We have been asked on a number of occasions whether seeing the client’s personal documents or electronic ID evidence is sufficient CDD when onboarding new clients. The personal documents will of course in most cases consist of a current passport and/or photo driving licence along with some item of third party address evidence. There are also now a growing number of electronic ID checking agencies that have continued to refine their services and having done so mostly during the lockdown period.
On the issue of one or the other, or both, see 6.11 in the LSAG Guidance Note which provides that you must:
“identify the client and verify their identity on the basis of documents (e.g., passport or driver’s licence) or information obtained from a reliable source which is independent of the client (which may include a digital verification system, subject to meeting certain criteria – further details provided under Section 7), unless the identity of the client is already known to you and has been verified by you;”
See also on this the further guidance on the use of electronic checking at section 7.3:
“It is not acceptable to simply run a search on a prospective or current client and file it as having completed the identification and verification process, without consideration of the wider risks (see Section 5). Practice units must bear in mind that identification and verification is one element of overall customer due diligence requirements necessary under the Regulations.” (our underlining)
The net result is therefore to take us back to the risk principle which is stated to underpin all aspects of the Money Laundering Regulations. The greater the risk exposure the more thorough the checking should be, and it should therefore be seen to be suspect to undertake CDD processes in the conveyancing department in particular on anything other than a “belt and braces” approach of checking by way of the firm’s standard requirements.
Relevant factors here also include the ready availability of forged documents and address evidence on the dark web, albeit that the Legal Sector Affinity Group Guidance states on this that “you must not ignore obvious forgeries, but you are not required to be an expert in forged documents” (6.14.2). That same section does also go on to say, however, that it would be advisable to provide inhouse training on fraud awareness.
We should now also add to the mix the ancillary risks of proliferation finances, and also sanctions breaches in dealing with those who are listed as being “designated persons” by the Office of Financial Sanctions Implementation at HM Treasury. These risks will be slight for most firms and quite remote even for those that are involved in higher value and international work, but these might amount to further reasons to proceed with caution if onboarding clients on the basis of the clients’ own documents only. This has become all the more so now that sanctions breaches will be based on a strict liability basis. As always in relation to AML controls, the conclusion must be better safe than sorry.