Feel Safe, Call Teal

0333 987 4320


The SRA has new fining powers for AML – and they’re going to use them!

The Solicitors Regulation Authority (SRA) has long desired more robust punitive capabilities against traditional law firms. They have historically possessed the ability to impose significant fines on Alternative Business Structure (ABS) firms and can forward cases to the Solicitors Disciplinary Tribunal (SDT) for an agreed decision’s endorsement. Recently, however, their powers were indeed broadened, enabling them to impose a fine of up to £25,000 without SDT referral and approval.


A recent noteworthy fine was imposed on an Oxfordshire-based two-partner firm, Ferguson Bricknell, for Anti Money Laundering (AML) breaches. The firm was penalized £20,000 for violations of the Money Laundering Regulations and the SRA’s Standards and Regulations. Although £20,000 might appear insignificant to some, for a small firm, it’s a considerable sum! If you consider a £200 hourly rate at 20% profitability, a lawyer would need to work for more than 14 weeks to generate the profit to cover it. This is because fines are paid from profit; there’s no special budget set aside for them!


The full decision is a worthwhile read, providing insights into the firm’s declaration to the SRA of a compliant Practice Wide Risk Assessment. The SRA periodically requests firms to confirm their compliance with certain regulations and verifies this by checking a sample of firms. In this instance, the SRA disagreed with the firm’s assessment of compliance and investigated further into its AML conformity.


The case provides valuable insights into the SRA’s approach and offers seven key takeaways:


When the SRA communicates with a firm, ensure a response is made. If your Compliance Officer for Legal Practice (COLP) is the recipient, ensure they’re checking their spam emails as the SRA’s emails often land there.


If you claim compliance, be certain that you are indeed compliant. There is an abundance of guidance, including free templates for Practice Wide Risk Assessments. Never claim compliance if it’s not the case.


Keep up with reviews. Set reminders and take action. To show that you’ve reviewed a document, log the date and reviewer’s name (and approval if needed) within a version control table in the document.


Consider establishing an independent audit function. Although not mandatory for all firms, it’s crucial for those of significant size and nature. The audit doesn’t have to be external, but in smaller firms, it must be conducted by someone independent of the people who oversee the policies, controls, and procedures.


Regularly train your staff. The latest Legal Sector Affinity Group Guidance emphasizes annual refresher training. Additionally, the Money Laundering Reporting Officer (MLRO) and the Money Laundering Compliance Officer (MLCO) should receive specialist training for their roles.


Conduct a matter risk assessment, as required by the 2017 Money Laundering Regulations. The SRA expects to see an assessment on every file falling within the regulations’ scope, with enough information to judge the risk assessment’s accuracy.


Perform source of funds and wealth checks when necessary. Make sure it’s complete before accepting or moving any transactional money through the client account.


The case underscores the SRA’s commitment to enforcing AML Compliance. They will act against non-compliant firms, even if there are no actual money laundering allegations. Firms are expected to take their responsibilities seriously, with disciplinary actions waiting for those who don’t.

Managing Risk and Learning from Mistakes

As legal professionals, it is crucial to manage the risks we face daily and learn from our mistakes. The common goal of most professionals is to prevent messes in the first place. Building Compliance That Works is fundamental to being able to demonstrate resilience and self-reflection on internal policies and procedures.

In the legal sector, professional identity insurance has seen a significant increase, with some firms experiencing a minimum increase of 20% in their annual premiums. To combat the increase or limit it, it is essential to prepare early, not treat it as a tick box exercise, utilize a specialist broker, demonstrate that the taint has been removed, put in the work and time to the process, demonstrate your firm’s value on the proposal form, and have a standalone document.


We all have problems, things which haven’t gone to plan, so how do we explain them?

If a problem is identified, Root Cause Analysis should be conducted for each instance. The purpose of this is not to blame a person but to investigate the different factors that enabled the incident to occur. In doing so, effective changes and prevention can be implemented to limit recurrence.

