Operation Machinize and the dirty cash behind the clippers

Editors note: 31 March 2026. This article has been updated to include new inforamtion from Operation Machineze 2.

What looks like an ordinary high street barbershop might, in fact, be a front for a transnational criminal network.

Cash-intensive businesses and their red flags

Throughout 2025, the UK's National Crime Agency ran two coordinated crackdowns on cash-intensive high street businesses under the name Operation Machinize.  The first Operation Machinize, in May, targeted criminal organisations using small businesses - barbershops, takeaways, vape stores, corner shops - to launder proceeds from drug trafficking, modern slavery and organised immigration crime. The second, Operation Machinize 2, ran across the entirety of October, and became the largest operation of its kind ever conducted in the UK.

Together they paint a picture that compliance professionals cannot afford to ignore.

The scale of abuse uncovered across both phases is significant. The first operation froze over £1 million in bank accounts and identified nearly 100 potential victims of modern slavery. The second went further: 2,734 premises visited or raided, 924 individuals arrested, over £10.7 million in suspected criminal proceeds seized, and more than 450 companies referred to Companies House for further investigation. The NCA estimates that at least £12 billion of criminal cash is generated in the UK each year - much of it flowing through businesses that look entirely ordinary from the outside.

The question that looms over this discovery is clear: why are these types of businesses repeatedly used as vehicles for laundering criminal proceeds?

Because they tick every box for an ideal money laundering front:

• High-volume low-trace cash flow
  A barbershop taking in £10,000 a week in cash raises no eyebrows unless no one ever seems to get a haircut.
• Minimal overhead and no audits
  Cash takings can be inflated or entirely fabricated with little scrutiny.
• Rapid setup and turnover
  When scrutiny does arise the business can be closed and replaced just as quickly.

The Companies House loophole

Setting up a UK company via Companies House has historically taken just minutes and £12, with no robust verification of directors or shareholders and nominee shareholding routinely exploited to conceal beneficial ownership. Operation Machinize 2 alone resulted in over 450 company referrals to Companies House - a direct signal that incorporation is being used as a gateway into the financial system.

That is changing. The Economic Crime and Corporate Transparency Act 2023 is introducing the most significant reforms to Companies House since corporate registration began in 1844, with changes being phased in over several years.

For compliance professionals, the most material milestones are these. Since March 2025, law firms, accountants and company formation agents that are registered for AML supervision in the UK have been able to register as Authorised Corporate Service Providers (ACSPs), authorising them to carry out identity verification on behalf of clients. From November 2025, identity verification became compulsory at the point of incorporation for all new directors and PSCs. A 12-month transition period is now running for the more than seven million existing directors and PSCs on the register, who must verify their identity as part of their next annual confirmation statement. From no earlier than November 2026, any third party filing documents on behalf of a company will need to be a registered ACSP — closing off a significant avenue for anonymous filing.

Companies House also now has powers it did not previously hold: it can query and reject suspicious filings, share data with law enforcement, issue financial penalties for relevant offences and expedite the striking off of companies formed on a false basis.

"Reform is no longer just coming - it is already underway."

These are meaningful steps. But sophisticated actors adapt, and legislation alone does not close every gap. The onus on compliance professionals to scrutinise beyond the paperwork remains as high as ever.

Professional enablers in the crosshairs

Law firms and accountants aren’t just gatekeepers. They're often the unwitting facilitators of these operations.

A new client walks in wanting to set up a chain of barbershops or a nail salon. They provide ID, some incorporation documents and perhaps a cash deposit to secure services. It appears innocuous. But behind that glossy business plan could be a network of coercion and crime. Operation Machinize 2 confirmed what the first phase suggested: this offending is not confined to a particular geography, business type or demographic. The NCA has been explicit that the aggregated effect of thousands of lower-level operations across high street businesses is itself a material contributor to criminal supply chains - not just the organised networks at the top.

The stakes for professional enablers are also rising in regulatory terms. From no earlier than November 2026, any third party filing documents on behalf of a company will need to be registered as an ACSP - meaning law firms, accountants and company formation agents will need to operate within the AML-supervised framework as a condition of filing at all. Those who are not already registered should be moving now.

Without robust enhanced due diligence, these gatekeepers risk becoming complicit. The stakes are not merely reputational. In some cases, legal liability could follow.

Red flags: when the clippers don’t add up

For reporting entities, here are some tell-tale signs that a client or business may not be what it seems.

Business model red flags

• A cash-intensive business with no website, reviews or digital presence
• Sudden purchase of multiple similar businesses (for example, five barbershops across different cities)
• Ownership or directorship linked to other known or suspected high-risk entities.

Behavioural red flags

• A reluctance to provide background information, source of funds or UBO details
• Over-eagerness to pay upfront in cash or cryptocurrency
• Frequent changes in directors or shareholders shortly after incorporation - a pattern that carries heightened significance now that identity verification is compulsory for all new director and PSC appointments, making rapid turnover a more deliberate evasion tactic

Operational red flags

• Apparent low footfall or non-existent customers despite high reported revenue
• Unusual or suspect staffing practices (such as employees with no formal contracts or who do not speak English)
• Connections to high-risk jurisdictions with weak regulatory frameworks or politically exposed persons

What compliance teams should be doing

Firms must not view compliance as a box-ticking exercise. Proper scrutiny involves proactive risk-based inquiry and an understanding of how illicit networks evolve. Here are practical steps compliance teams can take.

Go beyond the paperwork

Always verify the source of funds and wealth, especially when a newly incorporated company is purchasing businesses or assets outright.

Understand the business model and industry norms

Does the client’s revenue claim match the foot traffic or market demand? If it’s a cash-intensive business, is there sufficient traceability?

Apply risk-based scrutiny to professional services clients acting as company formation agents

From no earlier than November 2026, any third party filing documents on behalf of a company must be registered as an ACSP and subject to UK AML supervision. If your client is a law firm, accountant or trust and company service provider forming entities on behalf of others, verify their ACSP status and monitor for patterns of high-risk business registrations among the companies they are forming.

Use screening and ongoing monitoring tools

Initial checks aren’t enough. Entities change hands and red flags can emerge over time. Tools like First AML's ongoing monitoring and enhanced UBO unwrap can surface risks before they snowball.

Conclusion: be vigilant

The neighbourhood barbershop might offer more than a shave and a trim. There’s a chance it may be the centrepiece of a money laundering operation that spans borders and exploits lives. Operations Machinize 1 and 2 have shed light on a deeply embedded problem but sustained vigilance will be required to prevent a resurgence.

The barriers to financial crime on the high street are rising. Compulsory identity verification at incorporation is now in force, ACSP registration requirements are tightening the net around professional filers, and Companies House has powers to query, reject and penalise suspicious activity that it simply did not have two years ago. But the transition period runs until at least late 2026, and sophisticated actors are already adapting. The window of exposure remains open. The duty to protect the system and its people lies with those who choose not to look the other way.