Economic crime policy statement

We operate to comply with economic crime laws and/or regulations, as prescribed by our policies. We have no tolerance for knowingly facilitating or appearing to facilitate any form of economic crime including money laundering, terrorism financing, contravention of sanctions, bribery and corruption, internal fraud, external fraud, failure to prevent corporate fraud or tax evasion facilitation . We recognise the damaging impact that economic crime has on our customers, communities and wider society, and we understand that tackling economic crime is the right thing to do.

We expect compliance with economic crime laws and regulations that apply to our business and the transactions we undertake, whether by our employees, customers, supply chain, relevant third parties or associated persons. We are committed to acting professionally, fairly and with integrity in all business dealings and relationships. This commitment is defined by our senior management and supported by the Board, which holds ultimate accountability for ensuring that we are compliant and operating within our risk appetite. The Audit Committee provides oversight and advice to the Board on the adequacy and effectiveness of Nationwide’s internal control and risk management framework. Annually, the Committee reviews and recommends to the Board, for its approval, the related statements to be included in the Annual Report and Accounts.

Our economic crime framework includes an Economic Crime Policy and supporting standards that apply to all business areas, employees, our supply chain and associated persons. The policies and standards are informed by applicable laws, regulations, guidance and industry best practices (including appropriate international sources such as the Financial Action Task Force (FATF) and the Wolfsberg Group). Minimum control requirements that facilitate risk-based, effective and efficient risk management are set in the key areas of anti-money laundering and counter-terrorism financing (AML/CTF), proliferation financing, sanctions, internal and external fraud, prevention of corporate fraud, and anti-bribery and corruption (ABC) (including anti-facilitation of tax evasion).

There are consequences for non-compliance where misconduct or a contractual breach is identified. For employees, disciplinary actions are available up to, and including, dismissal. For associated workers and third parties, this may include termination of contractual arrangements.

The requirements include, but are not limited to:

• Definitions of the responsibilities and accountabilities of our employees, including senior managers, and the escalation routes available under governance;
• Regular business-wide risk assessments that establish our overall economic crime risks, and assess the effectiveness of the systems and controls applied to mitigate them;
• Initial and ongoing due diligence, risk assessment and screening applied to our business relationships, including employees, customers, third parties and our associated persons;
• Enhanced due diligence controls where a relationship may present a higher risk such as, but not limited to, higher risk countries, adverse media findings or Politically Exposed Persons (PEPs). The Accountable Executive that owns the relationship must ensure the onboarding or continuation of a high-risk relationship is subject to approval;
• Processes (including employee suspicion reporting and transaction monitoring) to internally detect, investigate and report suspicious activity. This includes systems that enable required external reporting to the National Crime Agency (NCA).
• Processes to ensure that mandatory funds transfer information is included in electronic payment messages;
• Screening of payments and parties to identify and escalate potential matches to a relevant sanctions regime;
• Record keeping, management information and governance (including escalation) requirements. Accessible records must be retained for at least five years after a relevant activity. Some may need to be retained for the length of a relationship plus five years;
• External engagement with statutory economic crime supervisors, competent authorities and law enforcement agencies;
• Training must be completed at onboarding and then at least annually by employees and other associated persons, (inclusive of temporary workers, contractors and interns), including specialised and role-based training for certain business areas/roles, in relation to money laundering, countering terrorism financing, bribery and corruption, (including tax evasion), financial sanctions, internal and external fraud, and the prevention of corporate fraud. Personal Responsibilities Statements (PRS) and attestations must be completed, to evidence completion and acknowledge understanding.
• Second and third line of defence testing of the economic crime controls, to ensure appropriate assurance of an effective compliance programme;
• External engagement with Public-Private Partnerships including the Joint Money Laundering Intelligence Taskforce (JMLIT) and the Joint Fraud Taskforce (JFT), and with industry trade bodies such as UK Finance and the Building Societies Association (BSA);
• Regular review of our Economic Crime Policy and supporting Minimum Control Standards to capture any changes in risk.

We evaluate and monitor economic crime threats and risks and modify our controls in response to them, including investment in our economic crime management capabilities.

We have no tolerance to knowingly maintain relationships, and/or conduct activities which facilitate, or appear to facilitate, money laundering, terrorist financing or proliferation financing risk.

We complete Customer Due Diligence (CDD) to determine the risks posed by prospective or existing relationships. We do this before onboarding and on an ongoing basis, which enables the appropriate application of risk-based due diligence. We will not onboard a prospective relationship, or maintain an existing one, where CDD cannot be completed and/or required information has not been provided. This approach is applied to in-person and non-face-to-face scenarios, and includes the use of credit reference agencies, automated document and ‘selfie’ checks and/or other documents to verify the identity of relevant individuals and entities.

