On 20 October 2025, the Financial Conduct Authority (FCA) published its survey findings on financial crime controls in corporate finance firms (CFFs). The results provide insight into how CFFs mitigate the risks of financial crime that they face and the FCA has stated that it will use the survey data as it supervises the CFFs portfolio, intervening where firms fall short.

Background & survey methodology

The survey is part of the FCA’s wider strategy to fight financial crime and is one of several initiatives planned over the next five years to strengthen oversight and raise standards across the financial services sector.

As part of this survey, the FCA reviewed the CFFs portfolio, focusing on 303 firms that are not required to submit financial crime data regulatory returns – 270 firms (89%) responded to the survey. The survey process involved gathering firms’ own assessment of the financial crime risks that they face and then interviewing senior staff at a selected sample of firms to take a closer look at the anti-financial crime frameworks that they operate.

Key findings

Results from the survey indicated that approximately two-thirds of the responding firms may not be compliant with the Money Laundering Regulations in one or more aspects of their anti-financial crime control frameworks. Key areas for improvement for CFFs highlighted in the survey findings include:

  1. Lack of business-wide risk assessment: 11% of respondents reported that they had no documented business-wide risk assessment.
  2. Missing evidence of customer due diligence: 10% of respondents reported that they did not retain documented evidence of customer due diligence.
  3. Gaps in risk assessments for appointed representatives (ARs): Of the 31 respondents that were principal firms, 90% reported they have clear policies governing the financial crime risks inherent in their ARs. However, nine of these firms reported that they do not actually assess the financial crime risks inherent in their ARs, with two firms having reported they do not: monitor their ARs’ compliance with financial crime regulations; or conduct on-site visits or audits.

The FCA also identified examples of good practice, such as firms regularly updating their business-wide assessments to reflect emerging risks and using detailed management information to strengthen financial crime controls.

Next steps

The FCA expects all responding firms to consider these findings and address any gaps in their financial crime control frameworks. Of note, as well as the findings themselves, the publication includes a number of key reminders for firms in this area.

In addition, the FCA is writing to many of the firms falling short of regulatory expectations to set out required remedial action. The FCA will follow up with some of these firms in due course to understand what remedial actions have been taken.