How to avoid AML fines and reputational damage

The SRA recently warned that it may need to get tougher on routine non-compliance and is weighing up whether to extend automatic fines to other areas, including failure to complete mandatory AML and diversity data returns, which could attract fines of up to £25,000

Amy Bruce |Marketing manager at Osprey Approach|

The latest annual AML Report from the Solicitors Regulation Authority (SRA) makes for sobering reading. Despite the 2017 Money Laundering Regulations having been in place for six years, almost a third of law firms are failing to get the basics right, leaving themselves open to large financial penalties.

In response, the SRA has brought enforcement action against a combined total of 47 firms and individuals over a 12-month period. Just last month, a prominent South-West law firm was fined over £100,000 for failing to act over money laundering ‘red flags’ on three property transactions.

Client and matter risk assessments falling short

From reading the SRA’s recently published Warning Notice, it’s clear that the regulator is unhappy with firms’ ability to conduct effective risk assessments on clients and transactions. Over 50% of risk assessments checked by the AML investigation team were not compliant with the Money Laundering Regulations.

The SRA highlighted the following risk assessment concerns:

  • not completed when they should be and treated as a one-time event, rather than being continually reviewed;
  • basic, tick-box based, without the ability for a fee earner to record their risk rationale;
  • based on templates, which are not aligned to the firm-wide risk assessment; and
  • reliant on complex risk-scoring systems that are not consistently completed or understood.

The SRA outlined their expectations when addressing AML and completing client due diligence. First, firms must monitor fee earners to ensure the policies in place are being followed. This involves effective training, continuous reviews, and proactive control measures.

The SRA expects firms to record the rationale for the risk rating assigned to a client or matter to complete the audit trail. A record of justification to the rating is expected to show how the decision was made.

It’s important that firms conduct ongoing monitoring on clients and matters to ensure the risk is consistent with the rating given. As new details and information is collected, additional risk assessments may need to be completed and recorded.

And finally, ensure risk assessment templates are tailored to the firm’s policies and enable a comprehensive record of the assessment to be carried out.Access the best practices for staying AML compliant here.

LPM Conference 2024

The LPM annual conference is the market-leading event for management leaders in SME law firms

Growth amid inflation

Strategies for economic resilience