Barclays Fined £42 Million by FCA for Major AML Failures Tied to WealthTek and Stunt & Co

Barclays is once again under the regulatory spotlight after the UK’s Financial Conduct Authority (FCA) levied a £42 million fine on its UK entities for what it described as “fundamental lapses” in anti-money laundering controls. The 2025 enforcement action focused on serious failings in the bank’s client onboarding, transaction monitoring, and risk management related to its dealings with WealthTek and Stunt & Co. The FCA’s move signals a growing intolerance toward AML weaknesses among major financial institutions and underscores persistent vulnerabilities within the UK banking sector.

The FCA found both Barclays Bank UK PLC and Barclays Bank PLC at fault, each for distinct but interrelated deficiencies in how they managed client relationships tied to large-scale illicit activity. The regulator’s investigation concluded that inadequate due diligence and poor monitoring practices enabled suspicious transactions to flow through the bank’s systems, facilitating criminal behavior and causing financial harm to both clients and the market. The case raises critical questions about AML compliance and has set a new benchmark for regulatory expectations across the sector.

Barclays’ relationship with WealthTek served as a flashpoint in the investigation, revealing significant flaws in how the bank assessed client risk during onboarding. Despite the fact that WealthTek lacked FCA authorization to hold client money, Barclays failed to carry out fundamental checks, such as verifying the firm's status through the Financial Services Register. Such a step is considered standard under the FCA’s Senior Management Arrangements, Systems and Controls (SYSC) regime. That lapse allowed WealthTek to open a client money account into which £34 million was deposited. Barclays had neither a clear grasp of WealthTek’s operating model nor conducted thorough verification of source of funds—failures that contravened the UK’s Money Laundering Regulations 2017, particularly in terms of customer due diligence and ongoing monitoring obligations.

The situation intensified in late 2024 when the FCA filed criminal charges against WealthTek’s principal partner, including fraud and money laundering offenses. In response to the scale of financial harm and its own exposure, Barclays made a voluntary payment of £6.3 million to compensate impacted clients. While the FCA acknowledged this cooperation and remediation in reducing the original fine, the incident remains a potent reminder of the regulatory risks that follow when AML processes are not enforced with rigor.

The second element of the FCA action targeted Barclays Bank PLC’s association with Stunt & Co and its exposure to the high-risk flows tied to Fowler Oldfield, a now-infamous UK-based money laundering outfit. Despite receiving intelligence from law enforcement and having access to indicators—including police raids on both Stunt & Co and Fowler Oldfield—the bank did not properly investigate or reassess the risks. Between these entities, £46.8 million passed through accounts over a 13-month period, much of it later confirmed by authorities to be linked to criminal operations.

According to the FCA’s findings, Barclays failed to implement adequate enhanced due diligence as stipulated under Regulation 33 of the Money Laundering Regulations. Even after it was evident that law enforcement viewed Fowler Oldfield as a central player in money laundering schemes, the bank took no meaningful steps to review its exposure. It wasn’t until the FCA took criminal action against another bank—NatWest—for similar AML failings that Barclays reassessed the relationship, further demonstrating a reactive posture. While James Stunt, director of Stunt & Co, was acquitted of money laundering, the directors of Fowler Oldfield were convicted and sentenced to prison, illustrating the legal complexity around beneficial ownership and the movement of illicit proceeds through sophisticated, layered financial structures.

Barclays is no stranger to FCA scrutiny. The regulator cited prior enforcement actions in 2015 and 2022 in its 2025 Final Notices, warning that repeated lapses in client due diligence and transaction monitoring will not be tolerated. As part of its 2024–2025 retail banking supervision strategy, the FCA has maintained AML compliance as a top priority, reiterating that firms must implement “robust systems and controls” consistent with SYSC obligations and Joint Money Laundering Steering Group (JMLSG) guidance.

Though Barclays' fine was reduced due to cooperation and its voluntary client redress efforts, the FCA emphasized that proactive compliance and swift remediation are now expected industry standards. In the wake of the penalty, Barclays has launched a full overhaul of its AML framework, which includes revised onboarding protocols, advanced risk scoring systems, and upgraded transaction monitoring technologies. Whether these efforts will satisfy regulatory scrutiny over the long term remains to be seen.

The broader implications of the case extend well beyond Barclays. The failures documented in this enforcement illustrate the perils of placing commercial relationships above robust financial crime controls. Both incidents—WealthTek and Stunt & Co—demonstrate how fundamental lapses in risk assessment, combined with poor escalation practices, create systemic vulnerabilities easily exploited by criminal actors. Rapid, high-volume fund transfers conducted without sufficient due diligence remain one of the core tools of modern money laundering.

More broadly, the action serves as a loud warning across the financial sector. The size of the fine, the pace of the FCA’s three-month investigation, and the specificity of the regulator’s findings make clear that tolerance for AML failures—particularly among systemically important banks—is rapidly diminishing. Institutions are now expected not just to comply with the letter of regulation, but to show that their AML efforts are genuinely effective and embedded into the operational fabric of the organization. This includes continuous staff training, real-time monitoring systems, escalation protocols, and a top-down culture that prioritizes compliance over expediency.

As the UK moves forward with legislation like the Economic Crime and Corporate Transparency Act, and with enhanced collaboration between the FCA, HM Treasury, and the National Crime Agency, banks can expect even closer supervision. In that context, the Barclays case is certain to be dissected by compliance officers and regulators alike as both a cautionary tale and a road map for remediation.

Ultimately, the £42 million penalty reinforces one simple truth: robust AML compliance is no longer negotiable. As the financial crime landscape evolves and expectations continue to rise, institutions must ensure that their controls are not just designed, but deployed, tested, and continuously improved. In the words of the FCA’s Final Notice, “Where financial institutions are given warning signs, they must act swiftly and decisively.” Barclays’ failure to do so came at a significant cost—financially, reputationally, and operationally. It is a price few in the sector can afford to ignore.

By fLEXI tEAM