Anti-money laundering guidance for the legal sector: addendum
This is an addendum to the 2023 edition of the LSAG guidance. It is provided as an update and to illustrate how our attitude towards regulation is developing over time.
This guide covers:
- economic crime levy
- discrepancy reporting
- register of overseas entities
- Economic Crime and Corporate Transparency Act 2023
- company due diligence
- de minimis exception
- mixed-property transactions
- supply chain risk
- source of funds
- client due diligence
- beneficial ownership
Until approval by HMT, this addendum is supplementary to the main LSAG guidance and does not supersede it.
It is not for your supervisor to provide specific legal advice and/or confirmation on the application of the Money Laundering Regulations (MLRs) or other regulation or legislation.
You must satisfy yourself on your legal/regulatory obligations under the MLRs and that you have complied with them.
While care has been taken to ensure that this addendum is accurate, up to date and useful, members of LSAG will not accept any legal liability in relation to it.
Economic crime levy
The economic crime levy (ECL) is payable if your annual turnover exceeds £10.2 million.
The ECL is payable to HM Revenue and Customs (HMRC) and falls due each accounting period your turnover exceeds the threshold amount.
- law firms which are supervised by one of the professional body supervisors and whose turnover does not exceed £10.2 million in their preceding accounting period do not need to register and are not liable for the levy
- law firms which are supervised by one of the professional body supervisors only but whose turnover does exceed £10.2 million in the preceding accounting period must both register with HMRC and pay the required levy to HMRC
- law firms which are dual regulated by one of the professional body supervisors and the Financial Conduct Authority (FCA) should follow the FCA's registration and payment process. They should not register with HMRC and will not need to pay a separate levy
See the UK government's ECL policy paper for further guidance and a link to the register.
Detailed guidance on when a discrepancy needs to be reported under regulation 30A of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 can be found on:
Register of overseas entities
Overseas entities wishing to buy, sell or transfer property or land in the UK must register with Companies House.
An overseas entity is defined as a legal entity governed by the law of a country or territory outside the UK. For the avoidance of doubt, this includes Crown Dependencies and British Overseas Territories.
This requirement applies to overseas entities who own real property in the UK and have done so since:
- in England and Wales, on or since 1 January 1999
- in Scotland, on or since 8 December 2014
- in Northern Ireland, on or since 5 September 2022
This is a separate register to that set out in regulation 28(9), so you are able to rely on the register of overseas entities when establishing the persons of significant control of a company.
Entries on the register of overseas entities may be obtained on application to Companies House.
More information is available in the UK government's collection on the register of overseas entities.
Economic Crime and Corporate Transparency Act 2023 (ECCTA)
ECCTA received royal assent on 26 October 2023. It introduces a number of changes to corporate structures and registration, as well as amending the Proceeds of Crime Act 2002.
Company due diligence
ECCTA has brought in a number of changes to the way that companies are registered and what information must be declared on an ongoing basis.
These increase the volume and detail required on registration and in annual returns to Companies House.
While this information will be very useful in assessing risk and completing due diligence, regulation 28(9) is not affected.
It does not, therefore, in itself satisfy the obligation to carry out due diligence on bodies corporate under regulation 28(4). However, it may usefully form part of your wider checks.
De minimis exception for paying away funds on terminating relationships
ECCTA has amended the Proceeds of Crime Act 2002 so, under certain circumstances, an offence will not be committed in the following circumstances:
- criminal property is transferred or converted under section 327(1)(c) and (d)1
- a person acquires, retains, uses or controls criminal property or on behalf of another person under section 328(1)
- criminal property is used, acquired or possessed under section 329(1)
if the transaction:
- takes place in the regulated sector
- involves money or property valued at less than £1,000
- involves transferring or handing over to the client money or other property which belongs to or is owed to the client
- is made for the purpose of exiting the relationship with the client, and
- if CDD on the client has been completed
There is accordingly no need to seek appropriate consent in order to make such a transfer to the client if all the conditions above are satisfied.
However, a reporting obligation under sections 330/331 would still arise if a suspicion has been formed in the course of regulated sector work so, subject to privilege considerations, a information suspicious activity report (SAR) may still be needed.
It should be noted that the exemption is extremely narrowly defined, and therefore it is LSAG's opinion that it is likely to apply very rarely.
The home secretary may also make regulations excluding certain transactions or sectors from these provisions.
Mixed-property transactions (in force from 15 January 2024)
ECCTA also provides a further exemption to the above offences in the case of transfers where:
- the firm is carrying on business in the regulated sector, and
- the firm makes the transfer in connection with holding any money or assets for the client,2 and
- there is knowledge or suspicion that part but not all of the money or assets is criminal property (the suspect part being the "relevant criminal property"), but
- it is not possible, at the time the transfer takes place, to identify the part of the funds or property that is the relevant criminal property, and
- the value of the funds in the account or accounts, or of the property which continues to be held by the firm, is not, as a direct or indirect result of the transfer, less than the value of the relevant criminal property at the time of the transfer
As with the 'paying away' exception described above, if all these conditions apply then there would be no need to seek appropriate consent in order to make such a transfer.
However, a reporting obligation under sections 330/331 (an information SAR) would still arise if a suspicion has been formed in the course of regulated sector work, subject to privilege considerations.
Again, this is a very particular set of circumstances and LSAG would strongly caution against any attempt to enter into a transaction in anticipation of using these exemptions.
