The Law and Regulation of Solicitors: Client Money 9781526524614, 9781526524638, 9781526524621

Citation preview

The Law and Regulation of Solicitors Client Money

The Law and Regulation of Solicitors Client Money

Katie Jackson LLB, MSc

BLOOMSBURY PROFESSIONAL Bloomsbury Publishing Plc 50 Bedford Square, London, WC1B 3DP, UK 1385 Broadway, New York, NY 10018, USA 29 Earlsfort Terrace, Dublin 2, Ireland BLOOMSBURY and the Diana logo are trademarks of Bloomsbury Publishing Plc © Honne Limited, 2023 All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage or retrieval system, without prior permission in writing from the publishers. While every care has been taken to ensure the accuracy of this work, no responsibility for loss or damage occasioned to any person acting or refraining from action as a result of any statement in it can be accepted by the authors, editors or publishers. All UK Government legislation and other public sector information used in the work is Crown Copyright ©. All House of Lords and House of Commons information used in the work is Parliamentary Copyright ©. This information is reused under the terms of the Open Government Licence v3.0 (http://www.nationalarchives.gov.uk/ doc/open-government-licence/version/3) except where otherwise stated. All Eur-lex material used in the work is © European Union, http://eur-lex.europa.eu/, 1998-2023. British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library. ISBN:

PB: Epdf Epub

978 1 52652 461 4 978 1 52652 462 1 978 1 52652 464 5

Typeset by Evolution Design and Digital (Kent) To find out more about our authors and books visit www.bloomsburyprofessional. com. Here you will find extracts, author information, details of forthcoming events and the option to sign up for our newsletters

Acknowledgements

Thank you to my family, who have supported the creation of this book in a variety of ways. With additional thanks to: •

All the staff and the editorial team at Bloomsbury Professional.

•

Honne’s clients, in legal services and CPD training.

•

The regulatory agencies, and compliance and legal professionals around me, who I also count as my colleagues.

v

Preface

Behind many solicitors and licensed conveyancers are networks of staff, accountants, banks, insurers, inspectors and regulators, IT professionals, HR business partners, finance teams, and others who keep the day to day running. Far from having their names on the door, these people keep client monies safe, and genuine transactions going through legal services. This book celebrates their work, and places the system of holding and maintaining effective client financial systems first. Far from being a forgotten part of a solicitor or licensed conveyancer firm, the effective and honest handling of client money, the honesty of the staff and the systems that surround them, has ensured the solicitor has been at the cornerstone of significant family and business life events for many years and remains so today. For this community, and for the solicitors and others on whom their reputation depends; speak up about the problems you encounter and do what you can to learn about changes, other accountancy and IT systems, and the latest thinking in your area of work and business support. Sometimes we might all be guilty of taking the solidity of the rules and security of the client account for granted, but the potential for problems is enormous. This book is a request for the financial and accounting community, the IT community, the HR community, regulation, and anyone else involved, to stand up and make their voices heard in the safeguarding of client money and in the reputation of legal services in England and Wales. It also seeks to counter the argument that the COLP role is larger than that of the COFA, by examining the ways in which the finance team continues to manage and maintain their responsibilities, and how they support the MLRO and MLCO roles. Indeed, a large amount of this book is about anti money laundering, and there is an important overlap between the receipt of client money and the provisions for anti money laundering; one that is often overlooked. The book also considers those other voices as well in law firm teams – including in human resources, information technology, and management. All of those parts of the firm have a responsibility towards client money, compliance and anti money laundering, and ensuring the bona fides of transactions law firms deal with. Involve your teams and their expertise to look for solutions in their areas of work as well as legal answers. Katie Jackson March 2023

vii

Contents Prefacevii Table of Cases

xi

Table of Statutes

xiii

Table of Statutory Instruments

xv

Table of SRA Rules and Regulations and Council for Licensed Conveyancers Codes

xvii

Introduction1 Part 1: The Accounts Rules

19

Part 2: Receiving Client Money

73

Part 3: Risk Assessments and Risk Management

137

Part 4: Legislation, Regulatory Outcomes, and Offences

211

Part 5: Case Studies

271

Part 6: Continuous Professional Development

345

Part 7: Current and Future Developments

397

Part 8: Conclusion

425

Bibliography435 Index447

ix

Table of Cases [All references are to page numbers.] B Barclays Bank Ltd v Quistclose Investments Ltd [1968] Ch 540, [1968] 2 WLR 478, [1968] 1 All ER 613, [1967] 12 WLUK 67........................................ 20, 100 Bowman v Fels [2005] EWCA Civ 226, [2005] 1 WLR 3083, [2005] 4 All ER 609, [2005] 3 WLUK 294, [2005] 2 Cr App R 19, [2005] 2 CMLR 23, [2005] 2 FLR 247......................................................... 106, 120, 124, 145, 169, 203, 233, 236–237, 263, 314, 330 Brabners LLP v R & C Comrs [2017] UKFTT 666 (TC), [2017] 9 WLUK 37, [2017] STI 2011....................................................................................... 42 P P&P Property Ltd v Owen White & Catlin LLP; Dreamvar (UK) Ltd v Mishcon de Reya [2018] EWCA Civ 1082, [2019] Ch 273, [2018] 3 WLR 1244, [2018] 4 All ER 277, [2018] Bus LR 1668, [2018] 5 WLUK 248.................21, 93, 95, 97, 99, 100, 124, 144, 229, 266, 292, 294, 395, 403 Parvizi v Barclays Bank Plc [2014] EWHC B2 (QB), [2014] 5 WLUK 725........ 103, 243 Purrunsing v A’Court & Co & Anor [2016] EWHC 789 (Ch), [2016] 4 WLR 81, [2016] 4 WLUK 292, [2016] ECC 32, [2016] Lloyd’s Rep FC 310, [2016] PNLR 26............................................................................95, 97, 99, 100, 124, 144, 229, 266, 395, 403 Q Quistclose Investments Ltd v Barclays Bank Ltd see Barclays Bank Ltd v Quistclose Investments Ltd R R v Caldwell [1982] AC 341, [1981] 2 WLR 509, [1981] 1 All ER 961, [1981] 3 WLUK 124, (1981) 73 Cr App R 13.......................................................... 229 R v Da Silva [2006] EWCA Crim 1654, [2007] 1 WLR 303, [2006] 4 All ER 900, [2006] 7 WLUK 281, [2006] 2 Cr App R 35, [2007] Crim LR 77.... 101, 229, 353 S Shah v HSBC Private Bank (UK) Ltd [2012] EWHC 1283 (QB), [2013] 1 All ER (Comm) 72, [2012] 5 WLUK 503, [2012] Lloyd’s Rep FC 507, [2013] Bus LR D38.................................................................................................... 103 Solicitors Regulation Authority v Malins [2018] EWCA Civ 366, [2018] 1 WLR 3969, [2018] 3 WLUK 141, [2018] PNLR 22............................................ 218 T Twinsectra Ltd v Yardley [2002] UKHL 12, [2002] 2 AC 164, [2002] 2 WLR 802, [2002] 2 All ER 377, [2002] 3 WLUK 573, [2002] PNLR 30.............. 20, 100 W Wingate & Anor v Solicitors Regulation Authority [2018] EWCA Civ 366, [2018] 1 WLR 3969, [2018] 3 WLUK 141, [2018] PNLR 22...................... 218

xi

Table of Statutes [All references are to page numbers.]

Legal Services Act 2007 – contd s 85..........................................8  91..........................................252 92.......................................... 8, 48, 59, 252 95..........................................8 Sch 1.......................................5 Sch 4.......................................7 Sch 14..................................... 8, 21 Proceeds of Crime Act 2002........ 3, 4, 10, 11, 12, 13, 15, 76–79, 84, 85, 95, 101, 107, 109, 113, 128, 155, 160, 165, 190, 213, 225–245, 248, 252, 253, 259, 261–266, 272, 309, 310, 322, 329–330, 335, 346, 347, 356, 357, 360, 365–366, 400, 410, 414, 425, 427, 428, 430, 433 Pt 7 (ss 327–340).....................100, 110, 128, 162 ss 327–329...............................226, 230, 232 327–331...............................258 327–333A............................257 s 327........................................229, 232, 235, 236, 248, 355 (2A).................................234 328........................................229, 233, 235, 236, 248, 355 (1)...................................232 (3)...................................234 329........................................229, 233, 235, 236, 248, 260, 355 (2)(c)...............................78 (2A).................................234 ss 330–331...............................11 330–332............................226, 227 s 330........................................16, 85, 100, 101, 107, 222, 227, 230, 247, 248, 265, 347, 352, 355, 356

Administration of Justice Act 1985......................6, 214–215, 415 Pt I (ss 1–10A)..........................7 s 9............................................215 Pt II (ss 11–39).........................8 s 20..........................................8 22..........................................214 s 22(3).....................................214 ss 24–30................................. 68, 214 s 24..........................................8 26.......................................... 8, 68 31.......................................... 8, 214 Sch 2....................................7, 8, 215 para 32(1)(c)........................188 Sch 3.......................................8 Sch 4.......................................8 Sch 5..................................8, 21, 214 Bribery Act 2010..........................364 Companies Act 2006................. 89, 186 Courts and Legal Services Act 1990..................................6, 8, 215 s 66.......................................7, 8, 215 Pt IV (ss 85–98)........................7 Sch 8.......................................8 Sch 14.................................. 7, 8, 215 Criminal Finance Act 2017...........245 Data Protection Act 2018............156, 256, 356 Deregulation Act 2015................8 Economic Crime (Transparency and Enforcement) Act 2022..157, 224, 245, 407 Financial Services and Markets Act 2000...............................431 Pt XX (ss 325–333)................. 65, 215 Legal Aid, Sentencing and Punishment of Offenders Act 2012.....................................174 Legal Services Act 2007............... 5, 6, 7, 8, 16, 81, 214–215, 253, 409–412, 415, 433 Pt 2 (ss 2–11)...........................5 s 4............................................7 Pt 4 (ss 27–70)......................... 6, 7 ss 29, 30..................................6 Pt 5 (ss 71–111)....................... 6, 7, 41, 215

xiii

Table of Statutes Sanctions and Anti-Money Laundering Act 2018.......... 90, 245 s 49........................................ 98, 399 Serious Crime Act 2015...............103 Small Business Enterprise and Employment Act 2015........ 89, 406 Solicitors Act 1974.......................6, 213, 214–215, 259, 415 Pt I (ss 1–30)............................7 s 10..........................................67 13A........................................67 13B........................................217 Pt II (ss 31–55)......................... 7, 8 ss 32–34................................... 8, 128 s 32..........................................214 33A.......................................66, 267 34.......................................... 7, 51, 58, 214 35..........................................214 ss 36, 36A................................214 s 43..........................................216 ss 44B–44D..............................267 s 44D....................................... 8, 67 Sch 1....................................... 7, 21, 47, 214 para 1(1)(d)..........................188  6..................................21, 214 Terrorism Act 2000.......... 213, 240, 245 ss 15–18...................................245 21ZA–21ZD..........................245 s 39..........................................240 Trustee Act 1925 s 61..........................................21 Trustee Investment Act 1961.......407

Proceeds of Crime Act 2002 – contd s 330(3)..................................84, 229 (4)...................................228 (6)...................................228 (b)............................ 228, 235 (7)(b)..............................81, 228 (7B).................................228 (10), (11).........................235  331......................................81, 100, 101, 107, 222, 227, 230, 235, 247, 248, 352, 355 (4), (6).............................228 333........................................237 ss 333A–333E...........................237 s 333A..................................108, 109, 240, 356 333B......................................240 s 333C............... 109, 241, 356 (2).................................237 s 333D..................................106, 356 (2).................................241 334........................................225 335......................................11, 107, 108, 131, 230, 231 (2)–(5).............................108 (4)...................................231 336........................................81 338..................................... 81, 103, 244, 356 339ZB....................................237 342........................................240 Sch 9....................................2, 3, 128 para 1(b)..............................3

xiv

Table of Statutory Instruments [All references are to page numbers.]

Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, SI 2017/692 – contd reg 18A....................................142, 149, 194, 198 regs 19–21...............................225 reg 19....................................81, 142, 162, 170, 221, 222 (2)(b).............................81 (4)............................... 142, 146 (d).............................222 19A....................................142 20.................................... 81, 162 21..................................170, 171, 221, 225, 254, 323, 324, 363 (1)..................................222 (a).............................81, 162, 222, 247, 248 (b).............................162 (c).............................81, 162, 182, 252, 253 (2)(a)(i)..........................81 (3)..................................81, 162, 222, 247  24......................................16, 81, 162, 170, 221, 222, 225, 323 (1)(a)(i)..........................254 (b).............................347 26......................................252 Pt 3 (regs 27–38)..................221, 222 reg 27......................................85, 88, 89, 222, 223 (1)(a).............................80 (2)..................................85 (8)............................... 142, 222 (9)..................................142 28..................................... 85, 88, 89, 90, 222, 223, 349, 351 (2)..................................86 (c).............................86 (7)..................................349

Electronic Money Regulations 2011, SI 2011/99.................405 General Data Protection Regulation (EU) 2016/679 see Regulation (EU) 2016/679 of the European Parliament and of the Council (UK GDPR) Money Laundering and Terrorist Financing (Amendment) (High-Risk Countries) Regulations 2021, SI 2021/392.........................98, 364, 399 Money Laundering and Terrorist Financing (High-Risk Countries) (Amendment) Regulations 2022, SI 2022/393.........................147 Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, SI 2017/692........................  3, 4, 10–15, 73–75, 77–80, 84, 88, 93, 113, 128, 138, 140, 142–160, 162, 165, 169–171, 175, 178, 190, 194, 213, 218–228, 233, 248, 252, 253, 256, 257, 259, 261–264, 270, 272, 278, 290, 293, 309, 310, 322, 329–330, 346, 347, 360–364, 366, 400, 401, 404, 407, 410, 413–416, 425, 427, 428, 433 reg 4........................................ 84, 85 7........................................ 3, 219 8........................................ 2, 3 (2)(d)...............................3 reg 14A....................................405 Pt 2 Ch 2 (regs 16–25).............138 reg 18....................................80, 138, 142, 143, 149, 194, 198, 220, 222 (2)(a).............................151

xv

Table of Statutory Instruments Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, SI 2017/692 – contd Pt 5 (regs 39–45).....................88 reg 39............................ 87, 221, 352  40......................................119 43......................................88, 89, 90, 349, 351  51......................................3 Pt 8 (regs 65–74).....................219 Pt 9 Ch 2 (regs 76–85).............11 Pt 9 Ch 3 (regs 86–92)............11, 225 regs 86, 88...............................225 Sch 1.......................................3 Sch 5.......................................225 Oversight of Professional Body Anti-Money Laundering and Counter Terrorist Financing Supervision Regulations 2017, SI 2017/1301.............3 Payment Services Regulations 2017, SI 2017/752...............432 Regulation (EU) 2016/679 of the European Parliament and of the Council (UK GDPR).........156, 191, 256, 336, 356 Solicitors Act 1974 and Administration of Justice Act 1985 (Amendment) Order 2022, SI 2022/701...............415

Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, SI 2017/692 – contd reg 28(8).................................90, 349 (11)................................349 (a)...........................221 (12)............................. 142, 309 (a)...........................80 (i)........................80 (b)...........................80  30A....................................91  33......................................86, 96, 97, 221, 224, 349, 351, 352 (1)..................................87 (b).............................224 (f)..............................349 (3)(c)(i), (ii)....................148 (3A)...............................86, 87, 208, 349, 352 (c)......................... 92, 221 (f)............................142 (4)..................................142 (5)(b).............................349 (6)..................................146 33A........................ 140, 221, 349 35.............................. 96, 97, 224 (5)(b).............................221 Pt 3 Ch 3 (regs 37–38).............86 reg 37............................ 86, 349, 351

xvi

Table of Solicitors Regulation Authority Rules and Regulations and Council for Licensed Conveyancers Codes [All references are to page numbers.]

CLC Codes Accounts Code r 3.4.....................................40 rr 3.5, 3.6.............................31 3.8, 3.9.............................40 r 4........................................39 4.1 a...................................29 b.................................. 31, 44 5.1.....................................25 5.4.....................................25 a...................................24 b..................................24 c...................................24 d.............................24, 26, 27 f...................................24 rr 5.5–5.7............................. 24, 26 r 5.5.....................................34 5.6.....................................24 5.9.....................................25 7........................................70 7.3.....................................69 Anti Money Laundering Code r 9(e)....................................26 Code of Conduct r 3.6.....................................70 Conflicts of Interest Code.........26 Estimates and Terms of Engagement Code r 8.2.....................................30 Handbook 2011........................ 59, 417 SRA  Standards and Regulations 2019.............................. 47–48, 252 Accounts Rules 2019............. 2, 19–20 rr 2–5...................................119 r 2........................................49 2.1(d)................................. 30, 31 2.2................................... 46, 126 2.3(b)................................. 50, 54 (c)................................. 46, 49 2.4................................44, 46, 50

SRA  Standards and Regulations 2019 – contd r 2.5......................... 119, 392, 395 3........................................49 3.3.....................................50, 115, 127, 395 4.................................44, 49, 127 4.3.....................................44 (a), (b)...........................31 5...................................39, 44, 51 5.1.....................................119 (a)................................. 29, 44 (b).................................29, 31, 44, 127 (c)............................... 33, 127 5.3.....................................29, 31, 389, 391 6.1..................................... 40, 51 7........................................50 8........................................49 8.1................................25, 27, 50 (a)................................. 24, 26 (b)................................. 24, 31 (c).................................24 8.2.....................................24 8.3.................................... 24, 26, 34, 41, 51 8.4.....................................30 11......................................70 11.1(a)...............................69 12...................................... 51, 58 12.2(a)...............................54 13.1...................................25 Authorisation of Firms Rules 2019 r 8...................................... 48, 252 Authorisation of Individuals Regulations 2019.....................67 r 10.2(b)(vii).........................46 Code of Conduct for Firms 2019 r 2.1(d).................................48

xvii

Table of SRA Rules and Regulations and Council for Licensed Conveyancers Codes Code of Conduct for Firms 2019 – contd 2.4.....................................188 rr 4.2, 4.3.............................346 6.1–6.2.............................26 r 6.3.....................................70 7.1(c)......................... 26, 30, 128 8.1.....................................81 Pt 9 (paras 9.1–9.2)..............252 r 9.2.....................................48

xviii

Code of Conduct for Individuals (Solicitors, RELs and RFLs) 2019 r 3.3.....................................346 4.3.....................................46 rr 6.1–6.2.............................26 r 6.2.....................................94 6.3.....................................70 8.1................................... 26, 128 rr 8.6–8.11...........................402 r 8.7.....................................30 Regulatory and Disciplinary Procedure Rules 2019...............267

Introduction

Contents Context of regulation The difference in regulation for AML and professional conduct Regulation for professional conduct Professional conduct regulatory legislation Contrasting professional conduct regulation with anti money laundering Law enforcement Legal Sector Affinity Group Guidance Contents of this book Context of this book

2 4 5 6 10 12 13 13 17

This book is written with the intent of providing an exploration of the current law and policy in anti money laundering, but also in the context of legal professionals holding client money. We cover both the ideas and best practice in relation to the current Money Laundering Regulations, but also go further and consider the receipt of money into the law firm and how this can be managed from an AML perspective. The writer has delivered training and worked with law firms on AML for the last ten years, and before that was a legal services regulator; there is therefore a general discussion of the position in AML as well, and plenty of examples of how the law in AML works in terms of client identity and the traditional operation of the rules. Although the day-to-day operation of anti money laundering is covered within the book, readers will find that the book also goes beyond the law in its interpretation and suggestion of how to comply. Many senior staff in law firms would like their firm to be well defended against any attempts of money laundering, or other criminal activity, and we consider that the current legislation covers the minimum requirements, and has a focus on client identity. It does not provide a management standard or starting point for anti money laundering. To that extent, we aim to close some of those gaps, with different viewpoints from across the firm, and particularly in Finance and Accounting, to address the anti money laundering capacity and capability of the full firm. Leaders and staff within firms will find ideas for implementation across their firm which assist management, strengthen compliance, and take the firm beyond the minimum compliance requirements outlined in law. The book is intended to be of use to Money Laundering Reporting Officers, Money Laundering Compliance Officers, and Finance teams, in law firms. Those occupying the posts of Compliance Officer for Legal Services and Compliance Officer for Finance and Administration will also find the book of use, with the latter intended to directly benefit. Although the book is entitled ‘The Law and Regulation of Solicitors’, licensed conveyancers and others in legal services may find it helpful, and the first chapter covers the Accounts Rules for both Solicitors Regulation Authority (SRA) and Council 1

Introduction for Licensed Conveyancers (CLC) regulated firms, in recognition of the similarity of the sets of rules for holding client money. CLC regulated firms are of course also part of the regulated sector for anti money laundering purposes, and the CLC regulates some solicitors by virtue of their work in regulated licensed conveyancer firms. Reference is made to the CLC regulations as well as SRA regulations where appropriate. Reporting Accountants or accountants involved with law firms may find this book of use in dealing with the application of the Accounts Rules, as well as in supporting the firm with the broader consideration of regulation for AML, and the receipt of money into the practice in this context. However, the focus is of course solicitors and their practices, as well as the regulatory requirements that apply to them. In each case, and unless otherwise stated, the book should be read as concerning and about solicitor practices and their regulation. All references are to the 2019 Accounts Rules unless otherwise specified, but the same broad principles have been included in earlier sets of accounts rules, including the 2011 version. Readers will find the 2019 Accounts Rules have a good deal of similarity to previous versions. Detail of the differences is included at page 53. The book does not intend to set a method of working per se; it provides a series of ideas, suggestions for practice, and sample forms that can be used or changed to work within your firm. The copyright remains with Bloomsbury Professional, Honne Limited, and Katie Jackson, and all rights are reserved. While the work can be used within law firms and is intended to be, to develop policies and procedures, it should not be used for the basis of consultancy, external training, or in competition with the author in any way.

Context of regulation We have considered and discussed the context of law firm regulation in more detail in the first book in this series entitled The Law and Regulation of Solicitors: Serious Breaches and Practising Certificate Conditions. In that book, we discuss the operation and structure of the legal services regulators, and the position of the Solicitors Regulation Authority as a body that sets standards and rules, takes enforcement action, and authorises individuals and firms as regulated solicitors and practices. The context of anti money laundering regulation is different. There is a separate legislative basis for anti money laundering that provides for the regulation not just of solicitors, but of other types of professional or business structure as well. The areas that are regulated are considered higher risk for money laundering or the receipt of the proceeds of crime, and are defined in regulation 8 of the Money Laundering Regulations 20171 and Schedule 9 of the Proceeds of Crime Act 2002 (as amended).

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 have been amended by a number of other sets of regulations. A full list is available in the bibliography. These Regulations are hereafter known as the Money Laundering Regulations.

1

2

Context of regulation Solicitors and other legal services professionals are included in these areas of work regulated for money laundering by virtue of carrying on the work included in the Money Laundering Regulations 2017 (as amended), regulation 8. The requirements are duplicated in the Proceeds of Crime Act 2002, Schedule 9. This includes work such as property transactions, trusts, and some aspects of company law. It is possible for a solicitor (or other legal professional) and their practice not to be covered by the Money Laundering Regulations 2017 (as amended), but a lot of law firms will carry on work that falls within the Regulations. The regulatory bodies regulate for money laundering under regulation 7 and Schedule 1 of the Money Laundering Regulations 2017 and Schedule 9 of the Proceeds of Crime Act 2002 (as amended). The individual solicitor or other recognised legal professional is regulated by his or her regulatory body as an individual. The firm they work in is also usually authorised and regulated as well. However regulated solicitors can work ‘in house’ (usually providing services to their employer directly), or as freelance solicitors. Individual regulated solicitors and other legal professionals who carry on work that falls within the scope of the Money Laundering Regulations 2017 (as amended), will be caught by the provisions and those of the Proceeds of Crime Act 2002, regardless of the structure around them, by virtue of regulation 8(2)(d) of the Money Laundering Regulations, and Schedule 9(1)(b) of the Proceeds of Crime Act. A  further regulatory body has been established, within the Financial Conduct Authority, to consider the AML performance of the professional body regulators. OPBAS (Office for Professional Body Anti-Money Laundering Supervision) has been established by The Oversight of Professional Body Anti-Money Laundering and Counter Terrorist Financing Supervision Regulations 2017 and regulation 51 of the Money Laundering Regulations 2017; however, it should also be noted that the Money Laundering Regulations establish the position of OPBAS more generally – providing that which they oversee. OPBAS covers a range of legal services regulators. OPBAS aims to ensure the uniformity and stability of the regulators that deal with money laundering concerns. In terms of the legal services sector, this includes the Solicitors Regulation Authority; the Council for Licensed Conveyancers; the Bar Standards Board; and CILEX Regulation. OPBAS does not regulate solicitors’ firms, licensed conveyancer firms, barristers, or any other professionals directly.

3

Introduction In recent years there has been an increase in the anti money laundering activity of some of the frontline legal regulators, including the Solicitors Regulation Authority, with visibly more anti money laundering materials available for professionals, and more inspection and enforcement activities focused in this area. The intent of OPBAS is to ensure the work in anti money laundering is being consistently implemented across a number of areas, including in the professions regulated for money laundering. It is not just legal professions which fall under the oversight of OPBAS; other regulatory bodies and professions are also covered. As we will see as the book progresses, and in Part 7 (which deals with future developments), there is the suggestion that anti money laundering regulation might be removed from the professional body regulators and be placed in the hands of one single specialist body. Of course, the professional body regulators have their own obligations and objectives which go beyond and are entirely separate to that required in anti money laundering. The professional body supervisors deal with professional conduct. That means the conduct of the individual or firm towards: •

the consumer of that service;

•

another impacted third party: or

•

society as a whole.

That is their primary remit as regulators, and the requirements for the same are published in their own Codes of Conduct. In Part 1, we also cover the Solicitors Regulation Authority and Council for Licensed Conveyancers’ Accounts Rules which form part of the regulator’s remit for both solicitors and licensed conveyancers, and fall within the provisions of both bodies for ‘professional conduct’.

The difference in regulation for AML and professional conduct Regulation in legal services for money laundering sits alongside the regulated bodies’ regulation for professional conduct, with the rules, standards and regulations set by the regulator being different to the regulatory requirements applied for AML.

As we can see from the diagram, the regulation for anti money laundering differs from that of the regulation for professional conduct (the latter including the accounts rules). The regulation for AML is established by the Money Laundering Regulations primarily, but also by the Proceeds of Crime Act. These statutory provisions are applied directly to the solicitor and their practice (as far as they are caught by the types of work prescribed), by the regulator. The regulator is also overseen by OPBAS (part of the FCA) in their work in anti money laundering. 4

Regulation for professional conduct The diagram uses the Solicitors Regulation Authority as an example, but a similar situation exists for the other legal regulators, including the Council for Licensed Conveyancers. A  similar diagram could be drawn for licensed conveyancers and other professional regulated communities. To do so, we could simply replace the Solicitors Act in the diagram with the Act which establishes their regulatory body, and take similar steps with references thereafter which are solicitor or SRA specific. We have also used a shorthand in the diagram by referring to the Solicitors Act and further detail of the legislative basis of professional conduct is provided briefly in the coming pages, as well as later in the book where relevant. The regulation for professional conduct is drawn from powers given to the regulator to make rules about behaviour and discipline generally in all aspects of work, not just anti money laundering. This includes the Codes of Conduct, Accounts Rules, and any other Codes the regulator decides to implement. At the moment this set of rules is known as the Standards and Regulations and these apply to the solicitor and their practice. However, we can see the difference between two sets of regulations in that one (the anti money laundering) applies as direct statutory provision; the other (the regulator’s ‘handbook’) is made and applied by a regulatory body. They also operate as two different sets of regulations with two different themes.

Regulation for professional conduct When discussing professional conduct, a good place to start is the regulatory bodies. This might be the Solicitors Regulation Authority, the Council for Licensed Conveyancers, the Bar Standards Board, or one of the other legal professional regulators operating in the sector at the moment. There are at the time of writing, ten professional regulators, all overseen by the Legal Services Board. The Board was established by the Legal Services Act 2007 under Part 2 and Schedule 1 to that Act; it exists to oversee and monitor the work of the professional regulators.

A complex situation exists in legal services due to the operation of legal regulators and their representative professional body counterparts. Until the Legal Services Act 2007, some of the professional legal services bodies were also regulatory bodies, operating a dual function in both representation and regulation. These bodies were separated by the Legal Services Act, and a considerable number of provisions in 5

Introduction that Act relate to the position of the regulatory and representative functions of those bodies, and how they were to be separated and overseen (see in particular Part 4, sections 29 and 30). The Legal Services Act meant that The Law Society who represent solicitors and also at the time regulated them, was separated into two, becoming The Law Society and the Solicitors Regulation Authority, respectively. Some of the other representative bodies in the sector were also impacted, including the Bar Council (which separated into the Bar Council and the Bar Standards Board), and CILEx which separated with the new arm being called CILEx Regulation. The separation of the bodies is not complete, with some oversight of the regulator theoretically allowed by the representative body. However the Legal Services Board monitors the operation of the position and the independent decision making of the regulators. As an aside, and at the same time, there has also been a drive to improve standards and independence in the sector through a number of means, including greater competition. The Legal Services Act (at Part 5) for the first time allowed non lawyers to invest in and lead law firms – a style of practice known as an ‘Alternative Business Structure’. This new form of structure was intended to bring new investment and ideas into the sector. The idea was to ensure lawyers kept pace with the rest of the economy and the country in technological development and management thinking. Anti money laundering and accounts may be no exception, with a range of new problems and solutions being posed by greater world connectivity and the modern usage of information technology. The Legal Services Act does not, however, have an explicit anti money laundering focus and neither does the oversight work of the Legal Services Board. The regulators are established by legislation, which comprises four main Acts. This legislation and the interaction between the Acts to provide the basis of practice is examined in detail in The Law and Regulation of Solicitors: Serious Breaches and Practising Certificate Conditions (known hereafter as Serious Breaches). For the purpose of providing an introduction to this book, we will look very briefly at their establishment and some of their main outcomes. Readers interested in learning more about their provisions and the interaction with and supervision of regulated communities, can refer to Serious Breaches directly.

Professional conduct regulatory legislation The main Acts that establish legal services regulation as a whole are: •

The Solicitors Act 1974 – which deals with the regulation of solicitors and traditional partnerships.

•

The Administration of Justice Act 1985 – which deals with the regulation of solicitor legal services practices (that may be, for example, limited companies) and provides the basis for the regulation of licensed conveyancers.

•

The Courts and Legal Services Act 1990 – which deals with the regulation of registered foreign lawyers, multidisciplinary and multinational practices, as well as some aspects of the regulation of licensed conveyancers. 6

Professional conduct regulatory legislation •

The Legal Services Act 2007 – which deals with the regulation of alternative business structures, and as we have seen, provides for the separation of regulatory and representative bodies.

These four Acts establish the regulators that this book deals with; that being the SRA and the CLC, and impact other legal regulators besides. The Acts also provide overall objectives to the regulators which govern their role in the legal services market, and their regulation of the professional community. In terms of solicitors and practices regulated by the Solicitors Regulation Authority, the Acts provide for a number of regulatory outcomes. The effect of these provisions is to create a consistent legislative basis for regulation and enforcement across many practising styles; a useful shorthand for which is contained within the Solicitors Act. There are a few modern provisions of note in the Legal Services Act including for the Regulatory Objectives; alternative business structures; and the Legal Services Board. When discussing solicitors and their practices, the remaining two Acts cover lesser known provisions in use for particular circumstances related to registered foreign lawyers and particular types of regulated bodies, but they usually simply mirror what is in the Solicitors Act. In this book we lean into the Solicitors Act, as the regulator uses this as a first port of call, but experienced practitioners and those looking for provisions related to these other circumstances may want to refer across to the other Acts directly. More detail about the differences and detail of practising styles is contained in Serious Breaches. The regulatory outcomes of the legislation for solicitors and their practices (in all structural forms) include: •

The establishment of the rules of professional conduct for the regulated community including the Accounts Rules we deal with in Part 1 of this book. The provisions for these rules can be found in Parts 1 and 2 of the Solicitors Act 1974 and Part 5 of the Legal Services 2007. Also of note are the Courts and Legal Services Act 1990, section 66, and Part 4 and Schedule 14, and the Administration of Justice Act 1985, Part 1 and Schedule 2.

•

The oversight of those rules by the Legal Services Board. In particular see Section 4, Part 4, and Schedule  4 of the Legal Services Act 2007, and Schedule 14 of the Courts and Legal Services Act 1990.

•

Other mechanisms for oversight such as the requirement to use Reporting Accountants who review the practice’s application of the Accounts Rules annually. In particular see section 34 of the Solicitors Act 1974.

•

Enforcement outcomes including fines, investigations, inspections of books of account, and the imposition of conditions on the individual or firm. In particular see Part 2 of the Solicitors Act 1974.

