FCA fines Monzo £21 million for failings in tackling financial crime

The Financial Conduct Authority (“FCA”) has fined Monzo Bank Limited (Monzo) £21,091,300 for its inadequate anti-financial crime systems and controls between October 2018 and August 2020.

This is a reduced fine, following Monzo’s agreement to resolve the matter, after which it qualified for a 30% discount under the FCA’s executive settlement procedures. The original fine amount was £30,130,475.

In addition, Monzo repeatedly breached a requirement preventing it from opening accounts for high-risk customers between August 2020 and June 2022.

As Monzo’s customer base grew rapidly from around 600,000 in 2018 to 5.8 million in 2022, its financial crime controls became inadequate.

Gherson LLP’s white-collar crime team breaks down what went wrong.

What went wrong?

According to the FCA, Monzo:

• Failed to design, implement and maintain adequate customer onboarding; and
• Failed to design, implement and maintain customer risk assessment and transaction monitoring systems to mitigate the risk of financial crime.

The above failings led to the FCA conducting a comprehensive, independent review of Monzo’s financial crime framework in August 2020.

Alongside the independent review conducted in August 2020, the FCA imposed a requirement preventing Monzo from opening new accounts for high-risk customers. Once imposed, Monzo was obliged to correctly implement all necessary changes to its systems and controls to ensure that the terms of the FCA’s requirements were met immediately and on an ongoing basis (unless or until the requirements were varied or cancelled by the FCA).

However, in spite of this, Monzo breached the terms of its agreement and signed up over 34,000 high-risk customers between the period of August 2020 and June 2022.

The FCA joint executive director of enforcement and market oversight, Therese Chambers, confirmed that Monzo “onboarded customers on the basis of limited, and in some cases, obviously implausible information – such as customers using well known London landmarks as an address.”

The consequences

In light of Monzo’s shocking failings, the FCA imposed a financial penalty of £21,091,300 on Monzo pursuant to section 206 of the Financial Services and Markets Act 2000.  However, it could arguably have been worse, as what was originally an FCA criminal investigation was downgraded last year to an FCA civil investigation.

As per the FCA’s Final Notice, Monzo is required to pay FCA the full penalty by no later than 21 July 2025. If the financial penalty is outstanding on 22 July 2025, the FCA confirmed that it may recover this amount as debt owed by Monzo to the FCA.

As the FCA continues to monitor and supervise financial firms to tackle financial crime, the £20 million fine is the 10^th fine the FCA has imposed on a bank for financial crime control failings in the last 4 years. It is likely that the FCA will continue to fine financial institutions with inadequate financial crime controls, as it highlighted financial crime as one of its priorities for retail banks in its 2024 supervisory strategy.

NAVIGATING FINANCIAL INSTITUTION-RELATED CHALLENGES

What can I do to try and challenge a wrong decision to close my personal and/or bank account(s)?

In the meantime, we are increasingly being approached by individuals who have been “de-banked” in circumstances where they are adamant that they have always acted in full compliance with the relevant bank account’s Terms and Conditions and all other legal and applicable rules and regulations.

We have previously written about how other issues individuals may face, including account closures, are not limited to political figures in the UK and affect many thousands of lawful individual and business customers every year.  These cases have exposed the difficult balance many financial institutions and their individual and business customers must strike to gain and maintain access to basic banking services.

To assist those whose accounts have been closed, Gherson’s financial crime, investigations and regulatory team have previously written blogs titled

“Why has my bank account been closed?”

“Why has my business bank account been closed?”

“140,000 SMEs “de-banked” last year – why could I have been de-banked?”

“What are the proposed new laws aimed at preventing de-banking?”

“Why the proposed new laws to try and prevent de-banking to not go far enough”.

“Am I entitled to a basic bank account in the UK?”

“How to challenge crypto-related bank account closures”

What can I do to try and challenge a wrongly-imposed CIFAS marker

We are also being increasingly approached by individuals who feel that a financial institution has wrongly imposed a CIFAS marker in their name.

If you have always acted in full compliance with the relevant bank account’s Terms and Conditions and all other applicable legal rules and regulations, then you should have a good basis to challenge the bank’s decision to implement any CIFAS markers.

A strong challenge will often involve demonstrating through evidence that you have not breached the bank’s Terms and Conditions or any rules and regulations, and that all transactions were at all times carried out in full compliance will all applicable laws and regulations.

In a previous blog we examined what a CIFAS marker is and how to try and get it removed and also what you can do if a CIFAS marker has been wrongly imposed.

We have also recently examined Challenging a crypto-related CIFAS Marker: what you can do.

Adverse Information on Compliance Databases

We also being increasingly approached by individuals who feel that incorrect and/or inaccurate data about them stored in compliance databases is having an adverse effect on their relationship with financial institutions and are facing subsequent issues, such as bank account closures and difficulties in opening a bank account.

We have also written a series of blogs on a basic overview of the main functions of compliance databases like World-Check and how you can correct information about yourself on such databases.

Updated: 09.07.2025

How Gherson can assist

Gherson’s regulatory, white-collar and investigations team are highly experienced in providing advice on what you can do if your bank freezes or closes your account.  This includes assisting you in submitting a request under data protection legislation, otherwise known as a Data Subject Access Request, to ascertain what information banks and other financial institutions may be holding on you and their decision making, and then analysing the response and assisting with any appropriate challenge.

If you have any questions arising from this blog, please do not hesitate to contact us for advice; send us an email at enquiries@gherson.co.uk or, alternatively, follow us on X, Facebook, Instagram, or LinkedIn to stay up to date with the latest developments.

The information in this blog is for general information purposes only and does not purport to be comprehensive or to provide legal advice.  Whilst every effort is made to ensure the information and law is current as of the date of publication it should be stressed that, due to the passage of time, this does not necessarily reflect the present legal position.  Gherson accepts no responsibility for loss which may arise from accessing or reliance on information contained in this blog.  For formal advice on the current law please do not hesitate to contact Gherson.  Legal advice is only provided pursuant to a written agreement, identified as such, and signed by the client and by or on behalf of Gherson.

©Gherson 2025