Skip to content
Get in touch Support Hub Investors
Book a demo Free trial
Back to blog

Compliance News | December 2025

7 minute read

Compliance News
compliance news demcember
Last updated: December 16, 2025

This month's key compliance news includes hackers using ChatGPT to get personal data, Nationwide's £44m fine, the dismissal of a Met officer after being found guilty of misconduct, and more.

Our pick of compliance stories this month

Explore our Compliance Essentials Library

Met officer dismissed after misconduct hearing

A Metropolitan Police sergeant, Sevket Gurgur, has been dismissed and banned from policing after a misconduct hearing found he had treated several female colleagues in a discriminatory and inappropriate way.

The most serious finding related to his behaviour towards a pregnant officer under his supervision at Edmonton police station. When she returned from pregnancy-related sick leave, Gurgur made dismissive remarks, including accusing her of "using the pregnancy card again" and commenting, "oh, now you decide to turn up." He also called her a "diva" when she asked to leave work early to attend a midwife appointment.

The officer told the misconduct panel that these comments made her feel anxious and reluctant to ask for support at work during her pregnancy.

The hearing also found that Gurgur used derogatory language towards two other female colleagues. He described one as "lazy" and told another that she was "a Muslim woman and should act like one." While he denied some of the allegations, he admitted making at least one of the comments.

The panel concluded that his behaviour was intentional, deliberate and targeted, amounting to gross misconduct. As a result, Gurgur was dismissed without notice and placed on the police barred list, preventing him from working in policing again.

Key takeaways:

  • Respect pregnancy and all protected characteristics in your workplace, ensuring employees are never belittled or dismissed for taking leave.
  • Model professional and inclusive behaviour at all levels, particularly among managers and leaders.
  • Focus on the impact of actions and language, not just intentions, when assessing workplace conduct.
  • Enforce equality, diversity, and inclusion policies consistently across the organisation.
  • Support employees needing adjustments, flexible working, or leave for medical or personal reasons.
  • Hold senior staff accountable to the same standards as everyone else, without exception.
  • Maintain clear, trusted reporting and investigation processes to address misconduct promptly and fairly.

See our DEI Training Package

SRA review finds compliance officers feel undervalued

A recent review by the Solicitors Regulation Authority (SRA) has found that many compliance officers at UK law firms feel undervalued, under‑resourced and overworked. The thematic review highlighted that compliance roles such as Compliance Officer for Legal Practice (COLP) and Compliance Officer for Finance and Administration (COFA) are often seen as a regulatory necessity rather than a valued part of firm leadership.

Fewer than half of compliance officers felt their role was properly acknowledged by their firms, and many reported lacking adequate time, support and resources to fulfil their duties effectively. The findings also showed issues with awareness of regulatory responsibilities and heavy workloads, suggesting that firms rely too heavily on individual officers rather than embedding compliance responsibility across the organisation.

The SRA has said it will use the review's insights to improve support for compliance officers and may consider broader changes to strengthen the effectiveness of the compliance regime

Key takeaways:

  • Value compliance officers: Recognise COLPs and COFAs as integral to firm leadership, not just regulatory box-tickers.
  • Provide adequate resources: Ensure compliance officers have enough time, staff, and support to perform their duties effectively.
  • Embed compliance across the firm: Avoid over-reliance on individuals; make regulatory responsibility part of the broader firm culture.
  • Clarify roles and responsibilities: Ensure all staff understand regulatory obligations and how compliance fits into day-to-day operations.
  • Manage workloads: Monitor compliance officers' workloads to prevent burnout and maintain effectiveness.
  • Support professional development: Offer training and career progression opportunities to strengthen the status and capability of compliance roles.
  • Foster open communication: Encourage compliance officers to raise concerns and participate in strategic decision-making without fear of being undervalued.

See our Risk Management Training Package

FCA fines Nationwide £44m for poor financial crime controls

The UK's financial regulator has fined Nationwide Building Society £44 million for serious weaknesses in its financial crime controls that contributed to incorrect payments under the government's Covid‑19 furlough scheme. This is the largest penalty issued by the FCA this year, and the biggest-ever enforcement fine Nationwide has received.

The FCA found that Nationwide's systems and oversight were insufficient to identify and prevent fraudulent or erroneous claims tied to the scheme, which distributed government support during the pandemic.

"Nationwide failed to get a proper grip of the financial crime risks lurking within its customer base. It took too long to address its flawed systems and weak controls, meaning red flags were missed with serious consequences."

- Therese Chambers, joint executive director of enforcement and market oversight, the FCA

The FCA’s action highlights ongoing scrutiny of banks’ anti‑financial crime processes and signals that firms must maintain robust controls even for government‑backed emergency programmes. The fine reflects the regulator's expectation that financial institutions proactively manage risks and ensure compliance with regulatory standards.