•

Intervention by the regulator into a practice or firm. This means the law firm is closed down by the regulator. This occurs in specified circumstances including breach of the Accounts Rules, or reason to suspect dishonesty; both of which may be relevant in cases of suspected money laundering. These provisions are contained within a variety of the four Acts mentioned earlier (to allow the SRA to intervene into all forms of regulated practice), but a useful reference is Schedule 1 of the Solicitors Act 1974. 7

Introduction •

The establishment of internal decision making by the regulator in its enforcement mechanisms already described in this list, and in particular see the Solicitors Act 1974, section 44D.

•

The establishment of external decision making for solicitors in the form of the Solicitors Disciplinary Tribunal which is provided for in Part 2 of the Solicitors Act 1974 and which has the power to take a range of disciplinary actions against solicitors including fines, suspensions from practice, and strike offs. The Tribunal has powers beyond that of the SRA and solicitors are prosecuted before the Tribunal by the Authority.

The legislation provides for the establishment of Accounts Rules for solicitors in the Solicitors Act 1974, sections 32–34. These rules are mirrored across in their application in the Legal Services Act 2007, sections 85 and 92; the Administration of Justice Act 1985, Schedule 2; and in the Courts and Legal Services Act 1990, section 66 and Schedule 14. These provisions apply across the full range of authorisations to practice that can be granted by the Solicitors Regulation Authority. The CLC also have mechanisms for establishing regulatory rules, and bringing enforcement and disciplinary proceedings. These are dealt with primarily in the Administration of Justice Act 1985, Part 2 and Schedules 3 and 5. Additional powers are derived from the Courts and Legal Services Act 1990 (which introduced supplementary powers to regulate for probate and advocacy – although the latter is not currently used); the Legal Services Act 2007 (which provided for ABS); and the Deregulation Act 2015 (which again widened the scope of potential rights of audience and forms of body the CLC can regulate). In particular, we can find CLC powers to: •

Establish rules of professional conduct (the Administration of Justice Act 1985, section 20 and the Courts and Legal Services Act 1990, Schedule 8).

•

Investigate breaches of its rules (the Administration of Justice Act 1985, section 24 and Schedules 3 and 4).

•

Issue sanctions such as reprimands or fines, with more serious sanctions also available (the Administration of Justice Act 1985, section 26 and the Legal Services Act 2007, section 95).

•

Intervene into a practice (the Administration of Justice Act 1985, section 31 and Schedule 5; and Legal Services Act 2007, Schedule 14).

Both regulators allow the holding of client money by their regulated community. The respective sets of Accounts Rules made by each regulator specify what the professional is allowed to do with that money once it is received. The Accounts Rules established by both regulators sit within their regulatory handbooks. These handbooks are wider pieces of regulatory work which also contain provisions covering: •

professional conduct more generally (known as Codes of Conduct),

•

sets of rules which underpin who can be regulated and when,

•

provisions governing the relationship with the regulator, including disciplinary action. 8

Professional conduct regulatory legislation In all cases, the handbooks and their provisions (including the Accounts Rules) apply to the regulated individual and their firm. They should also be read as applying to the staff within the firms. The handbooks are currently known as: •

For solicitors and their firms – the ‘Standards and Regulations’ (although no distinction is made between any ‘standards’ or ‘regulations’; this is just a title).

•

For licensed conveyancers and their firms – the ‘Handbook’.

The Accounts Rules sit within these structures as requirements in professional conduct. They operate alongside other requirements to, for example, act in the best interests of the client, act with independence, act honestly, and not to act where there is a conflict of interest. The regulators prosecute against both regulated firms and individuals, as well as against the provisions in the Money Laundering Regulations, using the range of enforcement powers already briefly described. The legal regulators regulate both professional individuals and law firms, and there are a range of ways in which solicitors and other legal professionals can practice. For the avoidance of doubt, this book assumes that a solicitor is working in a traditional partnership structure when discussing the position at law and in professional conduct. However, in the vast majority of cases, the same position will also apply to a corporate structure involving solicitors, or to an alternative business structure involving solicitors (and non lawyers), and to an individual solicitor practising alone. Solicitors now also have the right to practice freelance, and this position is also mentioned occasionally in this book. All solicitors, if practising as such, will be regulated for their professional title by the Solicitors Regulation Authority. However, firms are regulated as well, and a firm can be regulated by: •

the regulator responsible for the professional title of those that work there (for example a solicitor’s firm regulated by the SRA), or

•

by another regulator, if suitable.

An example of this latter position is a solicitor, regulated personally by the SRA, who sets up a conveyancing firm and chooses for the firm to be regulated by the Council for Licensed Conveyancers. This means they are likely to be personally licensed by the CLC as well, but remain regulated as a solicitor too. The varying options for regulation between the legal regulators are very complex, but generally mean the professional title is regulated, with a separate position possible for the firm. Full discussions of the detail of available styles of legal practice and their regulatory consequences are covered in Serious Breaches. Readers of that book will also find extensive commentary and discussion of both the current systems of legal regulation, and the operation of some the regulator’s key powers. However it is helpful to explain that the legal regulators have fairly similar enforcement powers. There can be differences in the application of those mechanisms, and this 9

Introduction might be important to note when we consider possible regulatory outcomes in Parts 2 and 4 of this book. For solicitors, the Solicitors Regulation Authority is the regulator and enforcement body, with rights to make some enforcement decisions. They can also prosecute before an external Tribunal, The Solicitors Disciplinary Tribunal (SDT), in more serious cases. Both also have rights to take enforcement action in respect of a range of regulatory statuses, including against those who are not solicitors but are working in solicitor firms. Unless otherwise specified, we cover the position related to solicitors and regulated solicitor firms in this book. We refer to the regulatory powers and outcomes we might expect to see when dealing with solicitor client money problems or issues of solicitor practice anti money laundering. In some instances, the relevant provisions for licensed conveyancers are also provided. We discuss client money in this book, and it is possible for both firms and individual solicitors to hold client money directly. In most instances the regulated firm holds the money in their client account(s), and complies with the Solicitors Accounts Rules. However, in theory individual solicitors can also hold money directly for clients; this is generally the remit of the firm but sometimes individual solicitors hold it by accident. Ordinarily speaking, it is the firm that holds the money, and this provides the necessary oversight in the handling of client affairs. The SRA regulates this position with specific rules. We cover the rules for client money in Part 1. More detail concerning available structures and regulatory practising styles is covered in Serious Breaches.

Contrasting professional conduct regulation with anti money laundering Individual and corporate liability is also provided for in the legislation for criminal offences in money laundering. Law enforcement may also be in a similar position of considering whether the individual or firm are at fault. The Proceeds of Crime Act and Money Laundering Regulations may also apply to individuals as well as to firms in some instances, and both are advised to be aware of their obligations. Obviously, although the regulators have a regulatory position, the anti money laundering requirements are that much more serious, including the additional weight of criminal offences. The legislation and provisions relating to anti money laundering operate in a different context to the regulatory four Acts just discussed. We have already mentioned the Money Laundering Regulations and the Proceeds of Crime Act earlier, and neither fall within the legislative framework that exists for professional conduct or primary forms of regulation in legal services. However the regulatory bodies (established by the four Acts) are made responsible for initially overseeing and enforcing the AML provisions. Ultimate enforcement of the Money Laundering Regulations and Proceeds of Crime Act may be undertaken by the police or other law enforcement agency, and we will see mention of the National Crime Agency, who are the current authority to report suspicious activity to, later in this book.

10

Contrasting professional conduct regulation with anti money laundering There is a difference in the focus of the money laundering provisions as well. Whilst the Money Laundering Regulations require specific procedural actions on the part of the business (and sometimes individuals), the Proceeds of Crime Act (sections 330–331) requires a report of suspected money laundering, with the focus of that aspect of this Act being much more on the individual, due to the reference to the employee and nominated officer within the business. As we will see as the book progresses, these sections of the Proceeds of Crime Act are heavily referenced, referred to, and considered by those regulated for money laundering. The latter action of making the report is more likely to be associated with crime or crime prevention and might be seen as the standard for criminal prosecution (in that a failure to make a report might imply intent or recklessness). Whereas the Money Laundering Regulations (much like the regulations for professional conduct) require for the most part, a set standard from businesses in the regulatory arena, which are prosecutable by their regulatory body due to failure to comply, at the civil standard (see Chapter 2 of the Money Laundering Regulations as well as the aforementioned enforcement powers of the SRA). There are available prosecutions at the criminal standard within the Money Laundering Regulations as well at regulations 86–92 (Chapter  3). However, we can see a number of distinctions being made in the regulation and prosecution position of failures to comply. There is a difference between: •

the advance planning and preparation required by practices and professionals to implement procedures to a set standard to prevent money laundering;

•

the failure to implement such procedures; or

•

the failure to implement such procedures such as leading to money laundering or being actively involved in the same.

The end result is the creation of both specific requirements of regulated law firms and individuals, and a minimum standard of anyone involved those regulated activities, requiring them to make a report if they suspect money laundering. The Proceeds of Crime Act covers not only the need to report suspicions to the Money Laundering Reporting Officer and the consequences for the failure to do so. POCA also contains offences which practices could fall foul of in the handling of client money. The holding of the clients’ money or financial transactions in the context of delivering and receiving legal services is the subject of Part 4 of this book. The law in this area challenges traditional conceptions of the balance of power between the police and the citizen or individual. Not only is a proactive action required (failing which there are criminal consequences), those requirements extend to those who are required to defend individuals against the police and the actions of the state. The Proceeds of Crime Act provides the National Crime Agency (and other agencies) with the right to in effect to freeze assets held by a solicitor by denying consent to proceed with the transaction for up to 31 days (the Proceeds of Crime Act 2002, section 335). This type of action may be taken following the reporting of suspicion of money laundering. As we will see as the book progresses, the test for reporting suspicions of money laundering is very low, but the report required, and the resulting intelligence or overall circumstances could be sufficient for the police or other law enforcement to commence an action, and provide them with the right to in effect halt legal advice 11

Introduction or a legal transaction. The lawyer and their firm are in a difficult position in this situation due to the potential for criminal action against them if they do not make a report when one is required. Historically, individuals have had the right to approach a solicitor in times of need and receive privileged legal advice. This, coupled with the previous ‘right to remain silent’, means the perception may remain that they can tell their legal adviser anything. We have seen in Serious Breaches that requiring a person to inform on another person either comes from or creates a dramatic imbalance of power in a relationship. It places the person with the requirement to inform in a higher or better position than the person they are expected to inform on. Such a position may not be warranted. Historically it has been justified on the basis that lawyers (and other professionals) were more educated than the rest of society and were expected to make a judgement. That may no longer be the case, with standards of education in this country having improved dramatically. The consequent demands upon solicitors and other lawyers or professionals has been more than some can endure, whether through the demands in ongoing compliance, or in reporting. The position also fails to acknowledge the rights of the average person in society. We might be forgiven for wondering whether some of the complaints about the compliance burden from lawyers comes from the burden they carry through having been placed in the position of making judgements about situations they may not be appropriately placed to make, or which the individual in a modern and educated society, may be better able to articulate themselves. The writer does not believe that the current position is justified due to the disparity and imbalance in the relationship between the lawyer and consumer or person seeking legal advice. There is a lack of information available to most people about the professional requirement to report and the circumstances in which that might arise. The argument is made here, as it was in Serious Breaches that greater education about the law is required in British society, both to acknowledge and honour democracy and human rights, but also to allow full participation in the constitutional pillars of the state by all citizens. Not only should education be extended (and potentially also rights of audience be made available more widely), but criminal offences and reporting requirements should also be made clear. In some cases declarations could and should be made by individuals themselves if they were provided with the requisite warnings. This would enable better and more informed decision making by citizens who may otherwise not have known that what they were doing was not within the law. We will see later in this book an explanation of the difference between crime and money laundering.

Law enforcement The other interested party in the provisions of the Money Laundering Regulations and the Proceeds of Crime Act is law enforcement, who also have a say in the operation of their provisions and how they are applied. Due to the presence of regulatory bodies, law enforcement only usually become involved if there is a concern that significant money laundering is being undertaken, either by: 12

Contents of this book •

the solicitor (or their firm),

•

by another lawyer (including the other side),

•

or by the client.

We focus on the role of the individual professional, their firm, and the client in this book. However it can be important to remember the role of other professionals around you, including those in other firms. Much of the work of the Money Laundering Regulations and the Proceeds of Crime Act is preventative, either in the prescription to put in place and follow set procedures, or in the threat of criminal action for failure to do so. The regulator’s role is to ensure these procedures are in place and are being followed, and this can be inspected and considered by the regulator, including through their regulatory enforcement mechanisms which can sit parallel to any law enforcement action. In serious cases, law enforcement could become involved and practitioners should be aware of the extreme potential consequences of failure to comply.

Legal Sector Affinity Group Guidance This book is not in any way intending to replace the Legal Sector Affinity Group Guidance but operates alongside it as potential additional considerations or assistance in compliance for the diligent compliance officer, partners, management, or other law firm staff. Of course, other professionals may find it useful as well, and again it is not intended to replace their professional sector guidance. As well as food for thought in compliance, the book offers solutions in underdeveloped areas for anti money laundering (such as the Accounts Rules), and allows those in finance teams and in similar non core business functions to make a very solid contribution to the firm’s approach to AML. Allowing all members of staff to participate in safeguarding the firm’s reputation, and creating a perimeter around the firm as a whole, is likely to create new ideas in firms and improve their overall security. This book is resolutely pro-compliance and encompasses many template solutions for law firms, developed from years of training, consultancy, and reflection on those areas of practice. The book goes further than the Legal Sector Affinity Group Guidance in some areas and moves into new management theory. We provide practical solutions and templates to assist the reader, as well as conceptually developing the link between anti money laundering and the receipt of client money; an area the writer believes is new in compliance.

Contents of this book In Part 1, we cover the Accounts Rules. This is as a background to the later exploration of anti money laundering requirements in the context of the receipt of money into the law firm. This sets the scene and helps us to understand the receipt and throughput of client money in a law firm, as well as the relationship 13

Introduction between client money and office money. This section has an ongoing practical example for the reader to follow and sometimes solve, as well as easy to read and understand diagrams. Even those that struggle to understand the Accounts Rules should be able to follow the discussion. There are also more Accounts Rules problems available in the Continuous Professional Development section in Part 6. This first part of the book is suitable for a very wide range of people involved in legal services. This includes both solicitors and licensed conveyancers, and those involved in legal services finance such as Reporting Accountants and cashiers. Every grade of staff may find items of use – from fully qualified and experienced professionals who are seeking to complete CPD and refresh their knowledge of the operation of the Accounts Rules, to those just beginning training or first setting out on their journeys in law. Students of the Accounts Rules will also find Part 1 and the problems in Part 6 useful in their study. No matter your job role, academic interest, or experience, if you are dealing with any form of the solicitor or licensed conveyancer accounts, this part of the book will be of interest. Part 2 deals with the receipt of client money as the starting point in the client relationship. It also looks at the requirements in the Money Laundering Regulations which correspond with this stage of client work. This chapter also deviates from a purely identity and ‘matter indicator’ approach to AML, and looks at the receipt and movement of client money as an alternative starting point. This Part of the book also covers the current operation and interpretation of the initial phase of client instruction and what is required and expected of law firms in compliance. Practitioners will find this section helpful when designing or considering their internal policies and procedures, with ideas for the basic requirements. It also develops new approaches you can take in your firm that go beyond the regulations, but also helpfully involve the finance team and their department in developing a role in protecting the firm. Part 3 covers risk assessments, and the various different ways we can consider risk within the practice. As well as considering the traditional elements of risk, we also look at the risk involved in handling client and office money and how to consider that risk within your firm. This part of the book is supported by several annexes which provide template approaches to risk assessment and similar processes. It is acknowledged that templates can guide the perspective of the practitioner, but users of the book are encouraged to consider their business from a variety of angles to develop a very full approach and interpretation of risk management within the context of anti money laundering. This Part of the book also considers the idea of developing a perimeter around the firm which can protect the firm not only from money laundering, but also from scams which may be perpetrated against law firms, or may be part of a wider attempt at involving the firm in disguised criminal activity. In this Part of the book, we develop the idea of lateral anti money laundering; an idea to go beyond the requirements in the Money Laundering Regulations, and implement a full business approach to the security of the firm. In building this approach we consider the difference between an initial crime and the later crime of money laundering. Finally, in this Part we also consider the perspective of internal investigation and how this function has an important role to play in the delivery of risk management 14

Contents of this book within the firm. We discuss enabling those managing and running the firm to understand how they might spot attempts at criminal activity from those around them. The SRA and Solicitor’s Disciplinary Tribunal have disciplined those who have ‘turned a blind eye’ to the criminal or misconduct behaviour of others around them. Understanding internal investigation and starting points is both an excellent deterrent and internal reinforcement of the anti money laundering message. The annexes to Part 3 contain a number of template documents which you can use within your own firm to develop your anti money laundering policies, procedures, and planning. Part 4 of the book considers the interpretation of the anti money laundering legislation in more detail, as well as examining some key cases, and discussing the main criminal offences involved in handling the proceeds of crime. This is an important part of the book for law firms as it discusses the difficulty in handling and managing other people’s money when there are concerns about money laundering. The law in respect of checking identity and client onboarding requires us to take perhaps basic risk based steps to understand where client money has come from. This process, if we follow the legislation, then becomes much more complex and serious if we later find out the money has been laundered, with the law firm implicated in the handling of the proceeds of crime within the client account. It is apparent from the process in the legislation that the Money Laundering Regulations have not been written with legal services specifically in mind, nor with the receipt and use of other people’s money. From that perspective the burden on those operating client accounts is greater, and there needs to be a very proactive and protective stance taken on the receipt and use of client money by law firms in order to remain within the law. Examining the transition between the Money Laundering Regulations and the Proceeds of Crime Act allows us to see the process of accepting client money and the risks that poses. At the moment, law firms are encouraged to consider source of funds before accepting client money. In this book we go further and consider different and more detailed checks, as well as looking at how to forward plan for the difficulties that can arise if the worst occurs. Part 5 of the book covers a series of case studies. These case studies are fictional, but they provide both: •

a guide to using some the various templates and plans covered within the book so that such documents are not provided without instructions for use; and

•

additional templates and wording for policies and procedures and the contexts in which they might be used, meaning that there is sometimes more than one template solution posed to a problem, by this book.

The case studies also help us visualise and understand how a situation might work in practice, meaning we can understand whether such a position is right for implementation within our law firm. For example, some of the suggestions for policies and procedures might suit a small law firm, but less so a larger law firm. You can make your own decisions about implementation, but the case studies help us understand some of the problems faced by law firms and possible solutions, as well as understanding how people in other firms use policies and procedures, or how they can form part of a management solution to an ongoing problem. 15

Introduction The difficulty with providing templates alone is that it is not always clear whether the author designed them to be used in certain situations, whether we can be more creative in our approach to solving issues, and when it would be appropriate to deviate from the standard approach we might see in a pre-produced office manual. Case studies help us imagine real life firms implementing the forms and enable us to see ourselves doing the same thing. One of the case studies in this part of the book covers the implementation of a firm wide training plan, including covering the requirements for training and learning in law firms. The writer is a very experienced CPD trainer, having delivered legal CPD in a range of subjects, including anti money laundering, for over ten years. The writer offers three different approaches to firm wide training within this book: two looking at different grades of learning in anti money laundering, and one whole compliance training plan. The solutions are her own and are offered both as suggested structured CPD at different levels in anti money laundering, as well as a more general approach to compliance learning and development. The overall approach within the book is quite wide and can be used as stated or to ‘mix and match’ with your own approach. Alternatively you can use it for inspiration – to design your own firm wide policy for learning and development in this important area. Continuous professional development is very important, and there is a requirement, at regulation 24 of the Money Laundering Regulations, to train your staff regularly to: •

understand the law in money laundering,

•

spot money laundering, and

•

understand how to make a report to the Money Laundering Reporting Officer.

Practices and nominated officers may also want to note the provision at section 330 of the Proceeds of Crime Act, and that failure to train staff under regulation 24 could be prosecutable under the Money Laundering Regulations, either as a regulatory issue, or a criminal offence. We cover a range of CPD in Part 6 of this book, with a variety of problems, scenarios, quizzes, and exams to solve in both anti money laundering, and in the Accounts Rules. Some of the problems and scenarios are designed for team use, and you can use them with your staff or in your team meetings to refresh staff knowledge and remind your colleagues of their obligations. Students of law or professional legal practice may also find the problems helpful in developing their professional understanding of the Accounts Rules, the law in money laundering and how this may work within law firms. There are also problems included for CPD, and teaching and learning, in Part 1, alongside the text. If you are learning about the Accounts Rules consider these as you go through this Part, and follow them up with the problems in Part 6, to develop your own learning and to include in your personal development plan. Part 7 of the book brings us to future developments. Legal services and anti money laundering regulation is not standing still. The introduction of the Legal Services Act 2007 and the events that preceded it, showed that the government was willing to level the playing field in legal services through the introduction 16

Context of this book of alternative business structures. The most recent suggestions have been the introduction of a single legal regulator for law firms, and changes to the system of oversight regulation in anti money laundering. At the time of writing, one option on the table, apparently favoured, was the consolidation of anti money laundering regulation within legal services. This is not the same as the single legal regulator (the policy discussions have been different), but the positions might converge. Some of these changes may happen quite slowly; however, their impact might be dramatic, and certainly they may change the face of legal services regulation and anti money laundering in years to come. Part 7 also examines changes to the law post-Brexit and the international perspective in anti money laundering. The law in anti money laundering might be an example of an issue of national sovereignty. Increasingly our international partners look for minimum standards of compliance in areas of AML governance, and effective state management, to prevent terrorism and other criminal activity impacting other countries and traversing borders. In Part 7, we examine the international perspective in AML including that future direction and how the law in the United Kingdom has to both reflect and keep pace with that of our international partners, as well as looking at technological changes that exist alongside consumer demands for greater transparency in the holding of their money. Part 8 covers the conclusions, reflecting on the law, and the implications for handling client money. In this section we consider the full case for client money as a particular part of the requirements in money laundering, and the need to reflect the physical handling of money by law firms both in their regulation, and in their day-to-day policies and procedures. Some may argue that it is time for the current systems of client money to move forward – after all now we do see the advent of third party managed accounts as alternatives to managing others’ money and there may be other solutions in future.

Context of this book It is important to remember that the book has been written in the context of law firm regulation, and law firm compliance, rather than as a criminal practitioner’s handbook. Although the law in anti money laundering is a set of criminal laws and adherence is required for that reason, the book explores the ways to comply and the implications of complying in the context of the work undertaken by law firms from a range of areas of law. Criminal practitioners may find the context and explanations helpful, but the book is aimed at those managing and running law firms, compliance officers (and particularly Compliance Officers for Finance and Administration – COFAs), COLPs, MLROs, and MLCOs, as well as Reporting Accountants or accounts and finance staff working with law firms. Solicitors and other law firm staff not holding these roles but working to make a firm wide contribution to the security of the perimeter of the law firm will also find the book helpful. As already mentioned, students of law and professional practice, including the Accounts Rules and anti money laundering, will also find the book of use. There are then important differences in the perspective of the book than just those under consideration for a criminal practitioner. However, for them, the practical 17

Introduction operation of the law in law firms that are not publicly funded, the challenges faced in holding client money, and the opportunities to clarify and expand the law in this area may be of interest. Anti money laundering is more than just checking identification. This important part of a solicitor’s and other lawyer’s professional practice has far reaching consequences for both for the solicitor and those working in law firms.

18

Part 1

The Accounts Rules

Contents A system of safety nets 19 Ledgers26 Reconciliations, cashbooks, and client matter listings 34 Office reconciliations 41 VAT41 Cash43 Accounting to the client and aged balances 44 Profit costs and disbursements 45 Holding client money 46 Solicitors Accounts Rules 47 Category A: the maintenance of systems to store and administer client money 48 Category B: rules for the receipt and movement of client money 50 Category C: rules which require the verification and checking of sums due to the client and office 51 Changes to the Accounts Rules 53 Legal aid accounts 54 Annual Accountants’ Report 58 Compliance Officer for Finance and Administration 59 Investigating the accounts using the ledger and cashbook system 60 Disciplinary action 66 Third Party Managed Accounts 68 Conclusion71

A system of safety nets The Solicitors Accounts Rules and their underlying processes provide us with a multi-level system of client and office bookkeeping which has safeguarded client money for many years. The writer started working in solicitor professional conduct in 2005, and the rules were well established at that point. Some form of Solicitors Accounts Rules has been in place since the 1930s. The Council for Licensed Conveyancers (CLC) followed the same path when they were established in the 1980s and their system of Accounts Rules closely matches that of solicitors. We will see that recently the Solicitors Regulation Authority (SRA) have made changes to the Accounts Rules, which are not mirrored by the CLC; whether in the long term we will see a divergence is difficult to say. In this Part of the book, references to the Accounts Rules are to the Solicitors Accounts Rules 2019 unless otherwise specified. The same broad principles as 19

Part 1  The Accounts Rules discussed here were included in earlier sets of Accounts Rules, including in the 2011 version. Readers will find the 2019 Accounts Rules have a good deal of similarity to previous versions. Detail of the main differences is discussed at page 53. Licensed conveyancers also using this book will find their rules have the same broad themes as solicitors, and their standards are very similar. Therefore, where appropriate, and where broad themes are being discussed, those regulated by the CLC can also use these parts of the book for reference and implementation in their firm. The current system for solicitors and licensed conveyancers provides for a separate client account and office account, and a corresponding system of records at the practice. Conceptually, the separation of the client money from the office money allows us to see, in broad (or theoretical) terms, which monies belong to the practice, and which belong to the client. As we will see later in this section, there are some changes to the Solicitors Accounts Rules affecting these definitions, but we will continue to use the definitions and make these assumptions for ease, and because, broadly speaking, they are still applicable. Solicitors bill their clients, as well as handle their client money, so we need to consider the importance of keeping the client money separate from the office money, and the safeguarding systems in place for doing so. Solicitors and other legal professionals handle monies for a range of legal transactions including, but not limited to, sales of property; trusts; debt management; and probate. That money might be paid to the other side in the conveyance (if buying a house), or to beneficiaries in probate, or to other parties who need to be paid for their part in the legal transaction. The solicitor is trusted to keep the money safe for all of these persons and to handle it effectively. The solicitor would also be paid for their legal work. In all of this, we need to see whether the monies the solicitor holds belong to the client, or to the solicitor. The client account and separate office account provide us with the facility to see this position easily, and provides a basis to keep effective records. In all of this, the solicitor holds the money on trust for their client in their client account, so accurate record keeping and performance of their fiduciary duties is essential. Of course, we would say the practice also holds some monies for other persons, and a list of examples was provided in the previous paragraph. A good example might be the solicitor acting for the buyer in the purchase of the house. When receiving the purchase monies, the seller’s solicitor holds the monies on trust for the other side for a very short time. In these cases, the monies are retained for a short period in the seller’s solicitor’s client account. There are instances in transactions where solicitors and licensed conveyancers will hold monies on trust for the other side as well as for their client.

Monies held on trust Solicitors, licensed conveyancers and law firms hold money on trust for the client (Twinsectra v Yardley (2002) and Quistclose Investments Ltd v Barclays Bank (1968)). To hold the money on trust means that the solicitor and their firm hold the money and act for the client in their dealings with that money. In doing so, the solicitor uses their professional judgement, and the professional judgement 20

A system of safety nets

of the firm in utilising those monies. The duties owed to the client and the monies are fiduciary, meaning the firm must act in accordance with the client direction, instructions and wishes, but also in accordance with the professional skill, consideration and care of their own position and understanding. The implications for holding the client money on trust are significant and place the solicitor (and licensed conveyancer) and their firm in a complex position. They may have individual or firm liability under the Trustee Act 1925 (section 61) and also see P&P Property Ltd v Owen White & Catlin LLP and another and Dreamvar (UK) Ltd v Mishcon de Reya and another (2018). Both the firm and the solicitor must ensure that they follow the client instructions and agree movement of and action with the money with the client. The Accounts Rules are in place in part for this reason. Should the firm depart from its obligations under the Solicitors Accounts Rules (or under another aspect of the rules of conduct or the legislation), or behave dishonestly with client money, the regulator is likely to intervene (close the firm down). See in particular the Solicitors Act 1974, Schedule  1 and the Legal Services Act 2007, Schedule  14 with reference to the SRA, and the Administration of Justice Act 1985, Schedule 5 and the Legal Services Act 2007, Schedule 14 with reference to the CLC. In an intervention, the monies and papers are taken by the regulator (or its representatives) and re-distributed to the clients and/or their representatives. The regulator holds the money on trust for the client or those beneficially entitled (see for example the Solicitors Act 1974, Schedule  1, para  6). The regulator’s Compensation Fund steps in where client money has been lost due to the dishonesty of the solicitor, licensed conveyancer, or their firm, and both regulators have Compensation Fund requirements. For these reasons, it is rare to find a case of a solicitor or licensed conveyancer in breach of trust related to their client account, as the regulator usually steps in to intervene and manages the situation thereafter. We have to imagine the structure of the Solicitors Accounts Rules, the operation of the client account and office account, and corresponding records, as being a system of building blocks. Each building block leans on the other, as if we were building a house. We start here with the client bank account and the office bank account. As we have seen earlier, client money should be held separately. This means it should be in a client bank account. Money belonging to the law practice should be in an office bank account (there can be more than one). The firm should not mix office money with that belonging to any other business. Separate bank accounts should be maintained for each, and separate records should be available. In addition, regulated firms are discrete entities and they must not mix office money with those of an outside business. The separation of separate businesses is important to allow the regulator to ‘intervene’ (close the regulated legal practice), if necessary, and to exercise their regulatory authority over the practice. In order to do this, the practice is required to be a self-contained entity. The exception to this requirement is with ‘alternative business structures’ who are tightly regulated to allow external investment into the firm; which should meet specific criteria and is subject to approval. 21

Part 1  The Accounts Rules

Returning to the client account, to operate a client account, the regulated practice requires a general client account at a bank. This is a particular type of current account that law practices are permitted to open. Client monies are paid into this one client account unless the client and practice agree otherwise. The mixing of client monies with other client monies at the bank in one bank account necessitates very effective practice records, which demonstrate how much money the practice hold for each individual client. The client bank account should be labelled as such by the bank. This is so it is clear to the bank that this is client or other trust monies. This clarity should be available both to the practice, but also to the financial institution dealing with the monies. You should be able to see that the bank have labelled it as a client bank account by looking at the bank statement. We can see what a client bank account statement might look like by referring to the fictional example at page 37. But broadly speaking, it looks like any other bank account, but with lots of incoming and outgoing entries from different clients and for different clients. It has one running total, and some firms only operate one client bank account. This is why it is important to retain records of each client’s matters and what has happened to those monies. In large practices this is a very complex task and necessitates a large Finance team. Large practices are also more likely to have more than one client bank account. Should the regulator require access to the practice and records it must be clear where monies are held. There are protections available to client monies in the form of bank account compensation schemes (Financial Services Compensation Scheme) and in the form of the regulator’s own Compensation Fund, which compensates consumers (and some small businesses) in the event the practice is closed by the regulator. If the practice is closed by the firm itself, client monies would be dealt with by the firm (for example, returned to the client or sent on to a new firm). However most importantly, the distinction is made in banking because these are client monies, belonging to the client, or others. Solicitors do not mix client monies and office monies because of the risk to the client money. To take client money is theft, which is a criminal offence. In addition, solicitors and others are prosecuted, including before the Solicitors Disciplinary Tribunal (SDT), for doing so. A prosecution before the SDT commonly results in solicitors being struck off if they have taken client money, or money belonging to others, in a dishonest fashion. Monies that belong to the practice, for example, money paid for the solicitor’s bill, can be taken from the client account once the work has been completed, and the client has agreed. Clearly, there is a need for stringent rules and checks over the removal of monies from client account. We discuss this further later in this Part of the book. 22

A system of safety nets

AML considerations If we look at this position in an anti money laundering (AML) context, practices receiving client monies could be receiving the proceeds of crime into their client account. Sometimes a practice will be innocent in this situation and have received the funds without being aware of the origins. If the practice was involved, you might expect to see the office account also being used to hide laundered funds. As we will see, the office account is much less inspected and considered and the practice has a large amount of money flowing through it to pay for office overheads. If you are working in the Finance department of a law firm or are a Reporting Accountant, then consider any income into the practice coming directly into the office account. This is also a good place to discuss providing client account details to clients. In the past it has been common to include this within the client care letter and trust that when the time came, or was indicated by the practice, the client would transmit the funds to the client account. This seems naïve now, and many scams have come about in which fraudsters try to advise clients of different account details. In other cases, large sums are sent to the client account by non clients who have obtained the bank details of the practice, with the intent to ask for the sums back by return – possibly to a different account. This makes it look like the monies were received from a solicitor (but that is just the second half of the transaction), and could be used to ‘clean’ them. It is now wise to advise clients: (1)

you will tell them of the bank details when required;

(2)

that a named or specific person will advise them, in a particular way (for example, ‘John from accounts will call you from this number’).

