What is the LSAG Guidance?
In our last AML blog, we provided an overview of the main UK money laundering offences. We also addressed some of the obligations imposed on individuals and organisations governed by The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (the ‘Regulations’), as amended.
As mentioned in our previous blog, the Regulations apply to certain individuals and organisations, known as ‘relevant persons’. Law firms can be categorised as relevant persons if they are:
- ‘Independent legal professionals’: this is anyone, ‘who by way of business provides legal or notarial services to other persons, when participating in [certain] financial or real property transactions’. A full list of those transactions is set out in the Regulations, and includes buying and selling property and managing client money.
- ‘Tax advisers’
- ‘Trust or company service providers’
Application of the AML Laws and Regulations in the Legal Sector
This blog is the first in a six-part series, in which we will focus on the application of the AML laws and the Regulations in the legal sector. The aim of this series is to highlight some of the key takeaways from The Legal Sector Affinity Group’s recently published ‘Anti-Money Laundering guidance for the Legal Sector 2021’. As set out in the background to the Legal Sector Affinity Group (LSAG) guidance, one of its aims is to ‘aid… compliance and to effectively protect against Money Laundering and Terrorist Financing risks’.
The LSAG guidance is an invaluable aid to ‘relevant persons’ in the legal sector, as it has been written in light of changes made to the Regulations.
Is the guidance mandatory?
It is important to bear in mind that the guidance is currently only in draft form, pending approval from HM Treasury. It is also worth noting that the opening remarks in the guidance say that it ‘cannot be regarded as a definitive statement of the law’. However, the SRA website does say that ‘for firms supervised by the SRA for AML [the LSAG guidance] now constitutes official guidance.’
As set out at the start of the guidance, ‘legal sector supervisors will consider whether a legal professional has complied with this guidance when undertaking its role as regulator of professional conduct’. The courts can also consider whether the guidance was complied with when determining whether certain offences under the Proceeds of Crime Act and the Terrorism Act have been committed.
How can the LSAG guidance help my firm?
One of the sections in the LSAG guidance provides an overview of the ‘Policies, Controls and Procedures’ which firms in scope of the Regulations need to put in place. This section includes the requirement to nominate a Money Laundering Reporting Officer (MLRO), who receives disclosures for submissions to the National Crime Agency. The MLRO is different from a Money Laundering Compliance Officer (MLCO), who ensures that a firm is complying with the Regulations. A firm must appoint an MLCO where this is appropriate to the size and nature of the business.
The guidance also explains how firms are expected to assess risks at three different levels: practice-wide risks, client-related risks, and matter-level risks. As assessing risk is a dynamic process, it follows that the results of risk assessments at one of these levels can influence the approach taken at another. Whenever a risk assessment takes place, this should be done by taking a ‘risk-based approach’ (an RBA). Taking an RBA means, ‘adjusting the level and type of compliance work done (frequency, intensity and/or amount), to the risks present’.
But how far can firms take this principle of applying an RBA? Could a firm decide to dispense with certain parts of the guidance, if it is not relevant (or proportionate) to the risks they face on a day-to-day basis? If a firm is unsure as to whether or not a part of the guidance is mandatory, it should pay careful attention to the way that specific part of the guidance is framed. Where the word ‘must’ is used, for example, the guidance is referring to relevant legislation or regulations with which firms must comply. Conversely, where the word ‘may’ is used, the guidance is providing one possible option for complying with your obligations.
The guidance also deals with the obligation for firms to undertake Client Due Diligence (CDD), as required by the Regulations. Before it outlines the nature of due diligence to be applied in a range of situations, the guidance reminds us that CDD is not just relevant at the start of a client relationship. CDD is also necessary in other situations too, such as whenever ‘you suspect money laundering or terrorist financing’. CDD should also be periodically re-applied to existing clients, by reviewing the information held on them, and ensuring it is up to date.
We will aim to provide more detail on the LSAG guidance later in this series, summarising how to undertake different types of risk assessment for different client entities, and how to apply the right level of CDD in various scenarios.
VinciWorks’ CDD compliance solution
Many law firms, accountancy firms and financial corporations are still conducting client due diligence (CDD) via lengthy Word, PDF and Excel forms. Entries are then stored in spreadsheets, making it difficult to keep track of risk assessments conducted and information collected from clients and ensure any red flags are either resolved or escalated.
VinciWorks’ AML client onboarding solution gives firms peace of mind that all necessary information has been recorded and that the firm has a strong defence in case of a breach. It can be used to streamline both the risk assessment and document collection aspects of client onboarding.