Europe Overview


The European investigations landscape is characterised by a patchwork of varying legislative and regulatory frameworks and enforcement approaches. These are often shaped by past events and current political priorities in particular jurisdictions. These variations and the pace of change mean that cross-border investigations, whether involving multiple European jurisdictions or parallel investigations by enforcement authorities in other regions (or sometimes both), frequently present thorny practical and tactical challenges.

This overview does not seek to duplicate the commentary and analysis set out in many of the chapters in this volume. Rather, it looks at some of the key priorities of European enforcement authorities, focusing on anti-bribery and corruption, anti-money laundering, tax evasion, and economic and trade sanctions. There is significant activity in these areas, and some authorities are adapting their approaches to make effective use of changes in the law and additions to their toolkits. This overview also looks ahead to seek to identify the key issues and trends on which those who are subject to investigations throughout Europe should be focusing.

Areas of enforcement risk

Anti-bribery and corruption

A substantial number of investigations by enforcement authorities have arisen following significant legislative developments that introduced corporate offences of failure to prevent bribery with extraterritorial effect (such as the UK Bribery Act 2010 (UKBA) and France’s Sapin II Law[2]). These legislative developments have been accompanied by new mechanisms enabling criminal investigations that involve corporate organisations to be concluded through negotiated settlements. To date in Europe, these mechanisms have been used mainly (although not exclusively) in cases concerning historic bribery and corruption involving corporate organisations.

Following these developments, and despite a slow start, there has been increasing pressure for corporate criminal liability to be expanded to encompass other financial offences. The UK government, for example, asked the UK’s Law Commission[3] to consider the need for reform in this area. In June 2022, the Law Commission published an options paper for the government on ‘how it can improve the law to ensure that corporations are effectively held to account for committing serious crimes’. In this paper, the Law Commission presented 10 reform options to the UK government.[4]

Several other jurisdictions have introduced anti-bribery legislation in recent years, some of which has been the subject of criticism. In Ireland, for example, an offence analogous to the UK corporate offence of failure to prevent bribery came into force in July 2018.[5] However, the Irish statute has been described as flawed for failing to meet guidelines published by the Organisation for Economic Co-operation and Development (OECD). This is because the Irish statute requires dual criminality for an offence to be committed overseas.[6] Further, there is no guidance akin to that published by the UK Ministry of Justice in relation to ‘adequate procedures’ under the UKBA. There is therefore some remaining uncertainty among corporate organisations and their advisers as to exactly what ‘taken all reasonable steps and exercised all due diligence’ means in the Irish legislation, and how to avail oneself of a defence to the corporate offence. Given the nature of the Irish economy, and in particular its attractiveness to multinational technology and financial services companies, there is potential for investigations in Ireland to have significant cross-border elements, and clarity on this point would be welcome.

Elsewhere, German criminal law does not currently recognise the concept of corporate criminal liability. Although the German government introduced draft legislation in this area in August 2019, the legislation was not passed before the end of the same legislative session. The new German coalition government’s agreement outlining its policy priorities for the next four years promised to revise Germany’s corporate misconduct laws. Although it is expected that the new government will deal with corporate criminal liability, it is so far unclear how it intends to do so.[7] In Poland, the OECD has described delays to legislation amending liability under Polish law for legal persons, and increasing financial penalties against corporations, as ‘a serious concern’. It unclear whether the Polish government will enact any reform.[8]

Anti-money laundering

Although anti-money laundering (AML) enforcement remains high on most enforcement authorities’ agenda, approaches to, and the resources available for, investigations vary considerably between European jurisdictions. This is despite the introduction of various iterations of the EU Money Laundering Directives (MLDs), which aim to standardise this area of enforcement. The latest MLD was the sixth, which EU Member States were required to implement by 3 December 2020. The sixth MLD seeks to regularise further the AML enforcement landscape in Europe, for example, by:

  • standardising the 22 predicate offences that must be considered ‘criminal activity’ for the purposes of money laundering by EU Member States;
  • requiring EU Member States to expand criminal liability for money laundering to legal persons; and
  • setting certain increased EU-wide minimum penalties for money laundering.