It is essential not to merely scratch the surface and dig down below to find the root cause. If the root cause is missed, the incident is likely to occur again, increasing the risk exposure. Human error is never the ultimate root cause, and firms or individuals should not feel ashamed in near misses. Instead, they should feel confident and empowered to share these experiences with others.


We worry people will fear it is a witch hunt if we dig too much into the issue.

Creating a positive environment to have these chats and building a safe environment where staff are confident that they will not be judged or penalised for asking for help or alerting a person to an underlying issue is crucial. Ensuring that the culture is embedded throughout the firm sets the right undertones for all staff, regardless of level or position.

Risk is there, through firms at all levels, and risks may change, but they are still present. Consider reporting lines or lines of support, whether internal or external. In most firms, the line manager automatically handles reporting lines, which can make people bury their heads and not speak out for fear of repercussions, insecurity, stress, and compromised decisions.

It’s important we face these causes, because without it people suffer. In many parts of the legal sector, (for example Conveyancing in 2022), there can be real risks that are exacerbated due to several factors outside the staff member’s control and, in some instances, the firm’s. Even if those risks do not transpire into meritorious claims, it is inevitable that there will be claims and complaints arising out of these risks, which will have a considerable impact on staff and firms.

Everyone, at one time or another, will make mistakes within their careers, and it is how we deal with them that helps shape our careers and share the firms we work within.


How can we mitigate the consequences of issues arising?

Make it easier to find out what actually went on – Recording file notes is essential, documenting what is done at each stage, what has been found, what the client has been informed of, when they were informed, and by what means, and why the matter cannot proceed further.

Supervise properly – In the remote world we currently operate within, identifying signs in others is crucial. If you are a supervisor, think about how to monitor, motivate, and supervise daily. Remote working adds another layer of complexity, making identifying a gut feeling a lot harder. Make a conscious effort not to focus solely on the work and be visible and personable, building trust and relationships.

Use your data – Data collection and analysis can help fill gaps and identify where and who requires support. Data that could be considered includes low WIP or alternative high WIP, money held on the file, inactive client records, average case length, non-billing for a period, what happens when the file gets to 75% of the fee estimate, and retainer profitability and written off time.

Taking action if you think there might be a problem – doing more file reviews, and stacking the odds in your favour is invaluable regarding risk exposure and learning. Get curious, ask why, and continue learning about your team and how they operate.

What Should an AML Audit Involve?

I love an AML Audit. I really enjoy reviewing Firm’s policies and procedures and seeing the different approaches Firm’s take in respect of AML. Best of all is seeing how the culture surrounding Compliance is changing.


So, what is an AML audit and what should an AML audit involve?


The AML audit process is a way to strengthen or improve a firm’s AML programme. It is a way of assessing whether Firm’s AML policies, controls and procedures are up to date, comply with The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR) and are functioning in practice as intended.

The purpose of the Audit is to:

  • examine and evaluate the adequacy and effectiveness of the policies, controls and procedures adopted by the Firm to ensure compliance with the requirements of the Money Laundering Regulations;
  • make recommendations in relation to those policies, controls and procedures; and
  • monitor compliance with those recommendations.


Why Conduct an AML Audit?


Mandatory Audit

Regulation 21 of the MLR requires a relevant person, where appropriate to the size and nature of the business, to establish an independent audit function. This does not necessarily need to be an external audit, however, it will need to be conducted by someone in the firm who is independent of the Risk/Compliance/Anti Money Laundering (AML) function, but equally has enough AML knowledge to be able to conduct the audit. It is important to note that any findings in an Audit Report carried out under regulation 21 are disclosable to the Regulator.

Non-Mandatory Audit (Internal Audit)

A Firm may choose to conduct an internal Money Laundering Audit as routine procedure, being a way of checking whether the Firm’s policies, controls and procedures are up to date and comply with the MLR. The Audit report in these circumstances would remain for internal purposes only and confidential to the firm.


What is the Process for Conducting an AML Audit?


