Thistle Logo

Generic filters

Financial Crime

Around the world, financial crime is a huge and growing problem for financial services firms and regulators alike. Keeping pace with its ever-expanding scale and scope is a constant challenge.

The good news is that our specialist financial crime team are here to help you protect your business, your customers, and your good standing with the regulators.

We can help you meet the complex challenge of understanding your exposure to financial crime risk and putting protections and controls in place that are adequate, proportionate and commercially appropriate for your business. This can be a tricky balance to strike. However, our expert financial crime team has the specialist knowledge and experience to guide and assist you every step of the way.

Our specialist team can help you guard your business against all aspects of financial crime risk, including anti-money laundering (AML) and counter-terrorist financing (CTF), bribery and corruption (ABC), anti-facilitation of tax evasion (AFTE), and fraud.

We offer effective assistance with everything from outsourced operational due diligence to framework audits, from training to practical advice on interpreting and implementing the rules.

In the sections [below], we outline some of the specific services we offer and some of our key focus areas within the broader scope of financial crime compliance.

In the meantime, if you’d like to know more, please feel free to contact one of our and knowledgeable financial crime specialists on 0207 436 0630 or email us at



An external audit plays a crucial role in confirming that you have appropriate anti-money laundering and financial crime controls in place. It also provides vital evidence of your firm’s compliance for critical partners like banks, financial investment, and finance providers.

Our highly skilled and experienced team of auditing experts can help you achieve this by undertaking a deep-dive review of your firm’s compliance interpretation with all aspects of financial crime regulations/legislation considered. This would typically include interviewing relevant stakeholders and reviewing your files, systems, and policy documents.

You’ll receive a detailed report setting out our findings and observations, along with practical advice and an action plan to help you address any weaknesses in your controls. You’ll also get the peace of mind that comes with knowing you’re fully on top of your firm’s financial crime risk.


The gap between theory and practice is precisely where many firms fall foul of financial crime regulations. It only takes one member of your team being unaware of what the rules require – or how to implement them – to land you in hot water.

Our expert financial crime team can help you avoid this hazard by providing tailor-made financial crime training for your staff. We can train effectively either face to face or remotely via our dedicated desk-top training platform.

This gives you the evidence to show your staff are trained and competent. Along with up-to-date training records and CPD certificates for all employees, you also gain the benefit of improved risk control across your business.

MLRs Applications

Making the various applications for approval or authorisation required under current anti-money laundering regulations can be a minefield for anyone not already familiar with the relevant procedures.

Whatever kinds of applications you’re required to make – whether under the FCA’s Cryptoassets AML/CTF or Annex I regime, to HMRC or other authorities – our financial crime team takes the hassle and uncertainty out of the process.

Our experienced experts will smooth your path to securing the authorisations and approvals you need. We’ll advise you on what’s required, help draft your applications, and submit them to the relevant authorities.

Outsourced due diligence

Maintaining the right level of internal resource at all times to carry out the required due diligence when onboarding new clients can be a real challenge for many firms.

If yours is a recently established business, or if you experience significant peaks and troughs in activity, you could benefit from our expert outsourced due diligence service.

Our dedicated and knowledgeable staff offer a cost-effective scalable resource for you to draw on when you need it. We can handle any requirement, from a few hours a week to full-time staff secondments.

Integrating fully with your own systems, our expert team can support your MLRO with direct customer relations, reviewing e-verification system outcomes, and providing transactions oversight.

Advice and implementation

In our experience, many firms are less than fully confident they have robust financial crime controls in place right across their businesses. In the current regulatory environment, this is clearly not a tenable state of affairs.

Our expert financial crime team are receiving a growing number of approaches from firms seeking guidance and support with creating and implementing an appropriate and proportionate financial crime framework.

If you don’t have the dedicated in-house resource, our specialists can work hand in hand with your MLRO to advise on – and suggest solutions to – your firm’s specific financial crime challenges.

Working with us offers you access to a wealth of expertise and experience and a flexible resource that can be scaled up over time, as your business grows.

Focus Areas

Anti-money laundering regulation

Our extensive experience of carrying out financial crime audits, delivering financial crime training, and helping firms create and implement financial crime frameworks, has made us acutely aware that every firm is different. There is no one-size-fits-all solution to the challenge of financial crime compliance.

AML risk assessment

One of the biggest challenges we see firms facing is understanding how to implement a detailed and successful business risk assessment. In practice, many firms struggle to grasp what’s required of them in terms of risk assessment. In particular, many fail to generate appropriate inherent risk ratings because they haven’t correctly understood how to categorise risks by customer, jurisdiction, products or services, transactions and delivery channels. Not interpreting the regulations correctly can mean firms’ risk assessments don’t translate into appropriate controls for mitigating the relevant money laundering and terrorist financing risks. We find that firms have a wide range of interpreting how and when to utilise e-verification providers. Electronic identity verification (e-verification) can be a useful tool in combatting financial crime, but many financial services firms place too much reliance on it. E-verification is no substitute for assessing customer risk in the round and carrying out proportionate due diligence based on that assessment.

