FCA fines Nationwide £44m for financial crime control failings: Key lessons for firms

In a stark reminder of the regulatory consequences of not prioritising financial crime controls, the Financial Conduct Authority (FCA) has imposed a £44m fine on Nationwide Building Society. For financial services firms, this case underscores the regulator's determination to hold firms accountable for weaknesses that enable fraud and money laundering.

On 12 December 2025, the FCA announced that it has fined Nationwide Building Society £44m for historic anti-financial crime systems and controls failings between October 2016 to July 2021.

Significance of the decision

This substantial penalty from the FCA forms part of a broader and sustained regulatory focus on financial crime prevention, with the FCA having imposed 13 fines totalling over £300m on banks for anti-money laundering systems and controls failings since 2021. The FCA stated that Nationwide's failure to properly address the financial crime risks within its customer base, combined with the prolonged delay in fixing flawed systems and weak controls, resulted in serious consequences including missed red flags that could have prevented significant fraud.

Fighting financial crime has been identified as a priority in the FCA’s latest 5-year strategy published in March 2025, signalling that firms should expect continued and intensive regulatory scrutiny in this area. The regulator's willingness to impose substantial fines demonstrates that firms will be held accountable where they fail to maintain adequate systems and controls, particularly where they are aware of deficiencies but do not remediate them promptly.

Key takeaways for financial services firms

This notice highlights several critical compliance imperatives for firms in the financial services sector:

• Risk-based customer assessment: Firms must implement effective systems to identify, assess, monitor and manage money laundering risks amongst their customer base and maintain an accurate picture of customers who present higher financial crime risks.

• Ongoing monitoring and due diligence: Systems must ensure the use of up-to-date customer due diligence and risk assessment information. Firms cannot rely on outdated customer information or static assessment processes.

• Transaction monitoring capabilities: Effective transaction monitoring systems must be sophisticated enough to detect unusual activity patterns, be regularly reviewed and enhanced to address emerging risks.

• Timely remediation: Awareness of control weaknesses is insufficient; firms must address identified deficiencies in a timely manner. Prolonged delays in implementing necessary improvements will not be tolerated by the regulator.

• Product-appropriate controls: Firms should have appropriate processes to ensure customers use products in ways they were specifically intended for, and consequently not being able to circumvent financial crime controls.

• Regulatory expectations: With fighting financial crime identified as a priority in the FCA's 5-year strategy, firms should expect continued regulatory focus and enforcement in this area.

We recommend that firms review their financial crime frameworks against these findings and ensure robust, risk-based systems and controls are in place to meet evolving regulatory expectations. Firms should also ensure they have adequate resources and governance structures to identify and remediate control weaknesses promptly.