The Solicitors Regulation Authority’s sanctions survey is due at the end of May

They want to know how your law firm handles financial sanctions  

Last month, the Solicitors Regulation Authority (SRA) released a questionnaire compelling law firms to report on their firm’s approach to financial sanctions. The survey is due on May 31.

A few of your key questions about this survey are answered here.

What exactly is the survey?

The survey is a set of questions designed to demonstrate how your firm is fulfilling its financial sanctions requirements. 

As you are well aware, the UK sanctions regime is quite complex, with regulations applicable to each set of sanctions – from transport to financial to immigration. They are essentially restrictive measures that are utilised to fulfil a range of purposes, such as complying with UN and other international obligations, supporting foreign policy, maintaining international peace and security and preventing terrorism. The sanctions regime applies to all firms that provide legal services which is a broader bucket than just those that are covered by the anti-money laundering (AML) regulations. 

The UK financial sanctions regime is operated by the Office of Financial Sanctions Implementation (OFSI). Financial sanctions include restrictions on designated persons, such as freezing their financial assets, as well as wider restrictions on investment and financial services.  Strengthening the financial sanctions regime is a critical part of the government’s response to the war in Europe. 

Why is this survey important?

The SRA needs to assess risk within the sector. This survey helps them by providing information regarding law firms’ approach and potential exposure to financial sanctions risk. The SRA says it will use the information provided in the questionnaire to help it assess potential financial sanctions risk faced by SRA-regulated firms.

This risk assessment will feed into the SRA’s proactive work on sanctions in the future which may involve proactive engagement with firms based on their risk exposure.

Who needs to complete the survey?

All SRA-regulated firms who were not previously required to provide a return as part of the SRA’s 2022 anti-money laundering (AML)  information exercise must complete this survey. Your compliance officer will have received an email with instructions if your firm is included. 

As an SRA-regulated firm, you must ensure your firm complies with sanctions legislation, including ensuring you are not receiving fees for work for a designated person without a licence from OFSI. Breaching this requirement is serious and can result in criminal prosecution or a fine. 

But the SRA states that it recognises that firms take different approaches to mitigate the risk of dealing with a designated person or entity. That means there is not necessarily a right or wrong answer to the survey questions, but it is essential that all included firms provide a response. Enforcement action may be taken on non-responders, but the SRA says it won’t take action against firms on the basis of their responses.

Sample questionnaire is here.

Don’t forget: The deadline is May 31.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.