Cedar-IBSi FinTech Labs
Analyst Briefings
Get in touch
Back
Data deficiencies were a contributing factor in 68% of UK Financial Conduct Authority (FCA) enforcement cases for anti-money laundering (AML) breaches between 2020 and 2025, according to a new report by company registry data provider Kyckr.
The report, titled The Data Blind Spot: Uncovering a Major Cause of UK AML Fines, analyses 22 FCA Final Notices issued over the five years, covering more than £430 million in financial penalties. The findings suggest that weaknesses in how firms source, verify and maintain corporate and customer information have played a significant role in regulatory failings.
Kyckr’s analysis identifies outdated and missing information as the most common data-related issue, contributing to 45% of the cases reviewed. In several instances, firms relied on outdated politically exposed persons (PEP) and investor lists or failed to gather sufficient contextual information about customers to assess the legitimacy of transactions. The inability to identify ultimate beneficial owners (UBOs) was linked to 32% of fines, reflecting shortcomings in mapping ownership structures and understanding who ultimately controls corporate entities.
Weak verification of the source of wealth and source of funds also contributed to 32% of enforcement actions. Without a clear view of a customer’s financial capacity, firms were found to have struggled to determine whether transaction activity was consistent with known business profiles. In 18% of cases, discrepancies between customer declarations and public records went undetected, pointing to gaps in cross-checking processes.
The report argues that the FCA’s enforcement stance has shifted from assessing whether firms have adequate AML policies on paper to examining whether those controls function effectively in practice. Regulators are increasingly focused on whether institutions can obtain, verify, and continuously update accurate information, rather than relying on static documentation or fragmented internal systems.
Steve Lamb, CEO at Kyckr, said, “If poor data quality is a major contributor to AML fines, the solution isn’t more staff or bigger frameworks: it’s direct and ongoing access to authoritative company data,” he said. He added that financial institutions must be able to demonstrate that customer information is accurate and verified in real time.
The findings arrive as financial institutions, including digital banks and FinTechs, scale cross-border operations and adopt automated onboarding processes. In such environments, the integrity and timeliness of underlying registry data becomes central to effective risk assessment. With more than £430 million in fines issued across the cases analysed, the report underscores the financial and operational impact of data governance failures and highlights the growing intersection between compliance, regtech infrastructure and supervisory expectations.
