Complete Guide to Money Laundering Through the Markets (MLTM)

Executive Summary

The Financial Conduct Authority’s January 2025 thematic review on Money Laundering Through the Markets (MLTM) represents a watershed moment for capital markets compliance. Following their seminal 2019 review (TR19/4), this comprehensive assessment reveals both progress and persistent vulnerabilities in how wholesale brokers and market participants combat sophisticated money laundering schemes.

As someone who has supervised hundreds of firms and witnessed the evolution of financial crime typologies, I can confirm that this review should be mandatory reading for every MLRO, compliance officer, and senior manager operating in UK capital markets. The findings are stark: while some firms have made commendable progress, significant gaps remain in business-wide risk assessments, transaction monitoring systems, and suspicious activity reporting.

Key Statistics from the Review:

  • 280 wholesale broker firms regulated in the UK with combined revenues exceeding £24 billion
  • 75% of wholesale brokers reported no SARs to the NCA over five years
  • MLTM SARs increased 1,582% year-on-year, yet usage remains inconsistent
  • Sample firms represented 8% of yearly notional value and 21% of market share

Understanding Money Laundering Through the Markets: Definitions and Scope

What is MLTM?

Money Laundering Through the Markets (MLTM) represents the sophisticated use of capital markets infrastructure to disguise the origins of criminally generated funds, making them appear as legitimate trading profits. Unlike traditional money laundering schemes that rely on cash-intensive businesses or simple bank transfers, MLTM exploits the complexity, speed, and global nature of capital markets transactions.

Core Characteristics of MLTM:

  • Complexity: Multi-layered transaction chains across jurisdictions
  • Speed: High-frequency trading that complicates audit trails
  • Volume: Massive transaction values that dilute suspicious activity
  • Legitimacy Facade: Use of regulated entities and established market infrastructure
  • Cross-Border Nature: Exploitation of jurisdictional gaps and information asymmetries

The Regulatory Framework

The FCA’s approach to MLTM supervision sits within a comprehensive regulatory framework:

Primary Legislation:

Key Regulatory Requirements:

  • Regulation 18 & 18A MLRs: Business-wide risk assessments
  • Regulation 28 MLRs: Customer risk assessments and ongoing monitoring
  • Regulation 35 MLRs: Enhanced due diligence for PEPs
  • Regulation 39 MLRs: Reliance on third parties

Wholesale Brokers: The Critical Control Point

Market Structure and Vulnerabilities

Wholesale brokers occupy a unique position in capital markets infrastructure, serving as intermediaries between institutional clients and trading venues. Their role creates both opportunities for effective controls and vulnerabilities for exploitation.

Broker Categories by Revenue (2023 data):

  • >£1 billion: 6% of firms (major interdealer brokers)
  • £100m-£1bn: 8% of firms (mid-tier specialists)
  • £10m-£100m: 27% of firms (regional and niche players)
  • £1m-£10m: 28% of firms (smaller intermediaries)
  • <£1 million: 31% of firms (boutique operations)

Geographic Risk Distribution

The FCA’s analysis reveals significant international exposure across the wholesale broker sector:

Top Client Jurisdictions (excluding UK):

  1. France: Highest volume across all revenue tiers
  2. Germany: Significant presence in larger firms
  3. USA: Concentrated in high-revenue brokers
  4. UAE: Notable presence in £100m+ tier
  5. Singapore: Growing representation

This geographic diversity creates both opportunities for legitimate business and channels for illicit fund flows, particularly through high-risk corridors identified in the UK’s National Risk Assessment.

MLTM Typologies: A Comprehensive Analysis

Primary Typology Categories

Based on the FCA’s case studies and industry intelligence, MLTM typologies can be categorized into several distinct patterns:

1. Wash Trading and Circular Transactions

Description: Simultaneous or near-simultaneous buy and sell orders for identical instruments, often involving the same beneficial owner across multiple accounts.

Case Study Analysis: The FCA documented instances where counterparties included:

  • Individual and legal entity with shared beneficial ownership
  • Institutional and retail clients with trading authorization overlap
  • Spouses or family members
  • Individual accounts and joint accounts under single control

Red Flags:

  • Identical transaction volumes on consecutive days
  • Price execution outside normal market conditions
  • Minimal economic rationale for position transfers
  • Complex beneficial ownership structures

2. Pre-Arranged Trading

Mechanism: Execution of trades at predetermined prices that deviate from fair market value, effectively transferring value between parties.

