Imagine this: Your practice address on a company you have never heard of!
It’s a troubling trend—one that you wouldn’t even know about unless someone pointed it out.
A random check of Companies House and suddenly, there it is: a business you've never dealt with, operating from your official business address. No authorisation. No knowledge. Yet somehow, your business has been chosen as a disguise for someone else’s activities.
This is Virtual Squatting - a rapidly rising, digital scam that’s turning trusted professional addresses into tools for deception.
According to the UK Financial Intelligence Unit (UKFIU), virtual squatting involves fraudsters registering accountants,’ bookkeepers,’ or law firms’ office addresses—without permission—when setting up shell companies.
Their aim? To project an air of legitimacy and bypass suspicion, especially in sectors where scrutiny is high.
In a recent UKFIU podcast, experts detailed how this tactic exploits the trust associated with regulated professionals, enabling criminals to establish what appears to be a legitimate business front. This enables them to go about various illegal activities.
- Fraudulent financial transactions
- Money laundering
- Deceptive investment schemes
Worst of all the professionals whose names and addresses are misused may remain unaware until it's too late.
Why You Should Be Concerned
This fraud creates two clear sets of victims:
- Professionals (You)
Reputational damage, AML scrutiny, and potential FCA or HMRC investigations
- Unwitting Clients/Public
Loss of funds, erosion of trust, and misinformation about who they’re dealing with
For finance professionals, particularly those under anti-money laundering supervision, this kind of misuse can be catastrophic. It places your credibility—and business—on the line.
Real Life Example: The Monzo Case
In July 2025, it was widely reported that Monzo Bank was fined for AML failings that allowed suspicious activity to flourish undetected. While virtual squatting wasn’t the direct issue, the case underscores a larger trend: fraudsters are exploiting the credibility of trusted institutions and professionals to bypass safeguards.
Read the article from the Guardian here
The key point from this is that if financial institutions with robust systems are being exploited, smaller firms must remain especially vigilant.
Could this happen to you?
If you’re thinking, “This wouldn’t happen to my practice,” —think again.
Virtual squatters don’t need much. A publicly listed address (often required for compliance), a legitimate-sounding company name, and even a forged lease or mail redirection setup.
Action you can take.
🔍 Run a quick Companies House search
Look up your business address and see what companies are registered to it.
Watch for unknown names or suspicious matches.
📬 Monitor unexpected post
Letters arriving for unfamiliar businesses? Red flag.
📈 Stay alert to SEO hijacking
Virtual squatters sometimes try to boost visibility by associating with high trust addresses and domains.
🔐 Lock down your listings
Claim and verify your Google Business profile, LinkedIn page, and online directories to control your digital presence.
What to Do If You're a Victim
If you discover that your address has been misused, act fast:
Report to Companies House: Use the “report a fake or misused company” function.
Notify Action Fraud: This helps build a national intelligence picture.
Inform your AML Supervisor: If you’re under IAB AML supervision, keep them us the loop.
Protecting Your Practice (and Your Peace of Mind)
As a bookkeeper or accountant, your name and address holds weight. Don’t let criminals use that to their advantage.
Here’s a short checklist to help reduce your risk:
✅ Regularly audit address use on Companies House
✅ Set up Google Alerts for your firm name and address
✅ Educate your team on spotting suspicious correspondence
✅ Review your AML supervision status and ensure it's up to date
Want more information? If this topic has you thinking, you're not alone. The UKFIU podcast is an excellent resource that dives deeper into how criminals are misusing professional identities—and what you can do to protect yourself.