While in the past, solicitors and licensed conveyancers have been advising people that their bank account details do not change; a large number of people may have used those account details for transactions. This means the details will already be in the hands of a number of people, making it easier to ask for the sums back by return. You might decide to vary the ways in which the client account details are passed to clients and to inform the Finance team of the sum expected in advance. This makes spotting unusual or unexpected deposits more straightforward and teams can be confident that the firm is receiving a deposit which is from a genuine transaction and has been checked. We cover the requirements for checking deposits and client identity in Part 2. While it might appear on a client bank statement that money has been received from a solicitor for a certain transaction, solicitors are advised to check this with each other if they see a deposit from a solicitor’s office. We cover checking for source of funds in Part 2 of this book, with additional analysis in Parts 3 and 4. In some instances, the client may wish their monies to be held in a separate account – one containing just their money. This means it is not held in the general client account. This can be because there is a sizeable amount of money and the client 23

Part 1  The Accounts Rules wishes it to earn interest, but there can be other reasons as well. If there is a large amount of money, the client may wish to see the statements themselves. This is known as operating an ‘own account’ for a client. The same principles apply as with the general account, and the practice holds the money on trust in a bank account opened by and operated by the firm, in the name of the client, also labelled as a client account. For those that are asking the practice to pay interest on the sum held, there are particular rules about how much should be paid and when. It should be noted, however, that the firm cannot use the client account as a banking facility for a client and the money should be directly there in relation to an underlying legal transaction.

This separation and the holding of monies separately is the first building block of the system. The second block is the practice records. These cover the clients and the transactions for which monies are held; the movement of monies; and the practice’s calculations to ensure all monies have been accounted for. The records the practice are required to keep are: (1) Separate records (known as ledgers) for each client showing the movement of monies for their legal transaction; this should match the cashbook (point below) (the Solicitors Accounts Rules 2019, rule 8.1(a) and (b) and the CLC Accounts Code, rule 5.4 d and f). (2) A  contemporaneous cashbook, showing all of the entries in the practice’s accounting records (the Solicitors Accounts Rules 2019, rule 8.1(c) and the CLC Accounts Code, rule 5.4 a). (3)

A list of all client matters which demonstrates the balances on client and office accounts for each transaction at any time, which should match the cashbook. This is usually known as a ‘client matter listing’ (the Solicitors Accounts Rules 2019, rule 8.1(b) and the CLC Accounts Code, rule 5.4 b and c).

(4) Calculations performed (at least monthly), to demonstrate that all monies have been accounted for. These calculations are known as reconciliations (the Solicitors Accounts Rules 2019, rules 8.2 and 8.3 and the CLC Accounts Code, rules 5.5–5.7). (5) Copies of the bank statements supporting the reconciliations and covering all of the transactions (the Solicitors Accounts Rules 2019, rule 8.2 and the CLC Accounts Code, rule 5.6). (6) Cheque stubs and cash receipts (the Solicitors Accounts Rules 2019, rule 8.1(a) and the CLC Accounts Code, rule 5.4 a and d). 24

A system of safety nets There are two important points here. First, the cashbook, client ledgers, and client matter listings are all drawn from each other and usually all match on a computerised system. They are all different views of the same information. The second point is that they are all contemporaneous, or reasonably so, allowing for an effective record of what happens at the practice, which differs to that which happens at the bank (see the Solicitors Accounts Rules 2019, rule 8.1 and the CLC  Accounts Code, rules 5.1 and 5.4). This is most effective in detailing the money held by the practice, for example, in cash, which has not yet been banked. When we consider then the need for the reconciliation between the bank statement and the practice records, we can see that the two can differ as the records have been kept, inputted, and maintained separately, and should be regularly checked and matched.

AML considerations If a practice is involved in money laundering unwittingly, transactions may present as usual in the accounts and the records may seem fine. This is because sometimes a great deal of effort can go into the maintenance of a front on the part of the clients. Perhaps there will be a few strange requests from the clients or attempts to ask for money back from the accounts, or there may be attempts to use the client account as a bank account. However there may not, and the practice may be reliant on the risk assessment it undertakes and the risk assessment from the regulators, as well as client identity checks, to detect suspicious behaviour. The usefulness of the Accounts Rules, however, is not just as a means to ensure the client monies are kept safe. They also provide a record of the professional fee income of the practice and the transactions that the practice has undertaken for clients. Accounting records should be kept for six years (the Solicitors Accounts Rules 2019, rule 13.1 and the CLC  Accounts Code, rule 5.9).

Diagram – Overarching summary

25

Part 1  The Accounts Rules The ‘Overarching Summary’ diagram demonstrates the structural requirements of the Accounts Rules in broad terms. The client ledgers record the transactions the practice undertakes. The client matter listing provides an easily accessible summary of all of the matters (totals showing on all of the ledgers, by client name or matter). The reconciliation provides the double check of the monies held by the practice. It is required under SRA Accounts Rules, rule 8.3 (CLC Accounts Code, rules 5.5–5.7) that a practice undertakes a specific client account reconciliation, just covering the client account and client bank statements, given the importance of the monies held by the practice for the clients. The practice could also undertake a separate reconciliation for the monies held in the office account, and many do. In this diagram they are shown together for ease of the summary, but in fact they are two separate processes. We cover how to undertake the client account reconciliation later in this Part of the book. What you can see from the ‘Overarching Summary’ diagram is that the client ledgers demonstrate the position in respect of the practices’ transactions for both client and office, allowing the practice to show its full dealings with the client account, including any monies taken into the office account. The office account has separate outgoings and possibly some separate incomings and these are governed separately through internal bookkeeping. We do not cover the office account further in this Part of the book, save to say that money taken from the client to cover the bill the practice has raised is placed into the office account.

Ledgers Each ledger allows us a lateral view of each matter, from a financial perspective. We might see it as taking a slice from a cake, with the whole cake being the total monies held by the practice. Each slice shows us what monies have come in for that particular client, and where they have gone. It also shows us whether the practice have received any monies, and if so, how much. The assumption is that the money on that ledger has been received from that client. If it has come from anywhere else, the practice have to have some assurances – they have to check third party identity (SRA Codes of Conduct, rule 8.1 for individuals and rule 7.1(c) for firms, and the CLC Anti Money Laundering Code, rule 9(e)); ensure no conflicts of interest (SRA Codes of Conduct for Individuals and Firms, rules 6.1–6.2 and the provisions in the CLC Conflicts of Interest Code); and ensure they are keeping money for an individual client’s matter on an individual ledger (Solicitors Accounts Rules, rule 8.1 (a) and the CLC Accounts Code, rule 5.4 d). Money might be received from the other side, or from a third party, and in both cases care needs to be taken. We explore this position further in Part 2 of this book. Over the coming pages, we are going to use ledgers to explain the operation of the Accounts Rules. This means taking the information on the ledger as the starting point for how the requirements for the individual transaction also show the requirements for all the transactions, and how the Accounts Rules fit neatly together. Those that use this system and become familiar with ledgers as a starting point should, however, remember that one small issue of non-compliance found on one 26

Ledgers ledger or one file may be replicated in other places. If you audit or check ledgers for your firms, or do file reviews, do be aware that this is a ‘bottom up’ approach, rather than ‘top down’. This means we might see patterns and trends or we might not; you may need a sufficient sample size to be able to see whether there are any trends or issues duplicated across the firm. Taking one file alone would not be sufficient. Combining this ledger understanding with a top down view (perhaps from a reconciliation, or using other business intelligence and investigation) would be even better as means to verify what patterns and trends the law firm are producing in their accounts. Diagram – Blank client ledger

This blank ledger and the ones on the forthcoming pages are shown without a column for VAT, for ease of initial explanation. Please refer to the inset box at page 42 for a diagram with VAT and a brief explanation of the calculation and inclusion of VAT.

AML considerations Each client matter needs its own ledger to record the use of client money. The relevant requirement is at rule 8.1 for the SRA and rule 5.4 d for the CLC. Do not underestimate the importance of creating a new ledger for each matter, having a correct description, and not over-writing old ledgers. Indeed, the rules require client names, descriptions, and narratives on the ledgers and in other accounting records such as the matter listing. This is an important part of client identification.

The diagram of the blank client ledger shows us what a client ledger looks like before any monies are received or expended by the practice. Each client ledger must relate to a client, and have their legal matter also named. In this case we can see it is Mr D Walker who is purchasing 4 Bee Road. If a client starts a new matter, a file will be opened at a firm, and with it a ledger to record and account for the receipt of monies. This is therefore what the ledger looks like when the file is first opened, before any money is received. Each new ledger should be labelled with the appropriate client name and matter description. If the firm uses file numbers you can also add the file number. We have not used numbers in this case, but many firms do. 27

Part 1  The Accounts Rules If Mr Walker went on to purchase another property, the firm would need a separate ledger for that purchase (or of course, if he had a related sale, a new ledger would also be needed). The ledger should relate to the legal transaction, so a new legal transaction requires a new ledger and a new file in order to comply with the rules. Beyond this general rule, there is also a requirement not to use the client account as a bank account, so practitioners undertaking a number of legal transactions for one client should be aware of the possibility that if not properly organised, it could appear that is what they are doing. The writer has seen a number of instances where separate transactions were being undertaken and the practitioner needed more effective record keeping and separation of those transactions in order to avoid any concern of using the client account as a bank account or the situation developing this way. In addition, overwriting old ledgers and matters is a poor accounting practice which can lead to a failure to keep appropriate records for the required length of time, and can be used to hide transactions which are in breach of the rules for other reasons. Therefore, most firms rightly ban this practice. Clients may be undertaking a legal transaction together (such as a couple purchasing a house, for example). In this case, provided the law firm has assessed (and continues to monitor) the position between the individuals for conflict of interest, they can operate one client ledger for the whole transaction as the ‘couple’ becomes the client for the purposes of the ledger and file. What we can see in the blank ledger diagram is an example of double entry bookkeeping. Going further than seeing which monies belong to the practice, and which belong to the client, the system of double entry also allows for us to see each transaction in the same terms. We can see whether (in this case, in relation to Mr Walker), it is a movement of monies in or out of the client account, and/or into the office account. If it is a movement between the two, we see the monies leave one account and appear in the other – all on the same line. Bills presented by the firm, and then paid by the client, bring the office account to a zero balance at the conclusion of the matter. We will see what this looks like as the use of the ledger goes on. The system of double entry bookkeeping allows us to counteract fraud in client account transactions by correctly identifying the client monies and office monies. We can see in the next diagram (monies for costs) that we are identifying which monies belong to the client and which to the office. The monies are safely placed and identified within the system. As we will see in the further Parts of this book, monies can be mistaken or misidentified when entering the client account and this can cause difficulty in identification through the financial systems of the firm. For some small high street firms this will not cause difficulty as they may know and understand each client in detail; however, for larger firms it can cause a problem. The basic premise is however, that double entry bookkeeping allows us to identify the client and the office in any transaction, allowing us to see and confirm any movement between the two. If we move Mr Walker further forward in his purchase, we can see monies being placed in the client account for the purposes of his transaction. He might, at this stage, have instructed the solicitor, been sent the client care letter, and paid monies on account. Let’s say he has paid £200 on account of costs. 28

Ledgers Diagram – Monies for costs

We can see from this diagram that Mr Walker’s money has been received and placed into the client account. The total in the client account for Mr Walker is £200.00. The office (practice) has not billed anything or received anything at all, and so their line remains at £0.00.

AML considerations We should also note here that we have taken money from a client. The client will have passed the client identity screening (most likely), and moved forward into a position we might think was a safe client stage. However, we have to consider where such money has come from and how the transaction is funded. Most firms consider and check source of funds for their clients, and limit the amount of cash they can receive. We cover these points later in the book in Parts 2 and 4. We might think that £200.00 is too small an amount to be cautious of, but imagine a scenario in which the firm received a larger sum from a client, before they had a chance to check where the money had come from. Most firms also have cash policies in place to limit the amount of money they can receive which might be the proceeds of crime. Many firms limit the sum they can receive in cash to between £100–£500. If we take the next line of the transaction (see Diagram – Searches), we might see that a search is ordered from the fictional search company ‘Searches 4 U’ for Mr Walker at a cost of £70.00. This money is paid from the client account. In this case Mr Walker has instructed the firm to carry out searches for his house purchase, so it is an appropriate transaction under the Solicitors Accounts Rules 2019, rules 5.1(a) and (b) and 5.3. The relevant rule for CLC withdrawals in such circumstances (if this were a CLC practice) is the CLC Accounts Code, rule 4.1 a. We can see the money going out and the impact on the total. We can see that the total column on the client side of the ledger is a running total throughout, and the total held for Mr Walker reduces with the payment out. This now means that in the client account we have £130.00 belonging to Mr Walker. We have covered already that the ledger should match the activity on the file. A search should also shortly arrive for Mr Walker’s file. We may also be able to see the date it was ordered, which should correspond with (or closely correlate to) the date on the ledger (absent another explanation). 29

Part 1  The Accounts Rules Diagram – Searches

We can see so far that the ledger is an excellent way to record the transaction as it happens. Each action results in a new line on the ledger and allows us to view the transaction, not just from the file, but also from the movement of monies on the accounts. In some respects, if the ledger is accurate, we could say we did not need a file to tell what has happened in this particular matter. Some transactions are fairly standardised and the movement of monies through the ledger becomes easy to predict and understand. Some practices run their files and accounts in a very process driven manner due to the predictable path of the transaction and how the monies should be handled and accounted for. In these practices it is even more likely we could see where the file was up to, just from viewing the ledger. So far, we have seen the movement of monies into the client account. We can move on to the movement of monies from the client account across to the office account. Let’s imagine Mr Walker does not like the search result he receives, and he decides not to proceed with his purchase of 4 Bee Road. The transaction at this stage would become abortive. Most firms charge for work completed on abortive transactions and Mr Walker might be expecting a bill. In this case, we will imagine our firm makes a standard charge of £100.00 for abortive work on conveyancing up to the point of and including contract enquiries, and this is notified in the client care letter. So our fictional firm will raise a bill for £100.00. This is sent to Mr Walker on 5 January 2022 along with a financial statement from the practice showing the cost paid (the search) and the monies outstanding (the £100.00). The practice agree this with Mr Walker on 7 January 2022. The relevant rules are the Solicitors Accounts Rules, rules 2.1(d) and 8.4; and the SRA Codes of Conduct for both Individuals and Firms, rules 8.7 and 7.1(c), respectively. The relevant CLC requirement is the Estimates and Terms of Engagement Code, rule 8.2.

30

Ledgers Diagram – Abortive bill

This bill is raised first, prior to the monies being taken (in accordance with Solicitors Accounts Rules, rules 2.1(d), 5.1(b), and most importantly rules 4.3(a) and (b)). If this was a CLC practice the rule would be the CLC Accounts Code, rule 4.1(b). You will find the office account totals shown as debits, and the client accounts being shown as credits. That is as it should be; the practice should not be borrowing from client funds, and any client account in debit or office account in credit is a breach (Solicitors Accounts Rules, rules 5.3 and 8.1(b) and the CLC Accounts Code, rules 3.5 and 3.6). The bill is raised as a debit before the money is transferred to demonstrate it is due. We can see the date the monies are taken from the client account, and this should correspond with or closely relate to the date the bill is agreed by the client. In practice, many firms take the monies on the date the bill is agreed, or very shortly thereafter. You might reasonably wonder why bills are not shown as a running total. In small cases which will conclude promptly, and in straightforward transactions, a bill is usually raised at the conclusion of the matter. The ledger has traditionally not been used to tally up the advice provided per hour, particularly in small or transactional cases, however it can be used this way if needed. Funds are usually provided on account of costs at the start of the transaction, and this is often sufficient to satisfy the solicitor that their bill will be paid.

AML considerations The billing stage is important for the movement of the client money. We will see in Parts 2 and 4 that the use of money which is laundered is a crime and if that type of money is received or a firm suspects that it has been received, they would not be able to move it at all without consent of the relevant authorities. The firm would also not be able to discuss this position with the client, due to the provisions in tipping off. Using or concealing the proceeds of crime is part of a stage of money laundering known as ‘layering’ and it is important as after layering it becomes more difficult to detect the proceeds of the crime and to differentiate them from other funds. At the point when the monies are received into the client account, they are part of a wider ‘sea’ of money that also belongs to other clients, and we have seen that many client accounts contain monies for many 31

Part 1  The Accounts Rules

clients. However, the use of the client account ledgers and other records allows us to distinguish that money from funds that are held for another client, which means that a firm can still identify the proceeds of the crime if needed, if they have kept accurate and honest records. The office account is a different matter, as ledgers are no longer maintained in the same way. We can make a similar point about transfers between clients or to other firms; it is possible to mix the proceeds of crime with clean funds. The firm may be transmitting any funds it has received to a third party, or to another client ledger, or to the office account, and at this point the funds could be mixed and could also be immediately transferred elsewhere. In this situation, the billing, transfer, transmission, or other movement of the client money at the earlier stage when it was still on the client ledger, becomes more important. Of course, this assumes that accurate records have been kept and the ledgers maintained by the practice. In Parts 2 and 4 we discuss the severe disciplinary sanctions for failing to keep such records and the potential involvement of the police. The vast majority of practices maintain their books and it is important to do so to be able to trace the holding, movement, and transmission of monies through the practice and to support the business of providing genuine legal services to clients. Returning to Mr Walker, we can see that the money for the bill was taken on the same date and has cancelled the debit on the office account, leaving the balance at zero. The office account has therefore balanced. If you review the diagram ‘Abortive Bill’ we can see that £30.00 remains on the client account. This money needs to be returned to Mr Walker. The bill we have sent is for £100.00; this was notified to Mr Walker and has his agreement. We cannot now take any further monies, and those monies on client account belong to and are held on trust for, the client. We said previously that Mr Walker should have received a statement of account detailing the monies received and expended, and this should also show the monies to be returned to him. Accordingly, when Mr Walker agreed to the bill, let’s imagine he also provided his bank details for the outstanding balance to be returned. This is shown in the diagram ‘Returning the balance to the client’.

32

Ledgers Diagram – Returning the balance to the client

We can see that the ledger shows the monies being returned to the client on the same day, also leaving the client account balance at zero. This ledger is therefore complete. Mr Walker has completed his transaction and the client and office ledgers have balanced. Mr Walker’s file has been billed and should be closed. We don’t know if Mr Walker goes on to purchase another property instead and instructs the same firm, but the new ledger would be separate. Returning monies to clients at the conclusion of matters can be difficult if you do not have the client bank details. Aged balances (balances left over on files at the conclusion of matters) are a particular problem. These are governed by the Solicitors Accounts Rules, rule 5.1(c) and currently balances under £500 are dealt with through a ‘Statement of Prescribed Circumstances’ accompanying the Solicitors Accounts Rules. Balances over £500 are dealt with by way of a form to fill out and return to the SRA before any movement can be made. The CLC have a set of their own guidance and detailed rules about when practices can make transfers and when they have to be approved; this is known as the ‘Aged balances guidance’. The strong recommendation is for practices to agree a mechanism for returning leftover balances to clients at the outset of a matter. It can be very difficult to get a client to bank a cheque for £1.47, for example, but some practices might still send them in the post. This might mean obtaining the client bank details to send the monies, or agreeing another method, for example some apps and other forms of holding monies allow for small balances to be sent electronically. Of course, there should be an assurance that the client at the end of the transaction is the one you are sending the monies to. Some practitioners send stamps in the post for very small balances. Some balances can be transferred to charity, or even kept by the practice in some cases, but there are fairly stringent rules around this, and the practice remains liable for any claim on the outstanding monies. In some cases, this needs to be signed off by the regulator. We should be able to match each of the transactions from the client ledgers to the cashbook and the bank statement. On the bank statement it shows how much money has been sent and where it has been sent to; similarly, monies in show where they have come from. This safety net of the bank statement and cashbook allows us to check the records of the practice. We can also compare them to the 33

Part 1  The Accounts Rules detail on the client files, ensuring that the transaction is as it appears on the ledger. COLPs and COFAs in law firms are advised to undertake regular file and ledger reviews to ensure the practice has effective and accurate records in place. Client ledger and general practice records should be written up as the transaction occurs, not when it appears on the bank statement. Cheques are an excellent example of this; they appear later on the bank statement, as may any standing order, particularly if it is variable. However we might see a future in which bank statements become relied upon more than the cashbook of the firm – if a firm stopped accepting cash, stopped using cheques, and conducted all business by bank transfer in banking hours, the bank statement could be the same as the cashbook. We wait to see whether or not this type of scenario or the advent of new technology (which seems more likely), means that in the future the cashbook becomes redundant, and the practice are led by a ledger based on the bank statement.

Reconciliations, cashbooks, and client matter listings As a result of the practice records being written up separately as the transaction occurs, there is also the need to check all of the practice records, and ensure the correct totals are recorded, as well as ensuring the sum matches that on the bank statement. Balancing and reconciling the accounts can be a complex task, which gets easier with practice, and the realisation that bookkeeping errors do occur (which is also an excellent reason to double or triple check bank accounting). SRA practices are required to undertake a reconciliation of the client account bank statement to the client account cashbook and client ledgers at least once per month (the Solicitors Accounts Rules, rule 8.3); the CLC are currently more directive than this and require a reconciliation within seven calendar days of the month end (the CLC Accounts Code, rule 5.5). For many practices these timetables are too infrequent, and reconciliations are conducted sometimes daily, to keep pace with the number of transactions and to provide peace of mind. Diagram – Client account reconciliation Removed

Bank accounts

Client own bank account ‘Client money’ Just one client

Ledgers

Client ledger

Summary

Client bank account ‘Client money’ General

Office bank account ‘Office money’

Client ledgers (showing client account transactions and office account transactions)

Reconciliation

Cashbook and matter listing Checks all monies are there

34

Reconciliations, cashbooks, and client matter listings In the diagram ‘Client account reconciliation’, we can see the office account bank statement is removed (it still exists, we are just not including it in our client account reconciliation), and the client account is reconciled with the ledgers and the cashbook. Of course, we can see the client matter listing also included within the diagram. The client ledgers are summarised by the client matter listing. A client matter listing may look something like this: Client matter listing – printed 31 December 2021 Client name

Description

Last movement

Balance Client

Balance Office

Mr D Walker

2 Bee Road Purchase

17/12/2021

£130.00

£0.00

Mr S Tee

107 Main Street Purchase

30/12/2021

£30,116

£0.00

Mrs A Oji

89 Field Ave Purchase

01/12/2021

£3.00

£0.00

Miss C Chan

12 London Road Sale

30/10/2021

£14.00

£0.00

Mr H Blanchet

6 Daws Court Sale

29/12/2021

£200.00

-£200.00

£30,463.00

-£200.00

Total

In this case we can see the position of each ledger on 31  December 2021. We are also going to conduct our reconciliation on this date. We have to imagine it was done at the time, before the conclusion of Mr Walker’s matter. We cannot backdate a reconciliation under any circumstances, but the practice does have five weeks to conduct it, which may give us another few days if we imagine it usually coincides with month end. We will assume it is conducted on 31 December 2021, and as this is an imaginary exercise, for the purposes of this reconciliation, we will go back in time to December 2021, so the entries we have seen in January 2022 never existed. Mr Walker, whose ledger we saw earlier, is on the listing, as are some other clients. We will imagine this is a very small firm who do not have many clients, in fact they only have five. For most firms, their client matter listing will be very long, running to a large number of pages. Any files that have existing balances on them will appear on the matter listing. This means that you can sometimes find ‘problem files’ still on the matter listing, or ones with aged balances on them, a long time after they should have closed. Any balance at all should appear on the client matter listing, allowing us to see quickly and easily the position related to each client, and also the total monies held. As you can see, the matter listing demonstrates not only the monies held on client account, but the total indebtedness of the client to the practice, in that monies owed to the office are also shown, usually at the point they are billed. The cashbook might look something like this: 35

Part 1  The Accounts Rules

Cashbook – printed 31 December 2021 Period 1 December – 31 December 2021 Date

Client name

Matter

Client Account

Office Account

Client Total

Office Total

1 Dec 2021

Mrs A Oji

89 Field Avenue

£0.00

-£612.00

£745.00

-£612.00

1 Dec 2021

Mrs A Oji

89 Field Avenue

-£612.00

£612.00

£133.00

£0.00

15 Dec 2021

Mr D Walker

4 Bee Road

£200.00

£0.00

£333.00

£0.00

17 Dec 2021

Mr D Walker

4 Bee Road

-£70.00

£0.00

£263.00

£0.00

29 Dec 2021

Mr H Blanchet

6 Daws Court

£200.00

-£200.00

£463.00

-£200.00

30 Dec 2021

Mr S Tee

107 Main Street

£30,000.00

£0.00

£30,463.00

-£200.00

Total

£30,463.00

-£200.00

Exercise Before reading further below, can you find the source of the ‘client total’ from the cashbook, in the client matter listing? The question here is asking you to find the composition of November’s closing client account total.

In the cashbook total columns, we can see that the ‘client account’ column does not reflect the individual client monies held for the first time (except when totalled). It reflects the running total within the client account at any one time. The exercise allows us to explore the amounts held for each client in the client matter listing, and demonstrates that the two reports of the client matter listing and the cashbook show us two different views of the transactions taking place within the law firm and their outcomes. What did you find in the client matter listing? You might have found: •

Mrs Oji has £3.00 outstanding on client account, and this combined with the £612.00 transaction we can see on the cashbook;

•

Miss Chan has £14.00 outstanding on client account, and this was the same in November;

•

Mr Tee had £116.00 already on client account (prior to the sum for the assumed deposit); we might assume he paid £200 or £250 on account upfront, and some has been paid out for a search and office copy entries.

These amounts account for the running total on the client account. As a practice it is important to ensure outstanding amounts on client account are dealt with. 36

Reconciliations, cashbooks, and client matter listings We can also see that the total on the cashbook and the total on the client matter listing match each other; they should. They are simply showing us a different perspective on the amounts held for clients and the means to view the client account activity. To conduct the reconciliation we now need to match this total to the client account bank statement. The client account bank statement might look like this: AAAAA Bank AAAA Street Nowhere Town AA56 7AA

Bank Statement: Account 100000000 Client Money Fictional Law Firm Ltd (CMFLF Ltd): Client Account Date: 31 December 2021

Date

Transaction

Description

Opening balance:

£745.00

Amount

Total

1 Dec 2021

Debit

CMFLF Office

-£612.00

£133.00

15 Dec 2021

Credit

Mrs Walker

£200.00

£333.00

17 Dec 2021

Debit

Searches 4 U

-£70.00

£263.00

29 Dec 2021

Credit

Blanchet 235.71 EUR, exchange 1 EUR = 0.848498 GBP

£200.00

£463.00

30 Dec 2021

Credit

Tee

£30,000

£30,463.00

Total:

£30,463.00

Exercise Before reading any further, answer the following questions: •

To which date can we reconcile the client account?

•

Can you conduct the reconciliation? If so, do. Otherwise, there is an explanation of how to do it, below. Read the explanation, and then conduct the reconciliation.

•

Can you find anything else in the bank statement we need to check or be aware of?

Let’s start with the reconciliation. We need to conduct that at a minimum once a month, and it is usually completed to the end of the month, as we have already discussed. We can reconcile it to 31 December using what we have. To complete the reconciliation, we need to compare the client matter listing to the cashbook and bank account. We also need to keep a record that this has been completed, so we need a printed copy of each of those, each showing the full date of comparison. Many computerised accounts systems have a facility showing the date the statement was printed as well, which allows us to check when the reconciliation materials were produced; this is another guard against fraud. 37

Part 1  The Accounts Rules The final question above asks about what else we could look at or check on the bank statement. We might look at and check that there have been no other cash receipts in this time period that have not been banked. We could also look at the individual transactions to make sure they are correct and match with the files; noting that the £200 for Mr Walker is received from Mrs Walker. We can also see the sum received for Blanchet and this has come from overseas, as well as that a bill has been raised at the same time as the payment. We could make sure this was correct and understand the advice and instructions being given on each file. To complete the reconciliation, the only other thing we need is the ‘uncleared’ – these are otherwise known as ‘reconciling items’. These are any payments which have been made on paper but have not yet been either banked or cleared. This might be cash that has been received and not yet banked, or cheques which have been written out and not yet banked. We discussed earlier in this Part of the book that it is difficult to get a client to accept a cheque for a small amount, and this can be an example. Any such amounts will need to be factored into the reconciliation. This is an area which can cause problems, as it can be used fraudulently, by paper transfers being made that are not reflective of actual transfers or to hide deductions from the client account. It is therefore important to check the ‘uncleared’ carefully. Some accounts systems conduct the reconciliation automatically for you, and will automatically include the uncleared. This is because your cashbook will show the transaction as it occurs (hence it will appear on the system), but it will not yet appear at the bank. This is why they are also known as reconciling items. Your reconciliation, conducted by hand (as opposed to by the computer), might look like this:

Reconciliation 1

Date: 31 December 2021 Client account bank statement: £30,463.00 Client matter listing: £30,463.00 Comprising: Client account ledgers: £30,463.00 Office account ledgers: -£200.00 Client cashbook: £30,463.00 Uncleared: £0.00 Cash: £0.00 Reconciliation before client own bank account: £30,463.00 Client own bank account: £0.00 Reconciliation total: £30,463.00 Issues identified and corrected: None Reconciliation 2 – only fill this out if your first Reconciliation was incorrect and you need to make corrections  Date: Client account bank statement: N/A Client matter listing: N/A Comprising: Client account ledgers: N/A Office account ledgers: N/A Client cashbook: N/A Uncleared: N/A 38

Reconciliations, cashbooks, and client matter listings

Cash: N/A Reconciliation before client own bank account: N/A Client own bank account: N/A Reconciliation total: N/A Signed: Mr A Partner..................................... Print Name: MR PARTNER, COFA Date: 31 December 2021 The reconciliation should be signed by the COFA / HOFA / accounts manager / responsible partner. The reconciliation you produce should include a space for explanations of any matters which need correcting. We have shown this in the form under the heading ‘Issues identified and corrected’. In this way, you can show a full audit trail of calculations and corrections, demonstrating how you arrived at the final figure. Such an approach can give any reviewer confidence in your ability with the reconciliation and demonstrate your own awareness that there are errors in sets of accounts sometimes, that they should be corrected, and that you have corrected them. The reconciliation should be signed off by the COFA (HOFA for licensed conveyancers), accounts manager, or another responsible partner. You will see there is a space for the client’s own account to be added into the reconciliation. This at first glance would give the incorrect reconciliation on the ‘Client account bank statement’ line and on the ‘Reconciliation before client own account’ line, a position which is then corrected when the client own bank account is added in. This was a very straightforward reconciliation, just to show the process. Further reconciliation problems for you to solve are included in Part 6 of this book. The reconciliation also allows us the opportunity to spot any other problems in the accounts. Such problems might include, but not be limited to: •

Incorrect cashbook or ledger entries (for example, typographical errors, incorrect transfers, or the incorrect placement of a fee on a ledger).

•

‘Bundling up’ entries – where transactions have occurred separately on the bank statement or cash book, but have been placed together on the other.

•

Errors in sending or receiving funds for a client (for example, where too much has been sent to a client by accident).

•

Ledger errors such as the client account being in debit or the office account being in credit. You can check the client matter listing for such problems which should be immediately obvious from a quick review.

•

Shortages on the client account. This is the most serious problem and if the regulator are involved, often results in disciplinary action.

Shortages on the accounts are usually indicative of an inappropriate transfer from the client account (in breach of rule 5 of the Solicitors Accounts Rules, and rule 4 of the CLC Accounts Code) and may be the misappropriation of client funds. Any 39

Part 1  The Accounts Rules shortages uncovered should be reported to the COFA immediately who would consider reporting the matter to the regulator, dependent on the position (for example, the size of the shortage or the intent of the individual responsible). Missing client funds should be replaced by the firm without delay (rule 6.1 of the Solicitors Accounts Rules and 3.4, 3.8 and 3.9 of the CLC  Accounts Code). We discuss disciplinary action for client account shortages later in this Part of the book, and disciplinary action generally is also discussed in Parts 2 and 4 of the book in the context of concerns about anti money laundering, and compliance requirements. Sometimes reconciliations can be out by just a few pounds, and the cost of correcting them (in terms of time management), can be significant. This can be why firms often run daily reconciliations, through a computerised system, to spot any problems at an early stage, and to avoid a list of corrections.