Further, as outlined in more detail below, the European Union intends to create a dedicated AML authority. This entity will ‘contribute to the harmonisation and coordination of supervisory practices in the financial and non-financial sectors, the direct supervision of high-risk and cross-border financial entities and the coordination of financial intelligence units’.[9]

Although the effects of the sixth MLD are yet to be fully felt, enforcement action across Europe has continued apace. Some of the highest penalties imposed in recent years have resulted from investigations by Sweden’s Financial Supervisory Authority,[10] the Netherlands’ Public Prosecution Service[11] and the United Kingdom.[12] These fines were issued for breaches of regulatory requirements and criminal law by major institutions in relation to their AML systems and controls.

Fines are not the only notable feature of enforcement activity in this area. First, reflecting an increasingly close focus on individual accountability, regulators are now ready and able to pursue individuals considered to have played a part in AML failings. Second, it would appear that some European regulators are starting to initiate criminal prosecutions for this conduct at a corporate level. In March 2021, the UK Financial Conduct Authority (FCA), for example, initiated its first criminal prosecution of a major financial institution for allegedly failing to prevent money laundering. Later that year, the financial institution pleaded guilty and was fined around £264.8 million.[13]

Tax evasion

Tax evasion is also increasingly attracting authorities’ attention. In particular, several jurisdictions are seeking to prosecute a trading activity, known as cum-ex trading, whereby banks and stockbrokers engage in trading shares in a manner that allows both sides of a transaction to claim a tax rebate on the dividends purportedly paid by the shares. Germany is the most prominent example, where an estimated €31.8 billion was fraudulently claimed from the government in the form of rebates between 2001 and 2016.[14] It has been estimated that the total cost to the European taxpayer was more than €55 billion between 2001 and 2012.[15]

Enforcement action in response to such long-standing and wide-ranging conduct is complex but has enjoyed some success. The Danish tax authority (SKAT), for example, charged three UK nationals and three US nationals for their role in allegedly defrauding the Danish treasury[16] and continues to pursue cases.[17] Further, although Denmark initially faced defeat in the UK High Court, which found that SKAT cannot recover £1.5 billion in the English courts, that decision was eventually overturned by the Court of Appeal of England and Wales.[18] In July 2021, Germany’s top court issued its first ruling in relation to a cum-ex trading case and upheld a fine of €14 million for one of the traders and ordered a private German bank to pay back around €176 million.[19] Finally, the United Kingdom has successfully concluded three cum-ex trading-related cases, with the largest penalty of more than £2 million being imposed by the FCA in July 2022.[20]

More generally, the impact of fraud on the support measures introduced by various governments in response to the coronavirus pandemic has been well publicised. The UK government announced an investment of £100 million in a taxpayer protection taskforce to recover funds paid out incorrectly or as a result of fraud during the pandemic, and expects that the taskforce will recover £1 billion over two years.[21] The taskforce is up and running but it is unclear how successful it has been so far.

Economic and trade sanctions

Since Russia’s invasion of Ukraine in February 2022, there has been an unprecedented imposition of economic and trade sanctions on Russia by the European Union and the United Kingdom (pursuant to its post-Brexit autonomous sanctions regime). The unparalleled increase in sanctions imposed on Russia has not yet translated into increased enforcement of sanctions, although this is likely to change. In the United Kingdom, the government introduced the Economic Crime (Transparency and Enforcement) Act 2022 very soon after the Russian invasion of Ukraine. The Act removed the requirement for the Office of Financial Sanctions Implementation (OFSI) to prove that a person must have known or suspected they were breaching UK sanctions law when considering imposing a financial penalty. This effectively makes breaching sanctions a strict liability civil offence, as to impose a financial penalty OFSI is now only required to prove on the balance of probabilities that the entity or person breached the prohibition.

In the European Union, each Member State is responsible for the enforcement of sanctions within its jurisdiction. However, there have been criticisms of inconsistent and uneven enforcement of sanctions. To address this issue, the European Council requested the European Parliament’s consent on a decision to add the violation of restrictive measures to the list of ‘EU crimes’ included in the Treaty on the Functioning of the European Union.[22] If this is agreed, it will allow the adoption of an EU-wide directive containing minimum rules concerning the definition of criminal offences and penalties for the violation of EU restrictive measures. Further, there have been calls for the creation of an EU-wide sanctions authority[23] but these do not appear to have gained any traction so far.

