A professional firm isn’t like a hospital or place of worship, and, with the obvious exception of representation in criminal matters, lawyers or accountants aren’t like doctors, priests and imams. That’s to say, they aren’t there to help anyone who needs it, regardless of how dark their heart is. Particularly when it comes to financial arrangements, it’s important to remember that…
Some are meant to be unwelcome.
This is the hard reality behind what’s continuing to happen in the world of financial crime prevention. And although there’s another nine months to go before the next SRA and ICAEW Annual Reports, at the start of the year it’s worth highlighting the core AML obligations for both professions under the UK Money Laundering Regulations (MLR) and then looking at the broader direction of travel.
Customer Due Diligence (CDD)
This is critical. Firms must take steps to identify their clients and verify their identities. This includes obtaining:
- Name and Address: Full name and residential address of the client.
- Identification Documents: Government-issued identification documents such as passports or driving licenses.
- Date of Birth: Verification of the client’s date of birth.
- Beneficial Ownership: Identification of the beneficial owner in cases where someone is acting on behalf of another person or when establishing the ownership structure of a company, partnership, or trust.
Enhanced Due Diligence (EDD)
In situations where there is a higher risk of money laundering, then applying the required risk-based approach means that Enhanced Due Diligence measures must be applied. This includes:
- Higher Risk Clients: Clients from high-risk countries, politically exposed persons (PEPs), or those involved in complex or unusually large transactions.
- Additional Verification: Obtaining additional information about the client’s source of funds, source of wealth (where appropriate), the purpose of the transaction, and the nature of the business relationship.
- Ongoing Monitoring: Regular reviews and updates to ensure continued compliance with AML regulations.
Internal Controls and Monitoring
Professional firms must establish internal controls and monitoring systems to detect and prevent money laundering. This includes:
- Risk Assessments: Conducting regular risk assessments to identify potential vulnerabilities and implementing measures to mitigate these risks. Risk Assessments must be at the Practice Wide level (PWRA) as well as at the client and matter level (CMRA). NB For entity clients, this means that firms must at least have a core understanding of the entity’s business model and business activities.
- Policies and Procedures: Developing and maintaining comprehensive AML policies and procedures to e.g. guide staff in identifying and reporting suspicious activities or collecting the right information during onboarding.
- Training: Providing regular training and awareness to employees on AML regulations, risk assessment, and the identification of suspicious transactions.
- Assurance: Having an effective albeit proportionate assurance programme to ensure a firms compliance with the policies and procedures.
Record Keeping
Accurate and comprehensive record-keeping is essential under the MLR. Professional firms must maintain records of:
- Client Identification and KYC: Copies of identification documents and verification records.
- Transactions: Detailed records of all transactions, including the nature and amount of the transaction, the parties involved, and the date of the transaction.
- Suspicious Activity Reports (SARs): Records of any suspicious activities reported to the relevant authorities.
- Training Records: what training and awareness has been delivered and to who.
Reporting Suspicious Activity
Professional firms are required to report any suspicious activity to the National Crime Agency (NCA) through Suspicious Activity Reports (SARs). This includes:
- Identification of Suspicious Activity: Recognizing transactions or behaviours that are unusual or inconsistent with the client’s known activities or which are apparently at odds with their stated legal objectives.
- Submission of SARs: Submitting SARs within the required timeframe, typically within 30 days of identifying the suspicious activity.
Compliance with Sanctions
Accounting firms must comply with financial sanctions imposed by the UK government. This includes:
- Screening: Screening clients and transactions against sanctions lists to ensure compliance.
- Reporting: Reporting any breaches of sanctions to the relevant authorities.
Comparison of ICAEW and SRA Annual AML Reports for 2023-24
Both the ICAEW and the SRA release their respective annual AML reports in around October each year, the most recent ones being the 2023-24 reports issued in October just gone. Not that they’re meant to be competing with each other, but here’s a table summary of their highlights.
| |
SRA |
ICAEW |
| Inspections & Reviews
|
Conducted 237 proactive inspections and 258 desk-based reviews, focusing on assessing and mitigating risk.
|
Supervised 9,911 firms and conducted 1,088 monitoring reviews, with 35% targeting high or high-medium risk firms. |
| Compliance Findings
|
Reported improvements in how firms manage risk, with only 12% of client and matter risk assessments deemed ineffective, compared to 51% in the previous year. |
Found that 80.7% of firms were compliant or generally compliant with AML regulations, emphasizing the effectiveness of compliance measures. |
| Enforcement Actions
|
Took regulatory action against 78 firms and individuals, issuing 44 fines totalling £556,832. |
Took enforcement action against 39 firms, resulting in fines totalling £92,025, and excluded one member for facilitating money laundering. |
| Key Recommendations
|
Risk assessments. Controls. Training. |
Risk assessments. Controls. Training. |
| Resources
|
Your AML obligations – SRA
Money laundering – SRA
Topic guide: Anti-money laundering – SRA |
AML resources – ICAEW
Anti-money laundering – the essentials – ICAEW
|
The increased scrutiny is a response to international efforts led by the FATF (Financial Action Task Force) and isn’t just a UK phenomenon. FATF mandated global standards require countries to include professional firms (labelled ‘DNFBPs’ – Designated Non-Financial Businesses and Professions) within the scope of their AML regs and enforcement actions are following. Following a similar case in Singapore in 2017, in November 2020, the UAE Ministry of Justice fined seven law firms AED 100,000 each (around £20,000) for violating anti-money laundering (AML) and counter-terrorism financing (CTF) regulations. In the EU, US and Canada, professional firms are covered by the AML laws and in Australia, starting from July 2026, the ‘Tranche II’ requirements mean that the full stack of AML/CTF obligations will apply to lawyers and accountants – with predictable consequences in terms of inspection, enforcement, financial penalties and license suspensions.
In the UK the supervisory pressure will no doubt continue examples of this being the requirements for reporting set out in the Economic Crime and Corporate Transparency Act ECCTA and the requirements related to proliferation financing risk.
In such an environment, it’s essential that professional firms keep abreast of industry sector updates and have efficient, reliable, consistent processes and procedures which can enable responsible compliance without compromising their focus on business success and serving clients.
And in our next post, we’ll look at how AI-enabled automation can help in achieving that.
Tim Parkman
Director, Client Delivery
Marker AI is a digital onboarding platform for professional firms which comes with know-how like this built in. Contact us here for a conversation.
