By: Money Navigator Research Team
Last Reviewed: 21/01/2026
FACT CHECKED
Quick Summary
A bank can restrict a business account and still be unable to explain the specific trigger. One common reason is the UK offence of “tipping off” in the regulated sector: disclosing that a suspicious activity report may have been made, or that an investigation is contemplated, where that disclosure could prejudice enquiries.
In practice, this can mean generic wording (“routine review”, “we can’t share further details”) even when the practical impact is significant. This article explains what “tipping off” means, what banks can and cannot say, and what you may be told during a restriction.
This article is educational and not financial advice.
What “restriction” means in practice (and why the wording matters)
A restriction usually means the bank limits some or all activity on the account while it runs checks. That can range from “outgoing payments blocked but credits still arrive” to “no debits, no cash withdrawal, and some credits held”.
What makes restrictions especially frustrating is the communication gap: the front line may only be able to confirm what has changed (for example, card disabled, Faster Payments blocked) without confirming why it changed.
That gap is not always about poor service. In some situations, a bank is managing legal risk around what it can disclose while financial crime controls are being applied.
For a wider overview of how restrictions fit into bank review processes, see our explainer on why UK business accounts get restricted during compliance reviews.
The core issue: “tipping off” can be a criminal offence
In the UK regulated sector, “tipping off” can be an offence where someone discloses certain information in a way that is likely to prejudice an investigation.
The legal concept is narrower than everyday language suggests. It is not simply “being vague” or “not telling a customer everything”.
It is about disclosure that could alert someone to (or help them infer) that a report has been made or that an investigation is contemplated or under way, in circumstances where the disclosure could prejudice the process.
A commonly-cited provision is section 333A of the Proceeds of Crime Act 2002, which covers “tipping off: regulated sector” and sets out the conditions for the offence.
Regulators and supervisory bodies also describe “tipping off” and related “prejudicing an investigation” offences in practical guidance, including the Gambling Commission’s guidance on tipping off or prejudicing an investigation and the JMLSG Guidance (Part I).
Why this affects what bank staff can say: if the bank believes a detailed explanation could “join the dots” for the customer (or a third party), it may restrict communications to generic statements and requests for information.
“Tipping off” is not the only reason explanations may be limited
Even where “tipping off” is not the driver, banks may still limit detail because of:
Confidentiality around reports and enquiries
Banks may treat parts of their internal financial crime processes as confidential to reduce the risk of “workarounds” (for example, changing counterparties or transaction patterns purely to evade monitoring).
Sanctions compliance and screening
If a restriction relates to sanctions screening, communications can still be cautious. Firms have obligations to comply with financial sanctions, and the compliance approach often prioritises control over explanation.
See the FCA’s overview of financial sanctions expectations for firms and the UK financial sanctions general guidance from OFSI.
(If a flag relates to PEP/sanctions screening on a director or PSC, this can connect with re-checking and reverification activity; see what happens when a director/PSC is flagged in screening.)
Regulatory framing and customer communications expectations
The FCA has published work on payment account access and closures that includes examples of accounts being closed “with no reason given, or with an unclear reason”, reflecting the broader transparency challenge in this area: see UK Payment Accounts: access and closures (FCA).
What banks can usually say (without “tipping off”)
Banks generally can communicate operational facts and process steps, such as:
what features are currently restricted (cards, transfers, cash access, limits)
that a review is in progress (often framed as “routine”, “security”, or “compliance”)
what information is required to complete checks
expected channels for updates (secure message, case handler, branch/business support)
They can also ask questions as part of customer due diligence, particularly when transactions are inconsistent with expected activity. The JMLSG notes that reasonable, tactful customer enquiries can be part of CDD and do not automatically amount to tipping off (see the JMLSG Guidance (Part I)).
In practice, this is why restrictions often come with requests that look like standard due diligence:
evidence of invoices/contracting
explanation of counterparties
proof of the underlying activity
“source of funds” and “source of wealth” context (explained here: source of funds vs source of wealth)
enhanced checks when risk indicators rise (explained here: EDD triggers and outcomes for SMEs)
What banks typically cannot say (or will avoid saying)
When “tipping off” risk is in play, banks typically avoid statements that would confirm or strongly imply:
that a suspicious activity report has been made
that law enforcement has been contacted (unless formally disclosed by authorities)
that a specific investigation is contemplated or ongoing
the internal “trigger” that caused a monitoring alert (for example, specific rule thresholds)
the precise risk label attached to the account (for example, money laundering suspicion vs other internal categories)
Guidance in this area often stresses that once a report is made, disclosing that fact (or disclosing information likely to prejudice an investigation) can be problematic. See POCA s333A and the Gambling Commission’s section on tipping off.