The audit is a four-stage process:


  1. Policy Review – A Review of the Firm’s policies and procedures against the requirements of the legislation will need to be conducted.
  2. Test – The Firm should then test the knowledge, understanding and application of those processes.
  3. Audit Report – This contains the findings of the audit, as well as recommendations for changes.
  4. Review – Following the Audit, there should be a review following an implementation period to establish compliance with the recommendations. Any recommendations must be implemented.


  1. Review of Policies and Procedures

A review of all the Firm’s AML policies and procedures, Firm Risk Assessment and the Firm’s matter-based Risk Assessment is conducted by the Auditor.

When carrying out the review the Auditor will assess whether the Firm’s AML policies and procedures meet the requirements of the MLR.

The Auditor will use a list/table of each specific regulation and check this against the Firm’s AML policies and procedures to confirm whether or not the Firm has met that requirement.


  1. Test

As part of the Audit the Auditor should test the knowledge, understanding and application of the Firm’s processes. This is normally tested through staff interviews and matter file reviews.


Interviewing staff will help the Auditor assess the staff’s knowledge and understanding of money laundering, money laundering red flags and the firm’s processes.

File Reviews

The Auditor will carry out a review of files and assess whether the matters comply with the Firm’s AML policies and procedures.

The Auditor may also request to review some closed files. Reviewing a closed matter will assist the Auditor in assessing whether there was on-going monitoring of risk and whether the completion instructions to accounts included information as to risk.


  1. The Audit Report

The Audit will result in a written report on whether:

  • The Firm’s risk assessment and AML policies, controls and procedures comply with the minimum requirements of the MLR.
  • Changes which are required as a result of deficiencies identified (if any)

The Audit report should:

  • Set out the law (what specific regulations of the MLR were checked against)
  • Explain what was examined for that specific regulation.
  • Document findings of areas of compliance and non-compliance as well as identifying areas for recommended improvement in behaviour and practice. It should be made clear which areas the Firm is compliant, non-compliant or partially compliant.
  • Include an indication of where there are potential failings and a recommended course of action


  1. Review

The Firm should conduct a review following an implementation period to establish compliance with the recommendations. As part of the review the Auditor will be assessing whether the recommendations have been carried out and whether there is any evidence to show whether they are effective.

If you would like to discuss this further or feel your Firm requires an AML Audit, please get in touch and we would be happy to help. Drop us an email at hello@tealcompliance.com.

Anti-Money Laundering – What to expect from an Independent Audit


Regulation 21 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (otherwise known as the Money Laundering Regulations) requires that regulated firms implement certain controls where it is appropriate to the size and nature of the firm. One of those controls is to establish an independent audit function. 


The size and nature test requires some objective thought and firms are directed by the Legal Sector Affinity Group’s Guidance to consider a number of factors including the number of staff and offices your firm has, your client demographic, and the nature and complexity of work you undertake. The Solicitors Regulation Authority’s take on it is that most firms (but not all) will need an independent audit. In its latest AML Report of October 2021, the Regulator found that a high number of firms visited (49 out of 69) failed to implement an independent audit where required. For those firms where an audit had been carried out, some common areas of concern were that the reviews were not sufficiently thorough or lacked an element of testing, they weren’t independent, and firms had not implemented the recommendations in a timely way. Such concerns could lead to firms being referred to the SRA’s Investigations Team. 