AML considerations We have discussed a variety of possible money laundering scenarios as we made our way through the description of the accounts and how they work. In some cases, with files which seem for all other purposes genuine but are using the proceeds of crime, there may not be an indicator on the reconciliation that there is a problem, as the reconciliation measures the balance of the accounts. However, if the record keeping related to the transaction was not kept correctly or was manipulated – perhaps to hide the placement and layering of the funds – it may be detectable on the reconciliation, as the error would come to light when the books were balanced. You may also note unusual balances on the accounts – these might be unusually large transactions, as sometimes attempts to launder money can be quite audacious. There may be perceived to be greater danger in laundering money in smaller amounts (through a large range of transactions) than in one go. This may make the large sums on the ledger (visible in the reconciliation from the client matter listing) more apparent. Policies and procedures are important within any set of accounts, and most firms will have a finance manual in place which maps out the way in which the financial transactions of the firm should operate, including the use of client money. Those finance manuals may need to carefully consider the receipt of tainted client money and how the firm can identify and hold those monies if necessary. The receipt of client money tainted by the proceeds of crime would be into the client account. Because the firm’s money is taken through billing the clients, if the firm was laundering money complicitly, it should theoretically come through the client account. However firms could also take money that was not legitimate into the business through the office account. The ‘office’ has not come under as much scrutiny from regulators, but might be the preserve of law enforcement. Finance manuals should take account of the possibility of the receipt of tainted funds and also consider whether or not the firm should have policies about the receipt of external non client money, fees, or other income, which is not drawn from the client or client account. Law firms are in a position of constitutional importance and any external investment in the firm should be approved by the regulator. Alternative business structures (the name for law firms with non40

VAT

lawyer or external investment or funding) can only be created with the prior and ongoing approval of the regulator (see the Legal Services Act 2007, Part 5). It is therefore important to consider the source of funds of external office monies and how these should be approved and accounted for by the firm. Office accounts can be reconciled in the same way as client accounts, and office bank accounts can be checked for the incoming funds.

Office reconciliations The office account does not have to be reconciled at the same time as the client account (for example see the Solicitors Accounts Rules, rule 8.3). The office account can be used for a great deal more than simply the receipt of client account funds; it can be used to pay the practice’s bills, for example, and any investigation of a firm’s office account might find payments for rent, utilities, referral fees, and other associated practice costs. In some instances, practices maintain more than one office account, and have just one which is associated with the client account banking function and allows the office to pay for some items associated with the files. However, it should be noted that although the rules do not require it, many practices reconcile the office account associated with the client account banking function, alongside the client account, as a matter of good practice. Reconciling the office account can be necessary because of the payment of some bills which impact client matters from the office account. These also need to be written up immediately, therefore a similar check as to accuracy is required. By reconciling the office account, we are providing a further check that the accounts are correct. Sometimes this can be a useful step in assurance. Of course, all businesses keep books, and overall general bookkeeping would be undertaken in any event.

VAT We have not included VAT in the calculations above for a number of reasons: •

To provide a clear explanation, without the distraction of VAT, which has separate requirements.

•

Those separate requirements are quite complex, particularly in the case of solicitor accounts, and there are a number of ongoing opinions on the subject.

•

Not all accounting systems and packages feature columns for VAT.

•

Given the advent of ‘Making Tax Digital’ (the advancement and requirement of information technology solutions by HMRC), we may see some changes in the way VAT is calculated and presented, as well as in the functionality or compatibility of accounts packages in the near future.

It should be made clear that the use of the diagrams earlier without VAT columns is not advocating tax not being paid or in any way implying tax avoidance. The book 41

Part 1  The Accounts Rules has not been written in that way and tax should be paid on all transactions. In the context of anti money laundering, it is noted that tax evasion is a crime. Instead, the book has been written to convey the information in a step-by-step and easy to understand format. We deal with VAT and its application briefly here. The below table shows a ledger system, but this time the ledger has an example column for VAT included. You will find that ledgers are set up in different ways, with lots of different columns. The main thing of note in solicitor ledgers is the separation of client money and office money. It is important, however, to say at this point that not all computerised accounts systems have a separate column for VAT, and the practice may calculate this themselves separately. Description

Date

Client Money Paid in

Paid out

Office Money Balance

VAT

Paid in

Paid out

Total

Review this ledger. We can see the column highlighted is for VAT. This allows us to add VAT for any charges for that transaction. The VAT in this column (and in our example here) represents the VAT charged by the firm. So, when the bill is raised by the firm, we would show it as a debit in the ‘paid out’ column, and the VAT on that bill would be shown in this highlighted column. VAT on individual items can also be shown here, so if the firm puts an element of the transaction through the office account which is later billed to the client, they can show the charge on that item or part of the transaction for VAT. It should be noted that this is not the VAT charged by any third party; so if the item or service in question comes from a third party (and is not VAT exempt), and the third party charges VAT, a separate VAT invoice should be obtained from the third party for the client. The legal advice should then be billed by the firm with VAT. The accounts systems used by different firms vary in their set up and your firm may place the VAT elsewhere. Some may automatically calculate VAT for you. Some firms of course still operate paper ledgers and accounts systems. At the time of writing, VAT is chargeable at 20% on all goods and services, dependent on the turnover of the provider. The turnover threshold in 2022 was £85,000, meaning that some very small firms may not make enough to charge VAT. Where it is chargeable, VAT should be charged on the advice provided by the solicitor. There is some controversy over the non-charge of VAT on disbursements, and what counts as a disbursement. The relevant case is Brabners v HMRC  (2017) which challenged a solicitor firm’s interpretation that conveyancing searches were disbursements and therefore exempt from VAT. The decision confirmed that searches were a part of the advice given by solicitors and do not fall into the 42

Cash category of disbursements. We can perhaps see the argument, given that a solicitor may need to comment on the results of the search, or that the search may influence the advice being given. After all, if the solicitor did not require the search to give advice, why has it been obtained as part of the legal transaction?

VAT and disbursements – comments on inferring advice For those people who regularly analyse client accounts, or consider bills, ledgers, and other financial information, it becomes apparent that you can potentially gain a lot of information about the transaction from that financial information. Let’s take the position of VAT as just discussed. By insisting that solicitors charge VAT on any product or service where advice is given, we can infer advice about the service or product that has been purchased. In all cases, legal advice is confidential, but in some cases, advice is also privileged, meaning it does not need to be disclosed to anyone – even in Court. However, if someone (an accountant, or an external inspector) reviewed your books of account, they would be able to infer that advice had been given on a particular issue by the charge of VAT. Depending on what happened next on the ledger or bill, they may be able to infer or guess at what the advice was, particularly if they had more information about the situation from elsewhere. With the advent of Making Tax Digital more information will be shared with HMRC than ever before. They may be able to infer the advice given through the bill to the client, or even the existence of the advice. The question might be whether we will eventually see the erosion of some aspects of privacy and confidentiality, and even challenges to legal professional privilege, through some aspects of billing and information sharing.

Cash The receipt of cash into law firms is restricted by anti money laundering expectations, and firms are advised to have a cash policy in place to prevent them handling or receiving the proceeds of crime. We deal with offences related to the proceeds of crime in Part 4 but, as we have seen, the Accounts Rules rely on records being maintained. Cash can be easily taken outside of formal recording, as seen in a black market economy, so records need to be kept and maintained of its use. Most firms will have a policy in place covering how much cash can be taken for any one transaction and are encouraged not to exceed this amount. Generally speaking, the amount a firm can accept might be quite small. As we will see in the later parts of this book, individuals and organisations providing funding for their transaction are required to provide proof of how they raised the amounts in question. Cash receipts in large amounts may be no exception, and firms may be in a position where suspicions are raised on the receipt of a large amount of cash; those suspicions may need reporting. This process is discussed further in Parts 2 and 4. 43

Part 1  The Accounts Rules Firms therefore generally advise clients in their opening client care letters of the amounts of cash they are able to accept, and that identification and other documentation is required for AML purposes. Reception staff should be trained on the receipt of this money and documentation and those staff accepting the same should also be trained. Training, learning and development are covered further in Parts 4, 5 and 6. Receipts should also be maintained of monies received in cash by the firm and it is good practice to bank this immediately. Some firms, in light of digital banking and increased immediate access to banking facilities, are now declining to accept money in cash or by cheque, and only accept payment by bank transfer. This is particularly also the case where a firm is instructed which is a considerable distance from the client. The majority of in-house cash policies limit the receipt of cash to below £500, although some firms may choose a different amount. If the amount is exceeded, it is common practice to refer this to your Money Laundering Reporting Officer, or the partner you work for, although your own internal procedure will specify the steps to take.

Accounting to the client and aged balances The client should be accounted to, both during, and at the end of, the transaction. Rule 2.4 of the Solicitors Accounts Rules provides that client money should be available to the client, and rule 5 of the same rules that a client’s money can only be used for their matters, so theoretically a practice should be in a position to account to the client at any time. Similar rules exist for CLC firms. Once the client ceases to be a client, in that their matter has concluded or is concluding, they should be accounted to fully. The Solicitors Accounts Rules prevent the use of the client’s money for other matters without the client’s knowledge (rule 5.1(a) and (b)), and firms must keep accurate ledgers of the use of the client money, as we have seen. The CLC have similar provisions in place, governed by the limited circumstances in which withdrawals can be made from client account under rule 4. The CLC and the SRA require appropriately produced invoices to be sent to clients (the Solicitors Accounts Rules, rule 4.3 and the CLC Accounts Code, rule 4.1(b)). The most common time to account to the client is at the conclusion of the matter, or just before. In some cases, the transaction might come to an abrupt end if the matter does not go ahead, and the firm would need to account to the client quite quickly. In other cases, monies sent for different reasons have to be sent back if the transaction is delayed or might not go ahead. Again, the practice should be able to calculate the position of the money owed to the client and that owed to the practice promptly and effectively. Ledgers are the immediate source of information in these cases and, as well as recording all of the transactions, are a useful point of information when considering the work the practice has completed, and what the client should be billed for. In some matters, firms commonly use ‘completion statements’ or other types of statements to advise the client of the money they have received; any expenditure 44

Profit costs and disbursements to date; and the money that is due to complete or finalise their transaction. These statements balance the funds in, the funds out, and the monies remaining. These may sound like ledgers but they are not; the completion statement has much more detail and refers to the file for any additional items of work not already on the ledger. By the end of the matter, the ledger, the file, and any such completion statement should be consistent in terms of the items contained and the stated cost. The additional information provided by the ledger includes the date of the action, the sequence of the actions, and the ongoing running totals at any time. Most firms attempt to account to their client fully at the close of the transaction; ensuring that any money received is fully accounted for, and also that their own bills are paid as well. However, sometimes small balances remain on the accounts and clients do not always bank cheques sent for amounts as small as a few pounds. In these cases, firms do have permission to transfer some money – up to £500 for SRA regulated firms, and £50 for CLC regulated firms – to their client account. Before taking this step, firms should take reasonable steps to contact or attempt to contact the client and return the money to them. If firms transfer it to their client account, they remain liable for any later claim. Similar rules apply about sending balances to charity, and the charity remains liable. In the CLC’s case, the balances of any size are paid to the regulator to add to their Compensation Fund (the fund that compensates clients if a practice is closed by intervention). If client account balances go over 12 months in age, without movement on the file, they are known as ‘aged balances’ and these aforementioned rules apply. Both the SRA and CLC warn about aged balances and produce specific guidance to firms to avoid them. It is best practice to try to account to the client fully at the time of dealing with them, and firms are advised to ask clients how they would like any outstanding balances returned to them at the end of the matter. A  file should not be closed with an outstanding balance, and many accounts packages will flag outstanding balances on files if there are attempts to do so. The writer has spent a lot of time with firms discussing aged balances and advising them to clear them from their systems and close their files properly. It can be a difficult task to review the files and the ledgers and work out whether sums can be properly returned to the client, or whether there was a different problem – for example, whether the sums were in fact due to the practice and were not billed properly, or whether there is another error. Sometimes the issue attaches to one particular fee earner. In such cases, the advice is to work with the fee earner or their supervising partner to deal with the outstanding issues and improve accounting to the clients at the conclusion of their files.

Profit costs and disbursements Both of these terms are complex and difficult to understand. It is rare to find such terms used with consumers outside of legal services – usually much more straightforward language is used. Let’s start with ‘profit costs’. In business, we would usually understand profit as the sum left over after all other costs have been paid. Profit is usually for the business to consider, and is not an issue for discussion with, or description to, the client. Profit costs are different. Because law firms take money on account from the client, and 45

Part 1  The Accounts Rules use it to pay for various items the client needs to help inform the decision making (as well as the legal advice), these items are shown on the final bill to the client, along with the cost of the advice. The cost of the advice is the ‘profit cost’, and the other items are shown as disbursements and additional costs. When we discuss profit costs, we are discussing the service the law firm is providing on top of the additional costs incurred for other items. Disbursements has a particular meaning and definition in tax, but broadly means an item which the client is ultimately liable for, which is required for the transaction, but where the professional has dealt with the expense. We mention disbursements in the context of VAT earlier in this Part of the book.

Holding client money As we saw briefly in the introduction, it is possible for solicitors to hold money personally, as well as for the firm to hold money. Solicitors are regulated for their professional title as well as for their work in regulated firms. It is generally the preserve of the firm to hold client money, with theoretically the individual solicitor partners also holding the money personally as well. The SRA Code of Conduct for Individuals sets out the basis of this at rule 4.3 – allowing the individual within an authorised body to hold the money alongside the firm. The same rule prohibits individual solicitors outside of regulated firms holding money personally, unless they fall within the circumstances described in the Authorisation of Individuals Regulations, rule 10.2(b)(vii). The circumstances of this rule relate to regulated sole practitioners and their authorised bodies, and to the new freelance solicitors. We discuss the ‘nuts and bolts’ of different practising styles and their regulatory consequences in more detail in Serious Breaches. It is much easier to comply with the requirements of the Accounts Rules if the firm is holding the money. We have seen already, and we explore further shortly, that the regulatory requirements include putting systems and procedures in place, and for client money to be held in a client bank account. Compliance with the Accounts Rules becomes quite difficult to achieve if the solicitor is holding those monies personally without the support of the firm around them, which is why the SRA prevent it within their rules. However, we can see in the changes to the 2019 version of the Solicitors Accounts Rules that under rules 2.2 and 2.3(c), it is possible to hold client monies elsewhere with the consent of the client – bearing in mind that those rules also require that the money for the client is immediately available under rule 2.4. These provisions are not the same in CLC practices. The circumstances in which client money might be held personally outside of the firm are usually, in recent times, inadvertent and caused by a breakdown or change in the client and firm relationship. The use and consideration of holding client money personally is a historical position developed by the individual nature of the practising certificate, which we discuss further in Serious Breaches. We have to remember that such instances now can be a breach of the rules. However, sometimes it does happen. Situations include when the law firm is being closed down, either voluntarily or by the regulator, or when individuals are bought out of practices and a few matters are excluded from the purchase. If the law firm is intervened, this can be a full intervention (in which case all files and monies, 46

Solicitors Accounts Rules including those held personally, would be removed), or a partial intervention, in which case there may be some left behind. Closures and interventions can be messy spaces and strange outcomes can occur. The regulators are firmly in favour of orderly closure and issue guidance to this effect. Solicitors and licensed conveyancers in this situation should also remember the regulator has a right to intervene into any personal practice they might have. For solicitors this under the Solicitors Act 1974, Schedule  1. This option is often taken alongside and at the same time as the intervention of the firm under the same or other intervention provisions (noted in the Introduction and explored more fully in Serious Breaches). We have explored the ways in which a solicitor can practise in Serious Breaches, and also the related concepts of closing down that practice through intervention. It might be reasonable to say that the solicitor holding money outside of the structure of practice now draws a negative connotation (quite apart from being a breach of the rules). However the history and style of current forms of practice, including the presence of the Accounts Rules, has grown over more than one hundred years and in the past solicitors did more frequently practise on their own account as individuals, and hold the money personally. The status of sole practitioner as we know it today comes from this historical practice and the solicitor in those circumstances used to hold the money personally. Some sole practitioners may remember the endorsement on their practising certificate that their firm was also recognised; this is because they individually were practising and individually were holding the client money themselves, albeit in a firm structure. This has now changed and sole practitioners, although recognised as such, also have the firm around them recognised by the regulator as an ‘authorised body’, even though they continue to be self-employed. The position of the sole practitioner and their created ‘body’ is also discussed further in Serious Breaches. Returning to the negative connotation of holding the money personally, the writer’s experience working for regulators is relevant here. If it was alleged that a solicitor working in a regulated firm (not a sole practitioner), was holding client money personally and that money was at risk, there would be a prima facie case of breach of rules, given the requirements for systems to look after the money, provided for by the Accounts Rules. Enquiries would be made to ensure the money was being looked after in accordance with the rules. Any indication of a significant risk to client monies could be grounds for intervention of the firm and the practice of the individual solicitor (dependent on the circumstances). There would also likely be disciplinary prosecution of the firm and the individual.

Solicitors Accounts Rules The Solicitors Accounts Rules sit within a wider framework of rules which form the current handbook, known as the ‘Standards and Regulations’. The Standards and Regulations consist of overarching Principles which guide the overall behaviour of the solicitor, followed by more detailed (and separate) Codes of Conduct for individuals and firms. In recent years, the level of detail in the Codes of Conduct has decreased substantially and the Codes are now significantly less prescriptive, and more outcomes focused in their style. 47

Part 1  The Accounts Rules As well as containing the Accounts Rules, the Standards and Regulations also contain a range of other regulatory sets of rules that, together with the Codes of Conduct, set out both the way in which the solicitor, other regulated individual, or the firm, should behave, and the way in which the regulator should conduct themselves when undertaking regulatory investigations. The overarching Principles show us the importance of the solicitor’s conduct when dealing with client money. They specify that the solicitor should act with honesty (Principle 4), integrity (Principle 5), in the best interests of the client (Principle 7), and to uphold the standards expected (Principle 2). Other Principles require similar strong standards from the solicitor and their staff. Prosecutions for breaches of the Accounts Rules may be made on just straight breaches, but can also be made on the grounds of dishonesty as well if this is a factor, and firms and individuals may be prosecuted for such breaches with reference to the Principles, Codes of Conduct, and the Accounts Rules themselves. One particular role of interest within the firm is the position of the Compliance Officer for Finance and Administration. Created by the Legal Services Act 2007 (section 92) as the Head of Finance and Administration for use in Alternative Business Structures, the role is also present as part of the terms on which SRA firms are authorised, under the Authorisation of Firms Rules, rule 8. The COFA appears in the SRA Code of Conduct for Firms as well (at rules 2.1(d) and 9.2). It sits alongside the companion role of the Compliance Officer for Legal Practice (COLP). The COLP is also present in the Legal Services Act, Authorisation of Firms Rules, and Codes of Conduct for Firms in the surrounding provisions, and with similar but not the same, responsibilities. The two roles oversee the firm’s compliance with the regulator’s requirements. In particular, the Compliance Officer for Finance and Administration is responsible for compliance with the Accounts Rules themselves. As we will see over the coming pages, the COFA role, and the Accounts Rules, have a strong basis in administration, with a number of procedural requirements to adhere to within the Accounts Rules. We can categorise the Solicitors Accounts Rules into three sets, which show how they provide the systems and procedures that are required to safeguard client money. If you read the actual rules, they are not presented in this way, but this categorisation helps us to understand them and some of the requirements they put in place. We present them here in the following three categories: Category A: Maintaining systems to store and administer client money. Category B: Rules for the receipt and movement of client money. Category C: Rules which require the verification and checking of sums due to client and office. Let’s have a look at each of these categories in turn.

Category A: The maintenance of systems to store and administer client money These rules set out the systems that are required to be in place within the firm. We might say the Compliance Officer for Finance and Administration is directly 48

Solicitors Accounts Rules responsible for maintaining these systems. Rules falling into this category can be summarised as follows: a.

The definition of client money at rule 2. This makes a distinction between client money and office money (money belonging to the practice). This rule provides the practice with the means to identify the money belonging to the client (and therefore subject to the trust) and money belonging to the office, consequently allowing the firm to put in place procedures which identify and specify which money they are dealing with when they receive it. The definition provides the basis for the financial relationship and trust between the firm and the client. There is some controversy over the new definition of client money (see page 53).

b.

The separation of client and office monies at rule 4. This rule goes further than the definition of client money and the definition of office money. It requires that once you have defined those monies, you have to separate them, and they have to be stored in separate bank accounts. Law firms operate a client bank account for holding client money. The office account(s) are used for all other types of transaction and running the business, and you might see office overheads also being paid from the office account. Although as we have already covered earlier, many law firms have more than one office account.

c.

Client money should be held in a bank account marked ‘client account’ at rule 3. This facility allows the practice to protect the money within the client bank account and identify it to the bank and others as belonging to the client. We can see in the section on page 53 related to the recent changes in the Accounts Rules, that client money can be stored elsewhere, but this could pose a problem if there was insolvency of the bank or the law firm. Clients agreeing to storage elsewhere under the Solicitors Accounts Rules (rule 2.3(c)), should also be made aware of the safeguards in place in using the client account, but we also note the provisions discussed earlier to intervene into a personal practice. You may find that some law firms have more than one office account and more than one client account. It is also possible to operate an account on behalf of a client or open an account as a client account just for one client. Either of these actions might be common where the client is placing a very large sum of money into the client account and wishes it to be kept separate.

d.

That the books of account for client money and other records should be written up and maintained under rule 8. This is a key rule. The writer worked for the regulator for many years and has seen the closure of many practices who failed to adhere to this rule. Keeping and maintaining books of account is essential for any business, but even more so when you have client money. The regulator will intervene (close down) the practice if the books are not kept in order and correct. The records should be accurate, chronological and legible. Maintenance of the books in a contemporaneous fashion is also required and writing up the cashbook or ledgers later after the bank transaction is not accepted. It should be possible, through the contemporaneous production of the practice’s records and comparison to the bank’s records, to reconcile the two. If books of account are not maintained correctly this could be fraud and there would be such a concern if they were not produced chronologically. 49

Part 1  The Accounts Rules e.

Provision for interest on client monies at rule 7. Interest can be payable on some amounts held in client account, dependent on the time held in the account and the amount of money held. Generally speaking, most client accounts do not attract much interest. Clients who require a large sum to be held over a longer period of time may well be advised that a separate account should be opened to allow for the interest to be paid.

f.

Legal Aid Agency money received for costs does not need to be paid into the client account at rule 2.3(b). The monies from the Legal Aid Agency are not classified as client money. A  discussion of Legal Aid Agency money appears later in this Part of the book. Any Finance team dealing with monies from the Legal Aid Agency will need to consider their systems for dealing with this money differently to monies which fall within the definition of client money. This may mean operating a separate account or bookkeeping system for Legal Aid Agency work.

Category B: Rules for the receipt and movement of client money These rules apply once the money has been received. The Compliance Officer for Finance and Administration is also responsible for compliance with these rules, however the movement of client money is also directed by the solicitors or other lawyers within the firm, and the COFA and Finance team have to work with the lawyer’s professional judgement and direction. Rules falling into this category include: a.

Systems for the allocation of client money expected and received at rule 8.1. To maintain effective records, payments in need to be allocated to client ledgers as soon as possible. Firms should be aware of payments that are expected, and many firms ask their lawyers to fill in forms or slips to notify Finance of monies they might receive. Failure to allocate payments to client ledgers promptly could breach both this rule and the rules covering the maintenance of client records.

b.

Client money should be available on demand at rule 2.4. Law firms hold the client money as part of the transaction and their fiduciary duties, but this money, as available to the client, should be returned to them when required. This duty and obligation is a complex one and the law firm should also be advising the client of their obligations in their legal matter as well, including the consequences if the money is returned. Some monies cannot be returned to the client, for example if held subject to an undertaking or held to the senders’ order.

c.

That the client account should not be used as bank account at rule 3.3. We cover this principle further in Part 2 of this book, but for anti money laundering purposes it is well established that the client account should not be used as a banking facility. It is not appropriate for monies to be sent to the client account which do not relate to the legal transaction for which the firm are instructed. The writer has seen instances of this herself; the key questions to ask are whether the monies received relate to a legal transaction, and whether that transaction is reasonable, genuine, and would involve a lawyer. You can also ask whether it is necessary for you to hold those monies. If not, then the money should not be accepted, to avoid breaching this rule. 50

Solicitors Accounts Rules d.

Specific rules for the withdrawal of client money, at rule 5. There are only certain circumstances in which the withdrawal of client money can take place and these are specified in these rules. These requirements, along with the separation of client and office money, and the use of the client account, provide the system of safety nets described in this Part of the book. It is clear that unless there are valid client reasons for the withdrawal of money from the client account, this cannot take place. The client account is therefore protected by this rule and it is clear that the client money does not belong to the practice.

e.

Replacement of any sums due to the client under rule 6.1. Of course, if there are sums missing from the client account, these should be replaced immediately. It is extremely serious to have sums go missing from the client account. If money is removed inappropriately it is likely to be a matter which needs reporting internally to the COFA. They may decide to report it to the regulator, and even to the police, dependent on the sum involved and what happened. However, making good the sum is also an essential step; required as part of the trust in all cases, it may also be the correct solution for minor breaches.

Category C: Rules which require the verification and checking of sums due to the client and office These rules also fall under the control of the Compliance Officer for Finance and Administration. The reconciliation is their primary mode of verification of what is in the accounts and the accuracy of the records, and we can see that the COFA (or someone similar) has to sign off the practice reconciliation at least once per month, under rule 8.3. The annual Accountants’ Report is a secondary measure. The accountant is instructed by the firm to perform the annual accounts check and this role is outside of the control of the COFA, although the COFA would be involved in liaising with and answering queries from the Reporting Accountant. a.

The reconciliation at rule 8.3. The reconciliation should be performed at a minimum once a month. Most firms perform their reconciliations on a more regular basis and even once a day, to ensure client money is kept safe and the amount owed to the clients is clear. Performing reconciliations less frequently might be considered risky and it is good practice and the sign of a well run firm to conduct them very regularly, and correct any errors.

b.

The annual Accountants’ Report at rule 12. This report, also provided for in statute by section 34 of the Solicitors Act 1974, is a means for the regulator to have an oversight of the operation of the client accounts of law firms across the country. Again, this is a rule which has been eroded by the changes to the Accounts Rules, which are discussed further at page 53. Practices which only undertake legal aid work are exempt from the rule to obtain an Accountants’ Report.

As we can see, there are a number of procedural requirements to adhere to within the Accounts Rules, which allow us to see the specific day to day responsibilities and oversight of the Compliance Officer for Finance and Administration. 51

Part 1  The Accounts Rules As well as putting in place and operating a separate system of accounting for client and office monies, the COFA also has to make certain the firm: •

regularly reconcile their accounts;

•

only store client money as permitted, and not with office money;

•

organise client accounts, including individual client accounts if necessary, for money to be stored within;

•

have systems so client money is identified and managed appropriately;

•

ensure client money is only transferred in accordance with the rules;

•

organise and manage the annual Accountant’s Report;

•

ensure ethical behaviour in the management of client money; including ensuring the client account is not used as a general banking facility, and that money is not misappropriated.

You should find many of these provisions provided for within your firm’s finance manual, with specific procedures in place to ensure they are adhered to. We can see from the Accounts Rules that they provide these pillars of the separation of client and office money, along with the reconciliation to ensure client monies are safeguarded and are easily identifiable. The reconciliation shows us the total monies held on behalf of the client at the point the reconciliation is conducted, and how that compares to the practice’s records. This section on the Accounts Rules has just covered the rule requirements for the Solicitors Regulation Authority. However, similar rule requirements apply to the Council for Licensed Conveyancers, albeit expressed in different terms. CLC practices and practitioners can categorise their rules in similar ways and see their accounts organised into these safeguards and provisions for the maintenance of client money. The next section covers the changes to the Accounts Rules introduced by the SRA in 2019. Some of these changes are very controversial and although not presented in this way by the Authority when they were first introduced, have the potential to undermine the safeguards in the Accounts Rules, which we explore briefly. It is fair to say that the majority of law firms will not take these steps, and continue to adopt the previous sets of rules in their procedures. We also continue to see prosecutions before the Solicitors Disciplinary Tribunal and by the regulator themselves for breaches which are similar to those in the previous sets of Accounts Rules. The interpretations of the new Accounts Rules introduced in 2019 appear similar to those in place previously. Solicitors are reminded that the rules and principles of professional conduct require them to behave with integrity and honesty. The rules in place for the Council for Licensed Conveyancers remain broadly the same. The last changes made by the CLC were in 2020 and they were minimal. The CLC have not made changes to their Accounts Rules in the same way as the SRA. 52

Changes to the Accounts Rules

Changes to the Accounts Rules In 2019, the Solicitors Regulation Authority made a number of changes to their established Accounts Rules when it introduced the Standards and Regulations. These changes included the following: •

A change which impacts the definition and storage of client money. Under the changes, client money can be held in the office account if the money is for unpaid fees or for disbursements for which the firm is liable. It is noted that the definition and coverage of the term ‘disbursement’ may be disputed in legal services – please see pages 42–43.

•

The practice are allowed to hold client money in other locations, with the consent of the client.

•

Changes to the Accountants’ Report, which now follow a much less prescriptive set of rules.

•

Permitting the use of third party managed accounts in circumstances where the SRA have been informed, and the TPMA is registered with the FCA.

There are a number of impacts of the new rules, and the writer has written about these more extensively in Serious Breaches. However, in brief, the impacts include: •

Concerns about the extent of the client money being held in office account for unpaid fees, and whether solicitors could overestimate their costs, take a blanket approach on the level of unpaid fees, and/ or take unfair advantage of clients.

•

Questions about where client money may be held if it is not held by the practice in the client account, and what protections the client has. We also have to question whether the client would be fully informed, and whether consent could be obtained to hold the money elsewhere without full client oversight or without informed consent.

•

The extent of the changes to the Accountants’ Report, which have taken a backwards shift away from full oversight of the client account. The report does not now cover the money held elsewhere by the practice, creating a serious problem in the oversight and reliability of the report in some situations. The position creates the situation where the practice can hide monies or accounting practices from the Reporting Accountant, undermining the Accountants’ Report.

The difficulty with changing the Accounts Rules from their pre-2019 format is the precision with which they were written, and their longevity. They had been in place for many years, with minor revisions each time a new handbook was created. That clarity is being eroded by the changes in the definition of client monies, and the opportunity for firms to place client monies in the office account if the client agrees. The check and balance in the oversight of the use of client monies is also under threat from the changes to the annual Accountants’ Report. Further information and detail about the changes to the Accounts Rules, their potential problems, including the issues for Reporting Accountants is contained 53

Part 1  The Accounts Rules in Serious Breaches. That book also provides ideas for closing the gaps in the new Accounts Rules to protect the firm and ensure honesty and integrity in accounting practices within firms.

Legal aid accounts The Solicitors Accounts Rules treat legal aid practices differently to other types of practice. This is for two reasons: (1) Legal aid practices have a direct funding relationship with the Legal Aid Agency. It is possible to conduct work that is exclusively funded through legal aid (for example Crime). The Legal Aid Agency pays the bills of the matters covered by legal aid. Where the client is required to make a contribution (which is not in every case), it can be paid as the bill is due. This removes some of the risk of holding consumer client money on account. (2)

The Legal Aid Agency not only pays the bills of the legal aid firms, it also audits the accounts, files, and bills of those firms. Under the terms of the contract between the law firm and the Legal Aid Agency, the Agency considers similar issues of, for example, reconciliations, bookkeeping, and/or fraudulent claims and billing, as any investigation of a set of non-legal aid accounts would. Indeed, in its oversight, the Legal Aid Agency goes further and considers advice and file quality as well.

The Legal Aid Agency also require firms to meet management quality mark standards. Firms are expected to consider their overall position and their management of the practice in the context of their financial situation. There are a variety of arrangements firms can make in respect of the Accounts Rules when conducting legal aid work. For example: (1)

Only conducting legal aid: some law firms only conduct legal aid work. For these firms, some of the Solicitors Accounts Rules described earlier in this Part of the book, including the Accountants’ Report, do not apply to their firm (rule 12.2(a)). Definitions of client money are different, and the firm may not require a client account (rule 2.3(b)).

(2)

Conducting a mixture of legal aid and non legal aid work: some law firms conduct a mixture of legal aid work and general work. In such cases, the full Accounts Rules apply to the work which is not legally aided, and often this is separated out in bookkeeping.

(3)

Conducting no legal aid work, and operating a client account: due to the reduction in legal aid funding, many practices just conduct private work. For those practices, the remainder of the (non legal aid related) Accounts Rules apply in full.

