Increased Obligations on Money Laundering and Financial Crime: Proliferation Risks

AML proliferation risk assessment PRA

Addressing the recent Law Society risk and compliance conference Paul Philip, the Chief Executive of the SRA, warned that there would be no let-up in what most practitioners will regard as the ever growing regulatory burden of their duty to prevent money laundering. Commenting on the AML “onslaught” he claimed that the regulator should not be blamed for this, whilst recognising that most law firms are much smaller concerns than the banks and other major financial institutions that are uppermost in the Government’s thinking as they continue to produce ever more complex and demanding statutory obligations.

Be that as it may, we are seeing an increasingly strict and, at times, unforgiving approach by the SRA to the interpretation of what must be in place at law firms for them to be regarded as being compliant with all that is required of them. Recent examples of this from our own work with member firms that have been the subject of monitoring regulatory visits include criticisms that the policies in place fail to state which aspects of the AML requirements that the firms do not undertake, such as there being no provisions for simplified due diligence (on the basis that these provisions would not apply to their client profile). Another common example is the issue of “reliance” at r.39 MLR 2017 which is the rather bureaucratic process whereby a firm might choose not to conduct the necessary CDD process itself but instead call upon such data from another regulated concern that has referred the instructions to them should it be required at some point in the future.

Proliferation Risk Assessments (PRAs)

Against this backdrop firms will now need to consider their risk profile in relation to the new provisions relating to “proliferation risks”. This relatively new concern is described as being “the act of providing funds or financial services for use, in whole or in part, in the manufacture, acquisition, development, export, trans-shipment, brokering, transport, transfer, stockpiling of, or otherwise in connection with the possession or use of, chemical, biological, radiological or nuclear weapons, including the provision of funds or financial services in connection with the means of delivery of such weapons and other CBRN-related goods and technology, in contravention of a relevant financial sanctions obligation”.

The need for a proliferation risk assessment will be found in the Money Laundering and Terrorist Financing (Amendment) (No.2) Regulations 2022 and so applies to all law firms that are “regulated”, and so subject to the MLR 2017, in the light of their practice areas and the range of services that they provide.

There is again no formal carve out for high street law firms for whom the above will sound far-fetched, but on the other hand the explanatory text to the Economic Crime (Transparency and Enforcement) Act 2022 which introduced these new provisions does recognise that “no specific action is proposed to minimise regulatory burdens on small businesses” but that their obligations here must be judged through a “risk-based approach”, and that therefore the burden on the likes of all or most of our firms “may be mitigated in some respect as not all of the measures in this instrument affect the whole regulated sector” (13(2)). We will have to hope that this is taken on board in all future SRA monitoring visits and a proportionate view taken by the SRA.

It is made clear that those subject to these new requirements might choose either to undertake their own PRA as a separate exercise or, as no doubt will be the case with the great majority of law firms, as part of the “practice wide risk assessment (PWRA)” that all firms subject to the MLR 2017 are required to do by r.18 of these regulations. For this reason we have therefore amended our template AML risk assessment form to extend it to these new PRA risks and you might like to renew your firm’s risk assessment exercise and then consider if there are any new comments that you might like to make to your own AML manual in relation to these new developments. This template is available to all registered users of the Infolegal InfoHub.

We will also shortly update our template AML manuals to accommodate the changes – again a resource available to our registered InfoHub users.

Beneficial Interests

As we reported last year HM Treasury advised that the LSAG Guidance Note 2021 should be amended to increase the evidence required of all issues relating to the beneficial ownership of companies and trusts. These requirements have now been addressed in the further amendments that have been made to r.30A of the MLR 2017 which already required firms to report any anomalies uncovered when taking instructions, and as matters progress as well, in relation to the beneficial owners or “persons of significant control” as they are termed at Companies House in their PSC register. This reporting duty is stated to be subject to legal professional privilege but the SRA have stated in the past that this is unlikely to affect this reporting duty. Such reports will need to be made via the online reporting tool on the Companies House website or, in the case of trusts, to HMRC.

This duty is now limited to “material” discrepancies, and so minor errors in relation to the spelling of names will no longer be subject to the requirement for example, but is now stated to apply to any other discrepancy that “by its nature and having regard to the circumstances, may reasonably be regarded as being linked to money laundering or terrorist financing or intended to conceal details of the business of the customer”.

More significantly, firms are now required to print off an excerpt of the PSC register or establish that there is no such entry at the time of taking the client’s instructions. These requirements will prove to be most problematic when those concerned are part of an overseas entity and there is then the need to update the ownership details where an overseas entity is registering ownership of a UK property. On this issue Dominic Sedghi – Head of Knowledge at MacFarlanes – stated at the Risk and Compliance conference that doing so is a “serious undertaking”, with risks of errors including criminal prosecution in some cases. Little wonder, therefore, that so many firms continue to decline any such instructions.

Amendments to the Legal Sector Affinity Group AML Guidance Note

  1. Advisory Note

Another aspect of the changes announced this week has been the addition of several new items to the LSAG Guidance Note, now redated to 2023, but still in the main the same as when introduced in January 2021. To supplement these changes there is also a helpful set of advisory notes with comments on what might be regarded as a number of emerging risks.

The first of these deal with the issues of remote working, client interaction and the use of AML technology, starting with the cautionary warning that those who are subject to the MLR 2017 “must still comply with their statutory requirements at all times”.

The note recognises that face-to-face meetings with clients providing instructions are no longer quite the norm that was the case pre-Covid, and that other distant means must therefore be considered to obtain the necessary assurance that the clients are indeed who they claim to be. Suggestions are made as to what the suitable alternatives might be in these circumstances as has become standard practice in the last few years at most firms in any event. More notable, however, is the suggestion that firms should ensure that they should keep a record of the processes they follow, such as a “set method for how video calls are to be conducted as well as a log of any video calls you make”.

There are further comments on the need to update identity and verification records as required under the stricter requirements now in place for ongoing monitoring. This provides that rather than continuing to rely on any former ID evidence collected in the past this should be refreshed more carefully. If and when this does arise most firms are likely to prefer to undertake an electronic check rather than require their clients to bring to the office what will quite possibly be the same documentation that was presented in the past, or link up on a video call to see the same evidence again. In this respect remember that the main requirements for establishing the client’s identity are either documentary – through a passport/driving licence and address evidence check in most cases – or by commissioning an electronic check from a suitable service provider. If still looking to identify such a provider you might also find it helpful to check the revised guidelines on this issue within the guidance note.

Other than this there are further guidance notes on the arrangements that should be made in relation to fee earners working remotely and also the increased risks that might emerge from economic instability.  On all of the above see LSAG Advisory Note – New Normal .

  1. LSAG Contents Changes

That apart there are various amendments and additions to the 2021 LSAG, with the fuller requirement on the need for PRAs to be found at 5.3.1 and guidance on how to do so at 5.4, and a list of the types of risks to be considered in this regard at 18.10. Private client lawyers in particular will find further guidance on the need to register trusts with UK tax consequences at 12.5.

The revised Legal Sector Affinity Group anti-money laundering guidance for the legal sector is available on the Law Society and SRA websites.

For further help on these new requirements please email Infolegal Director Matt Moore at

Share on social media