This episode examines the rapidly evolving fight against financial crime, with a particular focus on the wholesale brokerage sector and the critical role of Suspicious Activity Reports (SARs). Drawing on insights from the Financial Conduct Authority (FCA), we explore key vulnerabilities in capital markets and why firms must combine effective transaction monitoring with strong customer risk assessments.

We also look at recent regulatory updates and industry developments showing how artificial intelligence and large language models are transforming SAR reporting—improving both detection accuracy and the quality of investigative narratives. Supporting data from the National Crime Agency and the ICAEW highlights a sharp increase in SAR submissions, while also revealing persistent under-reporting in sectors such as accountancy.

The episode concludes by emphasizing collaboration between regulators, law enforcement, and private firms. As financial crime techniques grow more sophisticated, the industry must adopt innovative technologies, strengthen governance frameworks, and invest in staff training to protect market integrity and combat money laundering effectively.

This episode explores the growing overlap between corporate IT security, cryptocurrency compliance, and international sanctions enforcement. We begin with the challenges system administrators face when employees use VPNs to bypass workplace controls, exposing organizations to hidden legal, security, and operational risks—while raising difficult questions about privacy and oversight.

The discussion then shifts to real-world enforcement actions by the U.S. Office of Foreign Assets Control (OFAC), examining high-profile cases involving fintech and crypto platforms such as Kraken and Exodus Movement. These companies faced multimillion-dollar penalties after failing to properly block users in sanctioned regions, including Iran, through effective geolocation controls.

We also analyze emerging data showing a sharp increase in government monitoring of digital wallets and the use of blockchain analytics to trace transactions and freeze illicit assets. The episode concludes with a clear takeaway: both IT professionals and financial institutions must maintain strong controls and proactive monitoring to navigate the legal, regulatory, and security risks tied to unauthorized network access and digital currency use.

This episode breaks down the Digital Operational Resilience Act (DORA), the EU’s landmark regulation aimed at strengthening the financial sector against ICT and cyber-related disruptions. We explore DORA’s five core pillars, including ICT risk management, incident reporting, resilience testing, and oversight of third-party technology providers.

The discussion also compares DORA with other major EU frameworks such as GDPR and the EU AI Act, showing how organizations can align overlapping requirements into a single, cohesive compliance strategy. Insights from technology providers like Qualys, Copla, and Red Hat illustrate how automation tools can support asset discovery, vulnerability management, and third-party risk monitoring at scale.

As the January 2025 compliance deadline approaches, this episode highlights a key shift facing financial institutions: moving away from flexible guidance toward strict, rule-based operational standards. Essential listening for compliance leaders, risk professionals, and technology teams preparing for DORA implementation.

In this Compliance Officers Playbook episode, we explore the role and responsibilities of the European Union’s Anti-Money Laundering Authority (AMLA) and how it is reshaping financial crime supervision across member states. AMLA’s core mission is to create legal and regulatory consistency throughout the EU by developing binding technical standards, practical guidelines, and supervisory recommendations.

We discuss how these tools clarify compliance expectations, strengthen cooperation between national supervisors, and improve the overall effectiveness of anti-money laundering and counter-terrorism financing controls. The episode also highlights how AMLA balances innovation with continuity by incorporating established regulatory frameworks originally developed by the European Banking Authority.

By bringing supervision under a more rigorous and harmonised structure, AMLA aims to reduce systemic vulnerabilities and better protect the EU financial system from money laundering and terrorist financing risks. This episode provides essential context for compliance professionals, policymakers, and financial institutions preparing for the next phase of EU AML oversight.

In this episode, we break down the Financial Conduct Authority’s Final Notice against Nationwide Building Society, which resulted in a £44.1 million fine for serious anti-money laundering (AML) failures. Covering the period from October 2016 to July 2021, the FCA found that Nationwide breached regulatory Principle 3 by failing to adequately organise and control its affairs.

We explore the key weaknesses identified by the regulator, including poor customer risk assessments, widespread failures to refresh customer due diligence, and an ineffective transaction monitoring system. The episode also examines how these shortcomings created significant financial crime risks—most notably in cases where customers used personal accounts for business activity without proper oversight.