Operational Indicators:

  • Account funding just sufficient for margin requirements
  • First trade executed immediately after account opening
  • Transaction prices inconsistent with market conditions
  • Device fingerprinting showing multiple accounts from same source

3. Free of Payment (FoP) Transfers

Structure: Movement of securities between custody accounts without corresponding payment, designed to create legitimacy for underlying assets.

Sophistication Levels:

  • Basic: Direct transfers between related entities
  • Advanced: Multi-hop transfers through legitimate intermediaries
  • Complex: Integration with coupon payment streams to justify large cash flows

4. Network-Based Schemes

Organization: Coordinated activity across multiple small regulated entities with shared infrastructure or personnel.

Common Characteristics:

  • Turnover disproportionate to trading activity
  • Minimal web presence or corporate substance
  • Shared addresses, auditors, or employees
  • Reluctance to provide comprehensive source of wealth documentation

Emerging Typologies

Sanctions Circumvention

The FCA highlighted increasing use of capital markets to circumvent international sanctions, particularly following geopolitical developments:

Methodologies:

  • Third-party payment structures obscuring beneficial ownership
  • Corporate action manipulation (consent fees, dividend payments)
  • Use of newly incorporated entities in high-risk jurisdictions
  • Exploitation of timing gaps in sanctions implementation

Cryptocurrency Integration

While not extensively covered in this review, emerging intelligence suggests increasing convergence between traditional MLTM and digital asset schemes:

Convergence Points:

  • Stablecoin backing through traditional securities
  • Tokenization of traditional assets for laundering purposes
  • Cross-platform arbitrage exploiting regulatory gaps

Business-Wide Risk Assessment (BWRA): Foundation of Effective Controls

Regulatory Requirements and Best Practice

The FCA’s findings on BWRA effectiveness reveal significant variation in approach and quality across the wholesale broker sector. Regulation 18 and 18A of the MLRs require firms to assess and document financial crime risks, yet many firms demonstrate insufficient consideration of MLTM-specific vulnerabilities.

Core BWRA Components for MLTM:

  1. Inherent Risk Assessment
  2. Control Effectiveness Evaluation
  3. Residual Risk Calculation
  4. Risk Appetite Alignment
  5. Continuous Monitoring Framework

Common BWRA Deficiencies

Generic Risk Assessments: Many firms employ template-based approaches that fail to reflect their specific business model, customer base, and market focus.

Insufficient MLTM Consideration: BWRAs often lack detailed analysis of capital markets-specific typologies, focusing instead on traditional banking risks.

Weak Documentation: Critical assessment methodologies, scoring rationales, and risk mitigation strategies are poorly documented or absent entirely.

Limited Senior Management Engagement: The FCA found instances where senior management could not adequately explain their firm’s financial crime risks or how controls mitigate them.

BWRA Excellence Framework

Quantitative and Qualitative Integration: Leading firms combine numerical risk scoring with detailed qualitative analysis, creating comprehensive risk profiles that inform control design.

Dynamic Risk Factors: Effective BWRAs incorporate both static factors (business model, geographic reach) and dynamic elements (market conditions, regulatory changes, threat intelligence).

Control Effectiveness Testing: Superior firms regularly test and validate their risk assessments through independent reviews, scenario analysis, and control effectiveness testing.

Customer Risk Assessment (CRA): Precision in Risk Identification

Regulatory Framework and Expectations

Customer Risk Assessment represents the cornerstone of effective MLTM prevention, translating business-wide risk understanding into customer-specific controls. Regulation 28(12) and (13) of the MLRs mandates comprehensive customer risk assessment, yet the FCA’s review reveals significant inconsistencies in implementation.

