Accountants remain a prime target for criminals seeking to launder illicit funds, according to the government’s latest National Risk Assessment (NRA), which highlights fresh vulnerabilities linked to fintech, cryptoassets and gambling.
The 2025 review, the fourth since 2015, concludes that accountancy services continue to face a high risk of money laundering — unchanged since the last assessment in 2020 — while terrorist financing risk remains low. But while the headline classification is stable, the environment around accountants is shifting rapidly, with new sectors and typologies creating added complexity.
Fintech, crypto and gambling rise in risk profile
The NRA has upgraded fintech firms — including e-money institutions and payment service providers — from medium to high risk, citing rapid growth, complex business models and reliance on outsourced AML controls. Cryptoasset providers have also been raised to high risk, reflecting widespread criminal exploitation.
Casinos, particularly in the remote and online space, have moved up to medium risk, adding another dimension for professionals whose clients operate in or alongside gambling markets.
The report also flags football and player agents as areas of emerging concern, with opaque ownership structures and sponsorship deals offering opportunities to obscure financial flows.
Accountancy sector vulnerabilities
For accountants, the risks stem from specific services that can be exploited to disguise ownership or move money: company formation and termination, bookkeeping, payroll, tax advisory, and trust and company services.
Large firms face exposure through complex, cross-border client bases, while smaller practices may struggle with resources and training. Regulators emphasise that vulnerabilities vary but require proportionate, risk-based controls across the profession.
Mike Miller, Economic Crime Manager at ICAEW, said the NRA remains a “critical reference point” for firms. “It helps accountants understand not only where risks are highest but how those risks are changing. Aligning firm-level assessments with these national priorities is central to a compliant and effective AML framework,” he noted.
Shifting picture of high-risk countries
The NRA also underscores the importance of tracking changes to high-risk third-country lists. Enhanced due diligence is mandatory when clients are linked to jurisdictions flagged by the Financial Action Task Force (FATF) or the EU.
In June 2025, FATF added Bolivia and the UK Virgin Islands to its “increased monitoring” list, while Croatia, Mali and Tanzania were removed. The EU has separately expanded its list to include Algeria, Angola, Côte d’Ivoire, Kenya, Laos, Lebanon, Monaco, Namibia, Nepal and Venezuela, while delisting others such as Barbados, Gibraltar and the UAE.
For accountants, these shifts mean client risk profiles can change quickly, requiring systems that capture the latest updates and ensure enhanced due diligence obligations are met.
A more complex landscape
Although the assessment stops short of reclassifying accountancy as higher risk overall, the widening of vulnerabilities across adjacent sectors makes life more difficult for firms. New channels for laundering money — from fintech platforms to sports sponsorship deals — increase the likelihood that accountants will encounter higher-risk clients or transactions, even if indirectly.
The message from supervisors is clear: AML risk assessments must be dynamic, not static. Firms are expected to update internal controls in line with the NRA, monitor changes to jurisdictional risk lists, and train staff to spot red flags in emerging sectors such as crypto and gaming.
Practical implications for firms
The latest NRA confirms that money laundering remains a systemic threat for accountants, but the shape of the threat is evolving. Firms that continue to apply a rigorous, risk-based approach — tailoring due diligence to service lines, client types and geographic exposure — will be better positioned to withstand regulatory scrutiny.