INSIGHT: Why UK barbershops have become a frontline in the fight against dirty money

MONEY laundering and financial crime could be happening right on your doorstep – right where you get your hair cut.

In spring this year, the UK NCA (National Crime Agency) laid bare the scale of potential money laundering and financial crime on Britain’s high street in a raid on over 250 barbershops and other high street businesses as part of ‘Operation Machinize’.

The NCA’s three-week operation led to the freezing of bank accounts holding more than £1 million, the seizure of thousands of illegal products, and the rescue of nearly 100 individuals believed to be victims of forced labour.

Earlier this month, police raided almost 3,000 high street shops in the second part of the operation, showing that officials have no intention of letting up.

According to the UK’s 2025 National Risk Assessment, high-street businesses remain vulnerable to criminal exploitation for laundering illicit funds. The government has warned that traditional point-in-time Know Your Customer (KYC) checks are no longer sufficient in the face of dynamic risk environments.

Therefore, any interaction with an entity engaged in money laundering – whether knowingly or unknowingly – could potentially expose a financial institution or business to involvement in these offences, creating potential reputational, regulatory, and compliance risks. 

A £12 billion problem

The NCA estimates high street money laundering cleans £12 billion ($16 billion) in illicit cash every year, and one of the most at-risk sites is the barbershop. Criminal entities might gravitate toward barbershops for several reasons. Unlike restaurants or retail stores, many barbershops deal more often in cash transactions, potentially making it easier to inflate declared income to match the amount needed to launder illegal funds. Opening a barbershop also often requires relatively low startup and licensing costs, which can lead to clusters of shops in proximity operating under similar ownership structures or management.

But raiding one type of business can’t stop money laundering. In fact, some argue that focusing on one area of criminal activity, like illegal use of barbershops, can lead to the displacement of that activity to other sectors, such as nail salons or mini marts, which could pose a similar risk for money laundering. 

When forming businesses, bad actors often attempt to conceal beneficial ownership by exploiting vehicles such as shell companies. This tactic can also enable the movement of illicit funds through seemingly legitimate channels. So how can businesses, banks and other financial institutions identify financial crime risks that may impact their operation within an associated entity that is hiding in plain sight?

Risk and compliance models can consider and incorporate a broad range of risk indicators to become more comprehensive and develop a clearer picture of risk. This might include thorough entity verification, review of ownership structures, and identifying behaviours that suggest elevated risk, such as unusually high profits compared to employee levels. 

Small shopfronts, global criminal networks

The interconnected nature of financial crime means one seemingly low-key entity can be the gateway to a much wider web of illicit activity. For example, an individual laundering money through a small high street business might have the potential to control entities embedded deep within corporate supply chains, investment portfolios, or loan applications. 

Risks associated with fraud, money laundering, and sanctions evasion rarely operate in isolation. However, monitoring thousands of global risk events requires teams to analyse vast amounts of data, often across jurisdictions that have differing regulations, and to do that in near real-time.

To avoid inadvertently working with illicit actors, financial institutions can leverage tools to anticipate threats more readily, with the aim of responding more quickly to emerging risks. This can start, for example, with the adoption of Perpetual KYC (pKYC), a model that continuously monitors risk factors associated with customers and third parties in a dynamic fashion. Rather than relying on periodic risk assessments, pKYC can update risk profiles based on indicators such as a change in ownership, a new adverse media story, sanctions exposure, and other indications of risky behaviour. 

Advanced monitoring technology and data analytics can be helpful for achieving this level of risk management and compliance. These tools potentially help teams better identify hidden connections, trace money flows, and flag suspicious patterns of behaviour. 

Developing more holistic and intelligent screening processes means firms may be able to move beyond surface-level checks to gain a clearer, more unified view of who they are really doing business with, while innovations in AI and machine learning can further enhance this capability, with AI-enabled tools able to review vast datasets of risk-relevant information to potentially uncover signals.

A proactive prevention approach 

For risk and compliance teams in a financial institution, keeping up with the pace of innovation from criminal enterprises is a continuous process. Often, asking the simplest question during due diligence can be the first step: Does this make sense? Do the profits of this business align with the type of operation? Is there any logical reason why there are layers of corporate ownership? Asking the right questions – and having the tools to support in answering them – can help make the difference in uncovering and reporting financial crime, and in protecting a firm’s reputation. Newer technologies, such as automated investigations and agent-enhanced due diligence, are emerging to help accelerate and deepen these assessments as risks evolve.

No business is too small or innocuous to be exploited. From high street stores to global crime syndicates, vigilance is critical. Combining human insights with automation, AI-led tools and dynamic risk intelligence through a pKYC approach could help businesses be more proactive in prevention—helping to flag suspicious activity before harm is done.