The SRA has made it abundantly clear that it will take action against any law firm not complying with its AML requirements. Recent regulatory action highlights that even if firms are carrying out the necessary AML processes without evidence, there is a risk of being deemed non-compliant. To assist law firms in their efforts to ensure AML compliance and as a way of refresher, the following outlines some of the key aspects to consider when reviewing your in-house anti-money laundering practices.
Staff with responsibility for AML
Those with primary responsibility for putting in place and maintaining AML compliance within your organisation must be sufficiently senior, trained, experienced, easily contactable, and have the time and resources necessary.
Key questions to consider:
- Does your organisation have a Money Laundering Reporting Officer (MLRO) and assigned officer to receive AML disclosures under section 333A of POCA 2002?
- Do you provide training to all relevant staff (especially including senior management)?
- Do you provide enhanced training for senior management and staff in key AML roles?
- Do you provide training on AML legal and regulatory responsibilities, risks posed by higher-risk customers such as PEPs, escalation procedures, and how to report suspicions?
- Does the person providing your AML training have the qualifications and experience to do so?
AML Policies and procedures
As a law firm in the UK, you must have up-to-date AML-compliant policies and procedures that are separate from your other financial crime compliance (FCC) policies, e.g. anti-bribery and corruption policies. You must also have policies and procedures in place that ensure that your senior managers can work effectively with your MLRO, including how AML reports and recommendations should be received and handled, and how relationships with high-risk customers and politically exposed persons (PEPs) should be approved.
Key questions to consider:
- Do you have clear AML reporting and escalation pathways?
- Have your AML policies been approved and signed off on by the board / senior management?
- Do you conduct regular quality assurance work on your AML policies and procedures?
- Are your updated AML policies easily / centrally available?
- Do you have a system in place to ensure that each customer file has the necessary AML documentation, including risk assessment, verification, and UBO details?
AML Training
Even with the best AML policies and procedures in place, without regular, high quality and targeted training, it will never be effective.
Key questions to consider:
- Are your relevant staff familiar with POCA 2002, MLR 2017, and Law Society Anti-money laundering guidance for the legal sector?
- Do you provide training and guidance to all relevant staff on your AML processes and procedures, including workflow/escalation requirements?
- Do your staff understand what a PEP means, and do they know how to identify, classify, and declassify a PEP?
- Do you regularly update your AML training and ensure that staff are familiar with the latest rules and requirements?
Ongoing AML monitoring
The SRA is extremely keen to ensure that law firms not only carry out AML checks before commencing a transaction but also as an ongoing measure. Law firms must carry out AML risk assessments to comply with the MLR 2017. Your firm’s AML risk assessments must comply with regulations 18 to 24, amongst others, of the MLR 2017. If not, there is a risk of receiving a fine for non-compliance. Law firms must have ongoing AML monitoring to spot potential money laundering over the duration of a transaction. Such measures may be automatic, manual or both.
Key questions to consider:
- Do you conduct ongoing monitoring of existing customer files regularly to ensure the customer information and risk assessment are up-to-date?
- Are your AML ongoing monitoring measures sufficient, given the size, nature and complexity of your business?
- Do you challenge / question unusual activity and explanations provided by customers?
- How are any unusual transactions reviewed?
- How does your firm decide whether behaviour is suspicious?
Final words
This list of AML compliance considerations is by no means exhaustive. By putting in place robust AML systems and controls, your firm can detect, prevent and deter money laundering, while ensuring it remains compliant. There is no ‘one-size-fits-all’ approach to AML that can be adopted by all law firms. The policies, procedures, training and systems that are needed will depend on several factors, including the size of the organisation and the work undertaken. Remember, in the event that your firm is ever assessed by the SRA for AML compliance, any evidence that may be requested should be both secure and available.
We have been helping solicitors and other legal professionals with disciplinary and regulatory advice for nearly 30 years. If you have any questions relating to an SRA investigation or an SDT appearance, please call us on 0151 909 2380 or complete our Free Online Enquiry.