Skip to content
Global Trade Management

The impact of Brexit on compliance in the financial services industry

· 5 minute read

· 5 minute read

At the end of last January, the United Kingdom (U.K.) formally left the European Union (E.U.) and entered a transition period that will cease on December 31. The E.U. is currently in consultation with the U.K. regarding the future relationship between the two parties and the future of financial services regulation post-transition.

In the absence of specific agreements or government deals, the U.K. will largely look to domestic law to provide the legislative framework that would govern a wide range of compliance topics going forward. But what does this mean for compliance personnel working in the U.K.’s financial services sector?

Understanding the requirements

Throughout the transition period, compliance functions in U.K. financial services firms have been anticipating and, wherever possible, preparing for operational compliance post-Brexit. Most, if not all, financial services firms in the U.K. enjoy a close relationship with their regulator and will be closely monitoring developments. Financial services firms are also skilled at quickly adapting to new regulatory requirements and have personnel poised and ready to implement the necessary changes once these have been communicated by the U.K. government. It is likely that there will be some degree of uncertainty surrounding many compliance-related requirements, at least, in the short term. This will need to be managed through regular communication with the regulator and through an agile approach to the implementation of new processes and procedures.

While the future legislative landscape is not yet clear for all compliance subject areas, it is possible to predict the likely future state of legislation for some compliance topics. These topics are already subject to robust U.K. legislative requirements and place specific obligations on financial services firms. The U.K. government perceives the requirements of the U.K. legislation for these topics to be broadly in line with, or in some cases, to go beyond the requirements of the equivalent E.U. law. Let’s consider some of these topics further.

Brexit & data protection

One of the more obvious E.U.-dependent topics is data protection. During the transition period, the General Data Protection Regulation (GDPR), like all other E.U. regulations, will continue to apply to the U.K. Following the completion of the Brexit transition, however, the U.K. will rely upon domestic law by way of the Data Protection Act of 2018 (DPA). During the last revision of the DPA, the U.K. government deliberately incorporated the provisions of the GDPR in order to ease the transfer of responsibility; the GDPR also now is widely regarded as the global gold standard in data protection regulation; and, as such, it makes sense for the U.K. to continue to hold itself accountable to such standards.

Following the conclusion of the Brexit transition, the U.K. can, at least, feel reassured that robust data protection legislation will exist. However, those firms that conduct business in the E.U. will still be required to comply with the requirements of the GDPR. This will present some additional complexity for firms, particularly in the absence of clarity regarding country equivalency and the transfer of data.

Brexit & anti-money laundering

A similar dependency exists in relation to the U.K.’s anti-money laundering regime. Historically, money laundering legislation in the U.K. has implemented the requirements of the various E.U. Money Laundering Directives. For example, the Fifth Money Laundering Directive (5AMLD) was transposed into E.U. law in January 2020 and was enacted into U.K. national law via the Money Laundering and Terrorist Financing (Amendment) Regulations of 2019.

Following the Brexit transition, the U.K. government is likely to adopt a different approach and have already confirmed that the Sixth Money Laundering Directive (6AMLD) — which is to be implemented into E.U. member states’ domestic laws by June 2021 — will not be transposed into U.K. law. In this instance, it is the case that U.K. domestic law already covers most of the provisions of the 6AMLD and the U.K. government has determined that amendments to U.K. domestic legislation are not warranted.

Brexit & financial sanctions

One topic that may require some ongoing coordination between the E.U. and the U.K. is sanctions. Currently the U.K. is subject to, and complies with, United Nations sanctions which are enacted through E.U. law. Post-Brexit, the U.K. will implement a range of U.K. sanctions regimes via the Sanctions and Anti-Money Laundering Act of 2018. Among these sanctions are financial sanctions administered by the Office of Financial Sanctions Implementation, a branch of Her Majesty’s Treasury.

Regardless of the existence of sanctions-specific legislation in the U.K., it would be prudent of compliance personnel in the U.K. to ensure that any sanctions licenses or exemptions are still valid post-Brexit and that all firms incorporate any revised sanctions lists into their screening programs. It is unlikely that the U.K. will completely “go it alone” in the sanctions space, however. Sanctions play an important role in maintaining international security and preventing financial crime and human rights abuses, and for this reason, sanctions are being considered as a topic that will require ongoing co-ordination between the U.K. and the E.U.


While negotiations between the U.K. and E.U. continue, it is difficult for compliance personnel to determine and prepare for any future operational changes. In a country where non-compliance is treated harshly by the regulator, ongoing communication between firms and their regulators will be essential in ensuring that firms adapt to the new ways of working in a timely manner and with as little impact to customers as possible.

More insights