So if you have considered the size and nature test and determined that you need an independent audit, what should you expect from your review? It is key that your audit: 
    • Is independent from the people in your firm who are involved in setting and following the policies. The Regulations don’t prescribe that your audit must be carried out by a third party; but consider whether you are of a sufficient size to be able to resource a truly independent audit. Do you have staff with the right knowledge and capacity to carry out the audit? Even larger firms who have an audit function may find they do not have the necessary experience in AML. 
    • Is adequate in its scope and depth in order to give the firm assurance that the policies, controls and procedures they have in place are working. It should include a review of the existing documentation including firm and matter risk assessments and training plans, and a detailed review of how those processes have been implemented through file reviews and interviews with staff members to test understanding. The frequency of the audit should also be considered. Many firms decide to carry out an annual audit based on the size and nature test, but you may also consider focusing more frequent audits on higher risk areas as identified in your firm-wide risk assessment. 
    • Effectively identifies where processes are working well and roots out any problems with the process or where the process is not being followed. This means having the right person with the right expertise to carry out the audit so they know what they are looking for. It means carrying out an adequate number of interviews and file reviews across all locations and matter types so the Auditor can get a good feel for the firm and the types of issues that are occurring. Staff members from your fee earning teams, finance and any centralised onboarding teams should expect to be interviewed, along with the firm’s MLRO/MLCO. You may also consider focusing more frequent audits on higher risk areas as identified in your firm-wide risk assessment 
    • Provides feedback on where the firm’s current policies and procedures are not meeting the requirements of the Regulations and makes recommendations for improvement. A written report will provide you with the evidence that an independent audit has been carried out should the Regulator ever ask you for that information. The report should clearly set out the actions that should be taken to rectify any non-compliance. Recommendations should be implemented in a timely way and you should keep a record of the actions taken to meet the recommendations. 
    • Is part of an ongoing monitoring process to help you continually evaluate and improve compliance with the Regulations. Keep records of independent audits carried out for future reference and to evidence a robust auditing regime. 


There is no doubt that an independent audit requires some forwarding planning and investment in resources, whether that be internal resource or if you plan to engage an independent firm to carry out the audit on your behalf. It’s not a tick box exercise. Senior level commitment to the importance of implementing good anti-money laundering controls is therefore crucial and sets the tone for the firm and for the staff whose files may be reviewed or who may be interviewed as part of the audit process. But the reward for your investment is obtaining a real learning opportunity to understand what your firm is doing right and where it can make improvements and effectively manage money laundering risks.



Photo by Scott Graham on Unsplash

Do you have to collect CDD on employees of (non-natural person) clients?

This is a question I get asked loads of times!

In fact, last week I had a client who has a policy of asking for ID for employees, and their client refused citing Data Protection concerns. I’m not planning to go into the data protection issues here, but instead whether you have to ask for it.

To get to the answer here, we need to start with the law.

The law requires, in connection with a client who is not a natural person (I prefer using the word human here!) that you need to obtain and verify certain information about entity. For a company that is

  • name,
  • company number,
  • registered office,
  • the law to which it is subject,
  • its constitution,
  • the full names of the board and senior persons responsible for it.

In addition, you need to identify and verify the ultimate beneficial owners.

So, do we need ID from directors, or people who instruct us on behalf of a company?

In the original 2003 Money Laundering Regulation it was a requirement to identify and verify at least 2 directors, but this was removed by the 2007 regulations. I’ve found despite this change many firms still have that process, whether as a legacy from the original regulations or as a risk management measure – so that they have proof a real person is connected with the company. After all, the whole point of passports and utility bills is so you can tell the police which door to knock on, to talk to about the entity.

I think many of the more recent queries I have had come from confusion arising from Money Laundering and Terrorist Financing Regulations, which introduced in 2017 Regulation 28(10).

(10) Where a person (“A”) purports to act on behalf of the customer, the relevant person must—

(a) verify that A is authorised to act on the customer’s behalf;

(b) identify A; and

(c) verify A’s identity on the basis of documents or information in either case obtained from a reliable source which is independent of both A and the customer.

There was concern when this first came in that an employee or director might be thought to be purporting to act on behalf of the client. Fortunately, the Legal Sector Affinity Group Guidance helps here:

Section 6.6

Examples of someone purporting to represent might include:

  • a parent on behalf of an adult child.
  • an individual not employed by your client; or
  • a situation where the instructing persons authority to instruct is not clear or does not make sense.

Section 6.14.9

Someone employed by your client (depending on their position or seniority) or a director of your client may be considered as having apparent or ostensible authority to provide instructions on behalf of the client, though you may seek comfort of this on a risk sensitive basis. They should not be considered to be intermediaries, agents, or representatives. Where it is not clear or apparent what their authority to instruct on behalf of the client is, CDD should not be considered to be complete.

