The Financial Conduct Authority (FCA) has imposed a £44,078,500 financial penalty on Nationwide Building Society for significant failures in its financial crime systems and controls during the period October 2016 to July 2021. The sanction underlines the regulator’s intensified focus on economic crime risk management, consistent with its 2025–2030 strategy to fight financial crime while supporting market growth and improving consumer outcomes.
On 12 December 2025, the FCA published its enforcement notice against Nationwide Building Society (the mutual) following a multi-year investigation into its anti-financial crime arrangements. During the relevant period, Nationwide’s systems and controls were found to be inadequate in maintaining up-to-date Customer Due Diligence (CDD), conducting effective risk assessments and monitoring transactional activity.
This enforcement outcome aligns with one of the FCA’s four strategic priorities: fighting financial crime, as set out in its 2025–2030 strategy. The regulator has emphasised that firms must serve as a strong first line of defence against financial crime, preventing the misuse of regulated financial channels and supporting a fair and trusted financial system.
Key Findings and Failures
The FCA identified several critical weaknesses in Nationwide’s financial crime control framework:
- Inadequate due diligence and risk monitoring:
Nationwide failed to maintain up-to-date customer due diligence and risk assessments across its personal current account customer base.
- Poor transaction monitoring
The firm’s systems were ineffective in detecting patterns indicative of financial crime, particularly in relation to unusual or high-risk transactions.
- Misuse of personal accounts for business activity
During the period in question, Nationwide did not offer business current accounts. However, certain customers used personal accounts for business purposes. The firm lacked appropriate controls to manage the associated financial crime risks, rendering it unable to accurately identify and monitor higher-risk customers.
- Missed red flags in a serious fraud case
The FCA highlighted a particularly concerning case in which a customer used personal accounts to receive 24 fraudulent COVID-19 furlough payments totalling £27.3 million over 13 months. While most of the funds were later recovered by HM Revenue & Customs (HMRC), approximately £800,000 remains unrecovered.
The FCA concluded that Nationwide should have identified and acted upon warning signs in this customer’s accounts by late 2019 at the latest.
Outcome and Resolution
Nationwide acknowledged the control weaknesses identified by the FCA, noting that it had self-reported the issues and cooperated fully throughout the investigation. The firm has since undertaken a significant transformation of its financial crime control framework, including enhancements to systems, procedures and governance oversight.
Nationwide stated that, although it does not believe the historical weaknesses resulted in financial loss to its customers, it accepts the importance of having a robust risk management infrastructure in place.
The FCA initially calculated the fine at just under £63 million. However, a 30% discount was applied under the FCA’s settlement procedures, reflecting Nationwide’s early engagement and cooperation, resulting in a final penalty of £44,078,500.
Regulatory and Industry Implications
This action forms part of a broader enforcement trend, with the FCA issuing 13 fines related to Anti-Money Laundering (AML) and financial crime failings since 2021, amounting to over £300 million across UK banks and building societies.
This case serves as a clear warning that:
- Firms must maintain proportionate, effective and timely financial crime controls.
- Regulatory scrutiny of AML and fraud risk management remains a top FCA priority.
- Legacy systems, product gaps or organisational changes are not valid excuses for weak control frameworks.
For senior compliance, risk and operational professionals, this enforcement highlights the need for continuous control enhancements, effective governance and proactive identification of emerging financial crime risks.
Next Steps for Firms
Firms should take the following actions in response to this case:
- Review and strengthen financial crime risk frameworks in line with FCA expectations.
- Conduct independent audits of customer due diligence, transaction monitoring and risk scoring models.
- Ensure governance structures allow for timely escalation and oversight of suspected financial crime.
- Maintain documented evidence of remediation efforts and control improvements.
- Align financial crime risk management with the FCA’s 2025–2030 strategic priorities.
How Complyport can Help
As the FCA continues to prioritise financial crime prevention, firms must ensure their systems and controls are robust, proportionate and effective. Complyport supports financial services firms in strengthening their financial crime and compliance frameworks to meet evolving regulatory expectations.
Complyport supports financial services firms in assessing and enhancing their financial crime and compliance frameworks. Our services include:
- Anti-Money Laundering and financial crime health checks;
- Governance and risk assessments;
- Policy and procedure reviews;
- Bespoke staff training;
- Interim compliance resourcing; and
- Ongoing advisory support.
Book a Meeting with a Complyport SME
To learn more and ensure compliance with upcoming regulatory developments, book a consultation with a Complyport Subject Matter Expert today.
Ask ViCA, your Virtual Compliance Assistant.
Access instant answers on regulatory changes.
Claim your complimentary 20 queries today! Register here: https://vica.chat
CPT social media:
FCA fines Nationwide £44m for serious failings in financial crime controls. The action highlights the regulator’s strategic focus on anti-money laundering systems and the need for robust risk frameworks across financial institutions.
#FCA #Nationwide #FinancialCrime #AML #Governance #RiskManagement #RegulatoryEnforcement #UKFinance #Compliance #FinancialServices #RegulatoryUpdate
