Category: Compliance & AML · Reviewed by Simon Temme, Account Executive · Last reviewed June 2026
The principal UK regulations implementing anti-money laundering, counter-terrorist financing and proliferation financing duties — setting requirements for customer due diligence, risk assessment, internal controls, training, record-keeping and reporting in regulated firms.
“MLR 2017” is the short reference to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (S.I. 2017/692). They are the principal UK regulations governing how regulated firms (including insurance intermediaries dealing in life or pension business and a sub-set of general insurance activities) must prevent and detect money laundering, terrorist financing and proliferation financing.
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (S.I. 2017/692), as amended (notably by the Money Laundering and Terrorist Financing (Amendment) Regulations 2019, the 2022 amendments and subsequent updates). The MLR 2017 implement what was then the 4MLD and 5MLD, retained and adapted in UK law post-Brexit. The Proceeds of Crime Act 2002 (POCA) and Terrorism Act 2000 provide the underlying offences.
Regulated firms must conduct a written firm-wide risk assessment (regulation 18), maintain policies and procedures (regulation 19), nominate a Money Laundering Reporting Officer (regulation 21), conduct customer due diligence (regulations 27–38), keep records, train staff and report suspicions to the National Crime Agency. For general insurance, the MLR 2017 apply mainly to life and pension intermediaries — but firms also fall in scope under POCA’s general suspicious activity reporting regime regardless of whether they are an MLR 2017 “relevant person”.
The 2022 amendments responded to FATF mutual evaluation outcomes — strengthening provisions on PEPs, beneficial ownership and trusts. The 2024 statutory instrument programme made further refinements to high-risk third country lists. Insurance intermediaries pure GI may not be “relevant persons” but must still apply POCA / Terrorism Act reporting obligations and broader counter-financial-crime systems and controls under SYSC 6.3.
Apex’s risk-based approach captures customer risk factors (type of customer, geographic risk, product risk, distribution channel risk), provides for higher-risk-event escalation, and ensures all relevant staff complete annual AML training. SARs are filed via the SAR Online portal where the threshold of suspicion is met.
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (S.I. 2017/692), as amended. Proceeds of Crime Act 2002. Terrorism Act 2000. JMLSG Guidance Parts I, II, III.
By Matt Bartlett, Director, on 2026-06-11.
This entry is part of the Apex Insurance Wiki. Last reviewed by Matt Bartlett on 2026-06-11. Apex Insurance Brokers Limited, FCA FRN 724952, Companies House 07014570. Not regulated advice — consult your broker on your specific position.
Apex Insurance Brokers serves UK professional services firms and commercial businesses. Call 0117 325 0027, email hello@apexinsurancebrokers.co.uk, or request a quotation.
Get a quote