What happened

On 17 June 2026, Therese Chambers, the FCA’s joint executive director of enforcement and market oversight, delivered a speech at the 22nd Annual IBA Anti-Corruption Conference titled “Beyond the headlines: the unseen fight against financial crime.” Her central message: enforcement is no longer just about high-profile fines and convictions. Increasingly, it is the quieter, faster work of supervision, market oversight and proactive detection — stepping in before harm escalates, often without any press release at all.

Chambers was candid about the scale the FCA manages: more than 40,000 firms, 1,720 listed issuers, and 35 million transaction reports every day. With financial crime becoming “faster, more complex and more widespread” — accelerated by AI — the regulator says it cannot pursue every instance of harm through traditional, slow and expensive enforcement. Instead, it is leaning into the “prevent, protect and prepare” elements of its work.

What it means in practice

For firms in the cryptoasset space, the key takeaway is that the FCA is widening the space between “doing nothing” and a full enforcement investigation — and acting in that space in weeks, not years. The speech sets out a spectrum of tools the regulator is willing to deploy:

  • Own Initiative Requirements (OIREQs): immediate restrictions that can freeze assets, halt onboarding of new customers or funds, require redress, or shut a firm down entirely. Chambers described an e-money firm hit with an OIREQ — no new customers or funds, immediate return of holdings — over inadequate client files and wrongly downgraded high-risk clients. No fine, no prosecution; the harm was simply stopped.
  • Voluntary requirements and feedback letters: in the last financial year the FCA recorded 369 voluntary outcomes. Notably, she cited a cryptoasset firm that repeatedly failed to display the right risk warnings — the FCA engaged until the issues were fixed.
  • Skilled person reviews and coordinated interventions, including appointing administrators where needed to protect consumers.

The signal is unambiguous: the absence of a headline does not mean the absence of action. Early, behind-the-scenes intervention is now a core part of how the FCA operates.

The cross-border dimension

Chambers stressed that criminals “exploit the seams between differing regulatory approaches.” The FCA is working with counterparts including BaFin, the US Department of Justice and the Monetary Authority of Singapore, contributing heavily to IOSCO’s information-exchange frameworks (341 incoming and 138 outgoing requests last financial year). For crypto businesses operating across jurisdictions, this means weaknesses in one market are increasingly visible to regulators in others.

Implications for licensees and applicants

If you are building a crypto business in the UK, this speech should reframe how you think about compliance risk:

  • Financial crime controls are front and centre. The examples that triggered intervention — poor client files, mis-rated high-risk clients, weak AML controls — are precisely the areas firms underinvest in. The FCA’s new anti-money laundering jurisdiction and its nine shared economic crime priorities with the National Crime Agency reinforce this.
  • Financial promotions are a live tripwire. Risk warnings on cryptoasset promotions remain a recurring problem. The “finfluencer week of action” — 17 regulators, 120 account takedown requests, criminal action against three individuals — shows promotions are actively policed.
  • Speed cuts both ways. The FCA can now act in weeks. Firms that cooperate and remediate quickly may avoid formal powers entirely; those that do not face immediate, decisive restrictions.

Concrete next steps

For executives pursuing or holding authorisation, I would prioritise the following:

  • Stress-test your AML/KYC framework against the specific failings Chambers highlighted: incomplete client files, unexplained risk downgrades, and clients “waved through.”
  • Audit every financial promotion for compliant, prominent risk warnings before publication — not after a regulator engages.
  • Map your cross-border exposure and ensure consistency, given the FCA’s active information-sharing with overseas authorities.
  • Treat early FCA engagement as an opportunity to remediate voluntarily, not a precursor to a fight.

Getting these foundations right at the application stage is far cheaper than fixing them under supervisory pressure. If you are weighing market entry, our team can guide you through obtaining a crypto / VASP license in United Kingdom and building controls that meet the FCA’s heightened expectations from day one.

This is not a softening of enforcement — it is a sharpening of it. The smartest response is to make sure that when the FCA looks under the bonnet of your firm, there is nothing to find.

Source: Financial Conduct Authority (FCA) — Beyond the headlines: the unseen fight against financial crime