual knowledge or suspicion), s.330 can be breached where a person SHOULD have known or suspected. Ignorance is not a defence if a reasonable person would have been suspicious.
Talking point: This is the section that applies directly to every person in this room. 5 years' imprisonment is the maximum penalty for saying nothing.
Transition: "There is another offence that catches people off guard — tipping off."
Presenter Notes — Slide 4
s.333A — Tipping off: Disclosing that a SAR has been made, is being contemplated, or is being considered. The disclosure must be likely to prejudice an investigation. (Source: CPS Prosecution Guidance)
Examples to share: Telling a customer their account is "under review for compliance reasons." Warning a client not to make certain transactions "for now." Even a well-intentioned warning to a long-standing client is criminal. (Source: Law Society guidance)
Key point: This is a CRIMINAL offence, not just a regulatory infraction. 2 years' imprisonment. Even indirect hints can constitute tipping off.
Transition: "POCA sets the criminal law. But there is also a detailed regulatory framework that governs how firms must operate day to day."
Presenter Notes — Slide 5
MLR 2017: Transposed the EU's Fourth and Fifth Money Laundering Directives into UK law. Remains the primary regulatory framework for AML compliance. (Source: FCA)
Core requirements: Risk assessments, CDD (simplified/standard/enhanced), ongoing monitoring, record keeping (5 years minimum), internal controls, and SAR reporting.
2025 amendments: EDD narrowed to FATF "Call for Action" list only (currently Iran, Myanmar, DPRK). Crypto firms aligned with FSMA. Pooled client accounts decoupled from SDD. Changes take effect early 2026. (Source: UK Government draft SI)
Transition: "The FCA supervises compliance with these regulations. Let's look at what the regulator expects."
Presenter Notes — Slide 6
FCA supervision: Approximately 20,000 firms supervised for AML compliance. The FCA expects documented risk assessments, proportionate systems and controls, MLRO appointment, and SM&CR accountability. (Source: FCA)
REP-CRIM: Annual financial crime reports covering SARs filed, fraud losses, and compliance resources. This gives the FCA data to identify outliers.
2026 priority: Material AML deficiencies will be treated as governance failings, increasing risk of personal liability for senior managers under SM&CR. Intelligence-led supervision enhanced by data analytics. (Source: Browne Jacobson horizon scanning)
Transition: "The FCA operates within a global framework. Let's look at the international standard-setter."
Presenter Notes — Slide 7
FATF: The Financial Action Task Force sets the global standard — 40 recommendations across 190+ countries. The UK is a member and is expected to implement all recommendations. (Source: FATF)
Key recommendations for banking: R1 (risk-based approach), R10 (CDD), R11 (record keeping, 5 years), R18 (internal controls), R20 (suspicious transaction reporting).
UK compliance status: Compliant on 24 recommendations, largely compliant on 15, partially compliant on 1. Next Mutual Evaluation scheduled for 2027. (Source: FATF)
2025 FATF updates: Changes to R1, R10, R15 to promote financial inclusion. Updated R16 (Payment Transparency) — new requirements effective by 2030.
Transition: "Within Barclays, these requirements are implemented through a structured defence model."
Presenter Notes — Slide 8
Three Lines of Defence: Industry-standard model detailed in the Barclays Bank UK Annual Report 2024.
First Line — Business: Revenue-generating and client-facing areas. Conduct CDD, monitor transactions, escalate suspicions. The front line is the first point of defence.
Second Line — Risk & Compliance: Sets frameworks, policies, standards. Provides oversight, challenge, and guidance. The Financial Crime function designs AML policies and reviews SARs.
Third Line — Internal Audit: Independent function reporting to the Board Audit Committee. Tests whether AML controls actually work, identifies gaps, recommends improvements.
Transition: "Let's see how these lines of defence fit within Barclays' broader governance."
Presenter Notes — Slide 9
Barclays framework: One group-wide Financial Crime Policy covering four risk areas: anti-bribery/corruption, AML/CTF, anti-tax evasion facilitation, and sanctions. Eleven standards. (Source: Barclays Financial Crime Policy Position Statement)
Principal risk since January 2025: The ERMF now identifies 10 principal risks. Financial crime receives dedicated Board-level oversight, its own risk appetite statement, and separate reporting. (Source: Barclays Bank PLC Annual Report 2025)
Alignment: FATF recommendations, Wolfsberg Principles, JMLSG guidance, UK Finance standards. JMLSG guidance is approved by HM Treasury and provides a "safe harbour" for compliance.
Transition: "So what does all of this mean for you personally?"
Presenter Notes — Slide 10
Personal application: Section 330 applies to EVERY person in the regulated sector. That includes everyone in this room, regardless of role, seniority, or function.
Three actions: Know the Law (understand POCA, MLR, and your obligations). Follow the Framework (use the policies, standards, and controls Barclays provides). Report Suspicions (to the MLRO, immediately, without investigating yourself).
Closing: "The regulatory landscape may seem complex, but your obligations are simple: know the rules, follow the framework, and if you see something, report it. In Lesson 3, we will cover the practical process of Know Your Customer and due diligence."
