National risk assessment of money laundering and terrorist financing 2025

The money laundering regulations (MLR) require HM Treasury and the Home Office to undertake a risk assessment to identify, assess, understand and mitigate the risks of money laundering and terrorist financing affecting the UK. This is published as the National Risk Assessment (NRA) The 2025 assessment is the fourth NRA, building on the risks identified in 2015, 2017 and 2020. Read our guidance to understand why the NRA is relevant to your firm and how you should use the information within it to inform your firm-wide risk assessment.

The NRA is the UK’s stock-take of our collective knowledge of money laundering and terrorist financing risks and should be used to consider the appropriate allocation and prioritisation of resources to counter money laundering and terrorist financing.

MLR stipulate that supervisors and our member firms must conduct their own risk assessments which must consider the NRA. Therefore, you should prepare your firm-wide risk assessment with the risks identified in the NRA in mind, and design controls, policies and procedures to mitigate the risks identified.

You need to understand the key risks and threats highlighted within the NRA and we recommend that all firms read the NRA 2025 and the AASG Risk Outlook. 

When you prepare your firm-wide risk assessment you should consider how these risks prevail in the environment in which you operate. In particular, you should consider whether you offer services that the NRA considers high risk, or engage with clients in sectors or geographies that are high risk.

Your firm-wide risk assessment should describe how you plan to mitigate any changing risks.

The UK remains highly exposed to money laundering risks, driven by its position as one of the world’s largest and most open economies. The UK’s prominence in financial and professional services and its openness to trade, investment, and ease of doing business creates vulnerabilities that criminals exploit.

Geopolitical changes have led to increased connections between money laundering, kleptocracy, and sanctions evasion. Individuals and entities under sanctions are making greater use of established laundering networks (including international controllers, professionals, and complex organisational structures) to conceal the sources of their funds. These methods, previously mainly associated with the movement of criminal proceeds, are now also being applied for the purpose of circumventing sanctions.

Technological advancements have further reshaped the risk landscape. The UK’s status as a fintech hub has led to widespread integration of Electronic Money Institutions (EMIs) and Payment Service Providers (PSPs) into the financial system. While most transactions are legitimate, the widespread adoption of these platforms allows criminals to operate undetected. Cryptoassets have also surged in popularity amongst the general population but this has been mirrored with cryptoassets being increasingly featured in money laundering intelligence, often facilitated by overseas crypto service providers. Their use is linked to rising fraud and ransomware attacks, where payments are demanded in cryptocurrencies. Artificial intelligence (AI) presents a dual-edged sword. While it offers potential for enhanced detection and prevention of money laundering, it also empowers criminals to bypass AML controls and commit predicate offences like fraud more efficiently. AI can accelerate the movement of illicit funds across broader networks, complicating enforcement efforts.

Despite these evolving threats, several persistent risks remain:

• Cash-based money laundering continues to be prevalent, even as regulated cash use declines. Traditional methods (such as cash smuggling, use of cash-intensive businesses, money mules, and exploitation of legitimate channels like Post Offices) are still widely employed by criminals.
• Financial and professional service firms remain vulnerable to exploitation by organised crime groups seeking to integrate illicit funds into the legitimate economy.
• UK companies are frequently used in laundering schemes, both by regional organised crime groups employing front companies and cash-intensive businesses, and by high-end cross-border criminals using complex corporate structures to move illicit funds.

Money laundering affects all regions of the UK. Cities, particularly London, attract cross-border and complex laundering due to their concentration of financial and professional services. Rural areas are susceptible to local and regional organised crime groups, who often rely on cash and exploit smaller, locally based professional services firms to launder proceeds.

The NRA 2025 summarises the most common predicate offences that generate criminal funds.

