Anti-money laundering – what’s CQS got to do with it?

Compliance with the Money Laundering Regulations has been very much under focus in the last few years, with the Solicitors Regulation Authority carrying out a number of thematic reviews and sanctioning firms for breaching them; in 2024 nearly 50 firms were fined over £600,000, for procedural breaches including:

• No compliant firm-wide risk assessments in place
• No client and matter risk assessments in place
• No policies, controls and procedures in place
• No source of funds checks undertaken
• No AML training provided
• No client due diligence undertaken

There has been some recent confusion within the sector around whether the Conveyancing Quality Scheme (CQS) Core Practice Management Standards (CPMS) are relevant to anti-money laundering compliance when the Legal Sector Affinity Group (LSAG) guidance exists.

If you are a CQS firm you are not only required to comply with the Money Laundering Regulations, the SRA Codes of Conduct, LSAG guidance, but also the AML requirements of the CPMS, namely:

5.12 - Practices must have a policy, approved by senior management, to mitigate and manage money laundering and terrorist financing risks and to ensure compliance with anti-money laundering (AML) legislation. The policy must include:

• A documented, practice wide risk assessment that identifies and assesses the risks of money laundering and terrorist financing to which the practice is subject, and which complies with Regulation 18 of the Money Laundering, Terrorist Financing and transfer of Funds (Information on the Payer) Regulations 2017. (LSAG 5.3)
• The appointment of a nominated officer usually referred to as a Money Laundering Reporting Officer (MLRO). (LSAG 4.3)
• A procedure for making disclosures within the practice and by the MLRO to the authorities. (LSAG 11.4)
• A procedure for checking the identity of the practice’s clients and for monitoring clients on an ongoing basis. (LSAG 6.12)
• A plan for the training of personnel. (LSAG 8.1)
• Procedures for the proper maintenance of records. (LSAG Principle 32)
• A procedure for responding rapidly to AML enquiries from the authorities. (LSAG 4.3.4)
• Where appropriate with regard to the size and nature of the practice:
• Appoint a person of sufficient seniority as the officer responsible for the practice’s compliance with the current money laundering regulations (MLCO). (LSAG 4.4)
• Carry out screening of relevant employees. (LSAG Principle 35 and 9.4)
• Establish an independent audit function to evaluate, monitor compliance with and improve the effectiveness of the practice’s AML policies, controls, and procedures. (LSAG 9.3)
• A procedure for checking and analysing the source of funds/wealth and keeping on file both the evidence obtained and the documented analysis. (LSAG 6.17)
•  A procedure for dealing with the transfer of clients from one department of the practice to another. (LSAG 5.6.3.5 and 6.24)
• A procedure for ensuring that a documented individual AML risk assessment is present on every file addressing the risks of money laundering specific to that file. (LSAG 5.9)

The above clearly shows the link between the CPMS requirements and the LSAG guidance, but what has been noticeable in some of the firms sanctioned by the SRA is not only the lack of the required documents and processes, but also evidence to show that they were in place from the date the requirement(s) came into force. Some firms have been shown to have only put in place the required documents shortly after being contacted by the SRA, something it was clearly able to see when checking documents and talking to staff at all levels!

Firms are likely to continue receiving emails from the SRA asking them to confirm their compliance with AML requirements and follow-up requests for evidence to support what they have said, so ensuring full compliance is essential, especially when so many warning notices and guidance have been issued by the SRA over the last few years.

No matter how busy firms are helping their clients, the SRA still expects them to comply with the obligations set out above, and will be shortly implementing unlimited fines for financial crime breaches; the SRA Chief Executive has not been slow at coming forward in saying he will have no hesitation in using them!

A New Year’s resolution for all firms should be to review their policies, controls and procedures, and update them where appropriate, especially around AML, sanctions and competence; make sure you not only have these in place, but that they are compliant to the SRA’s standards.