Are your anti-money laundering policies, controls and procedures (PCPs) up to scratch?

With the SRA undertaking spot checks and issuing fines, can you be sure that your firm’s anti-money laundering arrangements are sufficiently in order to withstand such external scrutiny?  In 2021 the SRA undertook 85 visits to firms, 70 desk-based reviews and reviewed 98 firm-wide risk assessments.  They had 273 reports made to them about suspected breaches, issued 16 internal sanctions and referred 13 cases to the Solicitors’ Disciplinary Tribunal.

In 2022 the plan is to make even more visits, with an emphasis on the fundamentals.  These include your firm-wide risk assessment, one of the key requirements of the The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Regulations).  This critically important document is the starting point for all anti-money laundering compliance (if you don’t know your risk you can’t put steps in place to mitigate it) and should take into account, amongst others, client, geographical, transactional and service delivery risks as well as the views of your regulator.

Having assessed your risk, do you use this to inform your risk-based approach to compliance with the Regulations, including customer due diligence (CDD)?  The onset of the pandemic and the inability of firms to meet their clients face to face meant that many were forced to re-think their usual approach to CDD.  Electronic verification and identification came into its own with the recent Legal Sector Affinity Guidance referencing, for the first time, that this may be a suitable option provided that it is “through a platform that is a reliable source” and by that meaning that it is “secure from fraud and misuse and capable of providing an appropriate level of assurance that the person claiming a particular identity is in fact the person with that identity, to a degree that is necessary for effectively managing and mitigating any risks of money laundering….”

Your firm-wide risk assessment, the policies, controls and procedures you put in place to manage your risk, your approach to CDD and the controls you have in place to address financial sanctions are the fundamentals the SRA will be putting under the spotlight if they visit you.  Common errors reported by them include inadequate training and supervision, poor policies, controls and procedures, employee screening and staff not following the procedures you do have in place (in particular in relation to CDD, matter risk assessments and ongoing monitoring).

If you need assistance with any of these matters we can help you, be that reviewing and revising your risk assessment (or helping you draft one), drafting and reviewing your PCPs, reviewing your approach to CDD or training your staff.

Contact Us