Analysis of major FCA enforcement actions in 2025, including £124 million in fines, common compliance failures, and key lessons for firms.
Introduction: A Year of Significant Enforcement
The Financial Conduct Authority's enforcement activity in 2025 demonstrated the regulator's continued commitment to holding firms and individuals accountable for compliance failures. With total fines reaching £123.9 million (excluding court fines), the FCA sent a clear message about the consequences of inadequate systems and controls, particularly in the area of financial crime prevention.
For compliance professionals, the 2025 enforcement landscape provides invaluable insights into regulatory expectations. This article examines the major enforcement actions, identifies common themes, and distils practical lessons that compliance teams can apply to strengthen their firm's regulatory posture heading into 2026.
2025 Enforcement Statistics at a Glance
Total fines issued: £123,911,524 (excluding court fines)
Largest single fine: Nationwide Building Society - £44.1 million
Key themes:
- Financial crime controls dominated enforcement (70%+ of total fines)
- Increased focus on individual accountability
- Market abuse and manipulation cases targeting investment banking
- Transaction reporting failures across multiple firms
Notable trend: The FCA's case closure rate increased significantly, with open investigations dropping from 188 to 130 as the regulator delivered on its strategic goal of conducting fewer investigations but resolving them faster.
Major Fines Summary
| Firm/Individual | Fine Amount | Date | Primary Issue | |-----------------|-------------|------|---------------| | Nationwide Building Society | £44.1m | Dec 2025 | Financial crime controls | | Barclays Bank plc | £39.3m | Jul 2025 | AML failures | | Monzo Bank | £21.1m | Jul 2025 | Financial crime controls | | London Metal Exchange | £9.2m | Mar 2025 | MiFID conduct violations | | Barclays Bank UK plc | £3.1m | Jul 2025 | Client money due diligence | | Mako Financial Markets | £1.7m | Feb 2025 | Financial crime controls | | James Staley (individual) | £1.1m | Jul 2025 | Integrity breaches | | Jean-Noel Alba (individual) | £1.05m | Jul 2025 | False statements to FCA | | Sigma Broking | £1.1m | Jul 2025 | Transaction reporting |
Major Enforcement Actions of 2025
Nationwide Building Society - £44.1 Million (December 2025)
The largest fine of 2025 was imposed on Nationwide Building Society for breaches of Principle 3 and associated SYSC rules regarding financial crime controls. The FCA found that Nationwide maintained inadequate systems for customer due diligence and risk assessments between October 2016 and July 2021, affecting all personal current account customers.
This case exemplifies the FCA's expectation that firms must have robust, risk-based financial crime controls that are regularly reviewed and updated. Nationwide's systems failed to keep pace with the scale and complexity of its customer base.
Key lesson: Financial crime controls must evolve with the business. Systems appropriate for a smaller operation may become inadequate as customer numbers grow.
Barclays Bank - £42.4 Million Combined (July 2025)
Barclays faced two separate enforcement actions totalling £42.4 million:
Barclays Bank plc - £39.3 million: The FCA found that Barclays failed to adequately manage money laundering risks associated with Stunt & Co between 2015 and 2021. The firm received £46.8 million from Fowler Oldfield, which was subsequently identified as part of a multimillion-pound money laundering operation.
Barclays Bank UK plc - £3.1 million: A separate action addressed failures to conduct sufficient due diligence before opening a client money account for WealthTek, which later collapsed causing customer harm.
Key lesson: Correspondent banking and client money account opening procedures require rigorous due diligence. The source of funds must be thoroughly investigated, particularly for high-value relationships.
Monzo Bank - £21.1 Million (July 2025)
The digital challenger bank was fined for conduct failures under Principle 3, relating to financial crime control weaknesses between 2018 and 2020. This case is particularly significant as it demonstrates the FCA's willingness to take action against newer fintech firms, not just traditional institutions.
Key lesson: Rapid growth does not excuse inadequate compliance infrastructure. Firms must ensure their systems and controls scale appropriately with business expansion.
London Metal Exchange - £9.2 Million (March 2025)
The LME was fined for wholesale conduct violations under MiFID RTS 7, marking a significant enforcement action in the wholesale markets space. This case highlighted the FCA's continued focus on market infrastructure providers and their obligations to maintain orderly markets.
Key lesson: Recognised Investment Exchanges face the same expectations for robust systems and controls as other regulated firms.
Individual Accountability: Senior Managers in the Spotlight
A striking feature of 2025 enforcement was the increased focus on individual accountability, with several high-profile cases resulting in prohibitions and substantial personal fines.
James Edward Staley - £1.1 Million + Prohibition (July 2025)
The former Barclays CEO was fined over £1.1 million and prohibited from holding senior management functions. The FCA found integrity breaches and regulatory non-cooperation during its investigation into his relationship with Jeffrey Epstein. This case reinforces that senior managers face personal consequences for misleading the regulator.
Jean-Noel Alba - £1.05 Million + Prohibition (July 2025)
The former H2O deputy CEO was fined and prohibited for providing false and misleading statements to the FCA during an investigation. This case demonstrates the severe consequences of failing to cooperate honestly with regulatory enquiries.
Market Abuse Cases - Multiple Individuals (August 2025)
Three individuals at Mizuho were fined for market manipulation through spoofing:
- Diego Urra: £223,400
- Jorge Lopez Gonzalez: £100,000
- Poojan Sheth: £57,600
These cases show the FCA's continued vigilance in detecting and punishing market abuse, even relatively small-scale manipulation.
Pension Transfer Advice Failures (May 2025)
Two individuals were fined and prohibited for inappropriate pension transfer advice:
- Toni Fox: £567,584
- David Brian Price: £465,415
These cases highlight the FCA's ongoing scrutiny of the pensions sector, particularly advice around defined benefit transfers.
