These were the concluding words of Paul Philip, Chief Executive of the Solicitors Regulation Authority (SRA) in his opening speech at the SRA’s Compliance Officers Conference on 30 October 2019. A chill wind may be blowing in the area of anti-money laundering (AML) compliance. Our past three issues identified various aspects of the SRA’s enforcement activity, but this is set to be ramped up.
The SRA is going to be far more proactive in visiting firms to assess compliance, and will be seeking written assurance from senior partners of all firms which do regulated sector work under The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR). This may expose senior partners to personal risk of disciplinary process beyond that which applies as a principal in the business.
Having previously found 21 per cent of firms’ risk assessments from a sample of 400 to be non-compliant, the SRA is now going to embark on checking risk assessments for 7,000 firms.
The SRA has published its latest Risk Outlook, which focuses on anti-money laundering and the need for firmwide risk assessments, and an updated warning notice, Compliance with the money laundering regulations – firm risk assessment, which can be found on www.legalrisk.co.uk/news. The SRA’s template, checklist and guidance can be found on our Anti-Money Laundering Resources page via www.legalrisk.co.uk/aml; however the SRA cautions against over-reliance on templates and a ‘copy and paste’ approach.
While carrying out independent audit of many larger firms for compliance with Regulation 21 of the MLR, we have observed weaknesses in the documentation of risk assessments at the client and matter level, and in the inception and ongoing monitoring of Politically Exposed Persons (PEPs) and higher risk matters generally. Firms’ policies, controls and procedures do not always reflect what happens in practice.
As the SRA guidance on firm risk assessments observes, it is not enough to say that the firm does not act for PEPs, as the definition of PEP is very wide, may apply to UK citizens (and there are approximately 39,000 in the UK), and might for example include the business partner of a member of the board of Network Rail, Channel 4 or the BBC, the children of certain Church of England bishops or senior office holders of international bodies such as the Red Cross or Amnesty International.
The MLR do not require all firms to have an independent audit of their MLR compliance, but may still benefit from one in the face of the almost inevitable SRA visit. As practising solicitors, our advice is subject to legal professional privilege.
The importance of sanctions checks cannot be overstated: HM Treasury has imposed a monetary penalty of £146,341 on Telia Carrier UK Limited for a breach of financial sanctions regulations, demonstrating that ‘economic resources’ may be provided directly or indirectly.