A routine property transaction. A prestigious law firm. A missed red flag. A six-figure fine. 

The story of Taylor Vinters’ anti money laundering (AML) breach is not just a cautionary tale but a stark reminder of the rising expectations regulators now place on legal and financial firms handling high-risk clients, especially politically exposed persons (PEPs).

What happened?

In 2017, Cambridge-based law firm Taylor Vinters acted for a company purchasing residential property in the UK. Unknown to the firm at the time but known to the law, the company’s beneficial owner was a non-domestic PEP. He was an individual holding a public position abroad, and therefore inherently higher risk from a money laundering perspective.

Under the Money Laundering Regulations, firms are required to:

• seek senior management approval before entering into a business relationship with a PEP 
• establish the source of wealth and source of funds 
• conduct enhanced ongoing monitoring of the relationship 

Taylor Vinters did none of this, mostly because it didn’t realise the client was a PEP until August 2017, two months after the transaction had completed. Worse still, in March of that year, the firm inaccurately assured another solicitor that the client had been verified and was not a PEP.

The consequences

The Solicitors Regulation Authority (SRA) fined the firm £173K, a penalty derived from up to 1.2% of its domestic turnover. The SRA took into account that the breach was not intentional, Taylor Vinters had cooperated fully and made early admissions and no financial benefit was gained from the misconduct. The fine, originally calculated at nearly £250k, was reduced by 30% thanks to these mitigating factors.

Because Taylor Vinters operated as an Alternative Business Structure (ABS), the SRA was not limited to the usual £25K maximum fine, a sign that structural status can impact the scale of enforcement.

Why this matters

This enforcement is part of a broader trend. In the past two years Simpson Thacher paid £300K for failing to maintain effective AML controls and Clyde & Co received a record £500K fine for AML breaches.

The SRA has made it clear: AML compliance is not optional. Firms that fail to conduct proper checks, particularly with PEPs, risk both reputational and financial damage.

What exactly is a PEP?

A PEP is someone who holds a prominent public position, such as a government minister, senior judge, ambassador or military officer, as well as their family members and close associates.

Why is it such a risk? PEPs can more easily abuse power for personal gain, whether through corruption, embezzlement or facilitation of illicit funds. That’s why law firms must treat PEP clients with heightened scrutiny.

What firms must do 

To stay compliant firms must take the following practical steps when dealing with clients who may be PEPs:

1. Identify PEPs early

• Use reliable screening tools and open-source intelligence to flag potential PEPs at onboarding. 
• Don’t rely solely on client declarations. Verify independently 

2. Apply Enhanced Due Diligence (EDD)

For confirmed PEPs, the firm must:

• Obtain senior management approval 
• Verify and document the source of wealth and funds 
• Implement enhanced monitoring for ongoing transactions 

3. Train your staff

• All client-facing and compliance staff must understand: 
  • How to spot a PEP 
  • What additional checks are required 
  • Why these steps matter from a legal and reputational standpoint 

4. Keep clear records

• Document every decision and due diligence step. If challenged by a regulator, good documentation can be your strongest defence. 

5. Don’t Assume. Confirm

Taylor Vinters’ mistake was declaring a client was not a PEP without verifying. Firms must avoid assumptions, especially when the stakes are high.

What’s new? MLR 2025 updates and PEPs

The 2025 update to the Money Laundering Regulations doesn’t overhaul the PEP framework, but it reinforces several themes that matter here:

• Risk-based approach: Firms are expected to use judgement in determining the level of due diligence, especially when dealing with high-risk clients like PEPs. 
• Clarification of EDD triggers: New rules clarify that EDD is required only for “unusually complex” transactions, not all complex ones but this does not apply to PEPs, where EDD is always mandatory. 
• Improved guidance on “acting on behalf of”: For legal firms especially, it’s critical to distinguish when someone is acting in a personal capacity versus as a representative, which is relevant when dealing with PEPs who use intermediaries. 
• Stronger emphasis on governance: Regulators now expect firms to have documented internal procedures and clear roles for senior managers in approving high-risk relationships, such as with PEPs. 

While Taylor Vinters’ failings date back to 2017, the fine issued in 2025 shows that regulatory memory is long, and accountability doesn’t disappear with time or mergers. This case is a wake-up call, especially as the UK prepares for its next FATF evaluation and regulators look to set an example. The message is clear: Get your AML house in order or risk being the next headline.

Vinciworks’ course on PEPs explores what, and who, a PEP is, the due diligence checks that you need to carry out before taking on a PEP as a client, and the red flags to look out for when it comes to new and existing PEP clients. Try it here.