Back to Lesson
Lesson 4

Recognising Red Flags

Identify suspicious patterns. Protect the bank.

What You Will Learn

By the end of this lesson, you will be able to identify suspicious transactions and behaviours.

Transaction Red Flags

£46.8 Million

flowed from a convicted laundering operation to a Barclays client in just over one year

37,000
UK mule accounts flagged in 2023
£10B
laundered via mules annually

Customer Behaviour Red Flags

Case Study: Stunt & Co

Onboarding
Insufficient information gathered
£46.8M Received
Round figures, high volume, no rationale
Police Raids
Fowler Oldfield raided. Barclays did not act.
5-Year Delay
No proper review conducted
£39.3M Fine
Principles 2 & 3 breached
Regulatory enforcement

Case Study: WealthTek

  • No register check — FCA Financial Services Register not consulted
  • £34 million deposited without regulatory verification
  • 11 months to close the account after policy update
  • £3.1M fine + £6.3M ex-gratia payment to affected clients
£42 Million

Total FCA fine against Barclays for financial crime control failures

£39.3M
Stunt & Co
£3.1M
WealthTek

Key Lessons

The FCA Warning

“The consequences of poor financial crime controls are very real — they allow criminals to launder proceeds of their crimes.”

— Therese Chambers, FCA Joint Executive Director of Enforcement
Start Lesson 4
1 / 10

Presenter Notes

Presenter Notes — Slide 1

Opening: Welcome to Lesson 4. We have covered what money laundering is, the regulatory landscape, and how CDD works. Now we learn to recognise the warning signs — the red flags that signal suspicious activity.

Key message: Every day, billions of pounds flow through the UK banking system. Most are legitimate. But hidden among them are the proceeds of serious crime. Your job is to spot the difference.

Transition: "Let's start with what you will learn in this lesson."

Presenter Notes — Slide 2

Lesson structure: Three areas — transaction red flags (patterns in payments and transfers), behaviour red flags (customer actions signalling concealment), and real case studies (Stunt & Co and WealthTek deep dives).

Learning outcome: By the end of this lesson, participants should be able to identify suspicious transactions and behaviours in their day-to-day work.

Talking point: Red flags are not about certainty — they are about recognising patterns that warrant further investigation. The threshold is always suspicion, not proof.

Transition: "Let's examine the most common transaction-based red flags."

Presenter Notes — Slide 3

Profile inconsistency: The cornerstone of monitoring is understanding expected activity and flagging deviations. A customer with modest domestic payments suddenly receiving large international wires warrants immediate attention. (Source: Sumsub, FCA Final Notice)

Unusually large amounts: Transactions significantly larger than normal patterns. Personal account holder transacting in hundreds suddenly depositing tens of thousands. (Source: CPD Online)

Cross-border transfers: Rapid sequential transfers across multiple jurisdictions, especially involving FATF high-risk countries. (Source: UK Finance typologies)

Round figures: Exact round amounts (GBP 100,000, GBP 50,000) with no invoice, contract, or commercial rationale. Legitimate transactions almost always involve irregular amounts. (Source: CPD Online)

Structuring: Deliberately breaking sums below reporting thresholds. Multiple GBP 9,500 deposits instead of one GBP 50,000. (Source: Sumsub)

Transition: "These transaction flags were central to one of the biggest enforcement actions in recent UK history."

Presenter Notes — Slide 4

Stunt & Co stat: GBP 46.8 million flowed from Fowler Oldfield (convicted launderer, part of a GBP 400M operation) to Stunt & Co in just over one year. This dwarfed any reasonable commercial expectation. (Source: FCA Final Notice, FCA Press Release)

Mule stats: 37,000 UK accounts showed mule behaviour in 2023. GBP 10 billion laundered via mules annually. Many mules are young people recruited through social media who do not realise they are committing a crime. (Source: UK Finance)

Talking point: These are not theoretical numbers. They represent real criminal activity flowing through real bank accounts — accounts just like the ones your team manages.

Transition: "Transaction patterns tell one story. Customer behaviour tells another."

