New guidance from the SRA: Consultations and AML

As a busy practitioner, it can be hard to keep up with the latest guidance from the SRA. VinciWorks and Compliance Office are pleased to save you time by bringing you some important updates from the SRA that are important to be aware of.

Consultations

The SRA has consulted on its 2022/23 Business Plan. This covers their planned activities for the year, how they plan to allocate their budget and what that will mean for the practising certificate fee as well as Compensation Fund contributions. It’s a useful read to get an idea of what’s in store for the coming year.

AML: once again the talk of the quarter

“Digital identity technology has come on leaps and bounds in recent years and if used properly [it] can be a good way of mitigating the risks of money laundering, fraud and identity theft. Technology is an increasingly important tool in the fight against financial crime.”

This is the view of Colette Best, Director of AML at the SRA, in a recent joint statement from Lawtech UK and the Regulatory Response Unit in support of digital identity technology in the legal sector. Remember that the costs of such digital checks can be passed onto your clients as long as this cost is clearly stated in your terms and conditions.

AML and financial sanctions

The SRA has started carrying out spot checks on firms named in parliament as working for Russian oligarch clients. The regulator’s Chief Executive, Paul Philip, also reported to the SRA Board that the SRA is performing spot checks on firms to ensure compliance with financial sanctions. We answered lots of sanctions questions here; with things changing so quickly it can be hard to keep up but it’s important to keep up to date. 

You can set yourself up to receive alerts about the most up-to-date information at the Office for Financial Sanctions Implementation Website. In addition to this, there is a series of helpful questions and answers prepared by the Law Society. If you are relying on an electronic ID provider for your sanctions checks make sure that their lists are updated daily.

In what the SRA describes as a ‘credible deterrent to others’, a Midlands practice has agreed to pay a £2,000 fine for failing to have a compliant AML firm-wide risk assessment in place. The firm had told the SRA two years earlier that its risk assessment was compliant. Its policies and procedures were also not compliant. The outcome is worth reading as it is actually a good checklist of relatively common failings in busy small to medium-sized law firms.

SRA and AML training and compliance solutions from VinciWorks and Compliance Office

The recent merger between VinciWorks and Compliance office allows us to provide an end-to-end AML package including a CDD client onboarding tool, AML training and compliance consulting, as well as an all-in-one SRA solution that includes training, compliance software, and consultancy.

A team of SRA compliance specialists with years of experience and the right tools to meet your compliance needs, our partners at Compliance Office offer you the highest level of SRA compliance expertise, including SRA consultancy, training, templates and software solutions. 

Our combined services and software include:

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.