How ‘risky’ is the Legal Sector and what are the new AML requirements for Firms in 2021

March 2021

On 17 December 2020, HM Treasury and the Home Office published the 2020 UK National Risk Assessment (“NRA”) of Money Laundering and Terrorist Financing. This is the UK’s third National Risk Assessment and a key component in its ongoing commitment to combat economic crime. Since the previous NRA in 2017, the Financial Action Task Force (“FATF”) found the UK to have a robust understanding of its money laundering and terrorist financing risks. 

The NRA acknowledges that although the UK’s knowledge of the money laundering and terrorist financing risks has improved greatly since 2017 and has in turn led to a strengthened approach, the Government has not yet seen sufficient evidence to support a reduction of risk in any sector. The legal sector continues to be assessed as “high risk” for money laundering exposure and low risk in respect of terrorist financing.  The NRA states that that there is no evidence that the risks for the legal sector have changed since 2017, but there is an acknowledgment that the level of supervision of legal practitioners has improved since then. 

The Legal Sector Affinity Group “(LSAG”), with guidance from the Solicitors Regulation Authority (‘‘SRA’’) and the UK’s legal sector professional bodies and supervisors, has completed an extensive revision and redraft of the UK AML guidance for the sector. The updated guidance published on 20 January 2021 is awaiting approval by the Treasury and replaces previous versions of the guidance. This updated version of the guidance includes new requirements for firms and builds upon the previous AML guidance. The new guidance implements The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017, and incorporates the subsequent amendments implemented in January 2020.

Key Findings of HM Treasury’s NRA

  • The NRA identified that the services which expose the legal sector to the highest risk are conveyancing, trust and company services.  The misuse of client accounts remains a concern.  
  • In addition to the purchase of high value properties in London, the NRA indicated that areas of concern (which requires further data) includes the purchase of high value properties in university towns.  Commercial property is also capable of being exploited to launder criminal funds. Red flags include the use of complex structures to acquire property; cash buyers, where the source of the money used to purchase the property is unclear or unknown; and where the purchaser is identified as a politically exposed person (“PEP”), particularly one from a high risk jurisdiction.
  • The misuse of UK corporate structures is a regular theme in risk assessment. The NRA highlights that where businesses do not fully comply with their obligations under the money laundering regulations the risk of unwittingly providing trust or company services to criminals is increased.  It illustrates the point by highlighting recent compliance reviews by the legal sector supervisors.
  • Misuse of client accounts was also raised. The strict controls on client money was acknowledged as a mitigating factor, but abuse by criminals through “fake” litigation and scam investments schemes were highlighted. 
  • The concept of “sham” litigation is one which is covered in slightly more detail.  A concern (which is difficult to evidence) has been raised that criminals may “create” a dispute with another party and sue through the UK courts.  A judgement or indeed a settlement agreement would then justify the transfer of illicit funds.  This is acknowledged to be an area which is still unclear.

What do these findings mean for you?

Following on from the NRA, the SRA has published its risk assessment for the legal sector.  Under the money laundering regulations, both the NRA and risk assessments developed by the sector supervisors (the SRA for firms in England and Wales) must be taken into account in your own firm’s business wide risk assessment.  You should therefore revisit your risk assessment in light of the findings and changes within the latest NRA and (for those to whom it is relevant) the SRA risk assessment. For example, you should consider:

  • Whether your customer risk assessment methodology needs to be updated to take account of changes to the inherent money laundering and terrorist financing risks of certain sectors, or the addition of new sectors.  This will depend on the nature of your business and your client base
  • Depending on the geographic spread of your client base, whether the concern raised about “sham” litigation is a factor to consider.  Although litigation is not a regulated service, any use of client accounts to receive settlement amounts; damages or other awards would fall within the scope of AML regulation
  • Whether the details provided in relation to the money laundering and terrorist financing risks of certain activities mean that the inherent risk of any of your clients has changed. If so, 
    • Is a trigger-event review of the due diligence information held on such clients required?
    • Are such customers still within the Firm’s overall risk appetite and tolerance?
  • How best to incorporate the findings of the 2020 NRA and SRA assessments into your own business-wide money laundering and terrorist financing risk assessment.  Business wide risk assessments were an area which came in for particular criticism in the SRA and Law Society of Scotland review findings last year and therefore this provides an opportunity to revisit that of your firm. 

Key changes:

  • Revised, more granular contents section with embedded links to sections for ease of navigation
  • Introduction of key AML Compliance Principles
  • Revised, updated and expanded AML Governance and Internal Controls sections
  • Fully revised and expanded Risk Assessment section (firm-wide, client and matter emphasising their importance to firms)
  • Expanded guidance on understanding and evidencing source of funds and source of wealth;
  • A new section on technology – expanding on the requirement for firms to consider and understand the purposes and basis on which they are using AML-related technology (along with its underlying functionality) in order to use it effectively to mitigate risk. It also highlights need for firms to acknowledge the implications/risks of the global pandemic and the subsequent technological and procedural changes that have been a result
  • Updated training section (at least annual, appropriate to role and linking to AML performance)
  • Fully revised and updated Legal Professional Privilege section with new LPP/SAR reporting decision-making template
  • Companies House discrepancy reporting requirements.

What does this mean for you?

The Legal sector is fraught with AML challenges and risks and, over recent years, the issues have only become more complex and prominent leading to increased concerns and costs for firms navigating and attempting to comply with the previous and updated regulatory requirements. The issues have been compounded by the COVID pandemic with economic and social changes that Firms need to be aware of as this may lead to increased AML risks and some firms having a higher risk tolerance.

The Money Laundering Regulations and guidance changes have led to increases in the number of strict requirements “musts” as well as implementing changes so firms may be required to justify why they have deviated or fell short of supervisory expectations “shoulds”. These changes will require firms to review and implement changes to their AML governance, policies, controls and procedures.

What are the consequences for non-adherence?

It is important to highlight that the SRA continues to monitor firms very closely and expects them to adhere to all pertinent legal requirements, supervisory expectations, and industry standards. The failure to adhere is likely to lead to disciplinary action including:

  • Fines
  • Reprimands
  • Prohibition Orders
  • Revocation of Recognised Body Status
  • Variation of conditions on practising certificate
  • Suspension (for a fixed or indefinite period)
  • Imprisonment

With the recent increase in the SRA’s budget for AML supervision and the risk-based firm visits and inspections planned by supervisory bodies such as the SRA, the consensus is that the SRA is committed to raising the bar in regards to firm’s compliance with the AML requirements which is likely to be followed by further inspections and disciplinary action for non-complying firms. Disciplinary action often leads to high costs for firms to remediate the deficiencies, possible damage to their reputation and loss of current and future business.

How can BDO help?

Our industry leading Economic Crime Advisory team has a wealth of knowledge and diverse expertise, across most regulated sectors. We act as a strategic partner, providing clear advice which is both balanced and constructive. We have experience in reviewing and helping law firm’s to enhance their risk management frameworks, including policies and procedures, business wide risk assessments, customer risk assessments, and the provision of independent and holistic reviews of financial crime frameworks. 

Please don’t hesitate to get in touch if you have any queries or for confidential discussion about your AML framework. Contact Fiona Raistrick for more information. 


Need advice?

Discuss how our industry advisers can help your business.


We can help your firm address accountancy, tax and wider business and strategic issues.


Register for professional services related BDO events and webinars near you.