Legal professionals and anti-money laundering (AML) is nothing novel, they have been within scope of the UK’s legal and regulatory AML framework for over two decades, via their inclusion within the third EU Money Laundering Directive, and the Money Laundering Regulations 2007. The 2017 iteration of those regulations, applies in relation to the following services often provided by legal professionals:
- Buying and selling of real property or business entities
- Managing of client money, securities or other assets
- Opening or management of bank, savings or securities accounts
- Organisation of contributions necessary for the creation, operation or management of companies
- Creation, operation or management of trusts, companies, foundations or similar structures.
Legal professionals are required to put into place a comprehensive AML framework and controls, which must include the following measures:
- An Enterprise-Wide Risk Assessment
- Policies, Controls, and Procedures
- Customer Due Diligence
- Enhanced Due Diligence
- Ongoing Monitoring
- Record Keeping
- Appointing a Nominated Officer
Additionally, AML frameworks must consider obligations laid out within the Proceeds of Crime Act 2002, where suspicious activity is identified and must therefore be reported, as well as financial sanctions prohibitions.
“Solicitors are ideally placed to detect money laundering, but many are leaving themselves and society at risk”
– Solicitors Regulation Authority (SRA) - Risk Outlook 2019/20
Back to top
What are the main risks?
The legal sector is considered to represent a high money laundering risk, according to the UK’s National risk assessment of money laundering and terrorist financing, both in 2015 and again in 2017.
The primary risks include:
- Complicit legal professionals
- Property purchases
- The misuse of client accounts
- Poor AML frameworks.
Legal services can potentially provide credibility and a ‘veneer of respectability’, making them attractive to those wishing to launder the proceeds of criminal activity into the legitimate financial system. Involvement of legal services by legal professionals will often be wilfully or unwittingly negligent, but there are some that are complicit.
Solicitors have been identified as offering a particularly high degree of risk, due to the range of services that they provide. This is especially true where different firms are used, and the work that they undertake is compartmentalised to decrease oversight and transparency. Their assistance can allow a greater degree of complexity to be applied to business arrangements and transactions, so that nefarious activity can be better obscured.
Complex trust and company formation can allow Ultimate Beneficial Ownership arrangements to be hidden, and illicit funds, including those derived from tax evasion, to be obfuscated within high value transactions, especially where linked to property sales. Risk increases further where such transactions have a cross-border element, involving jurisdictions with weak AML legal and regularity frameworks, and corrupt public officials.
Poor controls and monitoring can allow criminals to deposit illicit funds into client accounts that have been set up, legitimately or otherwise, by professionals at legal firms. Inadequate governance, roles and responsibilities, policies, procedures, and training and awareness can also result in legal services being a weak link in the fight against money laundering, and an attractive route for criminals to funnel their ill-gotten gains. Low levels of internal and external reporting of suspicious activity have, unfortunately, also been evident over a number of years.
The Solicitors Regulation Authority has separately highlighted some key issues, for example, low levels of Suspicious Activity Reporting by legal firms, and high number of risk assessments that do not include, either adequately, or at all:
- Factors relating to doing business with clients from high-risk jurisdictions
- The delivery method of their services.
Back to top
What common deficiencies has bdo identified?
Through we have conducted on behalf of law firms, both in the UK and internationally, we as well as the SRA have identified a number of common deficiencies which often required urgent remediation:
Governance and Oversight:
- Poor ‘tone from the top’, senior management and committee feedback and challenge
- Inadequate oversight by the Second and Third Lines of Defence
- Poorly designed Enterprise-Wide Risk Assessments
- Unclear and inadequate approach to Customer Risk Assessments, without consideration of all pertinent risks or proper articulation within policies and procedures.
Policy and Procedures:
- Internal guidance misaligned with legal requirements, supervisory expectations, and industry standards
- Inadequate approach to screening all parties related to a client relationship, including beneficial owners and controllers
- Unclear and inconsistent customer risk rating
Ongoing Monitoring and Suspicious Activity Reporting:
- Inconsistent SAR submission methods, and weaknesses in the audit trail for such reports
- Lack of proactive periodic monitoring for medium and low risk clients
- Lack of formal and consistent ongoing monitoring of transactions
Training and Awareness:
- Training insufficiently risk based, or tailored for those undertaking specific roles and responsibilities, especially for those in key AML related roles
- Lack of a ‘training needs assessment’, to formally define what training needs to be undertaken by staff in different roles/ teams.
Back to top
What are the consequences for non-adherence?
With the recent expansion in the SRA’s 2020/21Business Plan to include additional AML regulatory visits to firms and monthly analysis of AML Policies and Procedures, the risks of failing to adhere to all pertinent legal requirements, supervisory expectations, and industry standards, can be substantial. Once referred to the Solicitors Disciplinary Tribunal, firms and individual solicitors can potentially expect:
- Prohibition Orders
- Revocation of Recognised Body Status
- Variation of conditions on practising certificate
- Suspension (for a fixed or indefinite period)
The above measures can also lead to substantial reputational damage, and loss of current or prospective business opportunities. The costs of remediating any deficiencies can also be high.
Back to top
How can BDO help?
Our industry leading Economic Crime Advisory team has a wealth of knowledge and diverse expertise, across both the Financial Services (FS) and non-FS sectors. By understanding your needs and business model, we can not only help to develop any specific AML controls such as an EWRA, CDD or Governance frameworks, but also develop a complete, holistic, and robust AML/CFT framework from the ground up, to ensure full compliance with the legal requirements, supervisory expectations, and industry standards.
Alternatively, we can assess, on a Review and Recommend basis, the AML/CFT framework that is already in place and provide you with a Third Line of Defence independent granular assessment of the robustness of your controls.
Where there are specific framework gaps, such as policies and procedures, staff training EWRA or compliance monitoring, we can focus specifically on those. We also have a track record in the provision of tailored AML/CFT training to staff as well as Senior Management, which can be delivered onsite or on a remote-basis.
We have over 200 specialists in our UK team working with a wide range of firms across the full FS and non-FS spectrum. As the world’s fifth largest accounting and professional services firm, we work with many of the world’s largest and most successful organisations and offer the full range of services you would expect of a firm of our calibre.
Our team brings extensive experience from working on regulatory engagements and internal audits, and draws on different perspectives gained as advisers to international organisations across multiple sectors and regulatory regimes such as the SRA, FCA, HMRC and UKGC.
If you have any queries please contact Fiona Raistrick, Nick Carter-Pegg or Hassan Elsoussy.
Download our full brochure and examples of our work.
Back to top