The Legal Aid Agency conducts a reconciliation of the work undertaken by the practice against the records it holds for the bills submitted, and against the payments it has made over a period of time. The Legal Aid Agency therefore sets the billing practice of the firm. However, practices keep their own records and 54

Legal aid accounts conduct their own reconciliations for the purposes of ensuring all bills have been submitted and paid. In payment terms, there are two main types of legal aid work – certificated and uncertificated. ‘Certificated’ work is any legal aid work which fits into certain categories, and which in practice is over a certain threshold in value. The value means it has to be assessed and it requires an in force legal aid certificate. In order to obtain a certificate, a firm must have a legal aid contract, and apply to the Legal Aid Agency. Certificates are only granted to those who meet the criteria for legal aid in force at the time. Uncertificated work is work which can be conducted prior to a certificate being granted; this is usually very limited work, and is lower value advice and assistance (without or before a later Court appearance on a certificate, for example). Legal aid is both means and merits tested. This means potential recipients have to demonstrate both a degree of financial hardship (means testing), and that the case merits funding (which means an assessment of the prospects of the case, the issues it presents both generally and for the client, and whether it should progress). Certificates are not certain and can sometimes be difficult to obtain. Thresholds for obtaining a certificate vary according to the area of law the firm is working in, and have changed over time. The funding available for legal aid has significantly reduced during the writer’s career so far (over the last twenty years). Decades of cut backs have left very limited legal aid available. Legal aid is also not available in every area of law, and the breadth of practice areas covered is another angle of funding which has been dramatically reduced. Legal aid is available according to issues which pose human rights concerns, and in cases which can present issues of miscarriages of justice. This is usually where a person would be imprisoned (presenting human rights issues); where there are children’s issues involved; in some mental health matters; and in other issues of severe client vulnerability (such as persons who are incapacitated, present immigration issues, or are subject to violence). Historically, legal aid was available in far more categories of law, and covered matters such as personal injury; divorce and wider categories of family law; and almost all crime matters. As well as funding law firms, the state also funded community agencies such as Citizens Advice to provide basic representation and advice. Now such representation is more restricted and subject to the means and merits assessment already discussed. The means and merits tests also now apply to some crime representation work which was historically always fully funded. Legal aid is not available for areas of law such as wills or conveyancing, so licensed conveyancers do not offer this type of service. Prior to a certificate being obtained, a firm can sometimes undertake some work for a client under ‘Advice and Assistance’. Historically, this was known as ‘green form’ work, and was intended to offer the client a quick means to obtain very short advice. There are also limits on this representation. Returning to the accounts, most work is paid via standard monthly payment, which represents the majority of the money received by the firm from the Legal Aid Agency, and covers certificated work. 55

Part 1  The Accounts Rules We might legitimately ask how the Legal Aid Agency can be certain that the bills have been properly incurred, and why legal aid is exempt from the accountants’ reporting system that is in place for the rest of the work undertaken by the firm. As the Legal Aid Agency is paying for the work, they undertake extensive checks on the files that have been worked on and work with other services such as Councils, the Courts, and prison services, to ensure the matters are genuine and have occurred in the manner claimed for. The Agency also profiles firms and their bills to consider the outcomes of their work and the quality of their advice, as well as regularly inspecting their files for the amounts claimed. Should the Agency find that too much has been paid or claimed, some is ‘recouped’, which means it has to be repaid. In some circumstances it might be deducted from other monies owed to the firm. However, it can be recouped directly, and the firm may be asked to repay some of the sums due to the Agency. There are various appeal mechanisms against these decisions. Some firms maintain a separate account for Legal Aid Agency money and this is helpful in the case of payment disputes and recoupments. The Agency has contractual arrangements in place with all firms undertaking legal aid work covering the circumstances of claims, payments, categories of work, and recoupments. The standard monthly payment is the main income for most exclusively (or almost exclusively) legal aid firms. To set the standard monthly payment, the Agency considers the billing of the firm over a period of months to project the payment for the firm in the future. The calculation is a form of a conical extrapolation which allows the Agency to take approximately five to ten points of the recent billing of a firm and calculate where the firm will be in the future. It means the Agency will not pay too much. The overpayment of firms can cause a problem because the standard monthly payment then has to be set too low for the following months and firms rely on the payment to ensure their financial viability and stability. This is why the Agency sometimes become involved in the management of firms that conduct a large amount of legal aid. We can see how a standard monthly payment might operate in the diagram marked ‘Legal Aid Payments’. We can see the uncertificated work and the certificated work as shown in the column for bills (the certificated work being the larger bill), and the standard monthly payment in the payment column. In this case, we can see from the payments being made that the payment and the bills coming in are approximately the same, and if you just looked at the bills and payments without looking at the totals, you might conclude the payment was at a reasonable level. However, if we look at the annual total, we can see the firm have paid been between £4,000 and £5,000 less than they should have been. In this case therefore, the payment may be recalculated by conical extrapolation. This calculation is not provided here, but we might also conclude that a payment of £15,000 per month would be reasonable. However, if the firm was about to see a downturn in work, had reduced the number of fee earners or was otherwise expecting slower months ahead, there may be a reason not to increase the payment – it might be left the same to compensate for the monies owed over a period of time. 56

Legal aid accounts Diagram: Legal aid payments Month

Jan

Bills for certificated work

£14,586 £13,297 £14,978 £15,678 £12,321 £13,912 £14,789 £14,657 £120,876

Bills non certificated Payment

Feb

Mar

Apr

May

£2,874

June

July

Aug

Total

£3,784

£14,500 £14,500 £14,500 £14,500 £14,500 £14,500 £14,500 £14,500 £116,000

There are a number of other points to make about this approach. The first is that certificated work often comes from initial clients using the firm for ‘Advice and Assistance’ and the bill is rolled up into the certificate and claimed for together, so only some uncertificated work is claimed. In some cases, firms have very large bills coming through (which the Agency may have agreed to and be aware of), and temporary adjustments to the standard monthly payment (SMP) can be made for these. The standard monthly payment is supposed to compensate the firm overall over a period of time; ensuring the fairness of that approach is important. Firms are also entitled to be paid the exact amount and there are (fairly new) systems in place to accommodate this; the approach outlined above is historically how firms have been paid, but the new system allows bills to be paid exactly. Readers may also note that the monies paid to the legal aid firms are checked and monies can be recouped if claims have been made incorrectly. This is a frequent occurrence, so firms cannot always rely on the monies they have been paid. Some firms budget at a much lower level to allow for some recoupment. Firms can and do contact the Agency to ask for an increase in their SMP due to factors such as taking on more staff, or undertaking more work. The position of the firm and their likely work is taken into account. This is also true of new firms who start conducting legal aid; their standard monthly payment is likely to be set at a level the firm and the Agency consider reasonable, with a commitment to review the payment at a very regular interval until the firm reaches a stable level. It can also be important to ensure a firm is not overpaid as this can then result in monies owed to the Agency or an SMP set at zero. As we have mentioned, the Legal Aid Agency can recoup money which has been overpaid during the contract. The Agency require firms to meet fairly strict criteria in the billing of legal aid work, failing which deductions and recoupments will be made. The Agency also require firms to meet certain standards in the provision of legal advice and in the management of the law firm. Should any standards not be met, or the Agency not receive the bills to the standard expected, the Agency can consider a variety of contractual remedies, including: •

Rejections of bills

•

Refusal of bills

•

Reduction of bills

•

Individual assessment of bills

•

Recoupment of monies paid

In serious cases, the Agency can consider: 57

Part 1  The Accounts Rules •

Removal of some areas of work from the contract

•

Removal of future contracting

•

Conclusion of the current contract

Practices conducting legal aid work have to work very closely with the Legal Aid Agency and conduct the work required by the contract and by the state. Over time the number of firms conducting this work has fallen significantly, and in some places there are very few remaining. We wait to see what the future holds for legal aid work in light of Brexit.

Annual Accountants’ Report The annual Accountants’ Report is a feature of the Accounts Rules for all firms, except for those who are exclusively conducting legal aid work, or who have a very small amount of client money held by the practice. The Accountants’ Report allows for the oversight of the accounts and also a consideration of how client money is being held. Further to that, it also allows for the accountant to consider whether the firm have adequate policies and procedures in place for the holding of client money. The Accountants’ Report can be quite extensive in its examination and consideration of the position of client money and the way in which the accountant investigates the books of the previous year. The Reporting Accountant and their team can ask for any files, papers, documents, and supporting information they require, and in some firms may be present for up to a week, with further time to consider the position subsequently. The Accountants Report is not only established within the Solicitors Accounts Rules (at rule 12), it also features in the legislation (for solicitors see the Solicitors Act 1974, section 34). In the legislation, the accountant is required to report on the holding of client money and any potential fraud. In the Accountants’ Report the accountant is required to report risks to client money, and has previously been required to report specific individual breaches of the Accounts Rules. Both the SRA and the CLC require annual Accountants’ Reports (the CLC requirement is at the CLC Accounts Code, rule 6), but similarly to the Accounts Rules, the SRA have recently made changes to the form and style of the Accountants’ Report. This has made it less prescriptive and more open to the accountants’ professional judgement. The CLC have not followed suit, and their prescriptive form still remains. The Accountants’ Report is an important annual review of the firm and allows for an independent consideration of the holding of client monies. The SRA’s version of the Accountants Report has been challenged under by the changes to the Accounts Rules in 2019. There are now a number of ways around: •

obtaining an Accountants’ Report, or

•

supporting the delivery of the Accountants Report.

Unfortunately, if firms were so minded, they could disrupt the Accountants’ Report process in the following ways: 1.

By under declaring the client monies held. 58

Compliance Officer for Finance and Administration 2.

By holding client monies elsewhere than in the client account.

3.

By presenting a mixed monies account, making the position more complex to understand.

4.

By inappropriately adopting a blanket approach to the billing of client money and disbursements, and holding this money in office account, reducing the sum in client account

These actions may occur alongside each other. Whether the SRA will seek further independent verification of, for example, the monies held by the practice remains to be seen. It might be possible to verify the amount being held by the practice in respect of the fees and disbursements due to the firm, and make a decision about whether this is within the sums expected or reasonable. Practices are advised that the spirit of the Accounts Rules should be adhered to.

Compliance Officer for Finance and Administration We have explored the role of the Compliance Officer for Finance and Administration briefly earlier in this Part of the book, but the role is a complex one. It arises under the Legal Services Act 2007, section 92, in respect of alternative business structures (where the role is known as a HOFA or ‘Head of Finance and Administration’). The SRA decided at the point of the introduction of the HOFA to create a level playing field for all practices and introduce the focal point for Accounts Rules compliance more broadly. The COFA role for all practices was then introduced alongside HOFAs and alternative business structures with the 2011 SRA Handbook. The COFA is responsible for compliance with the Accounts Rules. They have to maintain the systems and controls necessary for compliance, and are also responsible for self-reporting any breaches on behalf of the firm. As we will see later in this Part of the book, breaches of the Accounts Rules can be very serious, and the role is a strict one. Practices are required to account for very small sums to their clients, and the role provides a major challenge to the post holder in that respect. Having sufficient systems and procedures in place to account that effectively is very difficult for small, independently owned businesses, and managing the team of finance staff and solicitors to work to that level of precision is very difficult. Readers are encouraged to support their COFA in their role, to adhere to the procedures the firm has in place, and to ensure they support any file reviews or checking undertaken by the COFA as part of their role. Any maintenance of systems requires a double check in place and the key in-built system the COFA has is in the reconciliation. Conducting a regular reconciliation and correcting errors is an important part of the Accounts Rules and is sometimes the main oversight the COFA has to ensure the system is working correctly. This may be particularly true in the case of a firm where the COFA is managing a team of staff and does not see every financial transaction that takes place. The reconciliation, however, only provides a brief oversight and, for the purposes of the rules, only requires completing once per month. Of course, it is often conducted more frequently. In some larger firms the COFA will need to consider 59

Part 1  The Accounts Rules how client money and ledgers are being managed beyond the coming together of the various records that the reconciliation requires. They may want to conduct comparative file and ledger reviews to ensure that files and ledgers correspond, and that client matters are being managed in line with the Accounts Rules. File reviews may also provide an assurance that the receipt, movement, and payment out of client money are being conducted appropriately by fee earners and other staff members. This file review or check and balance is not required by the Accounts Rules but is a useful additional piece of work that can be conducted by the Finance team or internal reviewers to ensure the accounts are being managed effectively and in line with what the firm expects. Such checks also help ensure the COFA can demonstrate they are fulfilling their regulatory and statutory role. During the remainder of this book, we consider how to use the accounts and financial systems of the firm in the management of anti money laundering. While the reconciliation and other checks within the Accounts Rules provide us with a basis for checking that the transactions are there, and are numerically correct, the accounts themselves provide far greater opportunities to understand and oversee the work of the law firm as a whole. We might say that at the moment, the Finance team often look at the pure financial nature of the transaction. The legal aspect of the transaction and the decision making is left to the lawyer and the firm, who also notionally ‘hold’ the client money. However, comparing the ledger to the file; understanding the decision making of the lawyer and matching it to the accounts; and understanding the receipt and movement of client money in the context of the anti money laundering; are all ways in which the Finance team can support and deliver a strong compliance agenda within a firm. All fee earners and staff within a law firm should be aware of the rules of professional conduct, including the Accounts Rules, as well as the law regarding anti money laundering, and the serious disciplinary consequences involved in breaking those rules. COFAs (and COLPs) have to report serious breaches of the rules to the regulator, which can be career ending in some cases. The COFA role is a difficult one, with the responsibility of compliance management, and self-reporting obligations, but also with an expert annual oversight in the form of the Reporting Accountant. Solicitors and other staff should be aware of both the serious nature of breaching the Accounts Rules, and the absolute expectation of keeping client money safe for the client.

Investigating the accounts using the ledger and cashbook system The accounts, as described earlier in this Part of the book, provide several opportunities to investigate and verify transactions. In this section we look at a few ways a firm can check the accounts for breaches, as well as common issues and scams, or potential law enforcement concerns. The methods described here could be used by the firm, the COFA or compliance team, or other external oversight such as the Reporting Accountant or an external Inspector. The issues we describe can occur in any firm if the firm does not implement sufficient prevention measures, so it is important to check files, and ledgers, and ensure you invest the time to do this on an ongoing basis. This section provides a short coverage of the subject, and 60

Investigating the accounts using the ledger and cashbook system there are further descriptions of potential problems and suggestions of solutions throughout the rest of the book. There are a number of checks and balances in the system of client money which allow us to see the: 1.

Movement of client funds, including receipt and use.

2.

Monies taken from client account into office account.

3.

Monies leaving the law firm.

4.

Management of client funds overall.

Each component part of the Accounts Rules system works with other parts to provide a clear basis for the system to work. We have seen the three categories of rules, as classified earlier, and each category works with the other to provide a system in which a failure to comply will result in the breach of a number of different rules – perhaps one or two from each category. There are clear requirements governing the receipt and later movement of client monies, as well as the systems that are required to be in place which provide both records and verification. Usually, an error or deliberate action on the lower system (the receipt, movement, or payment out of client money), is matched by incorrect record keeping at the middle tier in the administration, which can then also be seen in the verification or top tier. There is no specific requirement at the moment for the practice to implement internal audit of compliance with the Accounts Rules. However, we have covered the responsibility of the COFA for Accounts Rules compliance and the importance of their role. In addition, Reporting Accountants consider the accounts once per year provided the accounts fall within certain parameters of holding client money. Beyond that, there is no specific requirement for the firm to consider internal file reviews of ledgers, however, firms should be taking some steps to demonstrate compliance, and Accounts Rules file reviews are a useful way to check what has been happening on individual file ledgers. Financial file reviews can also help eliminate problems on the annual Accountants’ Report and can be an effective preventative measure against inappropriate activity. Two starting points might be: (1)

A review of the client account reconciliation. This might include: •

whether it is correct or has been corrected;

•

date alignment;

•

recent transactions leading to the reconciliation;

•

outstanding or uncleared matters;

•

a review of the underlying client account ledgers totals and client matter listing to ensure correct (credit) amounts are held on behalf of the client.

The regular reconciliation also allows us to review the maintenance and accuracy of the bookkeeping. 61

Part 1  The Accounts Rules (2) A review of the client matter listing. This allows us to see the client matters and descriptions, to ensure the practice are not using suspense or other unnamed ledgers, and that each client matter has been allocated their own ledger. A client matter listing is also useful in showing: •

Aged balances which need to be managed or files which should be closed.

•

Very large sums held for clients. On a risk basis, you may wish to sample those files which are very large and manage them more directly.

•

Work which is being undertaken which is inappropriate, for example due to conflict of interest, or which is beyond the scope of regulation, insurance, or competence.

In terms of the Accounts Rules, there are a number of other areas to investigate, including, but not limited to: (1)

The cashbook: you can check this, for example, to find unusual activity, such as unusual payments out and who they are being sent to.

(2) The client ledgers: the double entry system allows a clear view of the indebtedness of the practice to the client, and the expenses incurred by the practice, at any time – provided the books have been properly kept. The individual client ledgers should match clearly to the files, and both should be genuine. (3) The bank statements for client and office account: to double check transactions, and also to consider the activity on the accounts and whether the statements match the activity. (4)

Bills raised and sent to the client: this can help you to understand whether the bills the practice is raising are legitimate.

Many accounts systems have a number of reports you can use to understand the transactions you can see on the system, and they also allow for investigation and oversight. These reports can be used to spot patterns and trends, for example, inappropriate transfers or even just where transfers have been made. The reports can be a useful time saving tool if you are conducting file reviews, allowing you a smaller and more targeted sample size. Linking these reports across to the individual files provides us with good evidence to support the movement of money on that ledger, or to highlight where there are problems. Selecting individual files for review informs us of whether the activity on the books is correct and legitimate. There are several sources of additional information if you are investigating transactions. We might start by checking documents across the transaction to ensure the transaction itself is fully correct and in order. This might include understanding whether that which has been paid for on the ledger appears on the file, whether all of the documentation has been completed consistently, and whether it all also leads to a consistent conclusion. If the practice has a connected file, you may also sample that file alongside the original file to check the movement of monies between the two; that the files are genuinely connected; and the consistency of the files. When checking files in this way (for consistency and connections), it can be worth paying particular attention to statements made to state authorities, or to financial institutions. 62

Investigating the accounts using the ledger and cashbook system In many legal transactions, there are a number of forms to fill in, and even statements to make. We have to consider whether the correct presentation has been made in each case, and whether there are any unusual features of the transaction that would lead us to think it should have been done in a different way. These are broad statements, but those with a good understanding of their practice area might be able to say whether a transaction is unusual or what they might normally expect to see in certain circumstances. We might question to what extent the practice should conduct file reviews. If the COLP or the compliance team are already reviewing for legal advice and progress, to review separately for financial issues can be double the workload. However, some of the review proposed here would already be undertaken by the COLP review and the ledger should sometimes be a secondary measure or check to ensure it is correct in relation to the file. The reports we have already mentioned can also aid the COFA, by allowing them a full overview of all the files on the system, with the opportunity to file review any anomalies. The writer has seen some suggestions that file reviews should relate to a mathematically representative sample to give a sound confidence interval for the firm. However, this is not the expected standard of the COLP and COFA and is not undertaken in practice. The reports and analysis the accounts system can produce are a valid time-saving management tool in this respect and it is justifiable for the COFA to use these to spot and investigate unusual activity. Firms may wish to keep records of their activities in doing so. Some regulatory investigations the writer has seen centre on the lack of record keeping in a practice; of course, as this is an accounts system of checks and balances that may not be the underlying problem. Sometimes the failure to keep books of account masks the misappropriation of client funds or their complete mismanagement. The failure to maintain books is an attempt to make the actions of the lawyers more difficult to understand and more difficult for law enforcement to prove. The regulator takes such situations very seriously and you will see solicitors being prosecuted for their failure to maintain books of account, including where the amount held on behalf of the client cannot be ascertained, even by forensically trained accountants. In such cases these are interventions (as well as prosecutions), on the grounds of breaches of the Accounts Rules, but often also on the ground of dishonesty, as the monies apparently held for the client have disappeared or cannot be accounted for. Of course, we might see firms operating that are not real, and in these cases the books of account may be non-existent. The ‘practice’ can simply have bank statements, and no proper internal records at all, or the records may not correspond with the books. The regulator would also usually intervene in such situations, and law enforcement would be involved as well. There can be other, more complex frauds, relating to books of account which can be more difficult to detect. You might organise these into a number of categories: •

Situations in which books have been kept, but these are not the books of the practice, or the books are otherwise not real or fake.

•

Situations in which the books have been kept, and these are genuine, but show evidence of attempting to hide the inappropriate movement of monies.

•

Situations in which the books have been kept, and they record the inappropriate movement of monies, but perhaps with a stated or inappropriate justification. 63

Part 1  The Accounts Rules In each case, different breaches of the rules arise. However, in these circumstances law enforcement would also be involved with the practice as well. While the regulator would likely close down the practice and prosecute for breaches of the Accounts Rules, there would also likely be a criminal investigation too. Further common breaches include inappropriately moving client monies between client matters (known as ‘taking from Peter to pay Paul’). Examples of these include: •

From one ledger to another (usually to cover a previous problem); or

•

From the wrong client ledger to the office account to pay another client’s bill.

These two types of movement often then result in further problems as more inappropriate transfers must be made to cover up the original problems. These types of transfer often occur initially due to a shortage within the accounts overall, probably due to an initial inappropriate transfer from the client account to the office, to a third party, or even direct to a solicitor (or other member of staff). The transfer between ledgers is sometimes used to cover this temporarily when money is received into the victim’s client ledger. Firms can seek to inappropriately resolve or cover this type of problem with a non-existent payment out, which can sometimes take the form of an unbanked cheque, which is another reason to check the uncleared list on the reconciliation in detail. In some instances, if another party is involved in a client matter, you may see a separate ledger created for them, and movement between it and the original ledger. Do be aware of this also if a ledger is created for a member of staff which interacts with client ledgers. In all of these cases, the movement may be inappropriate. Solicitors and licensed conveyancers must ensure that each individual client matter is independently considered and worked upon, and there are specific rules in place governing conflict of interest. If another person is influencing a client matter, this would be a breach of the rules in this respect. There are also specific rules around solicitors and licensed conveyancers having an own interest conflict which could impact representation of their own interests (also bearing in mind the relationship to the business). See rule 6 of the SRA Code of Conduct for Individuals and the same provision in the SRA Code of Conduct for Firms. The CLC’s provisions in this area in their Conflict of Interest Code focus on the relationship between clients and the lawyer (assuming the two are different), but do require regulated firms and individuals to act with independence. Suspense ledgers or using old, or non existent files can also hide breaches of the Accounts Rules, as they are left alone and not often looked at. Other live files would be selected from the shelves for file review by the COLP, as they are active and demand more attention. It is important, therefore, to stay on top of ‘file hygiene’ (by closing old files, and returning aged balances), and monitoring the accounts for the use of suspense ledgers or financial movement on files which might otherwise appear dormant. Another problem is balancing the reconciliation by masking withdrawals on the client account with negative client ledger balances and office credit balances. Again, this can be uncovered by considering the movement on the client bank account and office bank account as compared to the cashbook and client ledgers. There are other types of inappropriate transfers and payment patterns which can cause problems, for example: 64

Investigating the accounts using the ledger and cashbook system •

If payments are made across to the office account for disbursements due from the client, but not also made from the office account to the organisation supplying the item which was the disbursement.

•

Automatic (or organised) payments or automatic batch runs (multiple payments) and allocation to a client ledger, when the expense has not been incurred on that client file.

Despite the issues with automatic or organised payments, the standardisation of client money expenditure can be an effective means of counteracting some issues of fraud. If we specify the amounts due for each matter, and we know when they arise on each file, we can spot when unusual payments and transfers arise and check them to ensure they are genuine. Of course the difficulty comes when these are undertaken automatically, but for some reason the expense has not been incurred on one or more files. A double sign off of instructions to the Finance team to pay or transfer from client account can assist in fraud prevention. This means the payment passes through three hands (including Finance) before it is made. The multiple check provides a greater oversight of the decision making and assists not only with preventing inappropriate payments but also with directing responsibility to the correct department within the organisation. In some cases, we see quite junior members of staff being asked to take responsibility for fraud prevention in accounting, including in some cases acting as the COFA. Having a second pair of eyes on a transaction can be helpful to prevent fraud, and often the most suitable person to do this would be the established partner within that area of law. Firms should consider the individual responsibility of each department alongside the COFA when planning their finance compliance, and also ensure the COFA has both the seniority and authority required to fulfil the role they have been given. We have mentioned earlier in this Part of the book that the client account cannot be used as a banking facility, and this can sometimes occur when the Finance team does not have a clear understanding of the legal work being undertaken. Transactions should be incidental to the provision of legal services and related directly to legal advice or transactions taking place which are being conducted by the firm. We might say it was transactions in which using a solicitor would be necessary or normal. Underlying this regulatory prohibition are two difficulties with using the client account as a bank account: 1.

The provision of banking services is regulated by the Financial Conduct Authority (FCA), and using the client account as a bank account is not part of the SRA and CLC’s exemption for professional services under the Financial Services and Markets Act 2000 (FSMA), Part XX. Therefore law firms would require a separate designation and regulation to offer a banking facility.

2.

Transactions which do not have an underlying legal purpose, and are using the client account, perhaps as an impressive law firm name, may be frauds or furthering criminal enterprises. Lawyers are regularly warned about these types of transactions.

The provision of general banking services is tightly regulated by the FCA, and firms should be careful to ensure they stay within the terms of their own regulated 65

Part 1  The Accounts Rules services in providing a client account only when it is needed and necessary for the legal transaction. There may be important policy issues in the provision of client accounts by law firms alongside the provision of legal services and the SRA may consider their authorisation and ongoing risk position differently to that of law firms not providing those services. In all firms there should be a means to report any concerns to either a partner, the COFA, or even the COLP. In this Part of the book we are focused on the financial aspects of the transactions, and the COFA would be the appropriate person to approach. However, some firms also consider the various reporting lines they have in place and how to ensure reporting serious issues is distinguished from questions that might arise which may not be serious, and where these should be directed. In larger firms it is possible to have compliance teams in place to help with some of these issues, but in small firms it can be worth considering how to support the COFA in managing queries and sorting out small issues from more serious ones. Of course, the COFA must demonstrate that their role has been fulfilled and that compliance is ensured. The investigating techniques described in this short section and checks on the accounts can be used by anyone to verify that client matters, and their associated client monies, are being correctly handled. Many firms have accounting departments that undertake checks. Of course, the COFA, or each law firm, is responsible for overarchingly assuring compliance with the Solicitors Accounts Rules. COFAs may therefore wish to undertake file reviews which work alongside the more traditional legal file reviews undertaken by the COLP.

Disciplinary action Failure to comply with the Accounts Rules can lead to disciplinary action. The process at the Solicitors Regulation Authority would usually start with the Authority being alerted to something at the practice which requires investigation. This can be any breach of the rules, or it might be the result of an investigation at a connected practice or other business. Sometimes the Authority can be alerted following the Accountants’ Report, and this important tool allows the regulator to oversee some aspects of some firm’s management and handling of client monies. Many of the concerns identified in the earlier investigation section would be flagged on an Accountants Report; by the practice themselves; or by concerned clients or third parties. Of course, the regulator also visits practices to inspect their books of account. The SRA may arrive at a practice (even unannounced) if there are any concerns about the Accounts Rules compliance. They can inspect the books, including asking to see the reconciliation, bank statements, cashbook, and the other records we have discussed earlier in this Part. In fact, any accounts records the practice has must be made available (the Solicitors Act 1974, section 33A). If there are concerns about the position of the accounts following the inspection, there can be disciplinary action against the practice. In some cases there might be a very prompt intervention (within a matter of days) if the concerns about the accounts are serious. Both SRA and CLC powers of intervention can be exercised for a variety of reasons, including breaches of the Accounts Rules and dishonesty. For an intervention to take place, the breaches of the Accounts Rules would need to be serious, such as misappropriation, fake bookkeeping, or failure to maintain books of account. 66

Disciplinary action Allegations are usually raised with the practice in writing and if an intervention is intended, notice can be given. However, in very serious cases, the regulator has the authority to effect a no notice intervention, which means turning up at the practice and closing it down immediately. This is only usually utilised in cases of suspected criminal activity by the practice or one or more employed solicitors. If allegations are raised, there is usually a set time frame to respond (often 14 days), and the practice has the opportunity to make ‘representations’ which are the responses to those allegations. In cases which do not require an intervention, but where there has been a matter where some form of disciplinary action is required, the SRA have powers available to: •

Rebuke. This might occur if, for example, there has been a minor to moderate breach, but it does not warrant further disciplinary action. This might include a corrected breach of the Accounts Rules which had slight to moderate impact, for example persistent but corrected reconciliation errors which reveal accounts management issues; all of which have been fully corrected.

•

Fine. This power often acts as a deterrent. At the time of writing, the SRA’s internal fining powers were increasing from £2,000 to £25,000. Most large fines are issued by the Solicitors Disciplinary Tribunal. A  fine might be appropriate where there was a more serious breach of the Accounts Rules, which had been outstanding for a longer period of time. A  fine might be issued for the mismanagement of individual client transaction monies due to mistakes or inattention to bookkeeping.

The SRA can, in serious cases, make a referral to the Solicitors Disciplinary Tribunal. Sanctions available to the Tribunal include suspensions and strike offs. These outcomes would be reserved for solicitors who have behaved dishonestly and for example, had misappropriated client money. As we have already seen, the SRA have the power to intervene for serious Accounts Rules breaches, and if there is criminal involvement, the police or other agencies such as HMRC may also be involved. On occasion, breaches of the Accounts Rules may lead to practising certificate conditions, which may restrict the practice of the individual. These can be imposed for individuals, most commonly, under the Authorisation of Individuals Regulations 2019 and the Solicitors Act 1974, section 10 or section 13A (other similar provisions are available for Registered European Lawyers and Registered Foreign Lawyers). The SRA have the right to impose conditions on the firm or on the individual, but currently chooses to impose them most commonly on the individual. Systemic breaches of the Accounts Rules at a low level are likely to result in a condition to have support, oversight, or supervision in dealing with the accounts, or to restrict access to the accounting functions of the firm. We deal with Practising Certificate conditions extensively in Serious Breaches. The SRA may also issue advice to practitioners who have made very minor errors. The outcomes listed above are SRA internal outcomes (or can be). The outcomes of strike off or suspension require prosecution before the Solicitors Disciplinary Tribunal. If there is a formal outcome from any regulatory investigation (aside from ‘no further action’ or the very minor outcome of ‘letters of advice’), these may be published (see Solicitors Act 1974, section 44D). Regulatory decisions made by the regulator can be published on the regulator’s website and decisions made by the 67

Part 1  The Accounts Rules Solicitors Disciplinary Tribunal are available on the Tribunal website. On occasion, Tribunal proceedings may also be reported by the press, including at an early stage when the Tribunal certify that there is a case to answer. The investigation process is almost always confidential until this point (however on occasion, if there is public or political interest, it will be announced during the early stage). Firms and individuals will realise the importance of maintaining their compliance to avoid damage to their reputational position and goodwill. There is a form of settlement possible with the SRA and this is known as a Regulatory Settlement Agreement. It is sometimes offered in the public interest to bring to a close an otherwise complex and lengthy investigation and prosecution. It can be offered as a compromise between the regulator and the individual, although it usually results in a sanction of some sort and commitment from the subject individual or firm. The end results can be varied and range from agreements to improve their compliance, to work under supervision, or in some very serious cases to end a career as a solicitor (if this is agreed with the regulator). The majority of significant and dishonest breaches of the Accounts Rules lead to disciplinary action before the Tribunal. The Accounts Rules are set up to provide safety and security for client money. If they are breached, or a solicitor attempts to find a way around them, the solicitor in question can be treated very severely. Matters prosecuted before the Tribunal are often strike offs or suspensions and those involved in the deliberate and dishonest mismanagement or misappropriation of client account finances should expect to be in receipt of the harshest possible sanctions from the Tribunal, as well as potentially from the police and criminal courts. In recent times, the regulator has also become more involved in monitoring compliance with anti money laundering, with requests for practices to provide evidence of their systems and procedures including risk assessments and other documentation. If your accounts are under consideration, also be prepared for consideration of your anti money laundering procedures. This may be done in writing, with the regulator expecting a response within a set number of days. If practitioners are involved in money laundering activity, there is likely to be a similar reaction and they should also expect sanctions before the SDT, as well as police prosecution or involvement. The Council for Licensed Conveyancers also have disciplinary and related powers, established by the Administration of Justice Act 1985, sections 24–30. In particular, disciplinary outcomes are dealt with by section 26 of that Act.

Third Party Managed Accounts A comparatively new introduction in the world of legal accounts is the Third Party Managed Account, known as a TPMA. This is a type of account that is run by a third party which allows both the solicitor and the client to view the money held, and the complete transaction. The third party running the account must be separately regulated by the Financial Conduct Authority. The legal professional operating the account still has fiduciary duties to the client, but the money is not held directly by the legal professional. 68

Third Party Managed Accounts The benefits of this system are: •

To reduce risk for the client and the law firm: there is a substantial amount of risk in holding client monies in a law firm bank account and accounting to each client is a precision task. This removes some of the pressure from the law firm by outsourcing this function to a dedicated company who are specifically regulated to provide it.

•

To allow other legal professionals to utilise client funds: holding client money has traditionally been the preserve of solicitors and licensed conveyancers, but the Bar were the first regulator to take steps in this direction. They set up BarCo to manage third party accounts. BarCo is no longer in operation, but the idea that other legal professionals can work with client money is a new step for other parts of legal services regulation.

•

The practice and individual solicitor (or licensed conveyancer) does not hold client money (the Solicitors Accounts Rules 2019, rule 11.1(a) and the CLC Accounts Code, rule 7.3): when using a Third Party Managed Account the legal professional is not ‘holding’ client money, which is why other types of legal professional can use this type of account. Such money does not need to be declared to the regulator on the annual renewal and some rules do not apply to the practice operating in this way – for example, freelance solicitors are not allowed to hold client money, but as a TPMA is not holding client money, a freelancer can use a TPMA so they can provide services which have thus far been the preserve of those with a client account.

•

Reduced compliance requirements: in outsourcing part of their service, solicitors are removing some of the compliance requirements that ordinarily apply to them.

