Financial Crime Compliance (FCC) is the overarching term used — particularly within financial institutions and large corporates — to describe the entire function responsible for preventing, detecting, and responding to financial crime risk. It is a deliberately broad concept that encompasses multiple distinct but closely related disciplines under a single organisational and governance umbrella: Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), Sanctions compliance, Anti-Bribery and Corruption (ABC), fraud prevention, and — increasingly — tax evasion and proliferation financing controls. The rationale for grouping these disciplines together is that they share common underlying methodologies — customer due diligence, transaction monitoring, screening, investigation, and reporting — and that the risks they address frequently overlap in practice.
Within a financial institution, the FCC function typically sits within the second line of defence in the Three Lines of Defence model — meaning it is responsible for setting policies, providing oversight, and challenging the first line (the business) on financial crime risk management, without itself owning the day-to-day customer relationships. The FCC function is usually headed by a Chief Compliance Officer (CCO) or a dedicated Head of Financial Crime, supported by the MLRO for AML-specific obligations, and has direct reporting lines to the board or a board-level risk or audit committee. Regulators — including the FCA, BaFin, and the EBA — have consistently emphasised that FCC must be genuinely independent from commercial pressures, adequately resourced, and empowered to escalate concerns and override business decisions where financial crime risk demands it. A weak or under-resourced FCC function is itself treated as a serious regulatory finding.