Accordingly, it is now much clearer in that “purports to act” is not intended to mean officers or employees of a company. That said, many firms still do carry out individual CDD on Directors and sometimes on employees instructing who are not directors, and whilst that is not required by the Regulations, it can be useful to provide an audit trail for the client in case you are challenged later on as to why you acted on instructions provided on behalf of the non-human client.

Human trafficking

Human trafficking and how to spot it

Human trafficking is one of the fastest-growing illegal enterprises in the world, after drug trafficking.

Human trafficking is the trade of humans for the purpose of forced labour, sexual slavery, or commercial sexual exploitation for the trafficker or others. This may encompass providing a spouse in the context of forced marriage, or the extraction of organs or tissues, including for surrogacy and ova removal. (Wikipedia)

 The statistics show the true extent of the problem. According to the charity Unseen, it is estimated that:

  • 3 million people worldwide are in modern slavery
  • 9 million are in forced labour
  • 4 million people are in forced marriages
  • Globally it is estimated that one in four victims of modern slavery are children
  • In the UK just under half of the referrals to the National Referral Mechanism (47%) were individuals who claimed they were exploited as children
  • around 13,000 people in the UK are in modern slavery, according to the UK Government
  • up to 136,000 people in the UK are in modern slavery, according to slavery experts (i.e., much more than official figures).

“Hidden in plain sight” is a term often used when people talk about modern slavery – with the crime often taking place right in front of us.

Some of you may have seen the “hidden in plain sight” poster campaign a few years ago inside taxis which attempted to educate the public on just this point and highlight that human slavery was often taking place under our noses.

What can you do?

If we look beyond the human costs, where there is human trafficking money changes hands, which can present money laundering exposure for law firms.  This is where firms can play their part by serving as another line of defence against these terrible crimes.

Given the huge scale and pervasiveness of human trafficking, businesses can inadvertently expose their business to risk unless they seek to identify and tackle the issue in their supply chain.

We all need to decide that we won’t let this happen on our watch and be alert to the red flags which indicate where human slavery may be taking place.

“You should ensure that your business adopts policies and procedures designed to highlight these red flags so that all staff know what to look out for.”

 Clearly some red flags are more relevant to financial services businesses (such as banks) than to law firms, but it is useful to understand how we can identify where this type of crime is taking place.

There are six types of human trafficking:

  • Trafficking for forced labour
  • Trafficking for forced criminal activities
  • Trafficking in women for sexual exploitation
  • Trafficking for the removal of organs
  • People smuggling.

Some Potential Red Flags of Human Trafficking:

High volume deposits through bank accounts and immediate withdrawals from border towns Ongoing ATM/credit card transactions in even amounts between 10 PM and 6 AM Credit card payments to online escort services for advertising.

Sudden activity changes in business accounts outside of the client’s expected profile Structured cash deposits at multiple bank branch locations.

Workers’ contracts not being readily available in a corporate transaction. If you are required to visit a client’s premises, do they employ large amounts of migrant workers or are children seen in and around the premises?

Look for behavioural signs – does, for example, someone look frightened? Avoiding eye contact, hesitant to talk to strangers.

Look for Physical signs – they appear to be isolated, they’re rarely allowed to travel on their own, they don’t have documents that would allow them to travel – passports, ID, etc.

Where a law firm holds financial data as part of its AML checks or when undertaking due diligence on a transaction, this may provide an opportunity for law firms to spot red flags and provide a picture of a criminal or launderer.

The message is simply to be alert to this horrific type of crime.

If you suspect any form of modern slavery is taking place within your supply chain or you suspect your clients may be involved, you should immediately flag it to the person responsible for dealing with it at your firm.

If Teal Compliance can be of any assistance in helping with your reporting obligations and procedures, please contact us at hello@tealcompliance.com

We had that email we all dread…

We had that email we all dread…

“Hi, I’ve had an email from one of your team and we think it’s a scam, just wanted to let you know.”

Then we had several others and as many phone messages from lovely contacts wanting us to know. I’m grateful for our community of clients and contacts for letting us know straight away so we could sort it.