•

Less misconduct on the part of the firm and individual solicitor: the additional oversight of the TPMA provider and the client all contribute to an increase in honesty and probity in the operation of the account, with less chance that the solicitor will behave dishonestly or remove monies inappropriately from the account. Of course, traditionally clients are usually accounted to at the end of their matter either through bills or completion statements, but these can be quite complex documents and clients can sometimes fail to notice aspects of transaction which may not be right.

•

Less interventions: intervention is the closure of the practice by the regulator. Usually used when the practice is in breach of the accounts rules, or suspected of dishonesty (again, related to the holding of client money), the practice is shut down by the regulator and the files passed to new solicitors. If solicitors are not holding client money, they are less likely to be in breach of the rules, and less likely to be intervened.

•

Fewer claims on the Compensation Fund: the Compensation Fund is set up to offer financial assistance to those who have lost money due to the dishonesty of the solicitor, and/or the closure of the law firm. With less pressure on firms related to the holding of client money, there will be fewer claims on the Fund. As the Fund is financed by Practising Certificate fees, ultimately, there also should be a lower annual fee to practise.

However the drawbacks of using a TPMA are: •

Cost: the cost of using a TPMA is an issue as it is chargeable per transaction. Not all transactions might be suitable for a TPMA and firms may want to 69

Part 1  The Accounts Rules keep some of their client account services in house as well. Over time the per transaction cost of using such a service may decrease, and it may become more popular with firms. •

Breach of confidentiality: solicitors and other lawyers are obliged to keep their clients’ affairs confidential (under the SRA  Code of Conduct for Individuals, rule 6.3 and the same provision for firms; and the CLC  Code of Conduct, rule 3.6). The use of a TPMA to conduct a transaction might reveal that transaction to the TPMA provider, who is not covered by the same rules of professional conduct as the lawyer. The operation of the TPMA and the movement of the monies at different times might reveal the advice or the strategy of the lawyer, or even disclose that they are a client in the first place. Of course, we may say the same about the client bank account, but if monies are transferred to client account and then billed, the ledger contains the details of the transaction, and that ledger is retained in the firm by the solicitor or licensed conveyancer and not disclosed to the bank. We might think that TPMAs are more suited to legal departments or individual solicitors that offer transactions or transaction-based advice that is fairly formulaic and might not deviate from the norm. It may also be suitable where the clients’ details are already being disclosed or may become apparent (such as in conveyancing where the client moves house), but clients themselves may want to have a say in who their details are disclosed to and when.

•

Speed of access: some legal work relies on the speed of the client account to complete their transaction. A  conveyancing transaction may need to complete quickly to ensure the chain is maintained, for example. In this case, some lawyers have questioned whether they would have sufficient immediate access to client funds to ensure client matters can be dealt with promptly and expedited where necessary.

The legal regulators have long wondered about the alternatives to client account use, given the potential for accountancy problems, compliance issues, and dishonesty. The introduction of Third Party Managed Accounts may be a solution for some, and we may see some law firms take them on instead of continuing to hold client money. In the context of anti money laundering, the solicitor or other lawyer using a TPMA must still check the client’s identity and where their money has come from, as part of the Money Laundering Regulations. Although this book places emphasis on the receipt of client money, the Regulations are wider in their scope and cover transactions ‘as a whole’, meaning unwitting solicitors and their staff can still get caught out by money laundering as part of a transaction they are involved in, regardless of whether they have handled client money. Third Party Managed Accounts are dealt with in the Solicitors Accounts Rules, rule 11 and in the CLC Accounts Rules, rule 7. Both sets of rules require information provision for the client about the TPMA. The TPMA will be separately regulated, have its own systems and procedures in place which are separate to that of the law firm, and not be subject to the same rules. Clients therefore need to understand the differences between the two service provisions. 70

Conclusion

Conclusion As we have seen, there is a strict set of rules in place to support the holding and use of client money by solicitors or other lawyers, and the firms they operate. Client money is held on trust and the Accounts Rules support that by offering three layers of protection, governing: •

the systems and procedures the firm should have in place;

•

the type of movements the money can make and when; and finally

•

two important oversight mechanisms – the reconciliation, and the Accountants’ Report.

The importance of maintaining the accounts for the firm and clients, and the severe consequences of failing to do so, mean it is also good practice for the COFA to implement additional mechanisms and controls. Recent changes to the Accounts Rules are controversial, in that some of the checks and balances are changing. This includes more flexibility in the definition of client money, and some diminishing oversight in when an Accountants’ Report should be obtained. From this Part of the book, it should be possible to see and understand that the principles of maintaining the accounts in accordance with the rules are fairly straightforward. The complexity or difficulty in the role comes from: •

the number of transactions processed;

•

the number processed through one bank account; and

•

keeping track of all the sums held for clients in individual ledgers.

Maintaining the accounts is a challenging task and one of precision and possibly forensic accounting awaits those who go into financial practice within the legal services sector. We have considered some aspects of anti money laundering during this discussion of solicitor and licensed conveyancer accounts. This book goes on to consider in the forthcoming Parts that the receipt and use of client money could be placed more centrally within the consideration of anti money laundering in law firms as a whole.

71

Part 2

Receiving Client Money

Contents Introduction73 Defining money laundering 76 Current requirements in anti money laundering 79 Stage 1: before receiving client money – law firm management through risk assessments, and financial and client profiling 80 Stage 2: due diligence 83 Stage 2A: identity checking 84 Stage 2B: identity checking for corporate persons 88 Stage 3: source of funds 92 Stage 4: ongoing monitoring 94 Particular issues in conducting client due diligence and assessing transaction finance96 Political persons 96 Sanctions97 High risk jurisdictions 97 Client financial health 98 Transactions without the receipt of client money 99 Reporting100 After reporting 109 Managing risks and issues 112 Receiving client money 113 Initial receipt into the firm 113 Managing the lifetime of the transaction 116 Areas of investigation 121 Monies from and to third parties 122 Payments out 125 Costs127 Concepts of the Accounts Rules 128 Annex A: Anti Money Laundering Advice Form 132 Annex B: Anti Money Laundering Reporting Form 135

Introduction We have covered the basic building blocks of holding client monies in compliance with the Accounts Rules in the first Part of this book. The focus of this Part is on the anti money laundering (AML) processes that are triggered at the outset of the transaction, including when practices receive those monies and how those monies 73

Part 2  Receiving Client Money go on to be managed. In this Part of the book, we consider the Money Laundering Regulations 2017 and their current focus, as well as a discussion of their relevance to handling client money. Of course, the Money Laundering Regulations are often discussed without the context of client money. For example, we might look at a whole money laundering risk assessment without coming across reference to the client account. However, the purpose of this book is to provide a much needed focus on that angle; the position of the client account and the receipt of client money in the context of money laundering. The intent of the book is to consider the position laterally; that is to say, how we can see anti money laundering and the handling of client monies as interlinked subjects. These subjects are currently cut in two by the policy and regulatory focus of AML on identity checking and risk assessments. We are used to seeing non finance staff undertaking an AML role which is dominated by the consideration of the tests for reporting, the requirements to prove identity, and of the need to risk assess the business and incoming work for suspicious circumstances. Of course, by handling and receiving client money firms are potentially receiving the proceeds of a crime, the risk of which should be considered in the broadest possible sense. There are a number of ways to use financial analysis and consideration to develop our application of AML processes and this book considers the means to do so. This Part of the book explores the practical application of the position in anti money laundering, particularly related to establishing a relationship with a client. In order to consider new ways of using the accounts or finances of a firm to understand AML, we need to first understand the requirements as they currently are. Over the coming pages we set out the stage-by-stage process by which clients are taken on by the law firm and the AML requirements in place that solicitors have to meet at the outset. Following this, we examine particular issues and risks in this process and the requirements that firms have to meet in respect of those; for example if a client is a politically exposed person, or if they are from a high-risk jurisdiction. Once those issues have been dealt with, we briefly cover the reporting aspects of the requirements. Finally, we examine additional ideas for using the Accounts Rules and the financial transaction to provide us with more information about the client, the client matter, and the ongoing development of the transaction. We build on these new ideas in Part 3, where we consider the traditional application of the firm risk assessment alongside new areas to risk assess and consider within your firm. At the moment, the position in the Money Laundering Regulations is very strongly focused on the initial stages of the transaction, and on the identity of the individual. There are some financial checks required – for example, checking source of funds and source of wealth, but the focus has been less on finance and more on the individual person. Of course, we may explain this focus with reference to the criminal law in general and the responsibility of the individual. The vast majority of the criminal law is placed at the feet of the individual, with personal responsibility for actions. There are examples of corporate or organisational liability and criminal responsibility, including within the Money Laundering Regulations. The focus of the law in AML is on criminalising certain actions and steps in a process, for both law firms and individuals. The law attaches the responsibility to: •

Individuals – primarily the clients laundering monies, but also to law firm staff and in particular nominated individuals. 74

Introduction •

Firms – including law firms and other professionally regulated businesses or organisations operating in specified sectors.

Responsibility and liability attaches for their part in any affected client transaction, for a failure to report suspicions, or for a failure to maintain the correct procedures and systems. We can also see that criminals often try to hide their identity when laundering the proceeds of crime, so checking identity is important. Establishing identity has become a proxy measure for counteracting fraud and money laundering in legal services. However, there are further checks and balances we can put in place beyond those standard explorations that allow us the opportunity to examine the financial position of those using law firm services. Such checks can be undertaken by a range of participants in legal services, including by the average law  firm. There is a section at Part 4 of this book which covers the legislation and offences in more detail, including the step-by-step process based nature of those offences and how they relate to the process maps of a legal transaction. This Part of the book provides an overview of the requirements of the Money Laundering Regulations in a broad sense. This overview is intended to do three things: 1.

Aid the practitioner and those within law firms (or associated businesses, such as accountants), in understanding the broad requirements for policies and procedures in this area.

2.

Act as a discussion point for the subject, which is intended to ground compliance by placing it into the context of both common everyday issues, and how to implement policies and procedures alongside effective financial management.

3.

Be useful as a reference point for the subject, providing a starting point for exploring the legislation and regulations within this area.

Without context or day-to-day explanation, the Money Laundering Regulations and associated legislation can seem daunting, and that is particularly the case when we discuss possible criminal offences. However, this book intends to present the subject matter in a factual yet accessible way, to enable positive action by the reader in achieving compliance. Of course, those with particular difficulties or in need of legal advice are advised to approach such advisers directly. At the time of writing, there were a number of sources of advice, including from the Solicitors Assistance Scheme. The Law Society of England and Wales have also published a list of firms and qualified individuals willing to assist legal professionals in need of anti money laundering legal advice within England and Wales. This book is not providing that advice, and instead perhaps should be seen as an information guide and useful reference point for all legal professionals at whatever stage in their career, to aid compliance, understanding, and continuous professional development. 75

Part 2  Receiving Client Money

Defining money laundering It can be helpful to start with a definition and explanation of what we mean by money laundering and its relationship to other crimes and scams you may see. The definition of money laundering varies, but we may determine it as the process of taking money obtained from an initial crime, and using it or attempting to use it, within other transactions – often with the aim of hiding the money. Money laundering is a crime in itself. It differs from other types of crime because the money laundering comes later – after the initial crime. Money laundering is often referred to as the means of cleaning dirty money. To have money laundering, you must first have the proceeds of a crime. If the crime is profitable, the income will probably need to be hidden, and/or invested. This is when criminals attempt money laundering. Often criminals will not want offences to be traced back to them, so they are likely to attempt to hide their identity when approaching law firms and others to act for them. Laundered money can also be used for or linked to terrorist financing. Solicitor firms provide attractive opportunities for clients to launder money. Dealing with a solicitor can open the door to the client account and use of their well-respected title to facilitate the cleaning of funds. Staff and managers should be aware of the attractiveness of the solicitor name, and the client account, to criminals.

There are serious consequences for being involved in money laundering; both for the firm and staff. Individuals and staff may be prosecuted under the Proceeds of Crime Act 2002 (POCA) if they know or suspect they are handling the proceeds of a crime. If you work within the regulated sector, and you are suspicious of money laundering, you should discuss your concerns with the MLRO (Money Laundering Reporting Officer) or AML  Compliance Officer. We discuss this reporting process further in this Part of the book and later again in Part 4 when we discuss the offences in more detail. In some instances, your firm may be the victim of scams and crimes that need reporting to the police, but these may not be money laundering, yet. We might ask some basic questions to identify whether monies, or the transaction, could be money laundering, or whether we are dealing with a scam. We might ask whether the crime has already been committed, and whether we are or might be being used to clean those funds, in which case it is money laundering. Alternatively, we can ask whether we have been the victim of a crime and the matter needs to be reported to the police. If we are also suspicious that the funds from the crime will be cleaned, this additional factor can be reported in the process for AML. 76

Defining money laundering

Money laundering is a crime in itself, and the term also covers a number of specific offences, which we cover in more detail in Part 4 of this book. We might view the term money laundering as a ‘catch all’ phrase which both covers the attempt to clean dirty money, and which covers a particular set of crimes defined by the Proceeds of Crime Act 2002. These crimes, and the Act, cover the actions required to clean those monies, and we discuss the step-by-step nature of those actions and the offences in process maps in Part 4 of this book. The effect of the Proceeds of Crime Act is to say that if a law firm was receiving and handling dirty money, or money tainted by crime, from a client, both the client and law firm would be guilty of a crime. A key defence to that crime for the law firm or staff is making a report to your Money Laundering Reporting Officer. Law firms can fall victim to both money laundering offences, and other criminal offences, through their client and third party associations if they are not careful about their business dealings. The legal professions (term here is used most broadly, to encompass all legal professions), do not support money laundering and wish to protect their firms from all types of crime, including frauds, and misuse by criminals, as well as the distinct category of crimes known as ‘money laundering’. There are two main legislative and regulatory instruments we refer to in this book, when discussing money laundering. Those are the Proceeds of Crime Act 2002, and the Money Laundering Regulations 2017, both of which have been amended. The legislation and Regulations are frequently updated, with new measures continually being introduced to combat financial crime. The writer expects amendment to both in the near future, but possibly in quite small ways. The legislation is international in its focus, and reflects requirements that are in place across both the European Union and in some instances worldwide. We are required to have such systems in place to work with and trade with our international partners. Those international expectations do not often change; perhaps they grow. Consequently our legislation remains consistent, but with regular new additions. The consistency is beneficial for business. The legislation is explored in more detail in Part 4 of this book. This Part of the book is intended as a discussion of the practical implications of the Money Laundering Regulations in the receipt of client money, and an analysis of the further steps we can take beyond establishing identity. Financial transactions offer a wide scope for analysis and also the opportunity to be creative in how we protect our law firms. Consequently, this Part of the book describes the steps required to meet the legislation in identity, but also takes a practical and day-to-day focus on receiving client money. 77

Part 2  Receiving Client Money If we move for now to looking at the Money Laundering Regulations, and their practical application, we might say the aim within those Regulations is on one small part of a transaction, rather than covering the regulated business as a whole. The Regulations specify that law firms (regulated under the Regulations) must consider the identity and bona fides of the client at the start of the relationship. They should also consider the type and profile of the work they undertake, and the general nature of the client relationships they have, within their overarching firm risk assessment. The Regulations in some instances also require the firm to consider the risk of any transaction on an ongoing basis, re-emphasising the importance of the individual transaction as the focus of the Regulations, rather than the business itself. There are, however, other steps within or related to legal work which could be utilised to provide effective support for the overall AML process and we will consider this later in this Part of the book. For example, the financial aspects of the transaction are not the focus of the Money Laundering Regulations, despite money laundering being about the placement and use of finance. The writer’s own experience in working for the regulators and dealing with transactions which are suspected to be money laundering, is that some of these transactions are extremely complex. They may therefore need a different (non-financial) intervention, such as the checking of identity, to disrupt the confusing financial process.

We explore the theme of the whole business further throughout this book, and in particular in Part 3 where we discuss how viewing the entire firm can help us build a more effective risk assessment process. Taking a wider approach does not disregard the Money Laundering Regulations or the Proceeds of Crime Act 2002, and their focus, rather it honours them in their full implementation by ensuring all risk can be assessed, and ensures the firm takes appropriate steps to detect money laundering or other crimes across the firm; allowing reports and identification of problems to be made and dealt with earlier. The receipt of client money is necessary. In some areas of law, the law firm needs monies on account to begin work on the transaction. We have seen in the first part of this book how those monies can be handled by the law firm, and accounted for to the client. However, even if money was not paid upfront, it would need to be paid at some point to cover the work completed. Practitioners are encouraged by regulators to specify costs for abortive work, and there are also provisions within the Proceeds of Crime Act providing a defence for charging your professional fees if you are adequately considered (ie receive appropriate payment) when there is a concern about money laundering (section 329(2)(c)). 78

Current requirements in anti money laundering Both of these latter provisions (in costs for abortive work and adequate consideration), discourage the conducting of work without appropriate payment (or accepting some alternative form of payment, or payment later), and any attempt to do so may be a red flag within law firms. We have briefly mentioned the step-by-step criminal offences present in the Proceeds of Crime Act 2002 and the law firm and individual solicitors need to ensure they both are and are perceived as fulfilling both a legitimate and professional role within any transaction. If we consider the firm as a whole, with an outside perimeter, and take the focus away from purely client-facing work, we may find more vulnerabilities within a firm which require protection. Other criminal or scam attempts on a firm, such as cybercrime, are often overlooked when we consider money laundering. The same may be true of the finance and accounting functions of the firm who may be able to play a far greater role in protecting the firm from fraud and other misuse than is currently specified by the Regulations. We have seen in Part 1 that the firm has an important role to play in the handling of client money, and the Money Laundering Regulations could be much wider in their scope to cover the receipt and management of client funds, and the management of the firm as a whole. Before we come to considering the breadth of possible protections both within and for the full perimeter of law firms against money laundering, and in handling and receiving client money, we must first look at the current requirements.

Current requirements in anti money laundering We can divide the current requirements of the Money Laundering Regulations and associated legislation into four stages, which mirror both the steps in the client matter, and the receipt of client money. The four stages are as follows: Stage 1: Before the receipt of client money: this stage covers law firm management, risk assessments, financial profiling, and client profiling. Stage 2: Identity checking: this stage covers the commencement of the client retainer and is the current focus of much of the regulations and law firm activity in AML. Stage 3: Source of funds: before receiving substantial amounts of monies into the firm, the funds should be checked to ensure they have been generated legitimately. Stage 4: Management of the transaction: this stage covers the ongoing monitoring of the matter to ensure nothing changes in your initial risk assessment, but also that the explanations you have received from the client are consistent with the later activity. These four stages are covered over the coming pages, with descriptions of the broad regulatory requirements in the different areas. 79

Part 2  Receiving Client Money

Stage 1: Before receiving client money – Law firm management through risk assessments, and financial and client profiling The diagram shown here indicates where stage 1 sits in the process map of dealing with the Money Laundering Regulations. The initial work done in the first step (before client instruction), prepares and informs the approach to clients and how to deal with their instructions in the context of anti money laundering. This stage covers risk assessments and other corporate compliance requirements that build the basis of accepting client instructions.

Before we start to consider receiving any client money, we have to consider the overall profile of the firm and its client base. The Money Laundering Regulations require the law firm to create a risk assessment under regulation 18. We explore the requirements for risk assessments in significant detail in Part 3 of this book, considering the requirements of the regulation and how firms can effectively assess their risks and take steps to combat the problems they might face. Broadly speaking, the regulation requires firms to assess how it delivers services, who it delivers them to, where it delivers them, and what services it delivers. This necessitates the profiling of the firm, to consider the type of services it aims to offer, what its target market is, and the AML challenges involved in delivering those services. Those challenges might take account of a range of risks that include for example, geographical and personnel issues of the firm. We can see the risk assessments require the ‘who, what, where, and how’, but not the ‘when’. The firm’s risk assessment is required both before the firm starts work (in the overarching firm risk assessment), and when the client first establishes a business relationship with the firm (see regulations 18, 27(1)(a), and 28(12)(a)(i)). Some firms see these as two separate risk assessment processes, with an overarching risk assessment for the firm, and a separate risk assessment for each client retainer. Indeed, you will often find separate forms within firms that complete the firm wide risk assessment, and the individual risk assessment. We also follow this approach in Part 3. However, there should be a relationship between the two risk assessments and the overarching or managerial nature of the firm-wide risk assessment means it is not always reflective of the actual concerns the firm sees in client matters. Lawyers conducting individual transactions should be aware of the need to understand the firm risk assessment and take what it identifies into account, but simultaneously make their own assessment of the individual risk posed by the client retainer (regulation 28(12)(a) and (b)). 80

Current requirements in anti money laundering If firms are working with other firms, in a chain of transactions, they may want to take steps to ensure checks have been conducted at the very outset of any relationship that ultimately leads to their firm. There are more functions than just the risk assessments in the compliance with AML. The firm are required to have policies and procedures in place to combat money laundering under regulation 19 for most firms, and regulation 20 for firms in a group structure. The law firm is managed through its corporate structure and within that there are specific roles of the Money Laundering Reporting Officer and Money Laundering Compliance Officer, which are provided for in the Proceeds of Crime Act 2002, section 331 (also see sections 336 and 338), and the Money Laundering Regulations 2017, regulation 21(1)(a) and (3). We cover the role and reporting authority of the Money Laundering Reporting Officer in Part 4 of this book. As we have seen in Part 1, the governance and structure of the firm are also important in decision making related to finance and administration and general compliance, and as a result of the Legal Services Act (2007), we have the law firm roles of HOLP and HOFA, (or COLP and COFA for non ABS). These two roles were established to oversee the legal practice (COLP / HOLP), and the finance and administration of the firm (COFA / HOFA), in broad ways. Although these roles act as figureheads within the business for general compliance, the management structure of the firm can also be held jointly and severally responsible for compliance under the SRA Code of Conduct for Firms (rule 8.1) and under the Money Laundering Regulations 2017, regulation 19(2)(b). The SRA’s regulatory compliance oversight includes anti money laundering, and both the SRA and CLC are supervisory authorities in this respect. Regulation 21(1)(c) of the Money Laundering Regulations 2017 also requires the firm to consider whether to have an independent anti money laundering audit. This usually depends on the size of the firm and whether the firm conducts particularly risky work for the purposes of the Regulations. Such an audit might consider the requirements of the Regulations and how these are reflected in the policies and procedures and risk assessments of the firm, along with their implementation in the files and enquiries or reports to the MLRO or MLCO. The audit may also consider relevant red flags from the regulator and other sources such as the Legal Sector Affinity Group or national and international risk assessments, and how these are being reflected by the firm. There can be a large amount of documentation to assess and work to complete in an independent audit, so it is expected that large and complex firms will be the main users of this type of service. Another pillar of the compliance effort to combat this form of financial crime is the requirement to train staff on a regular basis in respect of the law in anti money laundering (also noting the provisions in data protection). All staff should also be trained under the Money Laundering Regulations (regulation 24) and under the Proceeds of Crime Act 2002 (section 330(7)(b)). This training should: •

take account of their knowledge and skill base (regulation 21(2) (a) (i));

•

allow them to appropriately identify high-risk issues, and problems that may raise suspicions of money laundering; and

•

develop their knowledge of the reporting process for AML.

Staff should, through the training, have the skills to act on these suspicions and be able to make reports to their Money Laundering Reporting Officer. The MLRO 81

Part 2  Receiving Client Money should have a higher level of knowledge and skill and be capable of reporting to the relevant law enforcement (in the case of crimes), and to the National Crime Agency in the case of money laundering. We cover training and staff development further in Parts 4, 5 and 6, which include suggestions for staff training and sample schedules. However, it is important to say that as making a report to the MLRO provides a defence to a crime that staff members can commit personally, the importance of the training cannot be underestimated. All of these compliance structures allow the firm to build a base of responsibility, staff action, and procedure which is essential for identifying and mitigating the risk of money laundering. The firm wide risk assessment allows us to consider how risky the work undertaken by the firm is, how risky the client base is, and whether any instruction is typical or presents a suspicious pattern. As well as undertaking a firm wide risk assessment, the firm would also undertake a client risk assessment. The stages we can see that follow this initial stage include checking identity and source of funds, reporting, and monitoring the client relationship. All of these following steps are informed and supported by the firm’s risk assessments, governance structure, staff training, and understanding of the firm’s usual work profile. Accordingly, before any money is received, or any client instructions are taken, the firm should understand its overall profile, the type and nature of the clients it will receive, and the type of work it expects to take on. We would also see the firm understand how and where services will be delivered to clients and how clients should be dealt with. We discuss risk assessments and risk mapping in more detail in Part 3 of this book, where there are also some templates to use in your firm. The Money Laundering Regulations do not require us to consider the financial aspects of the firm when considering the overall governance or procedural aspects of money laundering. As the stages progress, we will see that the financial aspect of receiving and managing client money should be considered alongside the other aspects of managing anti money laundering. This management process may provide a new procedural angle for the Money Laundering Reporting or Compliance Officer, or may add new impetus to the role of Compliance Officer for Finance and Administration. The different stages of client work and a corresponding discussion of how monies are managed can provide us with the opportunity to create new procedures for use in our firms.

High-risk areas of law The following areas of law present particular concerns for money laundering: •

•

Commercial and tax: sometimes acting for some forms of corporate clients, particularly worldwide, can present issues of: o

secrecy in beneficial ownership;

o

tax mitigation; or

o

the use of funds which have passed through a number of hands, making their source difficult to identify.

Crime: the existence of a crime department alongside other departments with resulting referrals can present issues of the potential proceeds of crime, particularly if the client is also client of the crime department. 82

Current requirements in anti money laundering

•

Conveyancing: due to the risk of the proceeds of crime being utilised to buy property.

•

Debt management: it is possible for the repayment of debt to be the proceeds of crime, and the entire chain to be involved in money laundering. In some cases, we do not know how the debt is being repaid and we see a client account being used to receive large amounts of income from debts owed by individuals on the other side. It is very possible this could be used as a cover for money laundering.

•

Litigation: sham litigation can be used to hide the proceeds of crime. Litigation is also sometimes used as a cover for nonsensical transactions; with parties threatening to sue each other for a fictitious reason, and then producing a settlement. At times solicitors can be caught out by these fictitious transactions.

•

Family: sometimes settlement arrangements between family members can present issues if sources of income are not clearly defined.

The following situations may also raise concerns: •

Client accounts: clients may try to use a client account to obscure the proceeds of a transaction. In particular look out for using the client account as a bank account, and payments out to third parties.

•

Trusts: setting up a trust can provide the opportunity for criminals to hide the proceeds of a crime in a relatively complex transaction.

•

Size of the transaction: often it is useful for a money launderer to move more money all in one go. You should be alert to especially large transactions, and any unusual movements of money within those sums.

•

Cash: be alert to cash provided in large amounts or delivered by someone other than the client. Depending on the size of the deposit, the receptionists may have to decline the transaction. Staff should be trained to open envelopes or feel for cash. If there is something suspicious about the situation, staff should take direction from their Money Laundering Reporting Officer.

•

Client pattern and remote clients: be aware of your client’s usual pattern of activity and consider whether anything outside of that is suspicious. If you do not see any clients directly, there may be a cause for concern as it is easier to avoid answering questions.

The regulators have their own focus and from time to time raise additional areas of law as presenting particular issues.

Stage 2: Due diligence This second stage is the most detailed, and requires a thorough consideration of the bona fides of the client themselves and their individual risks. We can see this in the second box in the diagram. The second box covers identity, but also particular issues of high risk including politically exposed persons (PEPs), sanctions, and other risks. These high risk issues should be considered at this stage alongside identity and inform the approach to the level of checks a firm would undertake on the 83

Part 2  Receiving Client Money client. However, there is a lot of information to consider within this stage, so these particular risk issues are presented separately, after the four stages, in a section entitled ‘Particular issues in client due diligence and assessing transaction finance’ (please see page 96).

All law firms should check the identity of their client using passports, driving licences, and other official documents. For corporate clients, firms can check addresses, ask for proof of corporate identity, and check official sources of information such as Companies House for Persons of Significant Control. Firms can also run supplemental checks on identity using e-verification services. During the beginning part of the transaction, you should also check the source of funds. This means checking the money that will be used for the transaction and where it comes from. This might include, for example, reviewing client bank statements. We examine source of funds further in stage 3, but it should be noted that both stage 2 and 3 occur at the very start of the client relationship. First we will review identity checking in general. We will cover identity for individuals (stage 2A), before moving on to identity checking for corporate entities (stage 2B).

When is a client a client? When should I report a prospective client? The first part of this question is covered by regulation 4 of the Money Laundering Regulations, which sets out the definition of a business relationship. If someone is establishing a business relationship with you, you should consider whether to make a report if you are suspicious of their activities. The second part of the question may also have a different basis for the answer. The Proceeds of Crime Act is wider than the Money Laundering Regulations. There is a requirement to make a disclosure in the Proceeds of Crime Act which covers information which comes to you in the course of your business in the regulated sector (section 330(3)).

Stage 2A: Identity checking for individuals When first meeting and taking instructions from a new client, the Money Laundering Regulations 2017 (as amended), require regulated firms to check the 84

Current requirements in anti money laundering identity of that client and establish the reason for the relationship (regulation 27). This is known as client due diligence (CDD). The timing of CDD is dealt with by regulation 30 of the Money Laundering Regulations. You should attempt CDD at the earliest possible opportunity; this gives maximum time to resolve any problems in this process and allows an effective ongoing risk assessment. Due diligence is an important part of anti money laundering in most firms and means the firm takes time to establish who the client is, what their transaction involves, and how it will be conducted. This means checking a client’s identity against documents and online verification, seeing them alone (if accompanied), and considering conflicts. This should be conducted at the start of the transaction, to ensure you manage expectations, and deal with problems early on. It can take time but is an important part of safeguarding the firm. Obtaining information part way through a transaction can cause difficulty, as any problems have to be resolved while the transaction is ongoing. As we will see later in this Part of the book, and in Part 4, there are timescales for reporting under the Proceeds of Crime Act 2002, and waiting while the transaction is ongoing can cause problems. If identity is dealt with satisfactorily at the start of the transaction, and any difficulties or problems covered then, the transaction will proceed much more smoothly. However, the Proceeds of Crime Act requires the reporting of all suspicions (section 330), meaning you may be in a position in which no due diligence has yet been undertaken, but a report needs to be made. Due diligence in the Money Laundering Regulations has a de minimis value of €15,000 (regulation 27(2)). However, for many solicitors and licensed conveyancers caught by the Regulations, the customer will be establishing an ongoing business relationship beyond this value (see regulation 4), meaning the de minimis provision does not apply. For many firms it will be good practice (if not required by the Regulations) to undertake CDD on all transactions, due to the value of the business they receive and as making a distinction could mean the practice was receiving the proceeds of crime. It should be noted there is no de minimis value in the Proceeds of Crime Act 2002. In dealing with this point, it should also be noted that transactions can have different values when viewed in different ways. For example, a conveyancing transaction, if abortive, may arguably only be worth the amount of the deposit if it falters at exchange and does not proceed to completion. We discuss later in this Part of the book, the grounds for suspicion, and whether this could be a possible modus operandi for the exchange of a cash deposit on a low-value property transaction, set up to escape due diligence checks. Returning to identity, and due diligence as a whole, there are three categories of initial checks: (1)

Standard due diligence (regulations 27 and 28). This is usually the initial check required, and for individuals involves checking both: •

identity, for example through a passport or driving licence, and

•

address, for example through a utilities bill, or driving licence if not already used. Address in this context is used as an additional verification of identity, and it is noted that the Regulations do not actually specify 85

Part 2  Receiving Client Money address needs to be checked for natural persons, but do ask for a variety of information concerning identity (see regulation 28(2)). A client risk assessment should also be undertaken, and the firm should also establish the reason for the business relationship (regulation 28(2) (c)). Identity checks are different for corporate entities and these are covered further below in Stage 2B. Instructions from corporate persons are still subject to the standard, simplified, and enhanced due diligence requirements described in this section, with more and better information required for corporate persons or transactions requiring enhanced due diligence. Returning to individuals, identity documents preferred are driving licences, passports, and utility bills. E-verification is also very useful, and as well as credit checks on identity and address, there are advanced systems available which match photographic identification and check overseas visa numbers. Be aware that the identification provided should match the client names and address given to you in instructions, and be current, valid and not obviously questionable. Counterpart driving licences are no longer issued and should not be accepted as proof of identity. Those conducting due diligence should be looking to understand and prove the identity of the client through their identity documentation, alongside their address. A  combination of the above documentation can be used to demonstrate the position. Firms relying on council tax bills for address should possibly also conduct another form of identity checking (such as credit referencing), as registrations for council tax do not always require another form of identification. If you have regular clients, you can keep the identification documents in a folder and refer to them, however they may need renewing every couple of years or when they have expired. You should know a client well before embarking on this course of action. If a client is a regular client, firms can keep their identity documents centrally. However, if there has been a long lapse in instruction, or the identity documents are out of date, they should be renewed. (2)

Simplified due diligence (covered by the Money Laundering Regulations 2017, Part 3, Chapter 3). This is more basic than the usual check and only applies to certain simplified transactions which are lower risk. It is rare to apply it to individuals – it usually applies to governmental organisations. Regulation 37 deals in detail with simplified due diligence. In the changes to the Regulations in 2017, firms were required to conduct a client by client risk assessment if undertaking simplified due diligence, which may negate some of the time saving measures of undertaking simplified due diligence. Firms using a risk assessment for simplified due diligence may actually find it easier to undertake standard due diligence instead due to the consistency in procedure throughout the firm.