Increased pressure and incentives to co-operate

In England and Wales, the body of cases in which deferred prosecution agreements (DPAs) have been concluded between the Serious Fraud Office (SFO) and co-operating corporate organisations is slowly growing. The figure of 20 agreements per year predicted during the passage of the legislation that introduced DPAs seems unlikely to be achieved in the near term: the SFO entered into three DPAs in 2020 and three in 2021; in 2022, so far, no DPAs have been secured. Further, the United Kingdom has yet to secure the conviction of any individual named as an alleged offender in any of the DPAs. Against this backdrop, it remains to be seen whether the UK DPA regime will be considered a success, and whether corporates will consider co-operation to be worthwhile. The SFO has also more generally found itself under increasing scrutiny following the publication of two critical reviews of its work.[24]

In France, the authorities responsible for investigating and prosecuting financial crime, the French Anti-Corruption Agency (AFA) and the National Financial Prosecutor’s Office (PNF), have now concluded 14 published judicial public interest agreements (CJIPs)[25] with companies of various sizes, including one in which the global penalties imposed exceeded US$3.9 billion. One example also indicates that co-operation with the French authorities can result in a significant reduction in penalty. Systra, a transport company, had its theoretical potential fine of €187 million ultimately levied at €7.5 million after the French authorities viewed the comprehensive compliance programme, in conjunction with historic offending, favourably.[26]

It remains to be seen whether further jurisdictions will enact similar measures. A November 2020 report published by the Irish government as part of measures to enhance Ireland’s ability to fight economic crime declined to recommend the introduction of a deferred prosecution regime. In their report, the authors stated that they were ‘not convinced that the introduction of a DPA regime will yield any significant benefit given the UK experience so far’.[27]

Although mechanisms similar to DPAs and CJIPs (or aspects of them) exist in some other jurisdictions around Europe, including Belgium, the Czech Republic, Romania and Slovakia, they are available only in some of these jurisdictions to resolve allegations of corruption, and the practice and procedure around the use of those mechanisms is not always clearly set out. It is also unclear whether any of these jurisdictions wish to expand these mechanisms. Concluded cases of the same magnitude as those seen in the United Kingdom and France have yet to be publicised.

In jurisdictions where DPAs are already established, authorities’ and courts’ expectations of co-operating corporate organisations in order for (1) negotiations to take place and (2) a settlement to be agreed and approved, are becoming clearer. In particular, the AFA and the PNF in France, and the SFO in the United Kingdom have released guidance that clarifies their views on the co-operation needed to create the right conditions for a negotiated settlement to follow.[28] Courts and prosecutors have also provided guidance on whether corporate organisations are demonstrating the required levels of co-operation, while maintaining claims to legal professional privilege (where it is available).

Culture and individual accountability

Among the most prominent themes in investigations concerning corporate organisations is the focus on culture, both at the time when alleged misconduct occurred and when any investigation is commenced. The definition of what constitutes ‘good culture’ is elusive. Authorities deciding whether to commence, continue or discontinue investigations (and selecting which charges to pursue) attach substantial importance to whether they consider alleged conduct (including individuals’ conduct outside the workplace) to be indicative of a poor culture.

As demonstrated in its 2022 to 2025 Strategy, the FCA has ‘focused on firms’ culture and governance, which can be the root cause of both harm and of positive outcomes’.[29] The UK Senior Managers Certification Regime (SMCR) goes further than previous regulatory initiatives directed towards individual accountability. It gives the FCA and the Prudential Regulation Authority (PRA) powers to take action against a much broader population of individuals within firms. It also requires firms to document the specific responsibilities of their most senior executives, thus providing the FCA and PRA with clear road maps that may be used to hold those individuals accountable for breaches of regulatory requirements by firms. The FCA is now routinely using the SMCR for this purpose during enforcement investigations. Although enforcement authorities around Europe have been watching to see how the FCA and PRA seek to use these mechanisms to drive up standards of behaviour within the financial services industry, it remains to be seen whether other European regulators will follow the SMCR approach. By contrast, other common law jurisdictions, such as Singapore, Hong Kong and Australia,[30] have enacted regimes similar to the SMCR in recent years.