We took the following steps within an hour:

  1. Stopped what we were doing and got onto our IT guy who specialises in cyberattacks to crawl over our systems to check what had happened, and we followed his instructions. We looked at things like:
  • Changing email logins/passwords
  • Isolating the data breach, so the rest of the system wasn’t affected
  • Adding 2-factor authentication.
  1. Put one of our team onto responding to all the enquires
  2. Briefed our friends at Moneypenny who handle our calls – thanks ladies for your help!
  3. Put a post on our website explaining what had happened
  4. Emailed our mailing list explaining what we know and advising them to contact their IT departments straight away if they received the emails and NOT TO CLICK ON THE LINKS.

Thankfully, we had confirmation that the issue had been contained almost immediately because of the speed at which we responded.

Obviously, it made us feel sick, but it just shows, that even with regular screenings of our systems, the baddies can attack.

The facts

Around 65,000 attempts to hack small-to-medium-sized businesses (SMBs) occur in the UK every day, around 4,500 of which are successful. That equates to around 1.6 million of the 5.7 million SMBs in the UK per year. (CSO online)

We hear about it all the time, but we always think it will never happen to us. The fact is, more people are hybrid working, hackers are getting cleverer, and it just takes one click on that harmless-looking link for it all to go wrong…

Here are the top three tips which helped us to be able to respond so quickly:

  1. Have a plan – we did – and we put it into action immediately that we were made aware of an issue. Everyone should have a Disaster Recovery Plan, before being exploited, not after. It can be as simple as just having a point of contact who can quickly go through disaster recovery protocols and, at the very least, stop any further damage being caused immediately. The aftermath can still be sorted over time, but it’s vital to have someone who knows how to resecure the systems immediately
  2. Get a good cyber person in your address book, and have their contact details ready. Scouting around for the details of someone you know and trust when you’re in the middle of an attack wastes valuable time. Happy to share the details of our guy if you want to get in touch
  3. Know what you’re going to say to people.

The approach we took was because we wanted to protect people – hence the communications with people who might be affected.

Even major institutions worth £100Billion+ have vulnerabilities and have been exploited in the past, notably by way of ransomware attacks and the like.

When anything goes wrong, the gut reaction may be to keep things quiet and not acknowledge there has been a problem. However, our firm view is that being open and honest when issues crop up is by far and away the best approach.

No one can completely avoid all risks at all times but having a way to deal with problems when they occur as soon as possible is a very vital skill in any business.

You can’t learn from something if it’s swept under the carpet.

Knowing the approach we were going to take enabled us to draft the wording quickly and get the message out.

In hindsight, we could have prepared it in advance just in case – we have now!

Fingers crossed you never have a day like we did but having a plan in advance will make sure you are better prepared.

If we can assist with anything, please don’t hesitate to get in touch.

Photo by Bermix Studio on Unsplash

The Potential Pitfalls of SARs: a cautionary tale, and 10 ways to avoid them

Filing Suspicious Activity Reports (SARs) should be a priority for all law firms when presented with circumstances that alert them to the potential for money laundering.

But the very word “suspicious” is in itself, problematic, as it lacks clear definition.

It’s essential that the basis for suspicion is expressed as clearly as possible – not just because of the potential for legal action, but also because of the potential that it may be read by a client.

So, what does “suspicion” actually mean?

Unhelpfully, “suspicion” isn’t formally defined in legislation – but it has been the subject of question by the courts on several occasions.

The judge in the case of Lonsdale v National Westminster Bank plc [2018] EWHC 1843 (QB) stated that

“The [person that suspects] must think that there is a possibility, which is more than fanciful, that the relevant facts exist. A vague feeling of unease would not suffice. But the statute does not require the suspicion to be “clear” or “firmly grounded and targeted on specific facts”, or based upon “reasonable grounds.”

This suggests that the term “suspicion” is subjective, with a relatively low threshold. Suspicion must be genuine, but there’s no robust necessity for it to be based on specific facts.