Fraud	Continues to be the most prevalent predicate offence for money laundering in the UK, accounting for a significant proportion of Suspicious Activity Reports (SARs). Includes a wide range of schemes such as investment fraud, authorised push payment fraud, and COVID-related scams. Increasing use of digital platforms and social engineering tactics has made detection and disruption more complex.
Sanctions evasion	Criminals and hostile state actors exploit weaknesses in compliance systems to circumvent UK and international sanctions. Use of complex corporate structures, offshore jurisdictions, and professional enablers to obscure beneficial ownership and transaction flows.
Acquisitive crime	Includes burglary, theft, and robbery, often linked to organised crime groups. Stolen goods are either sold to generate cash, which is laundered through traditional techniques, or used as a store of value.
Drugs	Mainly laundered through cash-based techniques, particularly for street-level and wholesale drug trafficking.
Cyber crime	Rapidly growing threat with criminals using ransomware, phishing, and malware to steal funds and personal data.
Organised immigration crime	Linked to human trafficking and exploitation, generating illicit profits that are laundered through informal value transfer systems and money service businesses.
Tax evasion	Involves deliberate underreporting of income, offshore tax havens, and misuse of trusts and shell companies. Professional service firms are particularly exposed to the risk of being used.
Modern slavery and human trafficking	Victims are exploited for labour or sexual services, with proceeds laundered via money mules. Often overlaps with other criminal activities such as drugs and immigration crime.
Online child sexual exploitation and abuse	Generates illicit income through the sale of abusive material, often paid for using cryptoassets or EMIs and PSPs.
Environmental crime	Includes illegal waste disposal, wildlife trafficking, and logging, often linked to transnational organised crime. Proceeds are laundered through trade-based schemes and shell companies
Bribery and corruption	Involves misuse of public office and corporate bribery, often facilitated by opaque financial structures. Laundered through offshore accounts, luxury goods, and real estate.

Accountancy service providers	NRA 2017	NRA 2020	NRA 2025
Money Laundering	High	High	High
Terrorist Financing	Low	Low	Low

The report highlights the significant role accountants play in the UK’s financial system, which makes it a target for money laundering, and there are a range of services offered (such as payroll services, bookkeeping, insolvency, tax advice and audit) which can be used by criminals. While government has introduced a range of mitigating strategies to prevent this type of crime, such as regulatory frameworks and AML supervision, vulnerabilities remain  - particularly in services that carry higher risks or where firms do not fully comply with the requirements of the MLRs. The NRA emphasises that it is essential we continue to work towards enhancing sector-specific intelligence, improving collaboration between the public and private sectors (and within them), and remaining alert to emerging risks to reduce the sector’s exposure.

We recommend that firms read the NRA, alongside the AASG Risk Outlook, as together these documents provide detailed information on the threats and vulnerabilities in the UK and detail on the red flags and indicators for the key risk areas (identified as High-risk service lines in the NRA).

The NRA sets out that several service lines within the accountancy sector are particularly susceptible to money laundering activities:

• Providing accountants certificates of confirmation: criminals can seek certificates of confirmation to provide the appearance of legitimacy to transactions that feature criminal funds or to falsified documents and records.
• Payroll services: criminals may try to access these services to disguise illicit payments by falsely reporting employee numbers or salaries to move illegal funds or evade taxes. The risk increases when payroll is offered as a standalone service or when the accounting firm lacks familiarity with the client, making it easier for false information to go undetected, or when the accountancy firm is handling the client’s funds and making payments on behalf of the clients.
• Tax advice services: accountants may facilitate tax evasion and fraudulent tax refunds, and consequently the laundering of the proceeds of those offences, where clients deliberately provide inaccurate or incomplete information 
• Trust and company services: these services are high-risk due to the potential for concealing the true ownership of companies and assets, and complex corporate structures appear in most case studies and typologies for money laundering.

The NRA concludes that a key vulnerability of the sector is poor compliance with the MLRs, as criminals will seek to take advantage of weak or inadequate risk assessments, policies, controls and procedures. We know that around 20% of our monitoring reviews result in a ‘non-compliant’ outcome ie, one-in-five firms within our supervised population are exposed to this vulnerability.

Other key vulnerabilities are:

• Fragmentation of services: criminals may use different firms for different accountancy services, preventing a single firm from seeing the full picture. Where a firm has access to, or knowledge of, most or all of the activities and transactions of their customer, they will be better placed to understand the full picture and identify risks.
• Supply chain: a supply chain is created when the accountancy service is provided to an end-user via an intermediary and may compound risk by placing distance between the firm and the ultimate client.

The terrorist financing risk for accountancy firms remains low, with no evidence of abuse since 2020. However, accountancy firms that are trust and company service providers (TCSPs) should be aware that the terrorist financing risk for TCSPs has increased from low to medium. This is due to the potential for UK-based company and trust arrangements to receive funds from entities that may knowingly or unknowingly support terrorism. Firms offering such services should take note of this elevated risk and ensure they have factored this change into their firm-wide risk assessments.

• Emerging money laundering risks
• Read the AASG Risk Outlook which has been updated to reflect the National Risk Assessment 2025