Even in countries where enforcement authorities have not explicitly named culture as an enforcement priority, boards are increasingly concerned to demonstrate their commitment to culture. Cases across Europe have shown the substantial reputational damage that can result from allegations of poor cultural practices and the speed at which allegations can cross borders (including into jurisdictions where enforcement authorities are active in this area).

Information sharing and multi-jurisdictional investigations

European investigation and enforcement authorities continue to collaborate actively with one another and with their counterparts globally, using mutual legal assistance treaties and other informal arrangements.

Across Europe, traditional boundaries between enforcement authorities’ remits are becoming increasingly blurred. The authorities are having to take an increasingly flexible view of what they are responsible for investigating, which authority should take the lead and how they should most effectively collaborate. Overlaps between the remits of antitrust, data protection and financial services enforcement authorities are becoming increasingly apparent.

Enforcement authorities, conscious of the potential for duplication and delay, are anticipating these overlaps, both within and between jurisdictions, and are implementing mechanisms to facilitate collaboration. For example, following Brexit, the FCA entered into a series of detailed memoranda of understanding with the relevant national competent authorities within the European Union and the European Economic Area, setting out how these agencies will co-operate and exchange information.[31] Although convictions and other enforcement outcomes in one jurisdiction will commonly be the product of extensive information sharing between authorities, there are as yet few significant concluded examples of enforcement authorities simultaneously pursuing enforcement cases against the same targets in multiple European jurisdictions.

EU institutions as enforcement authorities

Historically, there have been relatively few examples of supranational European authorities (other than the European Commission (EC) in its role as an antitrust enforcement authority) taking overarching enforcement action. That said, there is a clear movement to facilitate greater co-operation and coordination with respect to enforcement activity at a European level. This is both as a response to past incidents in which regulatory arrangements were found to have been lacking and in an effort to counter perceived growing threats.

In particular, the European Union has stepped up its focus on a pan-European approach to AML enforcement following AML failings in various European states. Until now, AML legislation encouraging closer collaboration between national investigation and enforcement authorities has taken the form of successive AML Directives (which, as they are not directly effective instruments and require transposition by Member States into their national laws, have been implemented in different ways and to different extents).

The European Banking Authority (EBA) was given additional powers following several well-publicised AML failings. As of 1 January 2020, the EBA has been:

  • tasked with coordinating national authorities’ supervisory responsibilities in respect of AML activity;
  • empowered to lead on the establishment of AML policies by national authorities; and
  • required to monitor the implementation of AML standards within Europe.[32]

An example of the EBA’s work in this area can be found in the revised guidelines on money laundering and terrorist financing risk factors published in March 2021. As part of a general update to the AML landscape in the European Union (EU AML), the guidelines address new money laundering risk factors and seek to develop more effective and consistent supervisory approaches across Europe.[33] It is apparent that the EBA will continue to rationalise the AML landscape. On 14 June 2022 (and following a consultation process),[34] the EBA published guidelines specifying the role and responsibilities of AML compliance officers and of the management bodies of credit and financial institutions.[35] It is the first time that the regulatory expectations for AML compliance officers have been set out at a European level.

Despite this activity, arrangements are still far from uniform across Europe. The extent to which the requirements set out in successive MLDs have been effectively transposed, and other provisions relating to cross-border collaboration and resourcing of national authorities have been implemented, varies widely between jurisdictions and will require further action to resolve.

In some instances, bilateral and multinational arrangements are in place, helping authorities to deploy their resources as effectively and efficiently as possible in cross-border AML investigations. One example, which is also a response to the concerns about previous enforcement arrangements already mentioned, is a formal mechanism to enable Baltic and Nordic AML regulators to exchange information and coordinate enforcement action. There are also increasingly sophisticated mechanisms in place in some jurisdictions to enable information sharing between private sector organisations, and with enforcement authorities.[36] In July 2020, the Netherlands Bankers’ Association announced that the country’s three largest banks and two smaller lenders would create a purely private joint transaction monitoring body, called Transaction Monitoring Netherlands,[37] designed to flag activity of concern that would not necessarily be identified as suspicious by a single institution’s compliance department. At the time of writing, it was not entirely clear whether Transaction Monitoring Netherlands has begun monitoring trans­actions.[38]

