You are here:
  1. Home
  2. News
  3. Stories
  4. What does the National Risk Assessment mean for law firms?

What does the National Risk Assessment mean for law firms?

1 February 2018

In October 2017 HM Treasury published the second National Risk Assessment (NRA) of money laundering and terrorist financing as significant threats to the UK’s economic security. The NRA makes for interesting general reading about the government’s analysis of those threats, but what does it say about the legal sector specifically, and what in practical terms does it mean for law firms?

A general theme is that professional services are a crucial gateway for criminals looking to disguise the origin of their funds. The NRA states that legal services - like banking and accountancy services - remain at high risk of being abused by money launderers. The term 'high risk' indicates prevalence, rather than signalling criminal or negligent involvement by a sector. The NRA suggests that high-end money laundering almost always requires facilitation by legal services, even if unwitting.

The identification of a sector as 'high risk' means that those working in that sector 'should be vigilant towards the persistent efforts of criminals and terrorists to exploit…vulnerabilities'.

Under Regulation 12 of the Money Laundering Regulations 2017, law firms carrying out regulated activities must perform a practice-wide risk assessment which takes into account the NRA’s findings. In that risk-assessment, firms should calculate what percentage of work is made up by regulated activities, especially those identified as 'high risk' by the NRA.

You should therefore ensure that the conclusions of the NRA are reflected in your firm’s AML policies, controls and procedures, as well as in your risk assessment.

Types of legal services at highest risk

The NRA specifies the following services as most likely to be abused by money launderers:

  • Trust and company formation
  • Conveyancing
  • Client account services.

To mitigate risks when operating in these three specialist areas, solicitors must make sure they comply with the latest AML guidance and pay attention to red flags that could signal the presence of dirty money.

back to top

Trust and company formation

According to the NRA, money laundering investigations often feature the use of trusts and companies as vehicles to hide beneficial ownership. Those service providers who offer, for example, the replacement of nominee directors or registered offices are (it says) most at risk.

The Money Laundering Regulations 2017 empower HMRC to receive the details of those firms that provide trust and company services, which is why a survey requesting this information has been issued by the SRA.

If a client engages you to create and/or manage an entity without seeking legal advice beyond the routine aspects of formation, you should consider whether they are merely attempting to add a layer of legitimacy to their activities through your involvement. Phoenix companies are a classic signal that something untoward may be happening.

To counter the risks posed by 'high risk' activities, solicitors should apply appropriate levels of customer due diligence and enhanced due diligence before providing such services. Solicitors should make enquiries of the client to ensure they understand the nature and purpose of clients’ instructions, and are alert to the warning signs listed in this article.

Red Flags: Trust and company formation

  • secretive or suspicious behaviour by the client
  • formation of a shell company in an offshore jurisdiction without a legitimate commercial purpose
  • interposition of an entity in a transaction without any clear need
  • unnecessarily complex corporate structures.

Special attention should be paid where trust and company services are provided in conjunction with the other services identified as high risk and where they involve high risk jurisdictions.

back to top


The NCA reports that some 50 per cent of legal sector SARs were linked to property transactions. The potential abuse of the property market through the involvement of legal professionals receives a 'high' risk rating.

This rating is notably different to the assessment of estate agents as 'low' risk. The proximity that legal professionals have to the client and their funds is said to justify the distinction.

The NRA makes clear that while some professionals are complicit in money laundering, most cases are likely to involve criminal exploitation of the negligent or unwitting. Criminal gangs can be determined, resourceful and cunning. Firms that facilitate property transactions should ensure the higher money laundering risks in conveyancing are reflected explicitly in their internal risk assessment, and mitigated through comprehensive and effective CDD.

Red Flags: Conveyancing

  • rapid succession of transactions relating to the same property
  • use of cash or third-party intermediaries without adequate commercial explanation
  • use of overseas trusts or companies to conceal property ownership
  • unexpected early repayments, for example of a mortgage.

The NRA says that special attention should be paid to transactions involving “super-prime” residential property in London and Edinburgh.

Commercial property can be moved less quickly and is therefore subject to a lower risk rating. It can nonetheless be purchased to set up a network of opaque company structures or to create cash-intensive businesses involving money laundering or predicate offences.

back to top

Client accounts

The NRA views the rapid and often large-scale movement of funds through client accounts as a money laundering risk.

Solicitors must comply with their obligations under the Solicitors Accounts Rules, which prohibit the use of the client account as a banking facility and require all monies in the account to be linked to an underlying transaction or retainer.

CDD must be conducted as per the Money Laundering Regulations 2017 on clients and transactions that fall within Regulation 12.

Red Flags: Client accounts

  • instructions to act as a bank or escrow agent, or pay bills unrelated to the matter
  • instructions to return overpayments to a client or a third party
  • instructions to pay out funds at intervals
  • aborted transactions without clear reasons.

Special attention should be paid to cash transactions. You should not accept cash payments above the limit specified in your company’s cash policy.

The presence of cash in a transaction can act as a red flag. The NRA says that the use of cash has declined from 64 per cent of payments in 2005 to 45 per cent in 2015, but it remains a popular means of payment – more so than emerging and potentially opaque technologies such as crypto-currency. Firms should therefore adopt a cash policy in response to the risks posed by cash.

back to top

Suspicious Activity Reports

According to the NRA, legal professionals submitted 3,447 Suspicious Activity Reports (SARs) in 2015/16. They contributed to the 1,435 convictions made in the UK for money laundering in 2016, in addition to the arrests made for predicate offences alone. In 2016/17, SARs helped the National Crime Agency (NCA) to deny £82.8m to criminals and recover £28.3m.

The number of SARs submitted by the legal sector amounts on average to around 1 per cent of the total submitted by all sectors. There are good reasons for this, nonetheless the NCA continues to encourage the sector to report more frequently.

The Law Society will hold a webinar with the NCA on submitting good quality SARs in early March. Look out for further announcements on this on our webpage in the coming weeks.

back to top


Cogs with team of people
Risk and Compliance autumn conference 2019: mitigating risk in a changing regulatory landscape (Bristol)

Join us at the Mercure Holland House Hotel, Bristol to learn how to remain compliant in light of the Solicitors Regulatory Authority's significant changes.

Risk and Compliance autumn conference 2019: mitigating risk in a changing regulatory landscape (Bristol) > More