Key takeaways:

  • Maintain strong financial crime controls: Even during emergencies, firms must ensure anti‑fraud and anti‑money laundering systems are robust.
  • Monitor government schemes carefully: Programmes like furlough payments can carry high risk; firms must verify claims and detect anomalies.
  • Prioritise oversight and accountability: Adequate supervision and clear lines of responsibility are essential to prevent regulatory breaches.
  • Embed risk management culture: Compliance should be part of everyday operations, not treated as an afterthought.
  • Act promptly on weaknesses: Firms should regularly assess and address gaps in their controls before regulators intervene.
  • Document processes clearly: Proper record-keeping demonstrates compliance efforts and supports investigations if issues arise.
  • Expect regulatory scrutiny: Regulators may impose significant fines for lapses, emphasising the importance of proactive compliance.
See our FCA Handbook Training Package

Hackers 'poison' ChatGPT to get personal data

Cybersecurity researchers have uncovered a new type of cyberattack that impersonates AI chatbots, such as ChatGPT, to steal personal information. Attackers create fake chatbot conversations that mimic the style and tone of trusted AI assistants and use targeted advertisements to lure victims to malicious links.

Once a user clicks the link, the scam engages them with seemingly helpful advice, such as instructions for solving a common technical issue. The attackers then persuade the victim to copy and paste a command into their computer terminal, which secretly installs malware known as “Amos stealer.” This malware is capable of capturing sensitive data, including passwords, browser histories, and cryptocurrency wallet information.

Experts warn that the attack is effective because it leverages users’ trust in familiar AI tools, making people feel safe following instructions that they believe come from a legitimate source. This highlights the growing need for caution and verification when interacting with digital assistants and AI-powered tools.

Key takeaways:

  • Educate employees on AI-related scams: Staff should be trained to recognise phishing, social engineering, and malware disguised as trusted AI tools.
  • Verify instructions before acting: Employees must confirm the legitimacy of commands or downloads, especially when prompted by unfamiliar links or messages.
  • Implement strong endpoint security: Ensure devices have malware detection, anti-virus, and monitoring tools to prevent unauthorised software installations.
  • Monitor for suspicious activity: Regularly review system logs and unusual behaviour to detect potential data breaches quickly.
  • Maintain robust data protection policies: Sensitive information like passwords, financial data, and digital wallets should be safeguarded and access limited.
  • Promote a culture of caution: Encourage staff to report suspicious links or messages without fear of reprisal.
  • Review third-party interactions: Ensure external communications, ads, and AI tools used by the firm are vetted and secure.

Download our Cyber Culture Clash Index Report

FCA rises to the government's growth mandate

The UK’s financial regulator, the FCA, is stepping up efforts to support economic growth in response to government mandates. Facing pressure to move beyond traditional, jargon‑heavy regulation, the FCA has unveiled a set of pro‑growth measures aimed at helping consumers and markets flourish.

These include proposals to make investment communications clearer and more engaging for retail investors by removing overly technical language, and to clarify who qualifies as a professional investor to ease compliance burdens on firms.

The regulator hopes these changes will help revive a culture of investment among UK savers and unlock capital that has been sitting in low‑yield cash accounts, potentially boosting participation in markets. The FCA is also advancing a broader package of reforms designed to reduce red tape and expand access to financial advice for millions of savers, as well as future initiatives to support innovative financial products and simplify rules that currently deter participation.

Overall, the FCA's recent announcements signal a shift toward more accessible, growth‑focused regulation that balances consumer protection with efforts to make UK financial markets more dynamic and competitive.

Explore our FCA Compliance Library

Looking for more compliance insights?

We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.

 

Written by: Emmeline de Chazal

Emmeline is an experienced digital editor and content marketing executive. She has a demonstrated history of working in both the education management and software industries. Emmeline has a degree in business science and her skillset includes Search Engine Optimisation (SEO) and digital marketing analytics. She is passionate about education and utilising her skills to encourage greater access to e-learning.

Emmeline de Chazal

Related articles

compliance-news-|-november-2025-|-skillcast
Compliance News

Compliance News | November 2025 | Skillcast

11 minute read

This month's key compliance news includes Cloudflare's global outage, NCSC's warning of a rise in cyber scams, Coinbase's AML fine and more.

Read the article
compliance-news-|-may-2025-|-skillcast
Compliance News

Compliance News | May 2025 | Skillcast

11 minute read

This month's key compliance news includes the EU-UK's security and defence partnership, Temu's fine, HSBC's plan to enforce office attendance and more.

Read the article
compliance-news-|-april-2025-|-skillcast
Compliance News

Compliance News | April 2025 | Skillcast

9 minute read

This month's key compliance news includes the resignation of Primark CEO over misconduct, Revolut's AML fine, new guidance on consumer protection published by the CMA, Block Inc.'s $40m settlement, and more.

Read the article
Visit the blog