The EC also appears determined to take further action. On 20 July 2021, it unveiled a further package of legislative proposals to strengthen the EU AML framework. The package included the creation of a new EU enforcement agency tasked with combating money laundering, called the Anti-Money Laundering Authority (AMLA).[39] In June 2022, the EC agreed its ‘partial position’ on the proposal. The EC’s position envisages giving AMLA powers to ‘directly supervise certain types of credit and financial institutions, including crypto asset service providers, if they are considered risky’.[40] This is a welcome development in light of recent AML scandals, which invariably involve a cross-border element, leaving national enforcement agencies piecing together an incomplete picture after the conduct has completed.

Away from AML enforcement, the EC remains active as an antitrust enforcement authority. Some long-standing themes continue to feature in European antitrust investigations. There are exceptions to rules relating to legal professional privilege (in jurisdictions where it is part of the legal landscape). Leniency provisions often do not dovetail neatly with other regulatory mandatory reporting obligations. There are significant variations in the approaches taken by the EC and national competition authorities. There would also appear to be a different focus on sectors of enforcement. The EC appears to be concentrating on technology companies, as opposed to perhaps the more traditional financial crime targets (financial institutions and extractive industries). These, and other themes, mean that European antitrust investigations have to be handled differently from those pursued by other regulators.

In other areas, authorities with a pan-European remit have been active. The European Anti-Fraud Office (known as OLAF), the division of the EC responsible for investigating fraud against the EU budget and corruption and serious misconduct within EU institutions, has been particularly active in conducting investigations. The most recent available statistics indicate that OLAF concluded 212 investigations and commenced 234 investigations during 2021 and recommended that national authorities take action to recover nearly €527.4 million in 2021.[41]

In addition, Europol has conducted extensive work to seek to coordinate national responses and lay the foundations for possible future multilateral criminal enforcement action in a number of areas, including notably in relation to large-scale cyberattacks[42] and the coronavirus pandemic.[43] The European Union has also introduced legislation that strengthens Europol’s capacity to better support EU Member States in combating serious and organised crime and terrorism.[44]

It seems likely that levels of coordinated pan-European criminal enforcement action will increase in future. The European Public Prosecutor’s Office (EPPO) became operational in June 2021. In the 22 Member States that have signed up to the arrangements establishing it,[45] EPPO will have powers to investigate and prosecute crimes against the EU budget, such as fraud, corruption and tax fraud valued at over €10 million. It will not replace OLAF or other existing investigating and prosecuting authorities (or national enforcement authorities) but will pool experience, adopt a consistent prosecution policy, and be able to use streamlined procedures for the exchange of information across borders. In its first year of operation, EPPO has registered and analysed 4,006 crime reports, opened 929 investigations, granted €259 million of freezing orders and secured four convictions.[46]


Despite fears that Brexit would cause significant damage to cross-border investigations and enforcement, the December 2020 trade and co-operation deal (the Brexit Deal) did much to limit the consequences of Brexit in the areas of enforcement and investigations.[47] In the context of the Irish border (a potential enforcement flashpoint), a UK parliamentary committee found (in April 2021) that ‘Brexit had had no discernible operational impact on cross-border policing and the ability to co-operate with partners in the EU has been maintained’.[48]

In addition to the Brexit Deal, the steps that the UK government took to maintain access to a similar level of information from European enforcement agencies following Brexit appear to be helping to maintain the status quo. In February 2021, the UK government stated that the Interpol systems and Warning Index used by the United Kingdom for law enforcement purposes, which are no longer automatically integrated into the UK Police National Computer following Brexit, update at broadly the same speed as the pre-Brexit systems.[49]

It should be noted, however, that Brexit is still only a relatively recent development and that a greater impact may become apparent over time. It is likely that an assessment will only be possible once the backlog of pre-Brexit investigations and cases is resolved, and authorities begin to tackle post-Brexit investigations and cases.

