Anti-Money Laundering (AML)

The activities in scope of the AML requirements are set by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended) (“the regulations”). These activities can be used by criminals to help them launder the proceeds of crime and hide their illegal wealth from the authorities. You have a responsibility to act as an effective gatekeeper to these services by complying with the regulations.

Over the past years, the SRA has increased its investigations and enforcement of the AML regulations with firms and their data from recent reports shows that a substantial proportion of AML supervisory engagements result in required improvements, and only a relatively small proportion of firms are found to be fully compliant.

Does your firm undertake any of the following work?

  • the buying and selling of real property or business entities
  • the managing of client money, securities or other assets
  • the opening or management of bank, savings or securities accounts
  • the organisation of contributions necessary for the creation, operation or management of companies
  • the creation, operation or management of trusts, companies, foundations or similar structures
  • provide tax advice.

If the answer is ‘Yes’ to any of the above, your firm falls under the scope of the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (the Regulations) and, at some point, the SRA will be contacting you, if they have not done so already.

The SRA will carry out an audit, either at your firm or desk based (remotely), and will review your policies, controls and procedures and a sample of files. If they visit the firm as part of the investigation, they will also interview members of your staff.

If your firm does not undertake any of the above work and is not covered by the Regulations, then you won’t be included in this audit process. However, there are still money laundering risks in other areas of practice and every firm, irrespective of the work undertaken, will remain liable to comply with other money laundering legislation, including the Proceeds of Crime Act 2002 and Terrorism Act 2000. Therefore, it is our opinion that all firms should ideally look to voluntarily comply with the MLR 2017 and ensure that all staff are aware of their obligations.

What should firms do?

If your firm is intending to offer any of the services in scope, you will need to get approval from the SRA for the relevant people as defined in the regulations and tell the SRA what services you are providing.

Before carrying out any work that it is in scope, you will need to obtain approval of certain significant role holders – your beneficial owners, officers and managers – from the SRA.

In addition, to comply with the regulations, you will need to:

  • Risk assess your firm, relevant clients and matters
  • Identify and verify identities of your clients and any beneficial owners of your clients
  • Identify sources of funds and wealth where relevant
  • Train your staff to recognise red flags
  • Appoint a money laundering reporting officer to alert the National Crime Agency where they suspect they have encountered the proceeds of crime
  • Where relevant to the size and nature of the business undertake an independent audit, screen your staff, and appoint a money laundering compliance officer (MLCO) to supervise your compliance work

Therefore, the SRA will expect you to hold and maintain AML Policies, Controls and Procedures, a Firm Wide Risk Assessment, client and matter risk assessments and AML training records.

How we can help

We have a number of specialists who can assist you with, amongst other things:

  • Prepare and update a Firm Wide Risk Assessment
  • Conduct an Independent AML audit (Regulation 21 audit)
  • Provide AML training to your staff

Firm Wide Risk Assessment

Firm-wide risk assessments (FWRAs) are essential for managing regulatory and financial crime risks in UK law firms. Unlike client or matter level checks, a FWRA examines the whole practice, including its client base, services, jurisdictions, delivery methods and internal controls. As financial crime threats increase and regulatory scrutiny intensifies, a FWRA is not just a requirement, it is an important part of a firm’s overall risk management.

The purpose of a firm wide risk assessment is to help firms identify the money laundering risks the firm is, or could be, exposed to, and consider how any risks could be mitigated. The SRA expects this assessment to reflect the size and nature of the business.

In September 2022, an amendment to the MLRs 2017 introduced the requirement for practices to identify and mitigate the risk of Proliferation Financing (‘PF’). Under Regulation 18A, you are required to carry out a risk assessment which assesses the inherent proliferation financing risks your firm faces given your clients, services, geographic and delivery channels. You may include this as part of your firm wide risk assessment, or you may create a standalone document.

Failing to maintain a FWRA is a breach even when no money laundering occurs. If your firm is in scope, the SRA will scrutinise the firm’s ability to identify and assess money risks associated with the firm.

In essence, a FWRA is the backbone of a firm’s AML framework. When kept up to date and genuinely reflective of the firm’s work, it strengthens due diligence, supports informed decision-making and protects the firm’s reputation.

It must be reviewed and updated at least annually, and immediately whenever there are significant changes to the firm’s business, client base, jurisdictions, or risk environment, and always after a sectoral update by the SRA.

