Busting the myths on Source of funds and Source of wealth

It’s a key piece of client due diligence. And it’s also the hardest part to do. We bring you some clarity so you can make this element of the CDD process a smoother one.

There is perhaps no other issue that vexes people in compliance more than the source of funds/source of wealth (SoF/SoW) check. Yes, it’s a critical part of client due diligence (CDD) but who wants to talk to clients about their money? Fee earners don’t, neither do lawyers and compliance officers not only don’t want to but often don’t have the access to do it. 

A recent case embroiled one of the world’s top law firms in a case that involved one of their clients that ended up in jail for embezzlement. The firm was accused of breaking UK’s money-laundering rules basically because a solicitor was too polite to ask a politically connected banker from a former Soviet republic how he got his funds.

In fact, when SRA investigators confronted the solicitor, he said it was not in European culture to ask about a client’s finances and it was impolite to ask them about their salaries. 

The extent to which you should obtain and review your client’s financial position is of course dependent upon the risk profile of the client or matter. A firm must scrutinise transactions on a case-by-case  basis, to understand what the source of funds is for transactions that are undertaken on behalf of a client. SoW assessment seeks to identify how a customer accumulated their wealth and SoF information provides an understanding of how and for what purpose an account is going to be funded. These assessments enable firms to recognise any risks and note any inconsistencies, which should be addressed and then either mitigated or escalated for further review. 

But there are a myriad of myths surrounding these checks. Are bank statements enough? How much effort do you need to put into getting the information? When do you need to kill the deal? 

We developed this myth-busting guide based upon the knowledge, insights and experience of professionals in the field. Many people in the legal sector are facing challenges with their source of funds and source of wealth check. If you want to understand what is important – and what isn’t – and challenge what you thought you knew about SoF/SoW checks, download this guide.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.