By: Money Navigator Research Team
Last Reviewed: 21/01/2026
FACT CHECKED
Quick Summary
Banks typically start with review when something changes in the risk picture (activity, ownership, geography, sector, counterparties, or screening results). If the bank believes risk can be controlled while it gathers evidence, it may use restrictions (limits) as a temporary control.
If the bank concludes risk cannot be mitigated within its policies – or the relationship no longer fits its risk appetite – it may exit by closing the account.
A key frustration is that a bank may not be able to explain what triggered the restriction or why it escalated, especially where disclosures could prejudice enquiries or breach legal constraints. That lack of detail often reflects the rules the bank must follow, not necessarily a judgement about wrongdoing.
This article is educational and not financial advice.
What “review”, “restriction”, and “closure” mean in practice
Review
A review is an internal process where the bank re-checks whether it can continue providing services safely and lawfully. Reviews can be routine (periodic refresh) or triggered (an alert, a change in profile, or a third-party report). Reviews often overlap with enhanced due diligence processes described in EDD triggers, checks, and outcomes.
Restriction
A restriction is a control that limits what the account can do while the review is ongoing. Common patterns include:
outgoing payments paused or capped
inbound payments allowed but “held” pending checks
cash deposits limited (or disabled)
international transfers blocked or delayed
online banking or card functionality partially disabled
Restrictions are not always the same as a legal “freeze”. If you need the terminology split clearly, see Frozen vs closed business accounts.
Closure
A closure (exit) is the bank ending the relationship under the account terms (often with notice, sometimes with shorter notice in defined circumstances). Operationally, closure also raises “plumbing” questions: what happens to inbound payments, pending outgoing payments, payroll runs, and settlement flows – covered in Incoming payments when an account is closed and Outgoing payments if an account closes mid-processing.
Why banks intervene: the constraint stack behind the decision
Banks aren’t deciding in a vacuum. Their choices are shaped by overlapping constraints:
AML/CTF obligations and risk-based due diligence under the UK regime (including the Money Laundering Regulations) – see the official legislation text Money Laundering Regulations 2017 (PDF).
Sanctions compliance where an asset-freeze risk can require immediate controls – see UK financial sanctions general guidance.
Regulatory expectations for financial-crime systems and controls – see the FCA’s overview Money laundering and terrorist financing and related guidance publications such as FG15/7 (FCA).
Governance and fairness expectations around access/closures, including how firms use “reputational risk” and how long suspensions should run – see UK Payment Accounts access and closures update (FCA PDF).
Complaint handling and notice expectations (what “reasonable notice” often looks like, and how complaints are assessed) – see Bank account closures (Financial Ombudsman Service).
Voluntary standards some lenders follow for SME customers – see LSB Standards & Codes.
And crucially: banks may be constrained in what they can tell a customer, especially where disclosures could create “tipping off” risk. For background, see Tipping off and prejudicing an investigation (Law Society) and our explainer Why banks can’t explain restrictions.
The typical decision pathway: trigger > triage > review > outcome
Banks commonly run something like this internal pathway (names differ by bank):
Trigger
Examples: unusual payment pattern, cross-border transfer held, cash deposit anomaly, ownership/PSC change, sanctions/PEP screening “hit”, suspected fraud indicator, merchant category mismatch, elevated chargeback patterns.
Triage
A quick internal check: is this obviously benign (false positive), or does it justify escalation? Some cases clear here with no customer impact.
Review
Deeper checks: customer due diligence refresh, transaction review, counterparties, source-of-funds logic, documentary evidence. The bank may ask for specific items – see Documents banks ask for when considering closure.
Outcome selection
- Continue with no change (monitoring only)
- Continue with limits (restriction)
- Exit (closure)
- Escalate outside the bank where legally required (which may constrain what can be said)
Where the trigger is identity/screening-related, the review often intersects with PEP and sanctions screening for directors and PSCs. Where it’s behavioural (activity doesn’t match stated model), it may intersect with Business model mismatch and MCC flags.
When banks tend to use restrictions (limits) instead of closing
Restrictions are usually the “middle tool” when the bank believes:
risk can be controlled temporarily (e.g., pausing one payment rail) while information is gathered; and/or
there’s a plausible benign explanation, but it needs evidence; and/or
the bank wants to prevent “risk leakage” (money moving out) while the review completes.
Typical restriction designs aim to be proportionate to the risk signal. For example:
A single high-risk outbound transfer might trigger a hold on that transfer type rather than full account shutdown.
A cash-intensive pattern may trigger cash deposit questions and tighter handling – see Cash-intensive businesses and deposits.
Cross-border anomalies may trigger longer screening/holds – see International payments under review.
Some regulators have highlighted that suspensions should not run longer than necessary and that investigations should be carried out in a reasonable timeframe (in the context of payment accounts). See the FCA’s discussion of suspensions and harm in UK Payment Accounts access and closures update (FCA PDF).