One particularly stark example involved the laundering of millions of pounds in fraudulently claimed Coronavirus Job Retention Scheme (JRS) funds, highlighting how systemic control failures can be exploited at scale. We also discuss how Nationwide’s early settlement led to a reduced penalty, bringing the fine down from more than £62 million.

Whether you work in financial services, compliance, or risk management—or simply want to understand how AML failures happen and why regulators are taking a tougher stance—this episode offers clear insights into one of the UK’s most significant recent enforcement actions.

In this episode, we break down the Financial Conduct Authority’s (FCA) latest move to simplify and strengthen the way complaints are reported across the UK financial services sector. The FCA—responsible for regulating firms, overseeing markets, and protecting consumers—is rolling out a major change: replacing five separate complaints returns with one streamlined, consolidated report.

We explore why the FCA is making this shift, how it aims to improve data quality and comparability, and what it means for firms’ compliance processes. A key highlight of the new framework is a dedicated requirement for reporting complaints involving vulnerable customers—a step designed to help the FCA better monitor risks and enhance protection for individuals who may need additional support.

Tune in for a clear, accessible breakdown of how this initiative supports the FCA’s broader ambition to become a smarter, more effective regulator—reducing unnecessary burdens on firms while reinforcing its consumer-protection mission.

In this Compliance Officers Playbook podcast episode, we break down the core purpose of internal auditing—from its foundation in independence and objectivity to the two key services it provides: assurance and consulting. We highlight how assurance offers an unbiased assessment of risks and controls, while consulting supports improvement without taking on management roles. At a high level, we show how internal audit helps organisations achieve their goals by strengthening governance, risk management, and internal controls through a disciplined, structured approach.

In this Compliance Officers Playbook podcast episode, we break down the essential difference between risk appetite—the level of risk a board is willing to take—and acceptable risk, the amount an organisation can tolerate without adding new controls. We highlight why zero risk is never realistic, how risk appetite guides what becomes acceptable, and why higher-impact risks are escalated to senior leadership. A quick, clear primer for anyone looking to strengthen their risk management understanding.

In this Compliance Officers Playbook podcast episode, we dive into the complicated world of cryptocurrency mixing services—tools like CoinMixing and CoinJoins that promise enhanced privacy by obscuring blockchain transaction trails. While these services offer legitimate anonymity benefits, they’re also frequently exploited for money laundering, sanctions evasion, and other illicit finance activities.

We unpack how global regulators and law enforcement agencies are responding. From the FATF’s call for stronger international action to FinCEN’s proposal to designate CVC mixing as a primary money laundering concern under the USA PATRIOT Act, the pressure is mounting. Recent enforcement actions underscore this shift: authorities have dismantled major hybrid mixers such as Cryptomixer, which processed more than €1.3 billion in illicit Bitcoin, and secured guilty pleas from the founders of privacy-focused apps like Samourai Wallet for running an unlicensed money transmitting business.

The episode also explores the current legal grey zone surrounding privacy-enhancing crypto tools—and the tension between protecting financial privacy and combating criminal abuse. Ultimately, the story reveals a striking irony: the blockchain, once viewed as a haven for anonymous crime, is becoming one of the most powerful investigative tools in modern financial crime-fighting. Tune in to understand how technology, regulation, and privacy intersect in this rapidly evolving space.

In this Compliance Officers Playbook podcast episode, we unpack a gripping cross-border investigation from OCCRP and KRIK that reveals how Balkan organised crime networks allegedly used banana shipments from Noboa Trading Co.—the family business of Ecuadorian President Daniel Noboa—to smuggle massive quantities of cocaine into Europe.

Drawing on confidential Croatian prosecution files and decrypted Sky ECC messages, the exposé shows traffickers bragging about their privileged access to the company’s export routes. Journalists matched these chats to three verified Noboa Trading shipments that collectively hid 535 kilograms of cocaine, representing millions in street value. Through meticulous cross-referencing, investigators identified key players, including Nikola Đorđević, who handled container loading in Ecuador, all under the direction of convicted drug lord Darko Šarić.

We explore the political and operational fallout: how these revelations clash with President Noboa’s strong public stance against “narco-terrorists,” his insistence that his family business was unaware of the scheme, and what the findings expose about systemic security failures at Ecuador’s principal port. Tune in for a deep dive into how global supply chains, political influence, and organised crime intersect in this extraordinary case.

