The new Money Laundering Regulations 2017 have resulted in several substantial changes to the way legal practitioners comply with their anti-money laundering (AML) obligations. A summary of these is available on pages 13-14 of the legal sector guidance on the regulations; we strongly recommend that all practitioners who perform regulated sector activities read the guidance.
One of the most significant changes is the introduction of a requirement for a practice-wide risk assessment (Regulation 18). All regulated businesses must assess in writing how 'risk factors' contribute to a practice’s overall risk profile. For example, regular performance of international conveyancing operations in countries with poor AML controls could heighten the overall money laundering risk faced by a practice. Assessment criteria have not been prescribed, leaving the choice of risk factors to the firm which may at some point have to justify its choice to regulators.
The requirement for a practice-wide risk assessment is separate to the need to risk assess clients or transactions. The internal risk-assessment should specify your practice’s risk tolerance and act as a guide to developing a risk-based approach to customer due diligence (CDD). Appropriate CDD must be performed at client onboarding stage, and ongoing monitoring must take place for all clients. CDD should be revisited when the client’s circumstances or instructions change, and where there’s been a gap in the retainer.
The internal risk assessment should also be used as a basis for the compulsory documented 'policies, controls and procedures' that enable staff to identify and effectively mitigate AML risks when dealing with clients. Regular training must be given to relevant employees, and documented, to help them assess such risks and identify the “red flags” that indicate possible money laundering.
The 'red flags' below are not exhaustive, and training must be provided to keep up to date with the latest intelligence on risk-factors:
- Secretive clients
- Clients established or transacting business in 'high risk' jurisdictions or 'high-risk' sectors
- Complex transactions with no apparent economic or legal purpose
- Unexplained cross-border elements in the transaction
- Large payments from private funds or payments from many individuals or sources
- Unusual pattern of transactions, e.g. an unusually rapid sale after purchasing a property, an unusual valuation, or a rapid change in client-solicitor instructions
- A change in the usual behaviours for long-standing clients, e.g. a transaction which falls outside the client’s usual sector or a higher-than-usual value of a transaction
- Negative press surrounding the client.
The Regulations also now require businesses (where appropriate with regard to their size and nature) to appoint an individual at the level of 'senior management' as the officer responsible for compliance with the Money Laundering Regulations 2017, in addition to the existing requirement to appoint a nominated officer (Money Laundering Reporting Officer). These two roles can be performed by the same person, provided that they possess sufficient knowledge and authority to take decisions affecting the firm’s risk exposure.
Given that the regulations were published in anticipation of the UK’s National Risk Assessment and mutual evaluation by the Financial Action Task Force, a risk-based approach features strongly in the text with implications for the treatment of law firms’ pooled client accounts.
Under the new Regulations, pooled client accounts will be subject to simplified due diligence (SDD) only if a bank or financial institution perceives the business relationship with the firm or practitioner holding the account to be low-risk and information and documents on the identity of the clients on whose behalf funds are held in the account is available on request. The Law Society is discussing with UK Finance how these two requirements might be met. One option is that firms will be asked to sign a standardised statement, which will confirm to the bank that they take reasonable steps to comply with their obligations under the Regulations and are supervised by the SRA.
These changes are only a part of the transformation of the UK’s compliance regime. In addition to the Money Laundering Regulations, the new corporate offence of failing to prevent the facilitation of tax evasion has been introduced via the Criminal Finances Act. The Act creates criminal offences for any entity that fails to prevent the criminal facilitation of domestic or foreign tax evasion by associated persons, which includes not just employees, but also agents and subcontractors. The Law Society has published guidance on the new offence.
OPBAS, a new supervisor of professional body supervisors including the Law Society, is due to become active in January 2018, and will seek to contribute to even out, where possible, differences in supervisory standards across those sectors not regulated by HMRC.
Separately, a new sanctions-reporting requirement for independent legal professionals was introduced this summer, and a Sanctions and AML Bill has been published in the House of Lords, signalling possible future changes to the UK’s sanctions and AML regime.
To keep up to date with developments, please monitor the AML section of our webpage, and contact our AML helpline for free advice on 0207 320 9544.