Economic crime levy: Funding new government…
We've published our response to a government consultation on the economic crime levy.
Rebecca Atkinson suggests some practical steps you can take to approach your firm’s anti-money laundering (AML) risk assessment, in light of the Legal Sector Affinity Group’s revised guidance.
Since June 2017, firms have been required to conduct a firm-wide anti-money laundering (AML) risk assessment. This risk assessment is required under regulation 18(1) of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (‘the AML regs’).
In this blog, I’ll break down what the assessment needs to cover, as well as offer some practical tips.
Regulation 18 of the AML regs sets out that firms must take appropriate steps to identify and assess the risks of money laundering and terrorist financing in their firm.
The regulation further sets out that firms must consider information available from their supervisory body – which for most firms is the Solicitors Regulation Authority (SRA). They must also consider risk factors relating to:
When undertaking this risk assessment, firms must also consider their size and the nature of the work they undertake. Additionally, firms must keep a record of all steps taken to assess their own risk factors.
Lastly, the regulation states that the SRA can request sight of a firm's risk assessment.
Since the implementation of the AML regs, the SRA has increased its focus on AML compliance significantly. To that end, the SRA has conducted a number of firm visits, as well as requested firms’ AML risk assessment for review.
As a consequence of these visits and reviews, the SRA has issued a warning notice on complying with the regulations and guidance on the requirement for a firm-wide AML risk assessment.
Further, the Legal Sector Affinity Group guidance, published in January 2021, has a very useful guide outlining what a firm's AML risk assessment should cover and how that might be approached.
As set out in the regulation itself, your firm must take into account information provided by the SRA and the SRA AML risk assessment.
To that end, if the SRA deems a certain activity high risk and your firm undertakes it, you would be wise to make sure it's covered in your own risk assessment and appropriately risk-rated.
The SRA noted in its reviews that some firms used templates (which do of course have their uses) but did not tailor them sufficiently enough to the firm at hand.
The AML risk assessment is bespoke to your firm and so it needs to address all practice areas, geographical issues, how your firm services clients, and so on.
There is no set risk assessment format.
Your firm can complete your assessment as a spreadsheet or a word document or table. The SRA has produced a template risk assessment that you can use as a starting point.
The purpose of the assessment is to understand your firm’s AML risk better, and put policies, controls and procedures (PCPs) in place (as required under regulation 19) to mitigate identified risk. What PCPs to put in place will naturally be dictated by the risk rating you give yourself.
As outlined above, the AML regs give a very high-level list. The following could be your starting point.
The SRA has produced a checklist to help firms prepare their risk assessment.
Your firm should make space in the assessment document to note when it was reviewed last, so you can show you are regularly reviewing it.
There are no set review times, but it would be advisable to review it at least once a year. However, two or three times a year is preferable, especially if your firm conducts work in high-risk categories.
When reviewing the risk assessment, it is a good opportunity to also review your AML policy.
Remember that a firm's AML risk assessment is a living document that needs to be reconsidered and adjusted at regular intervals. Don't let it get dusty.
Views expressed in our blogs are those of the authors and do not necessarily reflect those of the Law Society.
Rebecca is the author of Assessing and Addressing Risk and Compliance In Your Law Firm. Her next financial crime book to include AML is due to be published by the Law Society in September 2021.
This two-part interactive webinar offers an exciting mix of plenaries, breakouts and panel sessions, with opportunities for Q&A and networking.
It will give you a platform to learn about best practice and upcoming developments in anti-money laundering.
Date: 21 to 22 September 2021
Time: 9.30am to 1.30pm
Cost: from £170 (discounts available for Risk and Compliance Service members)