Freemium Episode: In this Compliance Officers Playbook podcast episode, we take a critical look at one of the most widely used—but deeply flawed—tools in corporate governance: the risk heat map. While these colorful grids may offer visual comfort, the source argues they create a dangerous illusion of control. Behind the neat presentation lie subjective scores, oversimplified assumptions, and an inability to capture real-world complexity—such as volatility, tail events, and interconnected risks.

We explore how internal politics, optimism bias, and the desire for clean reporting often amplify these weaknesses, masking serious financial exposure. You’ll hear why, if heat maps appear in board packs or audit reports, they should serve only as conversation starters, not as the foundation for risk measurement or decision-making.

The episode also highlights practical steps organizations can take: being transparent about scoring limitations and pairing any visual map with concrete financial impact ranges. Ultimately, we underscore the core message of the critique—relying on colored squares to define a risk profile isn’t risk management at all. It’s the absence of it.

In this episode, we break down the European Union’s sweeping overhaul of its anti–money laundering and counter-terrorist financing framework under Directive (EU) 2024/1640 (AMLD6). The new rules usher in a much more unified and transparent system for tracking beneficial ownership and cross-border financial structures across the EU.

We explore how AMLD6 standardises and interconnects national beneficial ownership registers—tightening registration rules, improving data quality, and ensuring seamless information flow between member states. At the center of this transformation is the newly established Authority for Anti-Money Laundering (AMLA), which will coordinate national Financial Intelligence Units (FIUs) and provide shared infrastructure for advanced analytics.

You’ll learn how FIUs will gain direct, unfiltered access to ownership registers, enabling faster, more accurate AML/CFT investigations and stronger enforcement across borders. With significant operational changes expected by 2026, this episode breaks down what compliance teams, financial institutions, and investigators need to know about the EU’s shift toward centralised data, powerful analytical tools, and an integrated enforcement ecosystem.

In this episode, we unpack the Serious Fraud Office’s newly detailed guidance on how corporate compliance programmes are evaluated across England, Northern Ireland, and Wales. The SFO relies on this framework in six key scenarios—from deciding whether to prosecute a company to determining whether a Deferred Prosecution Agreement (DPA) is appropriate.

We break down what the guidance means for organisations facing allegations of bribery or fraud, including how the SFO assesses statutory defences like “adequate procedures” for bribery and “reasonable procedures” for failure to prevent fraud. The conversation explores why the SFO places heavy emphasis on the effectiveness and proactive nature of compliance systems—both at the time of the offence and during charging decisions.

You’ll also learn why the SFO warns companies against treating compliance as a superficial “paper exercise.” Instead, programmes must be risk-based, proportionate, and continuously reviewed, regardless of a company’s size or sector. Tune in to understand how these standards are reshaping corporate accountability in the UK.

The European Commission announced in December 2025 that it has officially designated Russia as a high-risk jurisdiction due to serious strategic weaknesses identified within its anti-money laundering and counter-terrorist financing frameworks (AML/CFT). This action was taken pursuant to Delegated Regulation (EU) 2025/1393, which committed the Commission to reviewing nations whose membership in the Financial Action Task Force (FATF) had been suspended. Following a detailed technical assessment, the Commission concluded that Russia satisfied the established criteria to be labelled a high-risk third country under the 4th Anti-money Laundering Directive. Consequently, all EU financial entities covered by the AML framework are now required to apply enhanced vigilance when processing transactions involving Russia to preserve the integrity of the EU financial system. The delegated regulation is scheduled to take effect following a period of scrutiny and non-objection from both the European Parliament and the Council.

In this episode, we break down the United Kingdom’s groundbreaking Property (Digital Assets etc) Act, a new law that officially recognizes cryptocurrencies and NFTs as their own distinct class of property. This legislative shift modernizes centuries-old property definitions, carving out a third category beyond physical goods and traditional financial claims.

We explore why this matters for investors, creators, and everyday users. Crypto industry groups are already celebrating the act for strengthening consumer protection, clarifying digital ownership, and enabling legal recovery of stolen or fraudulently obtained assets. While UK courts had previously treated digital assets as property on a case-by-case basis, this statute cements that status once and for all—bringing long-awaited certainty to the digital economy.