CRA Methodology Best Practices

Multi-Factor Risk Scoring: Leading firms employ sophisticated algorithms considering:

  • Geographic Risk (30% weighting): Country of incorporation, operation, and beneficial ownership
  • Customer Type (20% weighting): Regulated vs. unregulated entities, business model complexity
  • Product/Service Risk (10% weighting): Instrument types, trading patterns, settlement mechanisms
  • Relationship Structure (5% weighting): Intermediation chains, give-up arrangements
  • Adverse Media/PEP (25% weighting): Screening results, politically exposed persons status

Geographic Risk Assessment Framework

The FCA highlighted sophisticated country risk assessment as a differentiator among leading firms:

Comprehensive Risk Factors:

  1. ML/TF Risk Indices: FATF evaluations, national risk assessments
  2. Sanctions Exposure: OFAC, EU, UN sanctions lists and risk corridors
  3. Corruption Metrics: Transparency International, World Bank governance indicators
  4. Criminal Environment: Global Initiative indices, organized crime assessments
  5. Regulatory Framework: AML/CFT regime effectiveness, international cooperation

PEP Categorization and Treatment

Domestic vs. Foreign PEP Distinction: The FCA noted limited compliance with Regulation 35(3)(A) requiring differentiated treatment of domestic and foreign PEPs.

Risk-Based PEP Controls:

  • Foreign PEPs: Automatic enhanced due diligence, senior management approval
  • Domestic PEPs: Risk-assessed approach, potentially standard due diligence
  • International Organization PEPs: Case-by-case assessment based on role and jurisdiction

Know Your Customer (KYC) and Customer Due Diligence (CDD): Operational Excellence

KYC Framework Evolution

The FCA’s assessment reveals significant maturation in KYC processes since 2019, with firms increasingly adopting risk-based, technology-enabled approaches to customer onboarding and monitoring.

Electronic Onboarding Platforms

Technology Integration Benefits:

  • Standardized data collection and validation
  • Automated risk scoring and alert generation
  • Comprehensive audit trails and documentation
  • Integration with screening and monitoring systems

Implementation Considerations:

  • Customer experience optimization
  • Regulatory compliance validation
  • Data quality and completeness controls
  • Escalation and exception handling procedures

Source of Wealth and Funds Verification

Structured Verification Framework:

  1. Employment Income: CV verification, payslip analysis, tax return validation
  2. Business Income: Company accounts, ownership documentation, revenue verification
  3. Inheritance/Gifts: Legal documentation, bank statement verification, donor verification
  4. Investment Disposals: Transaction records, valuation evidence, proceeds tracking
  5. Other Sources: Independent verification requirements, documentary evidence standards

Ongoing Monitoring and Periodic Reviews

Risk-Based Review Cycles:

  • High Risk: Annual comprehensive review
  • Medium Risk: Three-year standard review
  • Low Risk: Five-year light-touch review

Event-Driven Review Triggers:

  • Adverse media alerts
  • Sanctions/PEP screening hits
  • Transaction monitoring alerts
  • Regulatory intelligence updates
  • Customer notification of changes

Transaction Monitoring (TM): The Technical Challenge

Current State Assessment

The FCA’s review reveals that transaction monitoring represents the most significant challenge for wholesale brokers in combating MLTM. Unlike retail banking scenarios with clear customer behavior patterns, capital markets transactions often appear legitimate in isolation, requiring sophisticated analytical approaches to identify suspicious activity.

Technology Limitations and Solutions

Current System Deficiencies:

  • Generic Banking Focus: Most TM systems designed for traditional banking rather than capital markets
  • Limited MLTM Scenarios: Few systems incorporate capital markets-specific typologies
  • High False Positive Rates: Overwhelming compliance teams with irrelevant alerts
  • Insufficient Cross-Asset Capability: Limited ability to correlate activity across instrument types

Next-Generation TM Architecture:

  • Machine Learning Integration: Advanced pattern recognition for complex trading behaviors
  • Cross-Market Correlation: Ability to analyze activity across multiple venues and asset classes
  • Real-Time Processing: Immediate identification of suspicious patterns during trading hours
  • Natural Language Processing: Analysis of communications and settlement instructions

Integrated TM/TS Framework

Collaborative Model Benefits:

  • Shared Intelligence: Market abuse alerts informing ML investigations
  • Resource Optimization: Combined expertise across surveillance functions
  • Comprehensive Coverage: Holistic view of customer activity and market impact
  • Enhanced Escalation: Clear pathways for dual STOR/SAR reporting

Operational Integration Strategies:

  • Joint daily review meetings
  • Shared case management systems
  • Cross-training initiatives
  • Combined reporting and MI frameworks

Manual vs. Automated Approaches

Hybrid Model Optimization:

  • Automated Screening: High-volume, rule-based initial filtering
  • Expert Analysis: Human review of complex patterns and relationships
  • Escalation Protocols: Clear criteria for investigation and reporting
  • Continuous Refinement: Regular tuning based on outcomes and feedback

Governance and Oversight: Senior Management Accountability

Regulatory Expectations

The FCA emphasizes that effective MLTM prevention requires active senior management engagement, not merely compliance delegation. Senior Management Functions (SMF) holders must demonstrate comprehensive understanding of their firm’s financial crime risks and control effectiveness.

SMF Responsibilities and Competencies

SMF16 (Compliance Oversight):

  • Technical Expertise: Deep understanding of MLRs and MLTM typologies
  • Control Effectiveness: Ability to assess and challenge control design and operation
  • Resource Management: Ensuring adequate staffing and technology investment
  • Stakeholder Engagement: Effective communication with regulators and law enforcement

SMF17 (Money Laundering Reporting Officer):

  • Independence: Sufficient seniority and independence to challenge business decisions
  • Technical Knowledge: Comprehensive understanding of MLTM risks and controls
  • Investigation Skills: Ability to conduct thorough suspicious activity investigations
  • Regulatory Liaison: Effective communication with UKFIU and other authorities

Board and Committee Governance

Risk Committee Responsibilities:

  • Quarterly MLTM risk assessment reviews
  • Annual control effectiveness assessments
  • Resource adequacy evaluations
  • Regulatory engagement oversight

Audit Committee Focus Areas:

  • Independent control testing validation
  • Management information quality assessment
  • Regulatory compliance verification
  • External audit coordination

Suspicious Activity Reporting (SAR): Quality and Effectiveness

UKFIU MLTM Glossary Code Usage

The FCA’s analysis reveals concerning gaps in MLTM SAR reporting, with many firms demonstrating limited awareness of the UKFIU’s specialized ‘XXMLTMXX’ glossary code introduced in May 2021.

SAR Quality Framework

Essential Components of High-Quality SARs:

  1. Clear Suspicion Articulation: Specific explanation of why activity is suspicious
  2. Comprehensive Context: Full customer background and relationship history
  3. Detailed Transaction Analysis: Complete description of suspicious transactions
  4. Investigation Documentation: Evidence of thorough internal review
  5. Risk Mitigation: Actions taken to address identified risks

Statistical Analysis and Trends

MLTM SAR Growth Patterns:

  • FY 2019/20: 13 total SARs
  • FY 2020/21: 42 total SARs (223% increase)
  • FY 2021/22: 708 total SARs (1,582% increase)
  • FY 2022/23: 1,284 total SARs (81% increase)
  • FY 2023/24: 1,919 total SARs (49% increase)

DAML vs. Intelligence-Only Distribution:

  • DAML SARs: 13.49% of total submissions
  • Intelligence-Only SARs: 86.51% of total submissions

Sector-Specific Reporting Patterns

Primary Reporting Entities (FY 2023/24):

  • Banking Sector: 60%+ of MLTM SARs
  • Financial Services: 20%+ of MLTM SARs
  • Accountancy: <5% of MLTM SARs
  • Virtual Assets: <5% of MLTM SARs
  • Legal Sector: <5% of MLTM SARs

Training, Resources, and Organizational Capability

Capability Development Framework

Effective MLTM prevention requires sophisticated organizational capabilities spanning technical expertise, analytical skills, and regulatory knowledge. The FCA’s review highlights significant variation in how firms approach capability development.

Role-Specific Training Programs

Front Office Training:

  • MLTM typology recognition
  • Customer behavior analysis
  • Escalation procedures and thresholds
  • Regulatory obligations and protected disclosures

Middle Office Training:

  • Settlement anomaly identification
  • Payment instruction analysis
  • Cross-border transaction risks
  • Documentation requirements and verification

Compliance Function Training:

  • Advanced investigation techniques
  • SAR quality and submission processes
  • Regulatory liaison and communication
  • Technology tool optimization

Resource Allocation Best Practices

Staffing Considerations:

  • Customer-to-staff ratios by risk category
  • Peak workload management and surge capacity
  • Specialized expertise vs. generalist coverage
  • Technology augmentation and efficiency gains

Technology Investment Priorities:

  • Core TM system capabilities and customization
  • Data analytics and visualization tools
  • Workflow management and case tracking systems
  • Integration platforms and API development

Regulatory Enforcement and Future Outlook

Enforcement Trends and Penalties

While the FCA has not published specific enforcement statistics for MLTM violations, broader financial crime enforcement trends indicate increasing regulatory focus and penalty severity.

