Historically, corporate finance firms have been viewed as a lower-risk segment for anti-money laundering (AML) and financial crime by regulators, but over the past 24 months regulators have been turning their attention to the segment.

“The UK Financial Conduct Authority (FCA) is paying closer attention to sectors outside the core banking space and other traditional high-risk areas,” says Deloitte forensic and financial crime director, Peter Hawkins. “The regulator wants to understand these other sectors and the risk profiles and control frameworks they have in place.”

The FCA, for example, recently sent out a survey to a randomised selection of corporate finance firms to learn more about the controls they had in place to prevent money laundering in their organisations and cover risks that could emerge from their clients and transactions they are advising on. 

The survey covered a range of topics, including governance, risk assessments, client due diligence, client risk designation, sanctions screening and suspicious reporting.

The FCA also published a ‘Dear CEO’ letter in 2023, addressed to all corporate finance chief executives, outlining the key risk areas of the corporate finance business model, as identified by the FCA, as well as outlining the watchdog’s strategy for addressing these risks and its expectations of firms.

“The ‘Dear CEO’ letter is a frequently used tool giving firms in a particular sector a notice of intent as to what the regulator is focusing on,” Hawkins says. “The letters covered a number of different areas, with financial crime being a clear area of focus. They also remind CEOs of firms in the sector of their obligations in respect of financial crime and FCA expectations. The FCA often uses letters and surveys to gather more intelligence and build up its understanding,” Hawkins continues. “From prior experience, this information gathering and research can inform the regulator’s supervisory approach in the future.”

More transparent

In addition to these interactions with the FCA, the implementation of the Economic Crime and Corporate Transparency Act (ECCTA) has placed further obligations on corporate financiers. The ECCTA legislation introduced a wide range of reforms, including measures to prevent the abuse of limited partnerships; seize and recover criminal crypto assets; strengthen identification verification processes for company directors; and give Companies House enhanced investigation powers. ECCTA compliance will require a cultural shift to one focused more on proactive prevention. In terms of accountability, senior managers are now potentially in the frame.

In terms of ECCTA reforms that will have specific resonance for corporate finance, the failure to prevent fraud that benefits a firm has been made an offence and will be one of the main areas for firms to adapt to. The failure to prevent fraud legislation is still in implementation phase, but by 1 September qualifying firms (large firms with more than 250 employees, £36m turnover and £18m total assets) will have to comply.

The failure to prevent fraud provisions raise the bar for corporate financiers, as prosecutors now only have to prove that a firm lacked reasonable or adequate controls to prevent financial crime, as opposed to proving that a firm intentionally committed the offence. 

“Failure to prevent fraud should be firmly on the radar for corporate finance firms. It is coming in September and it is significant,” Amanda Raad, partner and co-head of the anti-corruption and risk management practice at law firm Ropes & Gray, says. “Rather than spending time and energy debating where failure to prevent applies to them or not, firms would be well served to assume that it does and get it done.”

The intensifying focus on enhancing legislation and regulatory frameworks to combat financial crime comes as evidence builds that financial crime around the world is increasing. 

EU and UK economies have been particularly vulnerable to this risk, especially as financial criminals take advantage of the anonymity afforded by cryptocurrencies to launder and move money gained illegally.

According to Moody’s, money-laundering activity across Europe has increased 25% year on year from 2018 to 2023, with the UK ranking as the jurisdiction with the most money-laundering activity, accounting for 29% of reported money-laundering incidents in the continent. 

For corporate finance firms, which will be advising on M&A deals and capital raisings often involving cross-border flows of capital and overseas investors, byzantine corporate arrangements and complex deal structures make it more challenging to verify sources of funds and the beneficiaries behind vehicles involved in transactions.

Prepare for oversight

As governments and policymakers continue to prioritise the battle against financial crime, corporate finance firms should expect closer oversight from regulators and ensure that they are prepared accordingly. Beefing up internal controls and procedures to prevent financial crime, money laundering and fraud starts with an organisational risk assessment to establish the rigour of existing procedures and identify any points of weakness.

“As firms respond to closer oversight, it is important not to take a siloed approach. It is very easy to make a mistake and drown yourself if you try to address every risk individually,” Raad says. “Be clear on the risk areas – failure to prevent fraud, money laundering and financial crime – but figure out what the biggest risks actually are. Don’t just treat them equally. Then identify the resources available to diligence and monitor that risk. Often firms will already have financial controls and procedures in place that can easily be tweaked for many of the things you are trying to do.”

The corporate finance sector is a broad church and controls and processes will vary across the industry, ranging from different firms requiring different steps to align internal controls with ECCTA guidance. “You will see variations across control frameworks in the sector. Often size is a key part of that, with corporate finance teams sitting within a larger financial services group with access to more compliance resources, through to a long tail of smaller boutique advisers where maybe financial crime is less of a key risk topic relative to other areas,” Deloitte’s Hawkins says. “There are different levels of maturity and surveys could be one way for the regulator to really form a view on where the sector sits.”

Once organisations have a clear picture of any potential weak points, steps can then be taken to strengthen controls and provide staff training accordingly. “Everybody knows that you have to do compliance training, but constant workshopping and dialogue are more important than ever right now,” Raad says. 

“This is a cycle of increasing uncertainty and a ton of commercial pressure, as well as nervousness about what do next, but instead of being frustrated by regulators and new legislation, firms should see it as an opportunity to upskill their people.”

In a global economy where financial crime appears to be rising, corporate finance firms cannot afford to delay programmes to protect their businesses and equip their people, and ensure that they are complying with updated legislation and regulation.