Common Compliance Failures Identified
Across the breadth of 2025's enforcement actions, several recurring themes emerged.
Inadequate Financial Crime Controls
The dominant theme of 2025 enforcement was weak financial crime frameworks. Specific failings included:
- Customer due diligence gaps: Failure to identify ultimate beneficial owners and understand the purpose of business relationships
- Transaction monitoring weaknesses: Systems that were not calibrated to detect suspicious patterns or that generated excessive false positives, leading to alert fatigue
- Risk assessment failures: Inadequate categorisation of customer risk, leading to high-risk relationships receiving insufficient scrutiny
- Resource constraints: Compliance teams that were under-resourced relative to the firm's risk profile and transaction volumes
Transaction Reporting Failures
Multiple firms faced enforcement for transaction reporting deficiencies under MiFIR:
- Sigma Broking Limited (£1.1 million): Transaction reporting failures under PRIN 3 and MiFIR
- Infinox Capital Limited (£99,200): Transaction reporting failures under MiFIR
These cases emphasise the importance of accurate, complete, and timely regulatory reporting.
Governance and Oversight Deficiencies
Several cases highlighted inadequate senior management oversight:
- Boards lacking sufficient understanding of financial crime risks
- Inadequate management information reaching senior leadership
- Failure to act on known control weaknesses
- Insufficient challenge from second and third lines of defence
Individual Integrity Failures
The prohibitions issued in 2025 shared common elements:
- Misleading statements to the regulator
- Failure to disclose material information
- Non-cooperation with investigations
- Breach of the fundamental duty of honesty
Lessons for Compliance Teams
The enforcement landscape of 2025 offers several clear lessons for compliance professionals.
1. Financial Crime Controls Require Continuous Investment
The Nationwide, Barclays, and Monzo cases demonstrate that financial crime controls must be:
- Proportionate to the firm's size and risk profile
- Regularly reviewed and updated
- Adequately resourced
- Subject to independent testing and assurance
Compliance teams should benchmark their financial crime frameworks against regulatory expectations and peer practice, addressing gaps before they attract supervisory attention.
2. Individual Accountability is Real
The personal fines and prohibitions issued in 2025 should focus senior managers' attention on their personal regulatory obligations. Actions to take include:
- Ensure Statements of Responsibilities accurately reflect actual accountability
- Maintain clear audit trails of oversight activities
- Cooperate fully and honestly with regulatory enquiries
- Challenge information received from the business and do not simply accept assurances
3. Transaction Reporting Requires Ongoing Attention
The Sigma Broking and Infinox cases highlight that transaction reporting failures will attract enforcement action. Firms should:
- Conduct regular reconciliations and completeness checks
- Monitor for reporting errors and systemic issues
- Maintain appropriate oversight of delegated reporting arrangements
- Respond promptly to regulatory feedback on reporting quality
4. Culture and Tone from the Top Matter
The integrity failures that led to prohibitions underscore the importance of ethical culture. Firms should:
- Ensure senior leaders model expected behaviours
- Create an environment where concerns can be raised safely
- Take swift action when misconduct is identified
- Reinforce that regulatory cooperation is non-negotiable
Looking Ahead: Enforcement Priorities for 2026
Based on 2025 enforcement patterns and FCA communications, firms should anticipate continued focus on:
Financial Crime
With over 70% of 2025 fines relating to financial crime failures, this area will remain a priority. The FCA has signalled particular interest in:
- APP fraud controls and the new mandatory reimbursement regime
- Sanctions compliance in light of ongoing geopolitical developments
- Cryptocurrency and digital asset-related financial crime
Consumer Duty Outcomes
Now embedded across the industry, the FCA will expect to see evidence of improved customer outcomes. Firms that cannot demonstrate Consumer Duty is driving real change face enforcement risk.
Operational Resilience
With the March 2025 deadline passed, the FCA will supervise against operational resilience requirements. Firms whose resilience arrangements prove inadequate during stress events can expect regulatory consequences.
Market Integrity
The investment banking market abuse cases signal continued vigilance around trading conduct. Surveillance systems must be capable of detecting manipulation, and firms must act on identified concerns.
How MEMA Can Help
Navigating the complex regulatory environment requires expertise, experience, and a proactive approach. At MEMA Consultants, we work with firms across the financial services sector to strengthen compliance frameworks and reduce regulatory risk.
Our services include:
- Regulatory Health Checks: Comprehensive assessments of your compliance arrangements against FCA expectations and enforcement trends
- Financial Crime Framework Reviews: Assessment and enhancement of AML, sanctions, and fraud controls
- SM&CR Advisory: Support for senior managers in understanding and discharging their regulatory responsibilities
- Transaction Reporting Assurance: Review of reporting completeness and accuracy
- Enforcement Preparedness: Development of procedures for responding to regulatory enquiries and investigations
The £124 million in fines issued during 2025 underscores the importance of maintaining robust compliance arrangements. By learning from others' experiences and taking proactive steps to address potential vulnerabilities, firms can protect themselves, their customers, and their reputation.
Ready to strengthen your compliance framework? Contact our team to discuss how MEMA Consultants can support your regulatory objectives.
This article is intended for general information purposes only and does not constitute legal or regulatory advice. Firms should seek professional guidance tailored to their specific circumstances.
MEMA Regulatory Team
The MEMA Regulatory Team includes ex-FCA supervisors and Big 4 consultants with deep expertise across all aspects of UK financial services regulation and compliance.
Need regulatory support?
Our team can help with FCA authorisation, compliance outsourcing, and regulatory change implementation.
Book a consultation
