Newsletter on market conduct and transaction reporting issues.
April 2026.
About this edition
In this edition, we discuss how the Economic Crime and Corporate Transparency Act 2023 (ECCTA) can help firms share customer information to fight economic crime.
Background
Under ECCTA, anti-money laundering regulated firms can share customer information to help prevent, detect and investigate economic crime. It protects firms from breaches of confidentiality or other civil liabilities in these circumstances.
We encouraged firms to consider how they can share this kind of information in our review of money laundering through the markets.
Why this is important
Market abuse is a crime that presents significant risks to market integrity. Sharing information under ECCTA helps firms assess risks and make more informed judgments – protecting themselves and others from the impact of financial crime.
Firms have a responsibility to counter the risk of economic crime, and should assess the risks of clients using them for criminal market abuse. They could consider how each client relationship fits with their own business models, risk appetites and market abuse risk assessment frameworks.
They must then judge how to mitigate those risks. This could include ending a commercial relationship if a firm is concerned that a client has engaged in criminal market abuse (as set out in paragraph 8.2.2 of the Financial Crime Guide). However, before ECCTA, firms may not have shared their concerns with other firms because of their confidentiality obligations. This means other firms were less well informed than they could be when they assessed their own market abuse risks, leaving them more exposed.
Firms should consider using ECCTA where they can.
How ECCTA applies to investment brokers
ECCTA applies to any investment firm directly sharing information about criminal market manipulation with another firm.
The offences it covers
ECCTA covers information about offences under these sections of the Financial Services Act 2012:
- section 89 (misleading statements)
- section 90 (misleading impressions)
- section 91 (misleading statements in relation to benchmarks)
It does not currently apply to insider dealing, whether under Part V of the Criminal Justice Act or the civil regime governed by the UK Market Abuse Regulation 596/2014.
However, the Home Office has published a Call for Evidence on how firms share information to tackle economic crime, and how this could be improved. It includes a question on whether ECCTA’s information-sharing measures should cover any other offences.
The conditions for sharing information
Under s188 of ECCTA, a firm can directly share with another firm information about its customers or former customers if the ‘warning’ or ‘request’ conditions apply.
The warning condition applies if the firm:
- has taken ‘safeguarding action’ against a customer due to risks of economic crime, or
- would have taken action if the customer had not left the relationship
Safeguarding actions are where the firm has:
- ended a business relationship with the customer
- refused the customer a product or service, or
- restricted the customer’s access to parts of a product or service that are available to other customers
The request condition applies where a firm requests information from another firm about a customer where it reasonably believes that this other firm has information about a customer that may help it take a ‘relevant action’.
Relevant actions include:
- deciding what steps to take to prevent, detect or investigate economic crime
- identifying a customer
- deciding whether to end a business relationship
- deciding whether to restrict a product or service to a customer, or refuse to provide it at all
ECCTA protects firms disclosing, requesting, and using information in these circumstances by establishing that they:
- are not breaching their confidentiality obligations
- do not have any civil liability to the party the information relates to
Firms must still comply with data protection legislation, including the UK General Data Protection Regulation and the Data Protection Act 2018.
ECCTA does not replace firms’ legal obligation to submit SARs to the NCA or STORs to the FCA. It also does not make information sharing a prerequisite for submitting SARs or STORs.
The Home Office has published further guidance on ECCTA’s information-sharing measures.
What firms can do
Firms should consider:
- how ECCTA’s direct information-sharing measures apply to their own business
- when it would be appropriate to share information to counter the risks of economic crime
For instance, a firm could use ECCTA to ask another firm for information about a customer it is providing services to. This could be a way of meeting its SYSC 6.1.1 obligations to counter the risk of being used for financial crime.
As part of our routine engagement with firms, we will ask whether and how they are using ECCTA to share this kind of information, and if they face any barriers.
We will continue to highlight market abuse concerns through our regular publications. Beyond ECCTA, firms should consider sharing emerging market abuse patterns or typologies with each other. This will strengthen our collective defences against crime.