Summary table
| Scenario | Outcome | Practical impact |
|---|---|---|
| Bank has concerns linked to financial crime controls | Generic “review” wording; limited specifics | Uncertainty about cause; focus shifts to providing requested info |
| Bank believes disclosure could “tip off” | Staff refuse to explain trigger | Customer hears scripted phrases; fewer meaningful updates |
| Sanctions/PEP screening generates a hit to resolve | Temporary restrictions while screening is resolved | Payments may be delayed; additional verification requests likely |
| Activity doesn’t match expected profile | Due diligence questions without disclosing suspicion | Requests for invoices/contracts, counterparties, explanations |
| Request for “source of funds/wealth” evidence | Documentation-driven review | Time spent compiling evidence; transactions may queue |
| Customer asks directly: “Have you filed a SAR?” | Bank will typically not confirm or deny | Communication remains process-focused rather than reason-focused |
The phrases you may be told – and what they often mean
Banks tend to use language that stays on the safe side of disclosure risk. Common examples include:
“We’re carrying out a routine review”
Often used as a general umbrella for compliance, security, or financial crime checks. It does not confirm suspicion, and it avoids implying that an external report has been made.
This can be genuine legal caution (including tipping off risk) or internal policy to avoid disclosing monitoring logic. It is not, by itself, proof of any specific allegation.
“We need additional information to verify activity”
This wording typically points to due diligence. It can arise from a mismatch between stated business model and observed activity (see why business model mismatch gets flagged).
“Your account is temporarily restricted for security reasons”
Sometimes used when the bank is balancing competing risks (fraud vs financial crime vs operational control). The label “security” can be broader than consumer fraud.
“We’ll be in touch when the review is complete”
Banks may not provide meaningful interim updates if they believe updates could inadvertently reveal the direction or nature of checks.
A key distinction: asking questions is not the same as “tipping off”
It is possible for a bank to ask detailed questions (invoices, counterparties, ownership, transaction purpose) without tipping off.
Guidance commonly recognises that tactful, reasonable enquiries are part of customer due diligence and can help a firm decide whether concerns can be resolved (see JMLSG Guidance (Part I)).
The risk tends to arise when the enquiry is framed in a way that discloses, or strongly implies, that a report has been made or an investigation is contemplated.
This is why banks often keep questions factual:
“What is the purpose of this payment?”
“Can you provide invoices for X?”
“Why are funds coming from Y jurisdiction?”
rather than disclosing the “why now” behind the question.
For cross-border holds specifically, see why international payments can be placed under review.
Scenario Table
| Scenario-level | Process-level | Outcome-level |
|---|---|---|
| Unusual activity detected | Monitoring alert > internal review queue | Temporary controls applied to reduce risk while reviewed |
| Due diligence gap identified | Request evidence (CDD/EDD) > verification | Restrictions may lift if checks are satisfied |
| Potential sanctions/PEP match | Screening > match resolution > escalation if needed | Payments may pause until match is cleared/licensed/managed |
| Concern about proceeds of crime | Internal suspicion assessment > report governance | Communication becomes generic to reduce tipping off risk |
| Possible investigation sensitivity | Staff communication guardrails applied | “We can’t say more” becomes the default |
| Account relationship risk decision | Terms/policy review > potential closure pathway | Notice of closure may follow with limited explanation |
Compare Business Bank Accounts
Different providers structure support and controls differently (for example, in-app messaging vs phone support; whether dedicated business support exists; how international payments and cash deposits are handled).
Those operational differences can affect how a restriction is experienced, even when the underlying legal constraints around disclosure are similar.
If you want a neutral feature-by-feature comparison, see our guide to compare UK business bank accounts. It focuses on practical account features (fees, eligibility, payment features) rather than predicting outcomes in restrictions.
Frequently Asked Questions
“Tipping off” is about disclosing information that could alert someone that a report has been made (or that an investigation is contemplated or under way) where that disclosure could prejudice enquiries. In the regulated sector, one relevant offence is set out in POCA s333A.
In practice, this is why some banks avoid confirming why an account is restricted even when they can confirm that it is restricted. Guidance for regulated sectors also explains how the offence interacts with customer communication, including the Gambling Commission’s guidance on tipping off.
No. Restrictions can be triggered by many risk controls, including fraud prevention, verification gaps, ownership/identity checks, and sanctions screening. A restriction is a control measure, not a conclusion.
However, if the bank believes disclosure could prejudice checks (including the possibility of tipping off), communication may become more generic. That communication pattern can feel similar across very different underlying scenarios.