What banks typically cannot say (or will avoid saying)
When “tipping off” risk is in play, banks typically avoid statements that would confirm or strongly imply:
that a suspicious activity report has been made
that law enforcement has been contacted (unless formally disclosed by authorities)
that a specific investigation is contemplated or ongoing
the internal “trigger” that caused a monitoring alert (for example, specific rule thresholds)
the precise risk label attached to the account (for example, money laundering suspicion vs other internal categories)
Guidance in this area often stresses that once a report is made, disclosing that fact (or disclosing information likely to prejudice an investigation) can be problematic. See POCA s333A and the Gambling Commission’s section on tipping off.
Summary table
| Scenario | Outcome | Practical impact |
|---|---|---|
| Periodic KYC refresh overdue | Review (no restriction) | Information request; services usually continue while documents are assessed |
| Cross-border transfer flags screening rules | Restriction (rail-level hold) | International payments delayed; domestic payments may remain available |
| Cash deposits spike vs stated model | Restriction (channel limits) | Cash deposits capped/paused; additional questions asked |
| Screening hit on director/PSC | Restriction (access controls) | Outgoing payments may pause pending screening resolution |
| Activity suggests business model mismatch | Review > possible restriction | Certain payment types limited; more evidence requested |
| Repeated alerts without satisfactory evidence | Restriction > escalation | Wider controls, longer holds, possible notice of exit |
| Bank sector exit / de-risking decision | Closure | Account closed with notice per terms (where applicable); transition issues for payroll/incoming funds |
| Suspected fraud indicators | Restriction or closure | Faster controls; shorter notice more likely depending on circumstances |
When banks tend to choose closure (exit)
Closure is more likely where the bank concludes one (or more) of the following applies:
Unmitigable risk within policy
The bank believes the risk cannot be reduced to an acceptable level using controls it’s willing or able to operate (cost, complexity, or policy constraints).Non-cooperation or incomplete evidence
If essential information is missing, inconsistent, or can’t be verified, the bank may treat the residual risk as too high.Risk appetite / portfolio decisions (de-risking)
Sometimes it’s not about one business; it’s about the bank’s exposure to a sector, geography, product type, or operating model. See De-risking and exit management.Legal constraints (not just “bank policy”)
For sanctions-linked issues, controls can be immediate and strict; see UK financial sanctions general guidance. In such cases, the bank’s options may be constrained by law and licensing pathways.
Closure doesn’t necessarily mean the bank has “proven” wrongdoing. It can reflect a decision that the relationship no longer fits the bank’s operating boundaries, governance expectations, or risk tolerance.
The grey zone: how restrictions turn into closure
A common pattern is restriction first, closure later. That often happens when:
initial questions uncover new complexity (ownership chain changes, counterparties, unusual flow logic)
the bank’s confidence in the explanation doesn’t increase with evidence received
alerts repeat, suggesting the signal is structural, not one-off
the case requires ongoing enhanced handling that the bank won’t sustain at scale
Communication can be thin because giving specifics can be risky. The legal “tipping off” concept is one reason banks may refuse to detail what they’re checking; see Tipping off explainer and background reading Law Society guidance.
What closure means operationally: notice, payments, balances
Notice periods and documentation requests
Notice is commonly driven by account terms, but external guidance and complaint frameworks often reference “reasonable notice” and common minimums (with exceptions). The Financial Ombudsman Service summarises typical expectations and exceptions in Bank account closures (FOS).
During a closure pathway, banks often request evidence to finalise risk decisions and to process remaining funds. For a practical list of common document types, see Documents banks ask for when considering closure.
Incoming payments, outgoing payments, and payroll
Even when an account is closing, payment “plumbing” can create edge cases:
inbound payments may reject, bounce, or be returned depending on payment type and timing – see Incoming payments when an account is closed
an outgoing payment already “in flight” may complete, fail, or return depending on scheme cut-offs – see Outgoing payments if closed mid-processing
payroll files and direct debits can be disrupted during a restriction/closure window – see Payroll during restriction or closure
For remaining balances, process and timelines vary by bank and case context; see How long banks return remaining balances for operational expectations.
Scenario Table
| Scenario-level signal | Process-level step the bank runs | Outcome-level tool the bank applies |
|---|---|---|
| Activity deviates from stated business model | Re-underwrite risk profile and expected flow map | Transaction-type limits while evidence is reviewed |
| Screening alert related to a connected party | Resolve match quality; re-check ownership/control links | Temporary stop on outbound payments pending resolution |
| Cross-border payment touches higher-risk corridors | Enhanced transaction screening and purpose-of-payment checks | Transfer hold; sometimes corridor blocking |
| Cash deposit pattern changes materially | Source-of-funds questioning and monitoring recalibration | Cash channel restricted; branch-only handling |
| Persistent unanswered information requests | Escalation to exit governance / senior sign-off | Closure notice issued under terms |
| Portfolio/sector policy change | Sector exit programme governance | Managed exit (closure), sometimes with extended comms plan |
Compare Business Bank Accounts
Restrictions and closures are often linked to fit (what the provider is built to support), not just isolated transactions. Different providers can have materially different onboarding depth, sector tolerances, and controls for features like cash deposits, international payments, and card settlement flows.
