Regulation 19 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 sets out the requirements for firms to have written policies in place to mitigate and manage AML risks identified in the firm’s risk assessment.
Regulation 28(12)(a)(ii) sets out that your customer due diligence measures must reflect the level of risk arising in a particular case.
A risk assessment is therefore required on every new matter. This will assist you in understanding the purpose of the transaction.
You must prepare a written firm wide policy covering client risk assessment and due diligence procedures.
This must set out:
- the basic information that you require from a client in every matter
- additional measures that the firm may require for higher risk transactions
Many firms include a section covering ‘risk assessment’ in a ‘client inception form’ which is completed on every client file where a risk rating is given covering the following:
- area of law
- client type
- simplified, standard or enhanced due diligence
- nature of instructions
Risk assessment is an ongoing process for each client.
The better you know your client and understand your instructions the better placed you will be to assess risks and spot suspicious activities.
For further information and precedent forms and policies, see our Anti-money laundering Toolkit (2nd edition) which is available to purchase from our online bookshop or contact the Practice Advice Service.
Disclaimer: While every effort has been made to ensure the accuracy of the information in this article, it does not constitute legal advice and cannot be relied upon as such. The Law Society does not accept any responsibility for liabilities arising as a result of reliance upon the information given.
Have you got a practice question? Call the Practice Advice Service on 020 7320 5675 or email email@example.com
The Practice Advice Service is staffed Monday to Friday from 9am to 5pm.