How to mitigate your firm's money laundering risk
Rebecca Atkinson examines the steps that solicitors and law firms can take to mitigate money laundering risk once it has been assessed.
In my last blog, I wrote on how to conduct your firm-wide anti-money laundering (AML) risk assessment under regulation 18(1) of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
In this follow-up blog, we will explore how to mitigate the AML risk that your assessment has highlighted.
Remember the purpose of the AML assessment, and policies, controls and procedures
As set out in the previous blog, the purpose of the assessment is to understand the firm’s AML risk, and put in place policies, controls and procedures (PCPs) to mitigate the risk identified.
There are a number of PCPs that are mandated by the regulations, as set out briefly below:
- appoint an officer responsible for compliance with the regulations – this is the money laundering compliance officer (MLCO)
- appoint a nominated officer – this is the firm’s money laundering reporting officer (MLRO)
- carry out screening of relevant employees
- conduct an independent audit to examine the effectiveness of the PCPs
- ensure that relevant persons receive training on money laundering, terrorist financing and data protection
- conduct client due diligence
- having a policy and process around the reliance on third parties’ due diligence investigation
- having a policy and process around the keeping of records and their destruction.
Steps that can be taken to mitigate AML risk
Once your firm has assessed its AML risk and understood the PCPs outlined above, your risk assessment should set out your firm’s plans to tackle the risk identified, or the steps that it already takes to mitigate AML risk.
Below are some possible risks that a firm may have identified and suggestions on how this could be mitigated.
Countries and geographical areas the firm operates or receives funds from
Delivery of services
The firm's people
Remember that the firm wide risk assessment is not a one-off event and should be regularly reviewed and updated. Risks change and so should the firm's AML assessment and resulting PCPs.
Views expressed in our blogs are those of the authors and do not necessarily reflect those of the Law Society.
Protect yourself and your firm from money laundering
Read part one of this series: what you need to know about your firm's risk assessment
Assessing and Addressing Risk and Compliance in Your Law Firm, written by Rebecca Atkinson, outlines how to conduct a gap analysis and sets out how to manage risk in your practice. It also contains draft risk registers, policies and procedures that can be tailored to suit the needs of your firm.
Join the Risk and Compliance Service to stay up to date with your regulatory obligations.