Elevate your Compliance and Security with Intelect.
Our monthly round up of news items which are of particular relevance to those businesses regulated for the purposes of Anti-Money Laundering.
‘We help you keep criminals and their money out of your business PLUS keep you on the right side of the regulators.
Cyber Security
UK’s New Cyber Resilience Bill. A game changer for Business Security and Compliance?
The UK’s proposed Cyber Security and Resilience Bill aims to overhaul outdated regulations, empowering authorities to swiftly counter evolving cyber threats and expanding compliance requirements for businesses of all sizes.
The new Cyber Security and Resilience Bill is designed to address the shortcomings of the UK’s 2018 NIS Regulations by broadening the scope of entities covered, strengthening regulatory powers, and establishing clearer, faster incident reporting requirements. Notably, the Bill will bring more businesses including small and micro digital service providers and critical supply chain partners under regulatory oversight, regardless of size (only if they play a crucial role in supporting essential services).
Regulators will gain the flexibility to update requirements rapidly in response to emerging threats, without waiting for new primary legislation.
For businesses, this means a significant increase in compliance obligations and the need for robust cybersecurity measures, especially around third-party and supply chain risks. The Bill’s expanded incident reporting will require notification within 24 hours of a potential threat, demands that organisations enhance their detection and response capabilities. A failure to comply could result in regulatory action and reputational damage.
What it means for your business
This bill signals a new era of agile, proactive cybersecurity governance in the UK, aligning with international standards and futureproofing the nation’s digital infrastructure. Businesses must adapt quickly, investing in compliance and resilience to avoid penalties and maintain trust.
Comment – For due diligence professionals, the expanded scope and stricter reporting requirements create new opportunities to provide clients with critical intelligence and guidance on risk management, supply chain scrutiny, and regulatory compliance. We can assist you with cyber security risk assessments.
Organised Crime
Ex-soldier exposes simple yacht smuggling routes for illegal migrants into the UK
A former British serviceman reveals how he smuggled Vietnamese and Albanian migrants into the UK via private yachts and ferries, exposing major vulnerabilities in marina security and ongoing risks from an organised crime perspective.
A BBC investigation has uncovered the story of “Nick,” a former British soldier who turned to people smuggling after financial hardship, ferrying Vietnamese and Albanian migrants into secluded marinas along England’s southeast coast. Nick described the process as “simple” and “low risk,” taking advantage of lax security at private marinas and the vast, lightly monitored UK coastline.
He was eventually convicted and imprisoned, but says the same smuggling routes and methods remain in use, with little to deter others from following in his footsteps.
His operations were enabled by contacts in organised crime, including an Albanian associate and a Vietnamese woman with a background in money laundering. Migrants paid up to £12,000 each to be transported, often disappearing into the UK’s underground economy or being funnelled into illegal cannabis farms.
The smuggling gangs exploited both the lack of 24/7 security at marinas and the limited capacity of Border Force, which is stretched thin across 11,000 miles of coastline and prioritises high-profile small boat crossings.
The investigation highlights the persistent threat posed by sophisticated people smuggling networks that adapt quickly to law enforcement focus. Harbourmasters and Border Force officials admit that private marinas are a weak link, with some comparing their security to that of a “caravan park.”
Despite recent convictions, both the smuggling infrastructure and the criminal actors remain active, presenting ongoing risks for financial crime, human trafficking, and reputational harm to businesses and communities.
The story underscores the need for enhanced due diligence on marina operators, yacht owners, and related service providers. Private marinas, with limited oversight, are being exploited for people smuggling and potentially for laundering criminal proceeds.
Comment – The involvement of individuals with histories of drug cultivation and money laundering highlights the intersection of human trafficking and financial crime. Payments for smuggling services, often in cash or via informal channels, may be linked to broader criminal networks.
Regulatory
Essex law firm fined £120,000 for 15 Years of AML failures
It was reported on 19th May 2025 that Tolhurst Fisher LLP, a well established Essex law firm, was fined £120,000 by the Solicitors Disciplinary Tribunal after a 15-year period of serious anti-money laundering (AML) compliance breaches, including failing to conduct risk assessments and source of funds checks.
The firm admitted to failing to have adequate risk assessments or documented procedures in place from 2007 through 2019, and even after new regulations in 2017, their compliance measures were insufficient until as recently as January 2024. The SDT highlighted that the firm’s lack of action persisted despite repeated warnings and updated guidance from the Solicitors Regulation Authority (SRA).
A 2023 SRA review found that none of the eight client files examined contained a client or matter risk assessment, nor evidence of source of funds checks, even for high-value transactions.
Examples included a £270,000 property purchase and a business acquisition involving complex funding arrangements, both lacking basic due diligence. The SRA concluded that at least 70% of the firm’s work was within the scope of money laundering regulations, primarily conveyancing, making these failures particularly significant.
The firm who cooperated fully, admitted the breaches, and has since improved its AML policies and procedures. Nevertheless, the SDT stressed that a firm of its size and resources should have known better and that its failures were a material breach of its obligations to protect the public and the legal profession’s reputation.
This case demonstrates that regulators are increasingly willing to pursue significant sanctions against law firms for historic and systemic AML failings. Firms must ensure policies are not only in place but are reviewed, updated, and rigorously applied especially in high-risk sectors like conveyancing.
The absence of documented client risk assessments and source of funds checks exposes firms to money laundering risks and regulatory action. These are not mere box-ticking exercises, robust, ongoing due diligence is necessary to detect and prevent financial crime.
Comment – Long-term non-compliance can result in substantial fines, reputational damage, and loss of client trust. For due diligence investigations, this underscores the need to scrutinise the AML controls of counterparties and partners, especially in legal and financial services, and to consider historic as well as current compliance behaviour.
Do you want an effective tool to help manage you due diligence and risk assessment responsibilities? Look no further than Investigation Engine.