If you are unable to determine whether this section would apply to funds or assets you or your firm are handling, we recommend you submit a defence against money laundering SAR in the usual way.
Supply chain risk
A supply chain refers to the end-to-end activities/actions involved in the provision of a service/product to the end customer or beneficiary.
A simple supply chain could involve only a few individuals/companies while a more complex supply chain could involve multiple service providers.
Understanding the purpose of the service you are providing and who is ultimately benefitting from it is important in being able to identify and manage any supply chain risks.
This could involve making preliminary enquiries of your client to help you understand the purpose of the whole instruction and how your instructions fit into the overall supply chain.
If necessary, you should also look beyond your own instruction to understand the totality of the transaction and identify any risks.
This may include taking steps to understand the role of other professionals in the supply chain – for example, accountants or company formation agents – and ensuring that these services fit with your understanding.
Further guidance on source of funds (SoF)
In circumstances where it becomes known that the client has received funds for a transaction from a third party, you should also seek to understand and obtain evidence relating to the third party's underlying SoF.
The extent to which you should obtain, review and evidence third party SoF is dependent upon the risk profile of the client or matter.
A third party's overall source of wealth should also be considered in higher risk situations (see 6.18.3 for further guidance in establishing source of wealth).
Without understanding the SoF of both client and associated third parties to the transaction, you are unlikely to be able to carry out an effective risk assessment or ongoing monitoring under regulations 28(11) to (13).
You must also bear in mind your obligation under regulation 28(16) to demonstrate that the measures you have taken to carry out due diligence are appropriate, with reference to both your practice-wide risk assessment and the relevant sectoral risk assessment.
Suggested approach to client due diligence
LSAG has considered the way in which client due diligence should be undertaken both in relation to natural persons who are clients themselves and those who are beneficial owners of a corporate client.
Our proposed amendments to the approach set out in the LSAG guidance are as follows.
While this does not supersede the HM Treasury-approved LSAG guidance, we suggest that the following is an appropriate interpretation.
In the following:
- text which is
struck throughis a proposed deletion
- text in bold is a proposed addition
Natural persons (6.14.4)
The name, date of birth and current address of a natural person should all be identified, and practices may use government photo-card identification (including passports and driving licences) to verify these details.
To do this, you should obtain
either documents that verify name, address and date of birth, for example:
- one government document which verifies
eitherthe client or beneficial owner's name and address, or nameaddress and date of birth, or
- a government document which verifies the
client'sbeneficial owner's full name and supporting documents which verifies their name and either theiraddress and ordate of birth
Non-natural persons (6.14.10)
Regulation 28(3A) states that where the customer is a legal person, trust, company, foundation or similar legal arrangement, the relevant person must identify the customer and take reasonable measures to understand the ownership and control structure of that legal person, trust, company, foundation or similar legal arrangement.
This requirement means tracing ownership back to any ultimate beneficial ownership of the entity by a natural person(s). You must then take reasonable measures to verify the identity of the beneficial owner.
"Reasonable measures" means gathering information and verification that is risk-based, proportionate and effective in mitigation of the identified money laundering and terrorism financing risks inherent in the client or matter being undertaken.
When considering this test of reasonableness, you should consider whether you are comfortable that you would be able to demonstrate and evidence the extent to which you have sought such information and verification, to your supervisor upon request.
It should not be misinterpreted as an allowance to not fulfil your duty to understand and verify the full ownership and control structure of the client.
These reasonable measures to verify a beneficial owner must be considered in the context of the risks posed by the client or matter but may differ to those you may use to verify the identity of a client that is a natural person.
Where applicable having regard to the circumstances, you should verify the identity of the beneficial owner(s) to the
same equivalent standards as that applied to clients who are natural persons, as described in 6.14 and/or 6.14.4.
In other, lower risk situations and in limited circumstances (such as when the relevant person already knows and has previously verified the identity of the beneficial owner) taking reasonable measures to verify the beneficial owner may mean, for example, taking verification information from non-independent sources (for example non-certified documents or information from reputable websites).
To evidence why
identification verification of beneficial owners through personal identity documents is not undertaken, it is important to document your overarching understanding of the individual's background, circumstances and nature of the transaction.
It is important to note that you are seeking to verify the beneficial owner's identity, not simply that the identity in question is a beneficial owner. You may consider a range of sources to do this provided they are appropriate to the risk posed by the client or matter.
Where you have been unable to verify the identity of the beneficial owners of a non-natural person, you should consider the reasons for this and whether this should lead to a disclosure to the NCA.
Further considerations should be given to whether to act or continue to act for the client, particularly where the complexity of the structures is out of your normal scope of business or make completing CDD difficult.
You should record all your considerations as a part of the client or matter risk assessment; for more information, see section 5.
Erratum: beneficial ownership
In the current LSAG guidance at paragraphs 4.2.2 and 6.16.2, beneficial ownership is expressed as owning "25% or more" of the shares or voting rights in a body corporate.
This is incorrect and should read "more than 25%" in line with regulations 5(1)(b) MLRs 2017.
- at 6.18.1, "less than 25% ownership" should read "25% or less ownership"
- at 6.18.2, "ownership thresholds below 25%" should read "ownership thresholds of 25% or less"
Find out more
We’re here to help you keep ahead of your regulatory obligations and minimise risk with a package of expert guidance, advice and resources.