If you need support preparing or updating your FWRA, please get in touch by calling 01509 214 999, sending us an email or completing our free enquiry form and our team of specialists will help you understand the SRA’s expectations and develop a compliant assessment tailored to your practice.

Independent AML Audit

The requirement for an independent audit is set out in Regulation 21 of the MLR 2017. The Legal Sector Affinity Group (LSAG) Guidance establishes that the purpose of the independent audit “is to examine, evaluate and make recommendations regarding the adequacy and effectiveness of the practice’s anti-money laundering and counter-terrorist financing policies, controls and procedures”. Therefore, the individual undertaking the audit must:

  • be independent of the work being audited (e.g. not the MLRO/MLCO)
  • have the requisite skills and knowledge of AML/CFT to conduct the audit
  • be able to make recommendations about the policies, controls and procedures and file remediation.

There are no prescribed timescales for how frequently an independent audit should be conducted – this should be on a risk-based approach – however it is recommended this is conducted regularly e.g. annually. More frequent independent audits may be required where the firm’s risk profile, structure or services have changed since the last independent audit.

At DG Legal, our AML audit specialists are able to conduct an external independent audit for firms to replicate the checks the SRA applies in its own AML audits.

The audit typically includes:

  • A detailed review of:
    • your AML policies
      controls and procedures
    • FWRA
    • The authorisation of your BOOM
    • COLP, High Risk, and SAR registers,
    • and AML training records
  • File reviews
  • Interviews with staff to assess understanding of the procedures
  • We then prepare a detailed report on our findings and recommendations

If you wish to carry out an AML audit or receive more information on this service, please get in touch with our team by calling 01509 214 999, sending us an email or completing our free enquiry form.

AML Training

Under Regulation 24 of the MLR 2017 firms are required to provide regular training to their staff and consultants on how to recognise and deal with transactions and other activities which may be related to money laundering or terrorist financing. This training should be effective in enabling staff to identify and report suspicions of money laundering and terrorist financing.

DG Legal can provide training to firms and individuals to cover the key areas, including:

  • an explanation of the relevant law within the context of the services and products your practice supplies
  • AML/CTF ‘red flags’, risk assessment and an explanation of the risks identified in your firm-wide risk assessment
  • AML/CTF policies, control and procedures including CDD and EDD as applied in your practice
  • identifying suspicious activity and the processes for internal reporting and, where necessary, for making a SAR, and
  • record keeping and data protection requirements.

The frequency of training is not prescribed within the MLR 2017 or the LSAG AML Guidance, however the following guidelines are outlined:

  • new employees and consultants should be trained as soon as possible after joining your firm, ideally as part of their induction and before undertaking any regulated work
  • all employees and consultants should receive training at regular and appropriate intervals to update on new developments and to refresh existing knowledge
  • role-based AML training should be scheduled on a risk-based approach, although basic AML awareness/refresher training should be completed annually for employees and consultants
  • additional in-depth training should be undertaken based on:
    • any changes in legislation, regulation or professional guidance
    • changes in your practice’s policies, controls and procedures, and
    • changes in your practice’s risk profile and potential red flags.

All firms must maintain records of all training to outline:

  • the type of training
  • any course materials received
  • dates of training
  • names of those who attended
  • results of any evaluation of training carried out.

Whether your firm is in scope or outside scope of the MLR 2017, at DG Legal we can offer both awareness/refresher training for staff and consultants of your firm on a range of matters including:

  • completing client and matter risk assessments
  • how to conduct source of funds and source of wealth checks
  • more in-depth AML training focussed on the areas of work undertaken by your firm to ensure staff are aware of the key risks faced by your practice.

For more information on our AML & financial crime public courses, please visit: https://dglegal.co.uk/training/upcoming-premier-training-courses/ or see below.

Checkout issues? Book here.

Contact Us

To discover more about how we can help your firm, please call 01509 214 999, send us an email or complete our free enquiry form.

Services

What clients say

"For anyone with a legal aid contract in Crime I strongly recommend DG Legal with particular reference to Steve Keeling. His expert knowledge, thoroughness and response rate are all second to none. We are retainer client’s and I must say the service really is impeccable. We have held a legal aid contract for a very long time now however, since being with Steve Keeling, whom not to mention was previously employed by the LAA for a number of years, we have passed all of our audits with flying colours. At the end of a recent audit the auditor in fact stated the LAA was very impressed with our firm. I have to say DG Legal really are the best when it comes to compliance."

Gurdip Kaur,
Practice Manager, Mann & Co