With this in mind – and in line with advice published by the NCA – here are our ten tips for avoiding the potential pitfalls when reporting suspicious activity:

  1. Use clear and concise language, keeping the content clear, concise and simple. Avoid using acronyms and legal jargon.

The “reasons for suspicion” section of the SAR limits your input to 8000 characters, equating to around 1500 words.

  1. Give full and precise reasons for your suspicion of money laundering.

It’s important for the NCA to see:

  • Who is doing what
  • Who they are/were doing it with
  • When they are/were doing it
  • Why they are/were doing it
  • Where they did it
  • How they are doing it
  1. Specify all individuals and businesses, including suspected criminal property in as much detail as possible (having regard to privilege). You may not be in possession of all of the details, so you should make this clear in your report if that’s the case. Think about:
  • Associated subjects
  • Dates of Birth, Post Codes, Occupations
  • Financial transactions.
  1. Specify all information giving rise to suspicion and explain how you discovered it.
  2. Clearly distinguish between information that you know from that which you suspect.
  3. Present a chronological sequence of events which support your suspicion. Be as specific with regards to dates as possible.
  4. Justify the basis of your suspicion – don’t simply state that it’s a cause for concern.

For example, a client’s bank account has large third-party transfers:

  • explain if the client has been contacted (and if not, why not) and any explanation offered
  • describe why the explanation given has not allayed your concerns
  • demonstrate how the pattern of transfers/withdrawals presents suspicious circumstances.
  1. Explain how the activity in question differs from normal, expected operations for that customer/business sector. If the SAR implicates a professional enabler (i.e., an accountant, insolvency practitioner, conveyancer, etc.) state whether it appears that the facilitation is witting or otherwise.
  2. Set out the case if your suspicion relates to the transactions only, or whether it extends to the professional involved. If the SAR doesn’t relate to financial transactions, explain the activity you consider to be suspicious.
  3. If you are requesting a Defence Against Money Laundering (DAML) be specific about the work you are undertaking for your customer/client which you believe you will require a defence to money laundering for e.g.:
  • “to buy/sell the property at (address) for (value amount)”
  • “to disburse the funds between the following people …”
  • “to buy/sell the (named company)”
  • “to draw up contracts between party X and party Y, transfer the ownership of the (named company) to party Y, and transfer the (value of funds) to party X which is all part of the arrangement”
  • “to release the funds in account A to person B”.

The regulated sector has been criticised by NCA regarding the quality of SARs. The amount of information provided is of vital importance for a number of reasons:

  • Improves efficiency in processing SARs
  • Poor quality SARs divert resources away from detection and investigation of crime
  • Vital source of intelligence
  • Contents can be a basis for legal action against the maker – Lonsdale v National Westminster Bank.

If Teal Compliance can be of any assistance in helping with your reporting obligations and procedures, please contact us at hello@tealcompliance.com

The ‘C’ word!

The mere mention of the word Compliance tends to fill people with dread and many firms, Partners or owners continue to bury their heads in the sand.

Many firms have changed the structure of their business support, showing that there is a significant shift from the misconception of ‘fee burners’ and ‘fee earners’.

Firms have had no choice but to become proactive to ensure that compliance is embedded into the culture of the firm, with employees knowing and understanding the beliefs and values of the firm they are working for.

It is vital to invest in business support to drive the firm in the right direction.

And Compliance is an essential element of your firm’s foundation to succeed.  It is not about how many accreditations you have – although working within the guidelines of those accreditations obviously minimises the firm’s risk exposure.

Are you asking the right questions to know what is happening day to day in your firm?

Are all departments linking up to review your risk registers and ensure that you are working on the same page?  

A smoke and mirrors approach will not help you in the long run, it will purely paper over the cracks.

Engage with employees – communication is key!

Every time I undertake performance reviews the reviewee states that there is not enough communication.

That’s not to say that every little detail needs to be communicated, it is more to do with involving employees to help you achieve the objectives set by the firm.

Without communication, there is an opportunity for things to slip through the net.

To make this work you need a joined-up approach

Ground-level knowledge is the difference between tackling any issues head-on and burying your head in the sand. We can all hear conversations but really listen to what’s going on. Ignorance is not a form of defence if you find yourself on the wrong side of the regulators!