E-verification software

The importance of carrying out proper due diligence on the e-verification provider is also frequently overlooked. You need to be able to show you have verified that any provider is a fraud-secure reliable source, totally independent of any person whose identity it is verifying. You also need to be able to show the regulator that you’re interpreting data received from an e-verification provider – as from any other source – in a reasonable and proportionate way, and that appropriate quality assurance is being undertaken.

Transaction monitoring

Transaction monitoring is another area where firms often have trouble interpreting and implementing regulations appropriately. Illicit activity on a platform can easily be missed if firms apply a rules-based approach to transaction monitoring and rely exclusively on live transaction monitoring.

In order to undertake effective monitoring of a customer, a firm must first fully understand the customer’s inherent risk traits and triggers. We find many firms have not obtained this information at the outset of a customer relationship to enable them to carry out effective and compliant monitoring subsequently. Some firms haven’t fully understood how to interpret the statistical information generated by ongoing transaction monitoring – or how to use it to identify and implement necessary changes to their anti-money laundering and counter-terrorist financing frameworks.


Issues around record-keeping and evidencing a joined-up and continuously updated approach to financial crime related matters are among the most common governance shortcomings our team encounters. The decisions a business takes from day to day will often have implications for its AML/CTF framework. Not maintaining an appropriate record of how, why, and when such decisions have been taken – and how their implications have been assessed and provided for – stores up regulatory risk. Such problems can easily arise for smaller firms and, in particular, those where the roles of CEO and MLRO double-up. Where a single person is effectively taking decisions with financial crime implications, the importance of documenting every such instance can all too easily be missed.

The many different types of businesses affected by financial crime legislation and regulation have widely different risk appetites and different needs. Each must strike its own appropriate and proportionate balance between controlling financial crime risk and operating profitably in its chosen market.

If you’d like to know more about how money laundering regulations affect your business, please feel free to contact one of our expert financial crime specialists on 0207 436 0630 or email us at

Anti-bribery and corruption

A prosecution under anti-bribery and corruption (ABC) or anti-facilitation of tax evasion (AFTE) legislation can have very serious consequences for any business. Should this ever happen to you, it will be essential that you are able to document having taken all reasonable and proportionate steps to prevent it.

With the introduction of the Bribery Act 2010, the MoJ outlined six principles for firms to consider when putting procedures in place to prevent bribery. The first of these is that firms should adopt measures that are proportionate to the bribery risks they face and the nature, scale and complexity of their activities.

With criminals becoming ever more creative and inventive, it is almost impossible for any firm – however well resourced – to maintain a failsafe guard against the risk of bribery or corruption. But if you can’t show that you’ve done everything proportionately feasible to achieve this, your defence against any prosecution will be seriously compromised.

Key areas where firms let themselves down on ABC/AFTE include:


Having a generic ABC/AFTE policy in place is simply not sufficient. It is vital you can show that your controls are proportionate to the nature, scale, and complexity of your firm’s activities and a realistic assessment of the ABC/AFTE it faces. All too often, in our experience, this is not the case.

Risk assessment

Failure to carry out and update a thorough risk assessment of your firm’s exposure to bribery, corruption or the facilitation of terrorist financing seriously undermines your ability to defend yourself against any future charges. Yet many firms have either not carried out a proper risk assessment or have not revisited it for several years.

Due diligence

A weakness that often emerges in firms’ approach to ABC/AFTE is inadequate due diligence carried out at the start of commercial relationships. You need to be able to demonstrate having taken all reasonable steps to preclude ABC/AFTE risk from the outset. Despite this, we are still seeing, for example, outsourcing relationships initiated with seriously insufficient due diligence.

To find out more about ABC/AFTE, please contact us on 0207 436 0630 or email us at


A key issue that arises again and again in relation to anti-fraud measures is that firms do not properly understand the distinction between preventative and detective controls and consequently adopt an unbalanced approach.

In our digital age, fraud takes a bewildering and ever-expanding variety of forms: identify fraud, data fraud, card fraud, payment fraud, cyber fraud in all its many guises. And too few firms are doing enough to detect it. Too often, we find firms are worryingly light on detective controls.

A firm may have a range of preventative controls in place, including risk assessment, tailored policies and training materials. But they often lack detective controls like detection software, internal access controls, and other measures that can flag up an attempted fraud before serious damage is done.

If you would like to find out more about implementing appropriate anti-fraud measures, please contact us on 0207 436 0630 or email us at

Our extensive experience of carrying out financial crime audits, delivering financial crime training, and helping firms create and implement financial crime frameworks, has made us acutely aware that every firm is different. There is no one-size-fits-all solution to the challenge of financial crime compliance.

In the sections above, we highlight some of the key areas in which we see firms encountering the greatest challenges to getting this balance right. We’ve found these are the areas where firms need the most help with interpreting what the regulations require and responding appropriately.

Popular Services