The FCA’s New AML Questionnaire for Asset Managers

The FCA’s New AML Questionnaire for Asset Managers

Why Your Risk Framework May Not Survive Christmas

Background

Just in time for the holiday season, the FCA has delivered its 2025/2026 Focussed Supervisory Intervention questionnaire to asset managers - a data-heavy request centred on business models, private markets exposure, governance, AML controls, and cross-border risks.

At the same time, the FCA published its cross-industry review on Risk Assessment Processes and Controls in Firms (Nov 2025), a pointed document outlining good practice, weak practice, and the regulator’s increasing expectations for robust, dynamic, and evidenced financial-crime risk management.  

TD:LR: 2026 will be the year the FCA expects asset managers to show - not just tell - that their AML systems are risk-based, connected, automated, and genuinely effective.

What we would prefer to receive from the FCA this time of year

5 Critical Themes from the Questionnaire

The questionnaire together with the risk assessment gives us a flavour of the supervisory themes emerging across the market. Namely:

1. Private Markets & Complex Structures Focus

There is a visible increased interest in the complexity of private market structures e.g.:

  • Exposure to illiquid assets, alternatives, and private deals

  • Use of SPVs, LPs, trusts, feeder funds and other multi-layered entities

  • Non-UK structures and jurisdictions associated with opacity

  • Distribution chains involving offshore intermediaries

  • How firms verify ownership in multi-layered structures

2. Automated, Consistent Risk-Tiering

The FCA’s engagement has focused on manual-risk rating:

  • Whether firms rely on automated, rule-based Client Risk Assessment (CRA) models

  • Whether scoring is consistent across teams

  • Whether qualitative or manual scoring introduces discretion

  • How the methodology connects to monitoring, EDD, product approval and escalation

3. Portfolio-Level AML Risks

Historically, AML obligations for asset managers centred primarily on investor onboarding. Now, supervisors are increasingly examining portfolios:

  • Whether firms monitor risks inside the portfolio

  • Whether firms can identify suspicious patterns in investment flows

  • How firms manage onboarding for entities that they invest into

4. Scrutiny on Outsourced Onboarding

Several firms have reported supervisory emphasis on outsourced KYC (e.g. to fund admins, transfer agents) namely:

  • Whether onboarding performed by third parties is properly overseen

  • Whether information from distributors, introducers or intermediaries is timely and complete

  • Whether the regulated firm can evidence that it owns the risk

  • Whether the firm itself assesses the quality of documents and controls.

5. Real-Time Screening & Monitoring

Market feedback shows more questions around how effective your screening is e.g.:

  • Frequency and automation of sanctions/PEP/media screening

  • The use of alerts, thresholds and false-positive filters

  • Trend analysis, MI dashboards and escalation workflows

  • Whether firms rely on batch screening vs real-time tools

Themes in Risk-Assessment Findings Across the Industry

The FCA has shared general feedback this year on how firms approach Business Wide Risk Assessments (BWRA) and CRAs. The observations are broad and apply across all financial services, but asset managers have particularly relevant exposure. What can we learn from the feedback:

Source: FCA website

1. Risk assessments often lack specificity

Common findings shared across the industry include generic assessments, poor scoring methodology, missing visibility into emerging risks and lack of evidence controls.

2. Governance and documentation gaps

Firms often struggle to demonstrate the evolution of risk-models, lack of audit trails and how inherent risks connect to residual risks.

3. Growth outpacing control maturity

Many firms have expanded their investments or targeted new jurisdictions faster than their AML systems have been upgraded.

4. Lack of testing

The FCA is increasingly worried firms carrying out limited or no testing at all. This is particularly an issue for asset managers who have outsourced service providers (e.g. fund admins, transfer agents).

What Asset Managers Should Expect Heading Into 2026

Based on supervisory direction across the sector, firms should prepare for:

  1. Evidence Requests

  • Clearly show how you reached a risk rating - including an audit trail.

  • Demonstrate easy access to underlying data

  1. Attention to Jurisdictions & Private Structures

  • Firms with higher proportions of non-UK or complex structures should ensure their due diligence is well above minimum expectations.

  1. Deeper reviews of CRA/BWRA methodologies

  • Particularly for firms still using spreadsheets or qualitative scoring.

  1. More questions on distribution chains

  • If distributors, nominees, placement agents or feeder funds are involved, supervisors will want to understand the full risk trail.

  1. Closer attention to onboarding timelines

  • The FCA has shown interest in cases where onboarding takes excessive time due to reliance on third-party information.

  1. More scrutiny of real-time screening

  • Quarterly or batch-only checks are increasingly out of step with expectations.

What Should You Do Right Now?

  • Carry out an internal audit / Review of your AML processes against the FCA’s asks - don’t forget to document it.

  • Carry our Sample Tests of your / your outsourced providers’ onboarding files.

  • Invest in Automated risk-scoring and screening systems that can augment your processes.

  • Check your Business Wide Risk Assessment - is it up-to-date?

  • Check your Data - how easy is it to get from your fund admin/service provider? Can you run quick reports to assess risk levels?

  • Don’t be the poster child of an AML fine!

Need help? Get in touch today with Steward.