(3)

Enhanced due diligence (covered by regulation 33). This is the due diligence that applies to more risky transactions. This requires additional information to verify the first set of information provided. This due diligence might also encompass a detailed credit referencing check, additional identification documents, and checks on the individuals’ source of funds and wealth for the overall transaction. Regulation 33(3A) requires specific checks to be considered where EDD is required. 86

Current requirements in anti money laundering Regulation 33(1) sets out a list of circumstances in which EDD measures must be applied, including: transactions involving politically exposed persons (PEPs); high risk jurisdictions; sizeable transactions; or any other transaction which seems risky or unusual. Risk factors for sectors are identified in sector wide guidance and by individual regulatory bodies. Law firms, for example, would look at their regulatory body (the SRA, CLC, or other regulator) for their risk factors, and also consider the Legal Sector Affinity Group Guidance. PEPs, high-risk jurisdictions, and other issues are considered in more detail in the section entitled ‘Particular issues in client due diligence and assessing transaction finance’ (see page 96). Enhanced due diligence requires obtaining more and better information on the transaction, the relationships involved, and the beneficial ownership and persons of significant control. It will be important to understand the motivation for the transaction and who is advocating for it. You may need to check, and double check, points to a high degree of certainty. There are a list of requirements for enhanced due diligence within the Money Laundering Regulations (at regulation 33(3A)), and the Regulations also require ongoing review of these points throughout the transaction. This will mean re-visiting the information you obtain at the outset, to ensure it is still correct and consistent. Enhanced due diligence can occur because you have come across something unexpected or you have not seen the client face to face. In these circumstances we can see that asking for additional documentation to satisfy yourself that the client is who they say they are, or that the transaction is genuine, seems to be a sensible course of action. Sometimes the further requests can be alarming for the client, and they may be resistant to providing information, but it is important to ensure you are protecting yourself and your firm. If the client is too resistant, you may need to report your suspicions to the MLRO. As we have seen above, one method of conducting enhanced due diligence is to conduct a credit search on the individual (alongside other checks). Specialist products are available which confirm address, date of birth, and identity. Some products also confirm overseas passport and visa numbers, which are useful to confirm overseas identity documents. However, readers may want to consider the product they are using, as some are more comprehensive than others. Some e-verification checks can also confirm whether someone is known as a politically exposed person, or whether they are subject to sanctions, both of which are dealt with later in this Part of the book. The focus of the Money Laundering Regulations is overtly on identity and understanding the profile of the individual involved. Obscuring identity is an important way to facilitate money laundering. Many transactions seeking to launder the proceeds of crime are hidden behind secrecy as this protects the person laundering the monies. Checking identity and understanding the detail of the person and their transaction disrupts this process and puts in place something of a barrier to the laundering of monies through client accounts and legal transactions. If you cannot see the client in person, you can ask the client to see another qualified person to verify the identity documents. This is known as ‘reliance’. It is accepting another person conducting due diligence for you (see regulation 39). You should only accept verified documents from those regulated to the same standard as you. This means that the person you accept the documents from should also be 87

Part 2  Receiving Client Money regulated under the Money Laundering Regulations 2017 (as amended), in this country, or be regulated to the same standard abroad. The European Union may be regarded as equivalent, and they also produce their own list of worldwide equivalence. In this country, you might accept documents from an estate agent, letting agent, or regulated accountant. You should put a formal agreement in place if you are using reliance. Due diligence remains your responsibility even when accepting documents under the terms of a reliance agreement, and the person with the responsibility for the client transaction remains liable. Ensure you consider what it is you are outsourcing and if you need to undertake further checks yourself. Do also ensure your third party has undertaken the correct checks for the correct individuals, including those providing finance for the transaction. Reliance can equally be used for individuals as for corporate or organisational identification.

Information on your website Sometimes clients object to providing information to law firms, for a variety of reasons. They might think the information is sensitive, or confidential, or their experience of lawyers might be limited. It can be helpful to advise clients that they will need to provide information to you. The following wording can be helpful for your website, in your client care information, or both: We must by law obtain satisfactory evidence of your identity, address, and details of the transaction, before we start work for you. Please help us meet our legal obligations, and to deal with your transaction, by reading the information we supply carefully, and giving us the documentation we ask for.

Stage 2B: Identity checking for corporate persons Identity checking, or due diligence, for corporate bodies is dealt with under the Money Laundering Regulations 2017, regulations 27, 28, and 43. There are specific requirements for checking identity for corporate entities. Trusts are dealt with separately and not specifically covered by this book, but the specific obligations for their due diligence are also covered by Part 5 of the Regulations. This process, however, is still subject to the same requirements as discussed in stage 2A, that being the requirement to consider the overall risk of the transaction and to apply standard, simplified, or enhanced due diligence as appropriate, and to take account of any additional or specific risk factors when so doing. Identity checking for corporate entities (and other organisations with legal personality), is similar to that for individuals, except the focus is first on the identity of the organisation and not the individuals. In some instances, individual identity documents will be required, but the company and corporate intention bears the greater focus. There is also a slight, but not well developed, distinction made in the Money Laundering Regulations between three levels of organisational direction and control: 88

Current requirements in anti money laundering •

the management of the organisation;

•

the legal ownership of the organisation;

•

the beneficial ownership of the organisation.

We can also see evidence being requested of the existence of the commercial client, vis a vis, the existence of, for example, another related or associated company. It is important that those who are identifying organisations understand the layers and structures of the organisation and who it is they are identifying. If those working for the organisation work for more than one organisation, that potential conflict of interest in instructions should also be explored. You may want to stop and think about identifying the client organisation as the first step – and making a distinction between that and another associated organisation. Secondly, you might then identify the intent or commercial purpose of the client organisation. Once you have considered these two points, you can understand the movement behind and reason for the legal transaction. At this point we start to also think about who we are dealing with – it might be, for example, taking instructions from the management (and identifying them personally), as well as also identifying legal ownership and beneficial ownership and identifying those persons either as natural persons or as distinct entities. The Regulations provide specific lists of what is required at regulations 27, 28 and 43 as client due diligence, and this includes identity (such as for example, at Companies House with evidence of a registration number), and proof of the same, as well as beneficial ownership, and proof of the same. A  firm or organisation may provide information such as their certificate of incorporation, their articles of association, and other evidence of their corporate structure, such as an organogram. They should also be asked to provide evidence of their address, through official documentation, and whether this is usually where they trade. The Regulations at regulation 28 specify that the organisation should document their name and although this seems obvious it can be important where there is a group structure or complex corporate structure involved. In such situations clarity should be sought about who the client is and whether there are any overlapping roles that could cause a conflict of interest. Unless the company is on the regulated markets, they should also provide the names of the board of directors or equivalent. Companies House is not the only source of information for such registrations and some entities are, for example, registered with relevant professional bodies. When discussing beneficial ownership, we need to consider the expanding amounts of information held by Companies House. The Small Business Enterprise and Employment Act 2015 amended the Companies Act 2006, and created the Person of Significant Control. The Person of Significant Control is a person within or associated with the organisation who has beneficial ownership, or the right to direct that organisation. This might be someone with a certain percentage share, significant voting rights, or who is otherwise able to exert strategic direction. This latter concept covers those persons or other entities who can direct the high level activities of the company, control personnel, and/or influence and control the financial position of the organisation. The definition is meant to encompass the idea that even those not occupying a formal position within a corporate entity can 89

Part 2  Receiving Client Money have influence within it, and to seek to identify those persons. There is statutory guidance to support the definition. Persons of Significant Control are required to register at Companies House on the ‘PSC  Register’. The register is maintained by Companies House and there is a requirement to update it as soon as the details of a Person of Significant Control changes. The PSC register has inspired recent additional requirements and record keeping at Companies House, including an additional Register of Overseas Entities and a requirement to register other forms of non corporate business relationship. These are new developments and further information about them is contained in Part 7 of this book. Trusts are also required to register with Companies House, with specific information required about their beneficial ownership as well. There are also moves to establish similar registers in British Overseas Territories due to the use of complex corporate structures (see the Sanctions and Anti-Money Laundering Act 2018). Returning to identification, to seek information about a corporate entity registered in England we would look at their registration at Companies House, including their PSC registration. The legislation behind the registration of beneficial ownership has been enacted across the European Union, and in some other jurisdictions worldwide, as a result of a drive to understand who is providing instructions and how finance is being managed. Increasing concerns about crime and drug production in some countries, and even terrorism and violence, with money being laundered through corporate entities, have led to worldwide calls for beneficial ownership details to be made publicly available. The United Kingdom has gone further in their implementation and has produced this in a publicly available register. Those conducting due diligence will need to obtain identification information from beneficial owners (regulations 28 and 43), as relying on the information at Companies House is insufficient. In some circumstances, you may accept the due diligence of another professional who usually acts on behalf of the beneficial owner, and this can be a useful solution in a corporate or professional world where individual identification may not be forthcoming. If it is not possible to identify a beneficial owner, or in some circumstances (regulation 28(8)), this identification can be sought from the person who is providing instructions on behalf of the organisation, along with confirmation from an appropriate corporate governance source within the client, that they are authorised to undertake the transaction. Problems can arise in ensuring that those instructing you have the correct authorisation from the management structure to conduct a contract on behalf of the company. The writer has seen more than one incidence of law firms being instructed by those who are apparently authorised to do so by corporate organisations, but this later turned out not to be the case. It can be important not to make assumptions about who has the correct authorisation to make such decisions, and to implement processes to ensure you have thoroughly checked and obtained instructions from the correct level of client authority with the full knowledge of the client management structure, prior to making decisions. Beyond considering the actual beneficial ownership we may also read into the PSC register some focus on corporate influence or intention, and also the management direction of the organisation. We often see simplified due diligence applied to 90

Current requirements in anti money laundering organisations such as local councils, as they have clearly defined objectives. Other organisations, such as privately owned corporate entities, have different objectives and beneficial ownership that may be obscured, so require confirmation of their corporate identity and of their constitution, their ownership, and their overall intention.

A particular area of risk are complex corporate structures and nominee directors. Both of these can be used to hide the true nature of the transaction or who you are dealing with. The regulations require further questions to be asked to obtain better information and make an informed assessment of the situation. If you are dealing with a complex structure, ensure you have obtained the information about who is the client, and whether there could be any conflict of interest. Ask yourself whether the organisation is structured in a way which sounds reasonable to you. If you find any discrepancy in the ownership listed under the Companies House register, you must report this to Companies House under Regulation 30A (Money Laundering Regulations 2017 (as amended). There are moves to clarify the nature of the discrepancy that needs to be reported.

Your professional practice One of the most important aspects of the tradition in anti money laundering, is to know your client. Being aware of common scenarios, and what is unusual for you or within your professional practice, is important. It is clear risk mitigation to understand a situation and your personal and professional knowledge would be considered accordingly by the regulators. Ensure you understand the nature of the transaction, the size of the transaction, and the regularity of the transaction or your business relationship. What may seem unusual to another person may not to you if you have a specialism within your professional practice, which is why people often stick to, and seek advice from, specialists within that area. If there is a tranche of your practice which falls into the high risk category, consider how to deal with that specifically. It isn’t always a bar to dealing with those clients, but instead falls into your specialism and should be risk assessed accordingly. Solicitors and their staff are obliged to report serious misconduct to the SRA (or other regulator), or suspicions of money laundering to the MLRO. The MLRO 91

Part 2  Receiving Client Money

must report their suspicions to the National Crime Agency. Failure to do so is a criminal offence, as is being involved in money laundering.

Stage 3: Source of funds The Money Laundering Regulations require firms to check the source of the finance for the transaction, where appropriate (regulation 33(3A)(c)), and as part of enhanced due diligence. The obligation is not absolute; source of funds is placed behind identity in importance, and the decision to check is usually made on a risk basis. However, many firms do check source of funds due to the high risk nature of their work – for example in conveyancing. As a result of this common check in conveyancing, we can see checks for source of funds as step three on the diagram.

When deciding whether to consider transaction finance, it can be appropriate to consider the risk basis of the transaction. For most legal professionals, it would be appropriate to consider how a transaction is being funded and the basis for that funding. In conveyancing, for example, it is best practice (and indeed expected by the regulator), to obtain information about the source of funds for a purchase. This might include: •

bank statements (six months’ worth as standard)

•

wage slips or other proof of earnings

•

accountants statements

•

mortgages (for conveyancing)

•

company accounts

•

dividend records

•

employer letter (also covering overtime, where appropriate)

•

contracts – particularly useful for those who are self employed

•

other legal transactions

•

pension statements or investment statements

Further investigations can then be made if there are any reasons to do so. A firm might consider a large cash deposit, or series of deposits, showing on the bank statements as a reason to request further information about where it has come 92

Current requirements in anti money laundering from, or consider how the overall finance for the transaction has been funded, with additional bank statements and more proof of income. Those undertaking commercial transactions may be looking at the organisations’ accounts, accountants’ statements, and even existing contracts, to fulfil the obligation to consider source of funds. Firms, of course, may choose to verify source of funds for all areas of all transactions, and this may be seen as best practice.

Checking transaction finance The following can be helpful questions to ask when checking source of funds. •

Do you know where the money is coming from to fund the transaction and have you obtained proof?

•

Is the funding within the profile of the client?

•

If you have received bank statements, have you considered the payments in and out?

•

What does the client say about any transactions you have queried?

•

Are there any unexplained deposits of more than £5,000?

•

Are there a series of unexplained large deposits?

In light of a number of recent cases in which solicitors on both sides of a conveyancing transaction have been found liable (P&P  Property Ltd v Owen White & Catlin LLP and another and Dreamvar (UK) Ltd v Mishcon de Reya (2018) – known as ‘Dreamvar’), it can be advisable to check with the other side whether or not they have conducted client due diligence and checked source of funds and/or wealth as appropriate. The writer has heard it said that the ‘source of funds’ referred to in the Money Laundering Regulations is the bank itself, who is for example, looking after the customer’s money. This is not the correct approach, as it places reliance on the bank to undertake those checks. Although the bank will undertake anti money laundering checks on their customer, the regulated law firm are also required to undertake their own independent checks and assess the position for themselves. A clients’ source of funds is more than the bank account it came from; it is where and how the client earnt or obtained the funds in the first place. This might be their salary, it might be dividends, or investments. You should be able to obtain independent documentary evidence of this and consider whether it is within the profile of the client. Transactions involving large sums of cash are a cause for concern. Firms may find that monies also come from a variety of third parties, such as: •

loans or gifts from parents;

•

other family loans or gifts;

•

business income or investments; 93

Part 2  Receiving Client Money • friends; •

business connections.

It is important to verify these sources of income as they are also part of the transaction, and of course they need to be checked to ensure they do come from where stated, but also that the funds themselves are genuine. The same checks listed previously can be used with others also involved in the transaction; for example, you can ask parents providing financial assistance to provide their bank statements. Family transactions can cause some difficulty as obtaining financial information from the family can cause embarrassment. However, these are legal requirements and must be adhered to. However, if there are other third parties involved in the transaction (even in providing finance), do consider whether you are dealing with a conflict of interest situation (see 6.2 of the SRA  Code for Conduct for Individuals, for example). Those third parties may need their own independent legal advice and may in fact be a separate party, providing separate instructions. Ensure you consider their perspective and whether you need to ask them to see an independent lawyer separately if there could be any issue in the future. We have already covered the concept of reliance and this can also be used to undertake financial checks as well.

Cash Firms should have a cash limit and staff should report any attempts to exceed this. A  usual cash limit is £100–£500, although you could justify placing it slightly higher if you have a regular payment out which is slightly higher and often paid by clients in cash. We have covered cash receipts in Part 1.

Stage 4: Ongoing monitoring Once you have obtained the due diligence, identity, and source of funds information you require, you can make a decision about the transaction and whether or not you are satisfied. We will assume in this case we are satisfied, so we can now monitor the transaction through its lifetime. We can see this in the final box in the diagram. We have moved forward a step, beyond reporting if necessary. Sometimes at the conclusion of or during due diligence, it becomes apparent there is a problem, and a report is required. We have to imagine the very first steps with a new client as being the riskiest part of the transaction in most cases, as we find out more about the unknown. We deal with reporting later in this Part of the book, and in more detail in Part 4. You may need to monitor the transaction very proactively through its lifetime if you are conducting enhanced due diligence. This is slightly different to general risk based monitoring as enhanced due diligence requires you to ask more questions and obtain more information during the transaction to continually verify the position. 94

Current requirements in anti money laundering

To conduct ongoing monitoring, you might ask questions such as: •

Did we receive the monies we expected from the places we expected? Are the names on the bank statements consistent with where we expected monies from?

•

Will the monies go to the places we expected? You might ask questions to ensure the transaction will proceed as planned, and whether monies might be diverted to recipients you were not expecting. In some cases, this might be a red flag for money laundering, and law firms should note the prohibition against acting as a bank account. This monitoring can be done both by the fee earner dealing with the transaction, and the finance and accounts teams, who may also see unusual payment requests, or receipts.

•

Did the profile of the transaction change or was there anything else unusual? Sometimes transactions change over their lifetime and you may need to take a step back and ensure you are still acting in the same type of transaction with the profile you expected.

•

Are the same people still providing instructions, and has anyone new been introduced into the transaction? Sometimes a transaction is presented with particular identity to pass screening – once this is passed, those involved change. In this case, due diligence usually needs to be repeated.

At times, changes to a transaction or in circumstances around you can be made to catch you off guard. Do monitor transactions as they progress, both to comply with the Regulations, and as a matter of good practice. You should also take care to understand the finance for the entire transaction and not just the first immediate part. You may also realise that the steps you are taking with your client (your transaction or legal advice), are a part of a wider transaction or transactions. There may be another side, or connected parties, also represented by solicitors. In this case, do consider whether you can ask the other side whether they have considered the anti money laundering position for their clients. We have seen difficulties in cases such as Dreamvar (2018) and Purrunsing v A’Court & Co and Another (2016) where the other side have been found equally liable for failings in due diligence. The Proceeds of Crime Act 2002 provides for reporting to consider the entire transaction, rather than just the part for which their law firm or individual lawyer is instructed. The way in which the Act is worded covers the professional or working 95

Part 2  Receiving Client Money life of the lawyer, and requires them to report if the matter has come to them as a result of their business. It does not extend into their personal life. Solicitors and other lawyers should be careful here as the implication is not that the matter could be discussed personally, rather that if the matter comes to them as a result of or during their working life they could be implicated in a specific criminal offence. Ensure you consider the transaction as a whole and whether you need to report any matters that come to your attention concerning the other side. This brings us to the end of the staged processes. Next, we will consider particular high-risk issues that can arise when conducting these stages, which need careful consideration at the aforementioned stages 2–4.

Particular issues in conducting client due diligence and assessing transaction finance This following section builds on the steps we have seen already which cover conduct due diligence as a process. During that process, there are a number of identified high risk client profiles or other issues that can present themselves. We discuss the following issues here: •

Politically exposed persons

•

High risk jurisdictions

• Sanctions •

Client financial health – otherwise known as ‘checking source of wealth’

•

Transactions without the receipt of client money

Political persons Politically exposed persons are people who work in high status positions within the state – often holding elected office or who are involved in another constitutional power base. Those that fall within the category are, for example, heads of state or members of parliaments; high ranking members of armed forces; or heads of state associated organisations (quangos). The PEP status also applies to their family members or business associates. In the case of politically exposed persons, additional checks are required to establish the source of funds of a transaction, and the source of wealth of the individual. The source of wealth might be for some family money or private wealth, but some individuals also have other sources of income, and the role of the law firm may also be to ensure that the transaction is within the law and the acceptance of any financial benefits is appropriate to the clients’ position. The Money Laundering Regulations deal with politically exposed persons at regulation 35. PEPs require enhanced due diligence under regulation 33. The Regulations on PEPs now apply to domestic PEPs as well as foreign nationals. Previously, the Regulations only applied the additional checks to overseas nationals. PEPs are considered high risk and subject to enhanced due diligence to minimise the risk of corruption. It does not mean they cannot purchase property, undertake legal transactions, or are under suspicion. The measure is taken to protect all 96

Particular issues in conducting client due diligence and assessing transaction finance parties to a transaction. If the PEP undertook a transaction which was later called into question, the law firm would be able to clearly verify that it was correct and above board after completing the required due diligence, meaning the transaction and the person have been protected. The additional checks can also safeguard against fraudulent practices which might be perpetrated against a PEP such as we have seen in Dreamvar (2018) and Purrunsing (2016). There are therefore strong positives to these checks for politically exposed persons. When dealing with a PEP, you should consider both source of funds and their general source of wealth. You can ask a client whether they fall into the definition of a PEP. Some firms offer clients a questionnaire to determine whether they are a PEP, and this can be helpful when dealing with family members and close associates, or where the last position has ended but the status still applies. Some firms rely on the information contained in the e-verification searches that can be undertaken at stage 2. However electronic searches can bring false positives or fail to identify family and associates, so having questionnaires or discussions with the client can be a useful clarification. In some false positives on e-verification searches it is obvious the client is not a PEP, due to the remainder of their profile and the information they give to the firm, which of course can be double checked and verified. As well as checking source of funds and general source of wealth, you should also seek senior management authority for PEP transactions, and apply enhanced due diligence in accordance with regulations 33 and 35.

Sanctions Sanctions are imposed by the state, supranationally (such as by the EU), or by other international bodies. Sanctions can be imposed against organisations, corporate bodies, individuals, or even ships. Sanctions can be identified by considering HM Treasury’s lists of the same, or by utilising a credit reference agency (or similar), which considers them as part of e-verification searches. Sanctions can require separate reporting to the Treasury and separate authorisation before continuing; this process currently exists outside of the traditional money laundering reporting regime. However, the purpose of this reporting is to identify that you have been instructed in a transaction which is potentially subject to international sanctions; it may therefore be prevented from continuing. In some cases, the funds to be used for the transaction will have been ring fenced by the sanctions regime. If you have a client who is subject to sanctions you should: •

suspend the transaction and report the matter to HM Treasury;

•

stop work immediately, until you have authority to proceed; and

•

also consider whether to make a report to the NCA.

Do be aware that you may not be able to continue with the transaction. The client may already be aware they are subject to sanctions. Persons subject to sanctions are known as ‘designated persons’.

High risk jurisdictions High risk jurisdictions are countries which have been identified as posing a risk for money laundering. At the time of writing, the UK had recently (The 97

Part 2  Receiving Client Money Money Laundering and Terrorist Financing (High-Risk Countries) (Amendment) Regulations 2021 and the Sanctions and Anti Money Laundering Act 2018 (section 49)) legislated to mirror the high risk jurisdictions defined by the Financial Action Task Force (FATF), with the possibility of adding its own countries to the list. The European Union has its own lists (which also largely mirror that of the FATF), but the EU intend to add to these lists in the future, and intend to make their own requirements more stringent; potentially limiting the countries they will do business with as a result of money laundering concerns. Dealing with high risk jurisdictions can pose equality and diversity questions for law firms and the extent to which they need to ask about the person’s background, origins, and the origins of the finance for the transactions. Enquiries are justified on the basis of a statutory and legal requirement to do so. It can be important to note that the jurisdictions which are classified as high risk change on a relatively frequent basis, and that firms should not become set in their ways regarding the countries to consider as posing additional risks. The Financial Action Task Force assesses each jurisdiction on their compliance with a number of criteria, including their legislative position regarding money laundering, and their effectiveness at enforcement. Legislative positions can change, as can enforcement priorities, meaning the position of different jurisdictions can vary over time. Further questions arise concerning where a person might ‘come from’. Some people regard themselves as ‘global citizens’ and have international careers, relationships, and familial or work based ties in a number of nations. There can be questions as to whether or not you need to consider a high risk jurisdiction if the person has, for example, been born there but left that jurisdiction some time ago. Recent guidance has stated that the question is whether the person is based there. The writer’s view is that, given the risk basis of the regulations, if any aspect of the transaction occurs with a relationship to the high risk jurisdiction (for example if any party to the transaction is based there, or any form of financing comes from the jurisdiction), then it should be considered as a transaction in a high risk jurisdiction. As well as considering the transaction you are dealing with, it can also be important to consider the place in the context of the situation. Although the jurisdiction may not be specifically relevant to the transaction you are dealing with, are you instructed in other matters where it might be? We sometimes see overseas jurisdictions involved in scams with the remoteness of the client meaning it is easier for them to attempt a con. However, the jurisdiction itself may be irrelevant to the scam, aside from perhaps allowing it to occur, or indeed being a cover. Consider whether the jurisdiction and base of the client also impacts the advice you give – what else might you advise, given it is high risk? Do you have any more clients who come from this jurisdiction and what more information do you have about the situation that you can add to a risk assessment? Do consider the position in the round and the actuality of any situation rather than simply how it is presented.

Client financial health We might ask questions about a clients’ overall financial health prior to accepting funds. This is also known as checking their source of wealth. We might take this step when a client is a politically exposed person; when we need to verify the transaction to a higher degree; or when we have any other reason to do so given the transaction’s risk profile. 98

Particular issues in conducting client due diligence and assessing transaction finance Client financial health, or source of wealth, might encompass questions about their income, lifestyle, and how they fund their activities. Some of these questions might be answered anyway in the identity stage (stage 2). However, even with questions about occupation, you may not fully understand the source of that person’s overall wealth. You may need to ask additional questions to understand their income or verify their full financial position. You may need documentary evidence in some cases. Family trusts, investments, and accountants, as well as other legal professionals, may be good sources of information in such cases. We must remember that legitimate business sometimes co-exists with other, nonlegitimate sources of income, and understanding an overall financial picture is a part of the regulations.

Transactions without the receipt of client money As we have seen in Part 1 of this book, there are new definitions of client money, and monies we previously would have understood as client monies may not now be categorised as such. As explained in Part 1, we are now in a complex situation with the new definitions and firms may wish to continue to use the previous definitions or consider how they address the terms ‘client money’ and ‘office money’. Monies which were previously client monies, may now be office monies under the new Solicitors Accounts Rules (for example, if the monies are due on account of costs but have been moved at an earlier stage of the matter because the firm are liable). Situations may occur in which law firms still need to undertake checks for money laundering, even if their receipt of monies is limited to their costs. We could envisage a situation in which costs might be quite substantial, but without the corresponding use of the client account – in this situation the firm might have to ask – ‘how will our fees be funded?’ and ask for the appropriate due diligence. Firms using a Third Party Managed Account (TPMA) are also in the same position, with the due diligence checks required, regardless of the method by which funds are received. The Money Laundering Regulations do not depend on the use of the client account, and firms may still be required to consider the source of funds and source of wealth for the transaction. Firms will, of course, note that TPMAs are regulated by the Financial Conduct Authority (FCA) and the TPMA may have to make their own assessments of client identity and monies received, under the same money laundering legislation. There is also a discussion point here for firms taking a ‘full transaction view’, which is a full view of the entire transaction, including the position of the other side and the other side’s client due diligence. This is further to the aforementioned cases of Dreamvar (2018) and Purrunsing (2018). Law firms are in the situation of relying on the other side to complete effective due diligence, including in situations where money is received into the client account from the other side, later in the transaction. We can see in some instances that money would be received into the client account on the other side of the transaction that is then later sent across to a different solicitor (the ‘receiving solicitor’). Firms are not obliged at the moment to conduct due diligence beyond a ‘business relationship’, so do not have to conduct due 99

Part 2  Receiving Client Money diligence on the other side’s client, but must rely on the other side to complete it. If we construe the use of the client account as a trust for the other side in some conveyancing circumstances (a Quistclose trust, with reference to Quistclose Investments v Barclays Bank (1968) and Twinsectra v Yardley (2002) and the provisions in the Law Society’s Code for Completion by Post); we could say the other side and their client were establishing a business relationship with the receiving solicitor’s firm. We could then further say that the receiving solicitor is reliant (within the meaning of ‘reliance’ in the regulations), on them (the other side), to conduct effective due diligence and confirm the same. This analysis goes beyond the current interpretation of the law as it stands, and in the cases of Dreamvar (2018) and Purrunsing (2018), this position was not overtly discussed or analysed. However, firms are now more commonly asking the other side to confirm due diligence, which might look a lot like reliance. Of course, the firms are also in a trust position in some situations when holding money for the other side, and beyond that do hold money in their client account intended for other represented parties in a transaction. Whether we will see further exploration of this interpretation or advancement on the cases discussed is debatable. Increasingly we see firms using TPMAs which add an additional party and process to the situation. This brings us to the conclusion of the section on client due diligence and particular issues within that process. We now move on to the next stage, which is about reporting concerns.

Reporting The following pages describe the process firstly for reporting to the Money Laundering Reporting Officer, and secondly for their report to the National Crime Agency. Here we describe the process in broad terms, however more information about the legislative basis is provided in Part 4.

If you are concerned or suspicious of money laundering, you should make a report to the MLRO. The MLRO must then consider whether to make their own report to the National Crime Agency. This might be quite a complex decision and the MLRO may also consider whether they, or the firm, require legal advice before making the report. These reporting requirements as outlined here are contained in the Proceeds of Crime Act 2002, sections 330 and 331. Other sections of Part 7 of the Proceeds of Crime Act contain different and more complex process maps 100

Reporting for reporting which we do not cover in this book. Law enforcement may interact differently with reporting in different circumstances. However, for the purposes of this book and general reporting, that is the process map required. There can be a difference between approaching the MLRO for advice and reporting to them. The MLRO may need to consider whether the staff member or the firm require legal advice or general advice on their file (for example, clarification or re-direction), rather than the issue requiring a report to the NCA. There might be a case where the MLRO was not suspicious, but needed to help a more junior member of staff with their file and how to (for example) conduct appropriate due diligence. It is fair to say that in practice an MLRO may receive a large number of general queries (some of them quite basic and often not related to money laundering), so the decision making they undertake is important as a sense check and sift in some instances. However, they also have to consider whether they are suspicious of money laundering. The requirements in the Proceeds of Crime Act 2002 cover both MLROs and the other persons in the regulated sector; therefore all staff are covered in a regulated firm. The fee earner or staff member must make a report to the MLRO of their suspicions and the MLRO must make a report of their suspicions. Failure to make a report is a criminal offence under the sections mentioned. While the provisions apply to persons within the regulated sector, and this encompasses employees, it may also cover other individuals associated with firms as well, and law firms may be advised to consider the position widely, particularly with the introduction of freelance solicitors and this style of working more generally. In fact, any matter raised with an MLRO may be reportable, and the test of whether to report is in fact if the matter comes to you in the course of your business (see the wording of sections 330 and 331). This is also why it can be a good idea to ask the other side about the checks they have undertaken. The test for suspicion is low. The relevant case is Da Silva (2006), which specifies that the situation the individual is suspicious of, or the suspicion of money laundering itself, must be ‘more than fanciful’, but that ‘a vague feeling of unease would not suffice’. In the writer’s experience, perhaps the most helpful part of that test is that it is ‘more than fanciful’. In the writer’s view that means: 1.

the situation could be money laundering,

2.

the suspicion is grounded in a wider state of affairs which in some way appears to be money laundering,

3.

1 and/or 2 as an explanation appears believable, and there does not appear to be a different plausible or likely explanation,

4.

where, in holding the suspicion, the individual’s reaction to the other points is not extreme; we might say the individual was behaving reasonably in holding the suspicion with reference to accepted standards within society.

It is certainly true that the previous advice for AML used to be to ‘know your client’, and that perhaps still holds true today. While firms are encouraged to take a riskbased approach to their client relationships, knowing and understanding the client transaction can be helpful in ensuring you believe and feel comfortable about their courses of action in all of the circumstances. We might be more suspicious of that which we do not understand. 101

Part 2  Receiving Client Money A report is not required if the advice is subject to legal professional privilege (LPP). However, legal professional privilege cannot be claimed if the retainer or the advice is in furtherance of a crime. Obviously, attempts to launder monies are crimes, and if you are suspicious of money laundering you may be in a position where you need to make a report. LPP is covered further in Part 4 of this book. In taking a risk-based approach; more favoured under the current Regulations, we might step back from the previous advice to ‘know your client’. Our risk basis only requires us to go so far in understanding the transaction or the client – perhaps much less than previously. This could cause problems with understanding whether a situation presented a risk of money laundering or not. We might present the reporting on a spectrum, demonstrating the level of check required, with detailed understanding at one end, and limited understanding at another.

A risk-based approach should allow the level of checks to ‘flex’ according to the situation. In some cases that means we may miss some issues because the risk of the overall situation has not been correctly identified. As we will see in Part 3 of this book, risk assessments are based on the view from national authorities, regulators, and even supranational authorities, and sometimes there can be a disconnect with the real issues. They are not the view of persons dealing with the individual transaction, and this can mean we fail to see issues, or make more of some issues than is necessarily happening in client instructions. There may be several problems with the risk basis for the policies and procedures, and the test for suspicion: 1.