To understand how mainstream options compare on features and eligibility criteria, see Business bank accounts comparison.
Frequently Asked Questions
Not always. A bank-imposed restriction is usually a service control (limits on channels, payment types, or access) while the bank runs checks. A legal freeze can arise from different legal mechanisms (including sanctions-related controls), where the bank’s discretion is more limited.
Because the practical experience can look similar (payments delayed, access reduced), terminology matters. For a clean split of terms and outcomes, see Frozen vs closed business accounts.
Timeframes vary because reviews differ in scope: some are simple KYC refreshes; others involve complex transaction chains, overseas counterparties, or ownership/control verification. The time also depends on how quickly evidence can be verified against independent sources.
Regulatory commentary on payment-account suspensions highlights that unnecessary delay can cause harm and that investigations should be completed in a reasonable timeframe. See UK Payment Accounts access and closures update (FCA PDF) for the FCA’s discussion of suspensions and impacts.
Banks use these concepts to understand whether account flows are consistent with what they know about a customer and the business model. It’s often less about a single transaction and more about whether the overall pattern is explainable and documentable under the bank’s policies.
The questions can also change over time: a business that starts trading internationally, begins handling more cash, or changes ownership/control can trigger deeper verification. If the bank is considering exit, documentation requests are commonly broader – see Documents banks ask for when considering closure.
Sometimes the bank can give a general reason (for example, “we’re conducting a review”), but it may avoid specifics if detailed disclosure could create legal risk or prejudice enquiries. That’s one reason communications can feel templated or opaque.
For background on “tipping off” constraints and why explanations can be limited, see Why banks can’t explain restrictions and contextual reading Tipping off and prejudicing an investigation (Law Society).
Many account terms allow closure with notice, and in some cases a bank may choose not to provide reasons. Complaint frameworks also recognise that a bank may not have to explain, even if it can be helpful to do so.
The Financial Ombudsman Service outlines how it approaches closure complaints, including fairness, notice, and whether the bank followed its own processes: Bank account closures (FOS).
During restriction, some inbound payments may still arrive while outbound or specific channels are limited. After closure, inbound payments may be rejected or returned depending on payment type, timing, and the bank’s closure handling.
Operationally, this is one of the biggest sources of disruption because counterparties may keep paying an old account. The common outcomes and edge cases are covered in Incoming payments when an account is closed.
Payments can sit at different stages (authorised, queued, submitted to scheme, settled). If the account closes mid-process, outcomes vary: a payment might complete, fail, or return depending on where it is in the chain and scheme cut-offs.
If you’re mapping operational risk (for example, supplier runs), the mechanics are broken down in Outgoing payments if an account closes mid-processing.
Banks often need evidence that is both relevant and verifiable. If documents don’t clearly link to the transaction story (or if they introduce new questions), the bank may request more detail or clarification.
Repeated requests also happen when different internal teams need evidence in a format that meets policy requirements (for example, refreshed corporate docs vs transaction invoices vs contracts). A practical checklist of common items is in Documents banks ask for when considering closure.
Whether a complaint route is available can depend on the provider, the product, and how the business is classified under complaint rules and eligibility criteria. Even where a formal route exists, outcomes usually focus on process, fairness, and notice rather than forcing a bank to maintain a relationship indefinitely.
For how closure complaints are assessed (including notice expectations and common complaint themes), see Bank account closures (FOS) and our practical outcomes guide Business account closure complaints: realistic outcomes.
Not automatically. Many banks support higher-risk sectors, but the relationship often requires stronger evidence, clearer transaction narratives, and more intrusive monitoring. The key variable is whether the bank believes risk can be managed within its policies at a sustainable cost.
Sometimes, however, closures occur because of broader portfolio decisions rather than a single firm’s behaviour. That dynamic is covered in De-risking and exit management.
The hidden mechanism is that banks are rarely choosing between “do nothing” and “close immediately”. They’re choosing between three operational states: keep running, run with controls, or exit. The deciding factor is often residual risk after controls, not the original trigger itself.
Two forces push cases toward exit.
- First, governance: the bank needs a documented rationale that satisfies internal policy and external expectations, especially where the risk is hard to evidence succinctly (for example, reputational or portfolio risk categories).
- Second, operability: if safely serving the account requires ongoing manual handling, repeated enhanced checks, or exceptions, the bank may decide the relationship no longer fits its operating model – leading to an exit even where no single event “proves” misconduct.
Sources & References