Are you continually reviewing your processes and analysing critical data?

Will you as a firm, you as an individual and your employees stand up to scrutiny?

Conduct a full 360 review of your business

If you do not look at what you are doing objectively then nothing will change. Praise the good, review the not so good and put a system in place to change what’s not working.

Revisit KPI’s

On an individual, team, discipline, and overall basis. It’s all well and good giving your fee earners targets, but are they are achievable and are you ensuring they can do this in a safe environment?

What do your KPI’s look like?

Have they been implemented and reviewed to ensure they are the right ones?

Are you conducting independent file audits?

It may be that there are trends which give rise to training issues. There are many signs that could highlight that you have issues with employees, or equally that you have individuals excelling that have further capacity or partnership potential.

There is a fine line between micro-managing and no supervision

You are ultimately responsible for every employee within your firm.

How many times have we recently seen in the Law Society Gazette about lack of supervision?  It does not matter whether you are a year qualified, or 12 years qualified there still needs to be an element of supervision. Do you want to be responsible for everyone losing their job?

Every role within your firm needs to work within the framework and once everyone is working within that framework the benefits will speak for themselves.

If we can assist with anything, please don’t hesitate to get in touch.
Team Teal

Economic Crime (Anti-Money Laundering) Levy

With all that is going on at the moment, its quite likely that you are not aware that the Government has introduced the Economic Crime (Anti-Money Laundering) Levy. This previously mooted levy, by way of the Finance Act 2022, achieved Royal Assent on 24th February.

What is the Economic Crime (Anti-Money Laundering) Levy?

The Government has stated:

‘The Economic Crime (Anti-Money Laundering) Levy (‘the levy’) is part of the government’s wider objective, outlined in the 2019 Economic Crime Plan (ECP), to develop a long-term Sustainable Resourcing Model (SRM) to tackle economic crime’

The levy aims to raise £100 million a year from the AML regulated community to help fund new and improved AML capabilities. The NCA for example has been struggling to cope with all the reports it receives. Extra funding aims to address such problems.The first levy year is almost upon us, as it will run from April 2022 to March 2023, with relevant levy payments first being collected in April 2023 (i.e., payment in arrears). It will not be collected by all AML supervisors with only the Financial Conduct Authority, HMRC and the Gambling Commission being tasked with these duties. For the legal sector (and Accountants too) the HMRC will collect it.When you next plan your budgets, don’t forget to take into account the fact that as of April 2023, you may well be paying this levy in addition to all of your other overheads:

  • the levy is to be charged on a fixed fee system, based upon your UK revenue
  • it will be paid by medium, large, and very large AML-regulated entities
  • small entities (those with UK revenue below £10.2 million) will fortunately be exempt.

An entity is classified as:

  • medium if its UK revenue for the relevant accounting period is more than £10.2 million but not more than £36 million
  • large if its UK revenue for the relevant accounting period is more than £36 million but not more than £1 billion
  • very large if its UK revenue for the relevant accounting period is more than £1 billion.

The levy is to be charged as follows:

  • medium entities will pay £10,000
  • large entities £36,000
  • very large entities £250,000.

In addition to the levy itself, the Government estimates that it will impact an estimated 4,000 businesses, who will need to self-declare their levy status (i.e., whether they are AML regulated, and their UK revenue during the period of accounts that ended in a said financial year) to their relevant collector or be invoiced by their collector. The relevant collector (HMRC, the FCA or the Gambling Commission) for businesses will be the collector that already regulates/supervises them under AML Regulations, so the majority of firms will have an existing relationship with their collecting body.

The exception is c.450 firms who are regulated/supervised by the Professional Body Supervisors (PBSs), who will need to declare their status and make their levy payment to HMRC.The government is to issue centralised guidance on gov.uk that sets out the process for paying the levy in due course.If there are any burning questions or issues you want to discuss we are always available. In the first instance please get in touch with hello@tealcompliance.com.


Simon Harbord

Team Leader, Teal Compliance Limited