Presenter Notes — Slide 5

Reluctance to provide ID: One of the earliest and most reliable red flags. Under UK MLR, firms must verify identity before establishing a relationship. Resistance, excuses, partial documentation, or hostility = heightened suspicion. (Source: CPD Online)

Inconsistent documentation: Addresses that do not match, signatures that differ, business registration details that cannot be verified. Cross-reference everything. (Source: Sumsub)

Third-party funding: Funds from unrelated third parties without explanation strongly suggest the account is a conduit. Stunt & Co received GBP 46.8M from Fowler Oldfield with no obvious connection to stated activities. (Source: FCA Final Notice)

Rushing onboarding: Urgency is a common social engineering tactic by those who know their activities cannot withstand scrutiny. Never shortcut compliance processes regardless of customer status. (Source: Sumsub)

Transition: "Let's see exactly how these red flags played out in the Stunt and Co case."

Presenter Notes — Slide 6

Walk through the timeline: (1) Onboarding with insufficient information gathered. (2) GBP 46.8M received — round figures, high volume, no commercial rationale. (3) Police raid Fowler Oldfield. Barclays did not act. (4) 5-year delay — no proper review. (5) GBP 39.3M fine for breaching FCA Principles 2 and 3. (Source: FCA Final Notice)

Fowler Oldfield context: Bradford-based gold dealership, part of a GBP 400 million laundering operation. Later convicted. James Stunt was a high-profile figure linked to the Ecclestone family. (Source: FCA Final Notice)

Talking point: Every single step in this timeline represents a missed opportunity. The red flags were visible throughout — but no one acted.

Transition: "The Stunt case was not the only failure. There was also WealthTek."

Presenter Notes — Slide 7

WealthTek failure: Barclays opened a client money account WITHOUT checking the FCA Financial Services Register. A simple, free, online check would have revealed WealthTek lacked the necessary permissions. GBP 34 million deposited. (Source: FCA Final Notice, Barclays Bank UK PLC)

11-month delay: After Barclays updated its procedures to require such checks, it took 11 months to close the WealthTek account. Existing accounts were not immediately reviewed against new standards.

Cost: GBP 3.1M fine + GBP 6.3M ex-gratia payment to affected clients. The remediation cost was more than double the fine. Total cost exceeded GBP 9.3 million.

Key lesson: The simplest verification — checking a public register — would have prevented the entire incident. Basic checks matter.

Transition: "Together, these two cases cost Barclays a combined forty-two million pounds."

Presenter Notes — Slide 8

Combined penalty: GBP 42 million total. GBP 39.3M for Stunt & Co + GBP 3.1M for WealthTek. Two cases, one bank, the same fundamental failure: red flags were visible and no one acted. (Source: FCA Press Release)

Oxford Law Blog analysis: The total GBP 42M penalty sends a clear message — the FCA will pursue enforcement even against the largest institutions when financial crime controls are inadequate. (Source: Oxford Business Law Blog)

Talking point: This is not about one rogue employee or one bad decision. It is about systemic failure across onboarding, monitoring, escalation, and governance. That is why this training exists.

Transition: "What are the key lessons we should take away?"

Presenter Notes — Slide 9

Continuous monitoring: Dynamic risk assessment must replace static, point-in-time reviews. Risk ratings are not set-and-forget. (Source: Flagright analysis)

Event-driven reviews: Law enforcement activity, adverse media, filed SARs must trigger IMMEDIATE review — not a file note for the next periodic cycle. (Source: Flagright)

Basic checks matter: WealthTek proves that the simplest verification prevents the largest failures. Never assume someone else has done the check.

Speed of action: Delays compound risk and cost. The 5-year Stunt delay and 11-month WealthTek closure delay are both indefensible.

Escalate early: Before a concern becomes a crisis. Clear escalation pathways must be tested and actually followed.

Transition: "Let me leave you with the words of the FCA's enforcement director."

Presenter Notes — Slide 10

Quote context: Therese Chambers is the FCA Joint Executive Director of Enforcement and Market Oversight. This statement was made in the official press release announcing the GBP 42M fine. (Source: FCA Press Release)

Final message: Every employee is a line of defence. The question is not whether you will encounter a red flag — it is whether you will recognise it when you do.

Closing: "In Lesson 5, we will cover exactly what to do when you spot a red flag — the reporting and escalation process, SARs, the MLRO, and the legal protections available to you."