Recent Enforcement Themes:

  • Systems and controls failures resulting in significant fines
  • Senior management accountability and personal penalties
  • Remediation requirements and ongoing monitoring
  • Public censure and reputational impact

Future Regulatory Developments

Technology and Innovation:

  • Artificial intelligence and machine learning applications
  • Distributed ledger technology and digital assets integration
  • RegTech collaboration and standardization initiatives
  • Cross-border data sharing and analytics platforms

International Coordination:

  • Enhanced information sharing protocols
  • Standardized typology classification systems
  • Joint supervision and enforcement initiatives
  • Global regulatory technology standards

Implementation Roadmap: Practical Steps for Firms

Immediate Actions (0-6 months)

Priority 1: BWRA Enhancement

  • Conduct comprehensive MLTM risk assessment review
  • Document specific capital markets typology risks
  • Validate control effectiveness against identified risks
  • Establish clear risk appetite statements and tolerances

Priority 2: SAR Process Improvement

  • Train relevant staff on UKFIU MLTM glossary code usage
  • Review and enhance SAR quality assurance procedures
  • Establish clear escalation criteria and investigation protocols
  • Implement outcome tracking and effectiveness measurement

Priority 3: TM System Optimization

  • Review current alert configuration and effectiveness
  • Implement MLTM-specific scenarios and rules
  • Enhance integration between TM and TS functions
  • Establish clear false positive management and tuning procedures

Medium-Term Developments (6-18 months)

Technology Enhancement:

  • Evaluate and implement advanced analytics capabilities
  • Enhance data integration and correlation functionality
  • Develop comprehensive management information dashboards
  • Implement automated workflow and case management systems

Capability Building:

  • Develop specialized MLTM expertise within compliance function
  • Establish industry intelligence sharing relationships
  • Create comprehensive training and competency frameworks
  • Implement regular control effectiveness testing programs

Long-Term Strategic Initiatives (18+ months)

Innovation and Transformation:

  • Evaluate emerging RegTech solutions and AI applications
  • Develop predictive analytics and machine learning capabilities
  • Establish strategic partnerships with technology providers
  • Create industry-leading best practices and thought leadership

Regulatory Leadership:

  • Participate in industry working groups and standard-setting initiatives
  • Contribute to regulatory consultation and policy development
  • Share anonymized intelligence and best practices with industry peers
  • Establish centers of excellence and knowledge sharing platforms

Conclusion: The Path Forward

The FCA’s 2025 MLTM thematic review represents more than a regulatory assessment—it provides a roadmap for transforming capital markets’ resilience against financial crime. As someone who has witnessed the evolution of money laundering schemes from simple structuring to sophisticated market manipulation, I can attest that the current threat environment demands unprecedented collaboration between regulators, firms, and technology providers.

Key Success Factors:

  1. Leadership Commitment: Senior management must demonstrate active engagement and resource commitment
  2. Technology Investment: Firms must embrace advanced analytics and AI-driven solutions
  3. Industry Collaboration: Enhanced information sharing and best practice development
  4. Regulatory Partnership: Constructive engagement with FCA and law enforcement agencies
  5. Continuous Evolution: Adaptive approaches that evolve with changing threat landscapes

The wholesale broker sector stands at a critical juncture. Firms that embrace comprehensive MLTM prevention frameworks will not only achieve regulatory compliance but will also position themselves as trusted partners in the global financial system. Those that fail to adapt risk not only regulatory sanction but also exclusion from an increasingly sophisticated and interconnected marketplace.

The fight against money laundering through the markets requires technical expertise, operational excellence, and unwavering commitment to integrity. This review provides the foundation—now it’s up to each firm to build upon it.

Scroll to Top