The United Kingdom is no longer part of the European Investigation Order scheme. The Brexit Deal provided that UK–EU arrangements would revert to a mutual legal assistance scheme governed by a 1959 convention. It would appear that the process of obtaining information under these new arrangements might take longer. Although the European Investigation Order scheme gave states 30 days from the receipt of a request to decide whether to execute it, the new arrangements allow 45 days.

Further, following its withdrawal from the European Arrest Warrant system, 10 EU Member States have notified the United Kingdom of their intention to exercise an absolute bar on the extradition of their own nationals to the United Kingdom, and an additional two nations shall only extradite their own nationals to the United Kingdom with the individual’s consent.[50] A new agreement between the United Kingdom and the European Union that allows for streamlined extradition warrant-based arrangements (similar to the EU’s surrender agreement with Norway and Iceland) came into effect on 1 January 2021.[51]

There had also been concerns that internal investigations may be affected by Brexit in terms of the ability to transfer personal data from the European Union to the United Kingdom. However, on 28 June 2021, the EC adopted two adequacy decisions for the United Kingdom, which allow data to flow freely from the European Union to the United Kingdom, where it benefits from an essentially equivalent level of protection to that guaranteed under EU law. This should resolve any uncertainty about issues of transferring data between the United Kingdom and EU Member States, if only for the time being.


[1] Robert Dalling is a partner and Karam Jardaneh is an associate at Jenner & Block London LLP.

[2] Law No. 2016-1691 on Transparency, Fighting Corruption and Modernising Economic Life.

[3] The Law Commission is an independent body in the United Kingdom that keeps the laws of England and Wales under review and recommends reform when needed.

[4] Law Commission, Corporate Criminal Liability: Current project status, at (last accessed 4 November 2022).

[5] Ireland: Criminal Justice (Corporate Offences) Act 2018.

[6] ‘Irish corruption law not in compliance with OECD guidelines’, The Irish Times (26 August 2019), at (last accessed 4 November 2022).

[7] ‘New German government prioritises corporate crime enforcement reforms’, Global Investigations Review (25 November 2021), at (last accessed 4 November 2022).

[8] ‘Poland’s lack of progress in implementing reforms to boost fight against foreign bribery remains a serious concern’ (22 June 2021), at (last accessed 4 November 2022).

[10] Sweden: Swedbank was fined US$386 million for compliance deficiencies relating to Baltic money laundering, and Skandinaviska Enskilda Banken was fined €95 million for similar conduct.

[11] Netherlands: ING Groep was fined US$900 million for broad failures relating to financial crime compliance controls. ABN Amro reached a US$574 million settlement with prosecutors in respect of money laundering allegations – see ‘ABN Amro to settle money laundering probe for $574 mln’ (19 April 2021), Reuters, at,laundering%20allegations%2C%20which%20will%20impact%20its%20first-quarter%20results (last accessed 4 November 2022).

[12] The UK’s Financial Conduct Authority (FCA) has fined HSBC Bank plc around £63.9 million and NatWest has been ordered by a court to pay around £264.8 million – see (last accessed 4 November 2022).

[14] ‘Cum-ex tax scandal cost European treasuries €55 billion’, DW Akademie (18 October 2018), at (last accessed 4 November 2022).

[15] The Cum-ex files (information document), European Parliament, at (last accessed 4 November 2022).

[16] ‘Dividend Reclaim Case: Six persons formally charged with defrauding the Danish Treasury of more than DKK 1 billion’, Anklagemyndigheden, at (last accessed 4 November 2022).

[17] In June 2022, a hedge-fund trader was arrested for possible extradition to Denmark in connection with ex-cum trading charges – see (last accessed 4 November 2022).

[18] Skatteforvaltningen v. Solo Capital Partners Llp [2022] EWCA Civ 234 (25 February 2022), at (last accessed 4 November 2022).

[21] ‘COVID-19: how HMRC will continue to support customers and the economy’, HM Revenue and Customs, at (last accessed 4 November 2022).

[23] ‘Brussels pushes for tougher sanctions enforcement via EU-wide body’, Financial Times (2 July 2022), at (last accessed 4 November 2022).

[24] Serious Fraud Office (SFO), ‘Publication of Brian Altman QC and Sir David Calvert-Smith reviews’ (21 July 2022), at (last accessed 4 November 2022).