Potential relationships will be declined, and existing relationships terminated (where lawful to do so), where the level of economic crime risk is outside of our risk appetite. This may occur after Enhanced Due Diligence (EDD) and/or enhanced ongoing monitoring has been applied to the relationship and/or relevant transactions.

We monitor payments and transactions, and where necessary we will stop payments, close accounts and relationships where activity is suspicious or cannot be appropriately explained.

In line with our UK regulatory and legal obligations, our Director of Economic Crime Risk and Compliance also fulfils the role of the Money Laundering Reporting Officer (MLRO). The Director is the owner of the Economic Crime Policy and its supporting Minimum Control Standards. They support the business with appropriate guidance and strategic leadership. As MLRO, the Director is responsible for the oversight of our compliance with relevant legislation, regulations, rules and industry guidance.

The MLRO reports to the Chief Risk Officer (a member of the Executive Committee) and they hold delegated responsibilities within the FCA’s Senior Management Arrangements for countering the risk that the firm is used to further economic crime. The MLRO delivers an annual compliance report to the Board.

We’ll comply with all applicable sanctions, laws and regulations. We have no appetite for relationships, and/or activities that violate United Kingdom HM Treasury, United Nations, European Union or United States Office of Foreign Assets Control (OFAC) sanctions obligations.

Our policy and supporting minimum control standards prohibit relationships, business activity and the remittance or acceptance of unlicensed payments, directly or indirectly involving sanctioned individuals, entities or sanctioned countries, territories and their governments. In compliance with our regulatory requirements and our policy, we may be required from time to time to reject payments, freeze assets or refuse to provide services.

We may process payments under licence, but these may incur delays or subsequently be rejected. We may refuse to process certain payments, even where permissions or licences exist within applicable law or regulation or where these payments fall outside of our risk appetite or the risk appetite of our clearing partner. We accept no liability for losses incurred on such occasions.

We are committed to protecting our customers and our business from fraud. We want to ensure our customers can transact safely and without fear. We have a significant management focus on fraud prevention. Victims are given support through the duration of the fraud claim process, and this considers any vulnerability needs. We have invested in technology, with a range of systems to support the screening and monitoring of our customers and their behaviour to prevent and detect fraud.

We support our customers by providing information on how we’re protecting them from being a victim of fraud or a scam. We also provide in-depth information on the ways a customer can protect themselves. We provide clear guidance on the dedicated reporting channels available to a customer, for when they are a victim of fraud or a scam. This support is available to our customers on Nationwide’s website at Fraud and security.

We tolerate some financial loss from external fraud. However we aim to minimise fraud against customers and limit our exposure to fraud perpetrators, balancing these goals against delivering frictionless customer service.

We have a no tolerance approach for internal fraud or theft by associated persons (including employees and third parties). We have no appetite for failing to prevent our associated persons (including employees and third parties) from committing fraud intended to benefit Nationwide.

We recognise the societal and reputational damage caused by bribery and corruption, and the consequences to individuals and organisations that fail to prevent bribery. Tax evasion is damaging to the government, businesses and societies where it occurs.

We have no appetite for bribery and corruption by our customers, and associated persons (including employees and third parties), and no appetite for our associated persons (including employees and third parties) facilitating or appearing to facilitate tax evasion. A whistleblowing process (also known as “Speak Up”) is available to employees, contractors and associated persons, to report known or suspected misconduct, and to be able to do so anonymously. Potential acts of bribery, corruption or the facilitation of tax evasion are subject to investigation and we’ll co-operate fully with regulators and law enforcement.

We have a framework which prohibits actions that can amount to bribery and corruption. We prohibit asking for, accepting or receiving any benefit as an incentive, favour or inducement for inappropriately performing a function or activity. We also prohibit offering, promising or giving any benefit (such as money, gifts and hospitality) or an advantage to another person or entity as an incentive, favour or inducement for improper performance of a function or activity. Or, in the case of a public official, to use their public office-related influence to obtain or retain a business advantage. We prohibit our employees and associated persons (where they act for or on behalf of Nationwide) from facilitating tax evasion.

We prohibit any form of facilitation payment, except where there is a significant risk to life, limb or liberty. Facilitation payments are those made to secure or speed up the performance of a routine or necessary action, to which the payer has legal or other entitlement.

Recipients of charitable activities, and any third parties engaged to support Nationwide’s charitable activities, are evaluated. A risk assessment and due diligence is completed, to understand whether the bribery and corruption risks they may present are within our appetite. Approval is required before any activities can take place.

Supply chain relationships are managed to ensure that they have the equivalent of, or adhere to, our anti-bribery and corruption, failure to prevent fraud and anti-tax evasion standards. We subject third party relationships to risk-based controls, including risk assessment, due diligence, screening, contract clauses, ongoing monitoring and periodic or event-based reviews. This includes the use of contractual clauses to compel compliance. We also assess the risks of bribery, corruption and tax evasion in any joint venture, mergers and/or acquisitions.

Last updated: August 2025