Every FCA Fine in 2025: The Complete List and What Compliance Teams Should Learn

The Financial Conduct Authority issued over £124 million in fines during 2025, a significant increase that continues the upward trend from £176 million in 2024. Anti-money laundering failures dominated the enforcement landscape, with several high-profile banks and fintechs facing substantial penalties.

For compliance teams, these cases are not just headlines. They are a clear signal about where the FCA is focusing its supervisory attention — and where your own monitoring processes need to be robust.

Here is every major fine the FCA issued in 2025, what went wrong, and what it means for firms that work with or alongside the organisations involved.

The Biggest FCA Fines of 2025

1. Nationwide Building Society — £44.1 Million

Breach: Failures in anti-financial crime systems and controls (Principle 3)

Nationwide received the largest single fine of 2025 for inadequate AML systems and controls between October 2016 and July 2021. The FCA found that the building society's transaction monitoring systems failed to adequately detect suspicious activity, and its customer due diligence processes were not sufficient for the scale and nature of its business.

Lesson for compliance teams: Even well-established institutions with strong reputations can face substantial penalties when their systems do not keep pace with regulatory expectations. The FCA's message is clear: legacy systems and manual processes are not an acceptable defence.

2. Barclays Bank plc — £39.3 Million

Breach: Money laundering risk failures in corporate banking

Barclays was fined for failing to properly identify, assess, and mitigate money laundering risks within a longstanding corporate banking relationship with gold dealer Fowler Oldfield. The FCA found that Barclays had not adequately scrutinised high volumes of cash deposits over an extended period.

Lesson for compliance teams: Ongoing monitoring of existing relationships is just as critical as onboarding checks. A firm's regulatory status and risk profile can change over time, and your monitoring needs to reflect that.

3. Monzo Bank Limited — £21.1 Million

Breach: Inadequate financial crime controls during rapid growth

Monzo's fine relates to the period between 2018 and 2020, when the digital bank's rapid customer growth outpaced the maturity of its compliance infrastructure. The FCA found that Monzo's automated transaction monitoring rules were not adequately calibrated, and the firm did not have sufficient resources to investigate alerts generated by its systems.

Lesson for compliance teams: Growth does not excuse compliance gaps. Firms scaling rapidly — and their counterparties — need robust monitoring to ensure compliance keeps pace with business expansion.

4. London Metal Exchange — £9.2 Million

Breach: Systems and controls failures during extreme market volatility

The LME was fined for serious failings in its systems and controls during the nickel market crisis of March 2022. The FCA determined that the exchange's risk management frameworks and decision-making processes were inadequate for the extreme market conditions it faced.

Lesson for compliance teams: Operational resilience and the ability to manage stress scenarios are under increasing FCA scrutiny. Firms should review their own crisis management and escalation procedures.

5. Barclays Bank UK plc — £3.1 Million

Breach: Account opening failures for client money accounts

A separate penalty from the Fowler Oldfield case, this fine related to failures in Barclays' processes when opening a client account for investment firm WealthTek. The FCA found deficiencies in the due diligence performed during the account opening process.

Lesson for compliance teams: Customer due diligence at onboarding remains a fundamental control. Failures at this stage can have consequences years later.

6. Sigma Broking Limited — £1.1 Million

Breach: Transaction reporting failures over five years

Sigma Broking was fined for submitting incorrect transaction reports for nearly 100% of its transactions between December 2018 and December 2023 — a total of 924,584 incorrect reports. The failures were caused by incorrect system setup that went undetected due to weaknesses in the firm's reporting oversight.

Lesson for compliance teams: Automated systems are only as good as their configuration and ongoing validation. Five years of undetected reporting failures is a stark reminder that compliance monitoring must include regular testing of automated controls.

7. James Edward Staley — £1.8 Million (Individual)

Breach: Individual conduct rule failures

The former Barclays CEO was fined individually for misleading the FCA about his relationship with convicted sex offender Jeffrey Epstein and for failing to act with due skill, care, and diligence when characterising that relationship to the regulator.

Lesson for compliance teams: The FCA continues to hold individuals — not just firms — accountable under the Senior Managers and Certification Regime (SM&CR). Personal accountability is not theoretical.

Key Themes from 2025 Enforcement

Anti-Money Laundering Dominates

AML failures accounted for the vast majority of the total fines in 2025. Nationwide, Barclays, and Monzo were all penalised for weaknesses in their financial crime systems and controls. This reflects the FCA's stated priority of tackling money laundering and financial crime as a primary supervisory objective.

Fintechs Are Not Exempt

Monzo's £21.1 million fine demonstrates that the FCA applies the same standards to challenger banks and fintechs as it does to traditional institutions. Rapid growth is not a mitigating factor — if anything, it increases the FCA's expectation that firms invest proportionately in compliance.

Individual Accountability Is Increasing

The fine against James Staley and the broader use of prohibition orders signal that the FCA is increasingly willing to take action against individuals, particularly senior managers. This has implications for anyone subject to the SM&CR regime.

Systemic Issues Take Years to Surface

Several of the 2025 fines relate to conduct that occurred years earlier. The Sigma Broking case involved failures spanning five years. This means firms you work with today could have undetected compliance issues that only surface much later — making ongoing monitoring essential.

What This Means for Your Compliance Team

If you work with or alongside any FCA-regulated firm, these enforcement trends should inform your monitoring approach:

1. Monitor your counterparties continuously. Annual or quarterly checks of the FCA register are not sufficient. Regulatory actions can happen at any time, and the sooner you know, the sooner you can assess the impact on your business.

2. Pay attention to enforcement signals. A final notice is the end of a process, not the beginning. Warning notices, requirements, and supervisory actions often precede formal enforcement. Monitoring for these earlier signals gives you more time to respond.

3. Review your own controls. The themes in these cases — AML weaknesses, inadequate transaction monitoring, poor due diligence at onboarding — are common across the industry. Use these cases as a prompt to review your own systems.

4. Document everything. An audit trail that demonstrates ongoing monitoring and timely responses to regulatory changes is your best defence if questions are raised about your compliance processes.

FRN Watch monitors the FCA register 24/7 and alerts compliance teams instantly when regulatory actions, warnings, or permissions changes affect firms they track. Start your free trial to automate your monitoring.