Banks typically avoid confirming or denying that a suspicious activity report has been made, because disclosure of that fact (in certain circumstances) can create tipping off risk. The regulated-sector tipping off offence is described in POCA s333A and explained in sector guidance such as the Gambling Commission’s guidance.
Separately, “SAR” can also mean a subject access request under data protection law in everyday conversation. That is a different concept; in banking restrictions discussions, it is worth being explicit which meaning is intended to avoid confusion.
Not automatically. Guidance commonly recognises that reasonable, tactful enquiries can be part of customer due diligence and do not necessarily amount to tipping off. See the discussion in the JMLSG Guidance (Part I).
The risk is more about how the question is framed. Questions seeking to understand the commercial rationale and documentation can be normal CDD/EDD; questions framed as “we reported you” or “we think this is money laundering” are the types of disclosures that can create problems in the wrong context.
- “Tipping off” focuses on disclosure that a report has been made, or that an investigation is contemplated or being carried out, where the disclosure could prejudice enquiries.
- Related “prejudicing an investigation” offences can include actions such as disclosing sensitive investigative facts or interfering with relevant materials.
The distinction matters because a bank may be restricting communications not only to avoid confirming a report, but also to avoid disclosing anything that could undermine enquiries. The Gambling Commission guidance summarises both concepts and how they can apply in regulated-sector contexts.
Yes. Sanctions compliance can lead to holds while screening results are resolved, and communications may still be cautious. The compliance focus may be on whether a person/entity is designated, whether assets must be frozen, or whether a licence is needed.
For background on sanctions obligations and the compliance approach, see the UK financial sanctions general guidance from OFSI and the FCA’s financial sanctions page for firms. If a director or PSC is flagged in screening, this can also create knock-on reverification requests (see PEP/sanctions screening for directors and PSCs).
Timeframes vary widely because restrictions can be driven by different processes: verification backlog, match resolution, additional documentation cycles, or internal escalation. Some cases resolve quickly once requested information is verified; others take longer where checks remain inconclusive or require escalation.
Where regulated-sector reporting and consent processes are relevant, UK guidance discusses statutory periods and the continued sensitivity around disclosure during those periods (see the discussion in the Gambling Commission guidance). Even once a decision is reached, banks may still avoid retrospective confirmation that a report or enquiry existed.
Not necessarily. A data protection subject access request can produce personal data the firm holds about an individual, but exemptions and redactions can apply (for example, where disclosure would prejudice crime prevention or reveal third-party data). In restriction contexts, banks may provide limited insight even when a request is made.
This is one reason “tipping off” frustration persists: the most sensitive parts of the bank’s rationale may not be disclosable through routine communication channels, and some information may be legitimately withheld.
Sometimes. Restrictions can be partial (for example, inbound credits still arrive but outbound payments are blocked), or broader (both inbound and outbound blocked, with exceptions handled case-by-case). The practical impact depends on what controls the bank applies and whether counterparties are involved.
If restrictions escalate toward closure, banks may also request additional documents as part of decision-making (see documents banks ask for when considering account closure). The operational consequence is often less about the label (“review”) and more about which rails are enabled (cards, Faster Payments, CHAPS, cash).
Where a complaint is made, the focus is typically on process fairness, communication quality within permitted constraints, and whether the firm followed its terms and obligations. A bank can still be found to have handled communication poorly even if it could not share sensitive details.
The FCA has also highlighted that accounts may be closed with unclear reasons in real-world cases and that complaint pathways exist (see UK Payment Accounts: access and closures (FCA)). For business account closure complaint outcomes in practice, see realistic outcomes the FOS looks at.
When a bank cannot explain a restriction, the missing piece is often not “a secret reason” but a disclosure boundary. Financial crime controls are designed to work partly because they are hard to reverse-engineer, and the law can make certain disclosures risky at precisely the moment a customer most wants clarity.
That combination creates a predictable communication pattern: banks will prioritise control actions (restricting features, requesting evidence) while keeping the narrative process-only (“review”, “security”, “we can’t say more”).
The practical implication is that the most informative signals are usually what the bank asks for (documents, counterparties, source of funds/wealth context) and which rails are restricted, rather than the words used to describe the reason.
This is also why two very different underlying issues (a sanctions match vs a due diligence gap) can sound identical on the phone or in chat.
Sources & References
Proceeds of Crime Act 2002: tipping off in the regulated sector (s333A)
Gambling Commission guidance: tipping off or prejudicing an investigation
JMLSG Guidance Part I (July 2022): tipping off and customer enquiries
FCA corporate document: UK Payment Accounts – access and closures
HMRC internal manual: what a Suspicious Activity Report (SAR) is and DAML basics
FCA firms page: financial sanctions expectations and reporting