How to mitigate your firm's money laundering risk

Rebecca Atkinson examines the steps that solicitors and law firms can take to mitigate money laundering risk once it has been assessed.
Solicitor working late

In my last blog, I wrote on how to conduct your firm-wide anti-money laundering (AML) risk assessment under regulation 18(1) of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.

In this follow-up blog, we will explore how to mitigate the AML risk that your assessment has highlighted.

Remember the purpose of the AML assessment, and policies, controls and procedures

The purpose of the assessment is to understand the firm’s AML risk, and put in place policies, controls and procedures (PCPs) to mitigate the risk identified.

There are a number of PCPs that are mandated by the regulations, as set out briefly below:

  • appoint an officer responsible for compliance with the regulations – this is the money laundering compliance officer (MLCO)
  • appoint a nominated officer – this is the firm’s money laundering reporting officer (MLRO)
  • carry out screening of relevant employees
  • conduct an independent audit to examine the effectiveness of the PCPs
  • ensure that relevant persons receive training on money laundering, terrorist financing and data protection
  • conduct client due diligence
  • having a policy and process around the reliance on third parties’ due diligence investigation
  • having a policy and process around the keeping of records and their destruction.

Steps that can be taken to mitigate AML risk

Once your firm has assessed its AML risk and understood the PCPs outlined above, your risk assessment should set out your firm’s plans to tackle the risk identified, or the steps that it already takes to mitigate AML risk.

Below are some possible risks that a firm may have identified and suggestions on how this could be mitigated.

Client risk

Countries and geographical areas the firm operates or receives funds from



Delivery of services

The firm's people

Remember that the firm wide risk assessment is not a one-off event and should be regularly reviewed and updated. Risks change and so should the firm's AML assessment and resulting PCPs. 


Views expressed in our blogs are those of the authors and do not necessarily reflect those of the Law Society.

Protect yourself and your firm from money laundering

Assessing and Addressing Risk and Compliance in Your Law Firm, written by Rebecca Atkinson, outlines how to conduct a gap analysis and sets out how to manage risk in your practice. It also contains draft risk registers, policies and procedures that can be tailored to suit the needs of your firm.

Learn how to improve the quality of your risk assessment

Join the Risk and Compliance Section to stay up to date with your regulatory obligations.

Maximise your Law Society membership with My LS