Tune in to understand how this law could reshape crypto regulation, digital ownership, and the future of Web3.

In this episode, we unpack the major enforcement action taken against Morgan Stanley after Dutch authorities uncovered its role in coordinated tax evasion schemes. Following extensive audits and criminal investigations, regulators issued a €101 million fine—the maximum possible—after determining that the firm used complex trading and derivative strategies to exploit dividend withholding tax rules.

We break down how a Dutch subsidiary was positioned as the apparent dividend recipient while the real economic benefits were funneled to foreign institutions that weren’t eligible for Dutch tax credits. The case reveals the intricate architecture behind these cross-border dividend schemes and highlights why prosecutors viewed the conduct as a deliberate misuse of the tax system.

Finally, we examine the broader implications for international dividend trading models and what this landmark sanction means for financial institutions operating across jurisdictions. Tune in for a clear, in-depth look at a case reshaping global tax-compliance expectations.

In this episode, we explore the ideas behind “Compliance: Quiet Failure, Safe Guardrails,” a compelling look at how organisational breakdowns rarely result from one dramatic event. Instead, they stem from small, repeated oversights—missed documentation, ignored red flags, and routine shortcuts—that quietly stack up until they explode into full-blown regulatory failures or reputational crises.

We discuss why strong compliance isn’t built on emergency responses but on consistent daily behaviours: clear processes, leadership that prioritises risk mitigation, and a culture that understands compliance as a strategic safety mechanism. Rather than a brake on growth, the text argues, compliance is an essential guardrail that enables companies to scale safely and sustainably.

Tune in to learn why the quietest failures are often the most dangerous—and how organisations can prevent them.

In this episode, we break down the landmark €21.5 million fine issued to Coinbase Europe Ltd by the Central Bank of Ireland—a ruling widely seen as a preview of what’s to come under the EU’s new Anti-Money Laundering Authority (AMLA).

We explore how systematic coding errors left Coinbase’s transaction-monitoring system ineffective for nearly four years, allowing more than 30 million transactions to go improperly screened. Regulators made it clear: technical failures aren’t treated as mere glitches—they’re serious compliance breaches, even if companies later conduct back-reviews to catch missed red flags.

The message to the crypto industry is unmistakable. Virtual Asset Service Providers must now operate with the same real-time governance and bank-grade controls expected of traditional financial institutions. As AMLA prepares to centralise and tighten anti-money laundering enforcement across the EU, this case sets a powerful new benchmark. Tune in to understand how this ruling could redefine compliance expectations for crypto players across Europe.

In this episode, we unpack the increasingly complex landscape of the EU’s digital regulatory regime—one that continues to evolve around the foundations set by the General Data Protection Regulation (GDPR). Drawing on recent analyses, we explore how regulators are sharpening their enforcement approach, applying strict criteria that can lead to fines of up to four percent of a company’s global turnover.

We look at real-world trends, including record penalties from Spain’s data protection authority, which signal a shift toward targeting systemic weaknesses in data security, governance, and risk management. From there, we examine how the EU’s new AI Act is creating fresh tension within the regulatory ecosystem—particularly where obligations for risk assessments, oversight bodies, and documentation overlap with long-standing GDPR requirements.

Finally, we break down the practical guidance organizations must follow for international data transfers, including the need for robust safeguards and thorough transfer risk assessments to stay compliant. If you want a clear picture of where EU digital regulation is heading—and what it means for businesses navigating it—this episode offers a concise, informed briefing.

In this episode, we dive into Wise’s major move into the African market, starting with its newly launched operations in South Africa. After securing conditional approval from the South African Reserve Bank to operate as a regulated foreign-exchange dealer, the London-based fintech is taking a significant step toward transforming one of the world’s most important remittance corridors.

We break down how Wise plans to deliver low-cost, real-time international payments to personal customers in its initial rollout—advancing the G20’s goal of faster, cheaper global transfers by 2027. You’ll also hear why Wise executives are calling this a milestone in reducing FX costs, and how UK Prime Minister Keir Starmer has publicly welcomed the move as a boost to UK–South Africa ties.

If you want to understand what this expansion means for cross-border finance in Africa and the future of global remittances, this episode has you covered.