[25] French Anticorruption Agency (AFA), (last accessed 4 November 2022).

[26] ‘Regular compliance renewal helps French transport company minimise corruption fine’, Global Investigations Review (2 August 2021), at (last accessed 4 November 2022).

[27] Department of Justice, ‘Review Group Report on structures and strategies to prevent, investigate and penalise economic crime and corruption’ (updated December 2021), at (last accessed 4 November 2022).

[29] FCA, ‘Our Strategy 2022 to 2025’, at, at p. 7 (last accessed 4 November 2022).

[30] Singapore: Individual Accountability and Conduct Regime. Hong Kong: Manager-in-Charge Regime. Australia: Banking Executive Accountability Regime.

[31] FCA, ‘MoUs with European authorities in the areas of securities, investment services and asset management, insurance and pensions, and banking’ (updated February 2021), at (last accessed 4 November 2022).

[32] Regulation (EU) 2019/2175.

[33] European Banking Authority (EBA), ‘EBA publishes final revised Guidelines on money laundering and terrorist financing risk factors’, (1 March 2021), at (last accessed 4 November 2022).

[34] EBA, Consultation Paper, ‘Draft Guidelines: On policies and procedures in relation to compliance management and the role and responsibilities of the AML/CFT Compliance Officer under Article 8 and Chapter VI of Directive (EU) 2015/849’, at (last accessed 4 November 2022).

[36] In the United Kingdom, with effect from October 2017, previously voluntary arrangements enabling information sharing within the private sector and between private sector organisations and enforcement authorities were placed on a statutory footing – Criminal Finances Act 2017, section 11 (which amended the Proceeds of Crime Act 2002).

[37] See Netherlands Bankers’ Association, press release, ‘Transaction Monitoring Netherlands: a unique step in the fight against money laundering and the financing of terrorism’, at (last accessed 4 November 2022).

[38] See (last accessed 4 November 2022).

[41] European Anti-Fraud Office, ‘OLAF in figures’, at (last accessed 4 November 2022).

[42] See Europol, press release, ‘Coordinated action cuts off access to VPN service used by ransomware groups’ (30 June 2021), at (last accessed 4 November 2022).

[43] See Europol, press release, ‘Terrorists attempted to take advantage of the pandemic, says Europol’s new EU Terrorism Situation and Trend Report 2021’ (22 June 2021), at (last accessed 4 November 2022).

[44] Europol, press release, ‘Europol’s amended Regulation enters into force’ (28 June 2011), at (last accessed 4 November 2022).

[45] Sweden, Hungary, Denmark, Ireland and Poland having opted out.

[46] EPPO, ‘1 year of EPPO operations: larger and faster EU fraud investigations’ (1 June 2022), at (last accessed 4 November 2022).

[47] The Brexit Deal also alleviated concerns that the United Kingdom would lose access to EU criminal justice databases. The Brexit Deal preserved arrangements for the reciprocal exchange of passenger data, DNA, fingerprints and vehicle registration data (under the Prüm Convention), and for the exchange of criminal records (although the UK’s loss of access to the European Criminal Records Information System may lead to slower turnaround times), as well as information about wanted or missing persons. The United Kingdom will continue to co-operate with Europol and Eurojust (which promote co-operation between Member States in combating terrorism and organised crime) but it will have no say in the management of these agencies.

[48] Northern Ireland Affairs Committee, ‘Cross-border co-operation on policing, security and criminal justice after Brexit: Fourth Report of Session 2019–21’ (22 April 2021), at (last accessed 4 November 2022).

[49] National Crime Agency – Written evidence (PBS0001): ‘Post EU Exit Law Enforcement Cooperation’ (3 February 2021), at (last accessed 4 November 2022).

[50] Home Office – Written evidence (PBS0002): ‘EU Member State Notifications under the Law Enforcement and Criminal Justice Title of the Trade and Cooperation Agreement, including Extradition Of Own Nationals’ (5 March 2021), at (last accessed 4 November 2022).

[51] Home Office, ‘Extradition: processes and review’ (last updated August 2022), at (last accessed 4 November 2022).

Unlock unlimited access to all Global Investigations Review content