Law firms may report matters which are not money laundering, but pass the test for suspicion due to the low threshold for reporting, and due to a failure to get to know the client.

2.

Law firms may miss matters which are money laundering, due to the risk basis of the policies and procedures. This may place them into difficulty with their regulator for failing to spot that issue, despite their compliance with both the law and the test for reporting, but their approach being a truly risk based approach.

3.

The promixity of law firms and clients still adopting ‘know your client’. This approach can cause overfamiliarity, leading to a failure to appreciate a true situation. Firms who have been misled by a convincing client may find it difficult to believe that they are involved in money laundering, and therefore the test of the situation being more than fanciful could fail. We must appreciate that a convincing con can be part of the modus operandi of money laundering, and the test is asking us to consider whether the position is different to what we have been led to believe – a difficult ask for many people, who may naturally be quite trusting of others. 102

Reporting The risk based approach taken by the current Regulations has something of a mismatch with the current test for reporting. The current test perhaps assumes that we will have made sufficient enquiries to form an opinion or one that we can be confident in. Of course, in reality, while the current Regulations require additional questions to be asked if there is a concern, there are also provisions for tipping off, which mean a firm cannot alert the client to a potential investigation for money laundering; sometimes limiting the questions that can reasonably be asked before a report is made. A  firm may also, on the other side of the coin, feel the position is reasonable, and decide not to make any further enquiries. Individual judgement has a large part to play in applying the rules and it is fair to say there are inconsistencies in individual perceptions about what is reasonable and what is not, particularly when the individual risk or particular potential scam has not been highlighted by the regulator or other law enforcement. If a report is made, but has been made incorrectly or with insufficient knowledge of the situation, it can cause unwarranted problems for the subject. Investigations, or postponement and cancellation of transactions, as well as legal remedies available to law enforcement agencies, are all possible outcomes of a report for money laundering. As we will see in the following pages, the law firm may have to consider whether to continue with the client relationship, and even if there is no money laundering present, depending on the decisions made by law enforcement and the firm, there can be severe disruption to the subject of the report. All of this leaves a position of potential liability. The possibility of taking action against whichever entity or organisation made the report. The government have stepped into this position following a number of cases in which challenges were made to the decision making of institutions required to report, and following a requirement by the EU to protect the reporting process. In the aforementioned cases the subjects of the reports sought relief for the position they had been left in (ie under suspicion and without access to funds), and also damages for their loss (see Shah v HSBC Private Bank (2012) and Parvizi v Barclays Bank (2014)). The position is currently that there is no liability for reports made in accordance with the law, and made in good faith under the Proceeds of Crime Act, section 338, as amended by the Serious Crime Act 2015. Of course, organisations are reminded of the term ‘good faith’ and to be aware of the requirements for reporting, and both that their policies and procedures adhere to those requirements, and are reasonable. As well as ensuring the MLRO is aware of the requirements in section 338 and the importance of adhering to the steps within the law to attract protection, it can be a good idea to ensure the firm remains focused on the consideration of the report and reasons for suspicion. The provision for good faith looms large. Staff members or other affiliated individuals can use reporting forms to report their suspicions to the MLRO, who can supervise them in accordance with section 338. The MLRO can also complete their own form setting out their view, recording any legal advice, and recording the position of the management team (as appropriate). Sample forms are available at the end of this Part of the book, in Annexes A and B. As well as the two forms just mentioned, there is also a feedback space on the form at Annex A for the MLRO to provide feedback to the person reporting to them. This feedback form allows the MLRO to: 103

Part 2  Receiving Client Money 1.

explain their position to the person reporting a matter to them;

2.

provide guidance to the person reporting to them;

3.

offer support to and with the type of reports they should be receiving.

The feedback form might be used to offer advice about next steps (perhaps next steps to be taken before a report is made), or advice about the law in this area (such as tipping off, and what the person reporting can do). It might thank the person for the valuable information, or suggest training to broaden their subject knowledge. The feedback might also offer insight into the types of matters the MLRO perceives to be a risk, and where more information can be found. Of course, the feedback to the individual if serious (for example, concerning tipping off), might need to be undertaken in person, with specific advice, guidance and support. Nonetheless, a form to record the position may also be useful and provide a professional record of the discussion.

Reporting – five minute feedback You can use the following five minute read to assist your staff when they first make a report. There can be a delay between a staff member making a report, and the MLRO making a decision about what to do. In the meantime, the staff member may need some guidance and support. This wording can assist: If you suspect money laundering, contact the MLRO, a deputy MLRO, or compliance team to discuss your concerns, or fill in form [insert the name of your form]. The MLRO or deputy will come back to you with specific advice for your circumstances. You will be offered ongoing support and advice, particularly if consent is sought to continue. Tips and advice: Do not inform the subject. Provide as much information as possible on your form. Wait for instruction before taking further action. Listen carefully to the advice you are given. Your file may be reallocated to a senior individual if it is a difficult situation; this is to assist you. Each person involved in the reporting process needs to make their own decision. The individual making the report needs to reflect on their own suspicion. The MLRO also needs to consider their suspicion as well. Those two deliberations should be separate. The MLRO may have a different view to the person reporting, and may for example, consider that further enquiries should be made before considering a report. It is not uncommon for reports to the MLRO to in fact be queries about what to do next in a transaction, and the MLRO needs to form their own independent view about any issues that have been presented. 104

Reporting

What kind of things might an MLRO consider? •

Whether they are suspicious and should make a report.

•

Taking legal advice.

•

Making a referral to the police if they also suspect a crime is taking or has taken place.

•

Considering a client exit strategy.

•

Whether a report to the regulator is required (this is usually via a referral to the COLP or COFA).

•

Giving feedback to the person who made the report.

Any difference in opinion about whether to report is not always an issue for the test in reporting. The MLRO is intended to be someone with sufficient gravitas and seniority within any organisation; such that they can exercise judgement and decision making without that being undermined. However, the MLRO should also be an expert in the area of AML, with detailed knowledge and understanding of the requirements of risk management, indicators of money laundering, reporting, and post-reporting management. The relationship between the MLRO, MLCO, and COLP and COFA (as well as other roles within the organisation), is considered further later in this Part of the book, however, the SRA have indicated a willingness to prosecute if appropriate reporting is not made for suspicious circumstances. Their enforcement action may vary depending on the extent of the activity by the firm and its nominated officers. The SRA may consider whether the firm involved should have reported their suspicions to the National Crime Agency, or indeed the SRA themselves. The regulator has highlighted that they may take enforcement action if they consider reporting has not been undertaken appropriately. Reporting to the SRA is not the same as reporting to the National Crime Agency; and appears to offer another layer of consideration for law firms when deciding whether to report or not. At the time of writing, the Legal Sector Affinity Group had published guidance going beyond the law in several places, including implementing governance arrangements for AML decision making within law firms. Although there is scope within the Money Laundering Regulations for a Money Laundering Reporting Officer and a Money Laundering Compliance Officer, the Regulations do not specify how these roles should be delivered. Of course, governance arrangements are complicated matters. Other specific roles such as company secretary operate within their own bounds, but also within the bounds of decision making of a wider management structure, and that structure can take different decisions that than specified by the company secretary. Decision making about reporting and other matters connected to money laundering may therefore be part of a wider piece of work which has a role related to the tone and direction for the organisation. Exposure to risks such as the activity of law enforcement and a regulator is a consideration for law firms when deciding what types of work should be taken on, and some firms will set their risk profiles low to attempt to avoid any such difficulties. We explore risk management further in Part 3 of this book. 105

Part 2  Receiving Client Money

Advice to Money Laundering Reporting Officers You must report if there is a suspicion of money laundering. This is your decision and is a separate decision from that of the individual making the report. It is also important to remember that you may receive reports from junior members of staff or persons with limited knowledge of money laundering. They may simply need re-directing with some advice. Sometimes, inexperienced MLROs or their deputies have not seen many files with indicators of money laundering. It can help to practise using your internal risk assessments or the reports from the regulators – how would you react if faced with such a scenario? Perhaps try to role play the report to you, advice, and reporting to the NCA – what else did you need to consider to manage the situation? If you are in receipt of a report, calmly ask yourself: •

Am I suspicious, according to the tests? You may need more information before answering and this can be obtained if you feel it is appropriate.

•

Is there criminal property? Remember that there can only be money laundering if there is criminal property first. You may be seeing a crime instead, in which case the appropriate authority is the police.

•

Is the client about to commit a criminal offence? Can I stop it by giving advice? If you can, you may be able to take this step and prevent the situation occurring (see Proceeds of Crime Act, section 333D).

• Does Bowman v Fels (2005) apply? We cover this case in Part 4. If so, a report may not be necessary, but use your judgement and ensure the Court are aware if appropriate. If you might report, ask: •

Is the information privileged? If it is, you may not need to or be able to make a report. Remember, however, that legal professional privilege does not apply in furtherance of a crime. This is considered further in Part 4.

•

Do we need to make any other regulatory reports? Sometimes the matter that has been reported is not money laundering, but might be a different type of regulatory issue. Consider what has happened and whether to discuss the regulatory position with the COLP or COFA if necessary.

•

Does anyone need legal advice? Further information about obtaining legal advice is available later in this Part and it can be helpful to support a MLRO, their deputy, or the firm.

•

How does the transaction go forward? Criminal and civil defences to money laundering can be obtained by making a report to the National Crime Agency, and the firm will need consent to proceed.

•

Is the report being made in good faith? We have discussed this position earlier in this Part of the book.

More detail about the reporting process and specific offences and defences is available in Part 4. 106

Reporting Returning to reporting, if a report does need to be made to the National Crime Agency, firms will need to plan for the responses, the activities of the firm on the file in the meantime, and the possible outcomes that can arise from such a report. Firms may need to take legal advice before making a report. As well as assisting with decision making around reporting, legal advice can also assist with planning for steps after reporting. In Part 4 of this book we cover in detail the relevant sections of the Proceeds of Crime Act, including the offences of entering into an arrangement, and receiving monies within money laundering. Firms who suspect they have been or are in receipt of tainted funds will need advice at the earliest opportunity. Any report is made via the National Crime Agency website, and firms should familiarise themselves with the reporting codes required, as well as understanding how the forms themselves work. Readers may find that although the test for reporting is of ‘suspicion’, the requirements of the NCA are quite detailed and suggest that the reporter will have quite a lot of detail to provide, and a fair degree of certainty about their report before it is made. There does seem to be a disconnect between the requirement for reporting in law (suspicion, and reporting even at an early stage), and the standard and detail of the report required by the NCA. Those making the report require quite a lot of information to be able to complete their task. It may mean specifying quite a lot of detail on your firm’s forms (for example, the forms in Annexes A and B or your own forms), or for the MLRO or other person making the report to sit with the person with conduct of the file and go through the detail to ensure the report is correct. Do not underestimate the time involved in making a report. A  consent to proceed provides a defence against money laundering, see the Proceeds of Crime Act, sections 330, 331, and 335.

Seeking consent There are two methods of reporting to the National Crime Agency: one involves seeking consent to proceed, and the other involves simply making a report about a set of circumstances where the transaction will not go ahead. If you are seeking consent to proceed, this means you are asking for consent to continue with the transaction. If you need to seek consent, you must specify what you are seeking consent for. This means drafting a description of the remainder of the intended transaction(s) and detailing the steps that you are undertaking or seeking to undertake for the client. This consent forms the basis of the firm’s authority to proceed, and offers a defence to money laundering. However, it is important to remember that the consent is only as good as the drafting. You must include all aspects of the transaction within the consent to get it right, otherwise you will need to ask for another consent. In order to minimise delays, the best advice is to seek consent as early in the matter as possible. You must ask the NCA for consent to proceed if you require it. This consent should cover all aspects of your transaction. You may also wish 107

Part 2  Receiving Client Money

to keep standard consents drafted for each type of work you do in case they are required. Your consent will need to cover all aspects of your transaction and the handling of monies. Once you have made your report, if you are asking for consent, you will need to wait. If you have made a report which does not require consent, you may have nothing further to do, except answer any questions from law enforcement if they are forthcoming. If you are waiting for consent, you will either be waiting for a response, or waiting for time to elapse. The NCA have eight working days to consider the report and either grant consent, deny consent, or importantly, not respond. If the NCA do not respond, you can take this as consent (see POCA section 335 (2)-(5)) and proceed with the transaction; again, according to the consent you have asked for. Report made asking for consent – Day 0 Notice period (+ 7 working days, until 5pm on 7th day) Granted letter / no decision / refusal / insufficient information Go ahead if no decision or granted letter If refusal moratorium period 31 days

The day you make your report is day 0. The NCA have a further seven working days to decide, after which point, you can proceed. However, the NCA can also decide that the report you have made is not within the correct parameters and reject it. This is a potentially poor outcome, and may mean you have to make the report again and wait a further time period. We can see the potential time pressure of adding eight working days to a transaction, and this is why it is best to obtain the correct due diligence information, and raise any red flag, as soon as possible. The waiting period can be difficult, due to the potential for tipping off (see the Proceeds of Crime Act 2002, section 333A). The MLRO or other qualified person will need to work with the person with conduct of the file to look at what can be done in the meantime if there is pressure from the client to proceed. It is important to note that no steps can be taken in furtherance of the transaction while you are waiting for a report to be considered (Proceeds of Crime Act 2002, section 335). However, there may be things you can do from a client satisfaction perspective that do not further the transaction, but do allow for the client relationship and whole transaction to be maintained. You may for example, consider technical issues with a superior, which does not take the file further, but does allow you to perhaps reverify and re-confirm the technical approach to the transaction itself is correct in law. If you are having difficulty, and you do not suspect the solicitor on the other side of money laundering, you may be able to inform the solicitor on the other side, 108

Reporting and this can assist in removing some of the pressure from the transaction. However this should be supported by legal advice which takes into account the situation. The relevant section is in the Proceeds of Crime Act 2002 at section 333C.

Exercises These exercises may help you plan your reporting, and help to brief your management and staff about what is required. Try one exercise at a time, and work with others in your organisation if you want to. (1)

Plan your forms for reporting, including the detail required by the NCA. There are sample forms at Annexes A and B to this Part of the book, but you can also design your own, or change those in the Annexes. Consider trying out your forms with fake scenarios that you think require reporting to make sure they work for you. Talk to your staff about the forms and ensure they feel comfortable with what to do.

(2) Draft consents in advance for each area of law. This means considering your standard transaction in each area of law, mapping it out, and ensuring you have each area covered. Try to cover it all in one or two paragraphs, describing the steps to completing the transaction. If you can complete this for each department, you will have template consents for any time you need to make a report. This can save time and effort. (3)

Get to know the codes the NCA use for each type of report, and what you are asking for. Look on the NCA website and obtain their latest reporting information. Record the codes you think you might use and keep them handy as a useful aide memoire. If it has been a while when you make a report, you can double check your codes are still valid.

(4) Map out the stages of the reporting process described earlier, in a diagram. Discuss this with another senior member of staff who might act in your place if you were away. Work together on a plan to implement reporting and discuss this with your management team. (5)

Review your governance and reporting for anti money laundering. Who will make the decisions to report? What role does the management team play? How will you communicate with the staff and fee earners if a report is made or needs to be made? Remember, staff may need direction about time periods and tipping off. Ensure you implement the correct policies and procedures to cover this activity.

(6) Plan for taking legal advice. Consider what you would like additional support with, and who you might approach if advice was required about making a report for money laundering, the reporting process, or the Proceeds of Crime Act 2002.

After reporting After reporting, the firm may continue with the transaction if they receive consent to proceed (including deemed consent). It will be important to continue to be aware of tipping off (Proceeds of Crime Act, section 333A) , and not to say anything to the subject of the report. You will need to ensure the transaction stays within the 109

Part 2  Receiving Client Money bounds of the consent you have been granted and does not deviate. If you receive additional instructions, your consent was not sufficient, or the transaction takes a turn for the unexpected, you will need an additional consent. You may wish to give limited information to staff internally. The compliance team will need to think about how to store the information.

We have already discussed the position of potential liability for reporting. Transactions sometimes do not have consent to proceed and must be halted. As a result, you might want to consider how to handle this situation and what you would do. You may need to explain to the client you cannot act for them anymore and cannot provide an explanation of the reasons why. Law firms may have template letters where they cannot act for conflict of interest reasons, and these could also be used as a template for this type of scenario. In these cases, the client may be extremely frustrated. Sometimes, the transaction may not be able to proceed at all. There are a number of points to make about this situation: (1) It is extremely rare for this to happen. You may be aware of a problem in advance if this were to happen; the client may also be aware of a problem. In order to deny consent to proceed, the authorities would usually be taking action within a short time period (see the provisions in Part 7 of the Proceeds of Crime Act regarding the moratorium period). (2) There is a focus within general law firm regulation on client care, and a perception that the client should be served correctly. Law firms have a position of information asymmetry and clients can be disadvantaged by their actions, therefore the focus on client care covers some of this point. You may wish to consider several outcomes: •

Additional client care procedures for the situation where consent is declined, including template letters, and procedures for a refund of fees (if permitted). You may be able to cite your professional obligations and use a similar letter to that used for conflict of interest. In a way, the scenarios are similar, as you cannot disclose anything to the subject of the report. In other situations, a letter that simply advises you cannot act for them anymore may have to suffice.

•

You may also wish to consider your approach to the regulator and potentially to the Legal Ombudsman if such a situation arose, and that you may need to be able to disclose the position to them. 110

Reporting •

Outlining your internal approach to legal advice in this situation; how you will seek advice, and where from.

•

Whether to consider other outcomes, beyond the immediately obvious. For example, if you fear a reputational outcome from the situation, you could make a plan to cover this.

•

You may be able to disclose the situation to the other side, or you may not be able to say anything at all. Consider whether to pre-empt this situation by writing to the other side to inform them you are no longer instructed. This may assist you if you are unable to undertake any work on the file. It will mean you will not receive anything further about the transaction.

•

Whether you can consider other (future or current) transactions to take account of this potential position earlier. Information could be provided to all clients at the outset of all of your transactions, covering the requirements of professional conduct, the need to undertake AML checks, and that in some cases you may not be able to proceed further. You may be able to explain there are circumstances that sometimes cannot be discussed with the client due to professional requirements, and should they arise you will need to terminate the retainer with immediate effect. These types of discussions can help with managing expectations at a later point.

If you do not receive consent to proceed, both you and the client may need to make plans for the monies within client account. As we explore in Part 4 of this book, it is an offence to enter into an arrangement, and this can happen when you receive monies from the proceeds of crime. Other offences can be committed as well. Legal advice will be essential in these circumstances, and as in the exercises set out previously, it can be helpful to plan in advance where you will obtain that advice from. This can act as a form of contingency planning, and can be kept up to date when you review those plans – perhaps once per year. Other considerations post-reporting include how to store the file. Given a report has been made, you may wish to think about: •

Whether to mark the file in some discreet way, to alert you or others that there is an AML report; or

•

Whether to maintain a separate compliance file to sit with the main file covering the report. Creating a compliance file can be a neat solution as often no-one knows what the compliance file is about, aside from the compliance team. Compliance files also occur where there is a complaint, or where there are other compliance issues such as data protection requests. For small firms, you might have a ‘management’ file instead which relates to the activities or oversight of the partnership. It can also be helpful to ensure this complaint or management file is kept confidential.

Communication may also be a consideration. It is helpful to train staff on AML and this is an important part of the Regulations. You may wish to consider the type and nature of the training if you are concerned about either reporting, or gossip between staff members. Preventing discussion, even internally, can be helpful to limit concerns about tipping off, and it can help us all to remember 111

Part 2  Receiving Client Money that although there is a corporate or organisational structure in place, people’s working lives can go beyond that structure. Those who work in local communities may appreciate the difficulty of maintaining a suitable distance to perform the professional task independently, and AML reporting is an excellent example of those problems. Independent compliance oversight can assist in these circumstances.

Managing risks and issues As already outlined, there are a number of potential problems in managing a reporting scenario. You can be faced with questions such as: •

Whether a report really does need to be made, in light of the tests for suspicion, and legal professional privilege;

•

Whether the authorities would have the same view, given their approach to the reporting forms;

•

How to manage the report itself, whether to ask for consent, and if so, what for;

•

How to manage confidentiality and prevent tipping off within the organisation;

•

How to deal with any scenario post-reporting where consent was required but is not given, and a customer relationship may need to be terminated.

You may also have to consider the reaction of staff to the situation; their security and the support they require in dealing with the position. As a part of this it can help to walk through preparation scenarios several times with staff so they understand what is required. It can be helpful to consider how you would deal with any situation in the alternative. We have defined money laundering at the start of this Part of the book, and there may be alternative avenues to report to the police, Action Fraud, and other regulators such as the Information Commissioners Office (if there is, for example, the theft of information involved). If you are dealing with a crime, you may wish to report the matter to the police, for example, and of course the initial crime may be different to the laundering of monies. There can be difficulties with client perceptions of the solicitor role and their position vis-à-vis the state. Some clients mistakenly believe they can tell their solicitor anything, and it can sometimes be helpful to outline the limits of the solicitor role in client care information or at the outset of the retainer if you think this is what will happen. This may need to be done carefully to ensure the client is not unduly alarmed. The writer is in favour of clearer information to the public about what they can expect when they instruct a solicitor and the limits of legal professional privilege. Overall, the system of checks and balances required for anti money laundering leaves something to be desired in practical terms. There is a large weight of work on the shoulders of the average solicitor practice to maintain appropriate and adequate systems. The reporting process can also expose the practice to concerns around handling the proceeds of crime, tipping off, and liability if a report is 112

Receiving client money made incorrectly. Sometimes fine judgements are required about what might be suspicious, and a very complex management process can ensue. We may also see that the system focuses largely on identity checking for individuals, rather than the financial position of the client. That can cause a concern as even though the client may be genuine (or genuine enough to pass the identity checks), there may be financial concerns that are present within their transactions. These pose the problem for the firm of identification of the concern and the legitimacy of the methods used to identify that concern. While identity may be verifiable by the state, the same is not true for financial transactions, and we may need to undertake a number of methods to understand the financial picture. However, over the coming pages and in the next Part of the book, we explore the avenue of possible financial checks and other avenues to secure the perimeter of the business, in a discussion about how to consider AML more laterally. That is, to move away from the narrow focus on the client transaction and their individual identity, and to use the systems discussed in Part 1 to build an understanding of any transaction, how it is built, and the impact across the business.

Receiving client money In this section we examine the financial aspects of the transaction and how we can use those to identify possible money laundering or other attempts at crime. This is not a requirement of the Money Laundering Regulations or the Proceeds of Crime Act, but it provides a new angle on the checking and management of client monies within a transaction. This section is also particularly useful for those involved in financial management, to ensure they are able to participate in the management of anti money laundering processes and procedures within their firm.

Initial receipt into the firm At the early stage of the transaction, the Regulations specify source of funds (transaction finance), and source of wealth (client financial health), as the financial checks that should, or could, be undertaken. However, we can identify much more by considering the use of the client account. There are more checks we can undertake at this initial stage. We might start with correspondence relating to the payment that is to be made into the firm. This should tell us: •

who the client is (name);

•

what the payment is for;

•

how much the client is to pay;

•

when they are to pay it; and

•

how they are to pay it (for example, they might pay it by bank transfer or in cash). 113

Part 2  Receiving Client Money We are then looking for this to be consistent with what happens next on the ledger or client account bank statement, including who pays the sums due. In the writer’s regulatory experience, sums can be taken from the client and inappropriately kept out of the client account by the fee earner at this early stage, and this was a frequent cause of prosecution while the writer worked for the SRA. It is therefore worthwhile ensuring client files and corresponding accounts are subject to random checks and individual reconciliations to ensure the amount noted in correspondence on the file as being paid to the fee earner, has actually been paid into the client account, and is marked on the ledger. While monies taken direct from the client can be misappropriation, they can also be taken ‘under the counter’ as part of a wider scheme to transfer capital. Of course, monies can be received from a client when there is no corresponding matter, or by accident from a third party. While we can all make mistakes, particularly if a law firm is shown in the list of ‘payees’ on your bank instruction, there can also be instances in which these payments are frauds, either because the person sending the money attempts to get more back than they sent, or because they are attempting to attach the name of a law firm to the sum. Sometimes, instruction is given to the client to pay monies in, but the monies are actually sent by a third party. In this case, the third party may need to be subject to identification checks and a consideration of whether they are a party to the retainer, or whether they need independent legal advice. This sometimes happens with the ‘bank of mum and dad’, where the parents of the client are making a contribution to the purchase price of a property and money is received directly from them. In this case, they would need to be identified and be subject to source of funds (transaction finance) checks. You can also check the names of who sent the payments and that it is what you are expecting. Mum and dad in this case may need independent legal advice, and you may have to rely (in the meaning of the word ‘reliance’) on their representatives. If monies are to be received from a third party and instructions have been given to that effect, you should: •

be aware of who the third party is;

•

conduct checks on their identity;

•

understand their source of funds (transaction finance); and

•

understand their relationship to the transaction and whether they need independent legal advice.

Any contribution from an external source should be consistent with the explanation provided by the client, consistent with their profile, and consistent with what happens during the lifetime of the file and how it concludes. Payment method may also be relevant, and the method of payment can also be a source of information about the transaction and the consistency of the client explanation. Of course, some clients may attempt to pay cash into the client bank account and you may need to ask questions about the source of cash payments either directly received or placed into the client account. Additionally, other methods of payment to client account may also be consistent or inconsistent with the client explanation or file, for example: 114

Receiving client money •

payment made in person at a bank (in particular look at where it is made);

•

a paid in cheque or overwritten cheque;

•

a standing order; or

•

a payment by credit card.

All of these may all give pause for thought. The location, timing, method, and amount of money received can all assist in confirming or querying the overall position of the client. There may be more obvious red flags and these include payments: •

received into client account from outside England and Wales;

•

received from different bank account names, or in names which are similar but not quite the same as your clients’ name(s);

•

which are in common with other amounts you frequently receive, without this being specified to the client.

In such cases, you may wish to query the nature of these payments with the clients – in the case of different names, you may wish to repeat e-verification on new spellings, and ask for further identification. You may also become concerned if you notice regular payments into your client account, and you may query why a client is utilising the account in this way, and discuss this with the fee earner. This could be a sign of the client using the account as a banking facility in breach of the Solicitors Accounts Rules, rule 3.3. You may also want to consider and risk assess the overall use of the client account, considering the type of payments that come in, how frequently they are received, in what sums, and where they come from. This can all help towards understanding your client base, the use of the account, and how to manage the risks associated with it. It can also help us see not only a law firm with separate departments (who may be treated equally), but also who is generating money into client or office account, and where that money is actually being received from. This type of check may not be shown as a result of individual ledger investigation, and therefore auditing of a firm would need to go beyond individual file and ledger consideration, and into bank statement auditing and cross matching with files. Debt management is an excellent example of where a large amount of money can be sent from third parties without any understanding of where it has come from or how it has been raised. Of course, in these circumstances it is possible to risk assess this use of the client account and ask for the debt to be paid by certain means. For example, directing debtors to receive independent legal advice before they make payments to your accounts can ensure they have been identified appropriately and their source of funds has been checked. In some cases, the debt may fall below the de minimis provisions in the Money Laundering Regulations, but debt management also has an element of identity checking in built, so you may also require payments to be made by the person who owes the debt as an additional safeguard. 115

Part 2  Receiving Client Money

Referring to the Accounts Rules (explored in Part 1), monies received should be allocated to client ledger straightaway. The system of allocation can vary from firm to firm, but often the monies incoming have to be claimed by the fee earner or department from a list of those received. In some firms, Finance are notified in advance of money expected. The monies are then allocated to that ledger by the Finance team. Mistakes can and do happen, but they can be put right, in line with the requirements in the Accounts Rules. You may find some payments of an unknown source being paid into the client account and if they are not claimed and allocated, they are attached to a suspense ledger. Leaving sums remaining in a suspense ledger, or the extensive use of suspense ledgers in the first place is a breach of the Accounts Rules under rule 6, but can also provide the opportunity to further investigate the sum in question and why it cannot be allocated. You may wish to investigate any suspense ledgers more broadly to consider whether any sums are already there and whether there are links between them. Of course, when we start a new matter or receive new instructions, we expect a new file to be opened and a new matter to be started on the accounts system. Do be wary of new matters which are allocated to old files or ledgers to hide either new or old activity; this is covered further in Part 1.

Managing the lifetime of the transaction After identity and source of funds has been checked, the transaction moves into a phase where client funds can be utilised in accordance with the matter. For anti money laundering purposes, the transaction at this stage would be monitored. Once through the initial phases, the transaction is largely regarded as having passed the AML requirements, and free to proceed. There may be a cause for concern if there were changes to the profile of the matter, or if it took a direction that was unexpected, or perhaps revealed a suspicious set of circumstances. Although we have considered initial deposits into the client account, sometimes funds can be paid into the account later in the transaction and be expected later. 116

Receiving client money It can be helpful to undertake additional work to ensure the information you have been given about source of funds (transaction finance), and source of wealth (client financial health), is consistent with the deposit made from the clients’ personal bank account into that of the firm. That might also involve checking: •

how the transfer has been made;

•

who the transfer has been made from (for example, is it from the same bank account that was shown to the law firm to prove ‘source of funds’, and is it in the name of the client?);

•

where the transaction has come from (and whether for example it has come from abroad or a high risk jurisdiction);

•

when the transfer has been made and the dates might be relevant for advice or demonstrate either consistency or inconsistency with actions on the file;

•

the sums transferred and whether these are what you are expecting.

It should be possible to say to the client that their funding for the transaction should come from the same source as that specified to the law firm during the ‘source of funds’ checks, and this will be verified by the law firm during the transaction. We have focused here on the client, but the same checks can be made for any transfer from or to any party during the lifetime of the transaction, with particular attention paid to the information on the client or office account bank statement rather than just the ledger. You might then think that if a check was made of source of funds at the outset, but some time has passed since then, the client might have moved money around, or received money from a third party and sent that to the law firm instead. Although client due diligence encompassing financial checks is usually carried out at the outset of the transaction, the law firm could repeat these checks as part of enhanced due diligence to confirm the legitimacy of the monies they are receiving, and they could do this just prior to receipt of those monies if time had passed. If this was coupled with checks on the bank statement to verify sums from the account checked, the law firm would have a good degree of confidence that these were the sums they have received, and this would go some way to mitigating the risk of money laundering. From a financial perspective, there is a good deal that can be managed and investigated during the lifetime of the transaction, which goes beyond simply monitoring. We can take additional steps to ensure the transaction is within the bounds of what would be expected. These steps might be unique to solicitors and licensed conveyancers due to handling client money. However, these steps are ones that a MLCO or MLRO, finance officer, or COFA, can take to ensure that the transaction is being effectively monitored. The following are areas to consider, which might form the basis of policies and procedures within your firm, designed to check and ensure the correct use of client money, and minimise the risk of money laundering. Of course, there may be some 117

Part 2  Receiving Client Money knowledge of legal services implicit within the areas outlined, but there is also a great deal a finance professional can undertake in these areas as well. Areas to consider

Further information

Consistency It can be helpful to consider the usual pattern of payments on any type of matter within each area of law. In some areas of law, it should be possible to standardise payments at different stages to enable closer monitoring of client money and quick verification from the accounts that standard steps have been taken. Developing consistency in your accepted payment methods (for example, by bank transfer), can help you see if anything unusual occurs. Allowing payment only by bank transfer also allows us to see who has made the payment, and when and where it was made. You can also use some facilities, such as Paypal, if you are at all concerned and wish to reject a payment. Consistency can also be applied by reviewing the file and checking that the sums on file match those accounted for on the ledger. Even small sums, if consistently misplaced, can be an indicator of covering for a wider fraud. Intra-file transfers

Transfers between files should usually be routinely sampled, as they can indicate an inappropriate movement or allocation of funds to cover for another loss, in an otherwise managed set of books. We have explored this possible fraud in more detail in Part 1. Files can sometimes be linked; this might happen in litigation or property, but can occur in other matters as well. The file will tell you what should have happened and when. The relevant Accounts Rules require client funds to be immediately available for client matters, and client monies only to be used for that clients’ matters. Intra-file transfers of funds risk those requirements, and also mean you can have client monies on a ledger which have not been risk assessed for money laundering in the way it might appear. It may be possible for money to be stated as coming from a client and be checked and passed, but instead it is received from one or more other ledgers and transferred across to this ledger. Under the Accounts Rules, client money can be used for the client’s matters only. This means if there are transfers between client matters these should only relate to that clients’ matters, or exceptionally, be a correction.

Billing

The costs of the matter should be advised to clients at the start of the matter, during the lifetime of the client matter, and at the conclusion. It can be worth liaising or employing a lawyer in this area to review when costs information has been provided and that it is consistent with the file progress, particularly if costs are large. Inconsistencies could indicate either dishonesty or preagreed amounts with clients and the presence of underlying money laundering, possibly involving staff.

118

Receiving client money Billing – contd

All matters billed for should be on file and there should be evidence of the work undertaken. Dependent on the firm’s policies and procedures, this might mean storage online or on a physical file. Firms should retain their physical files for inspection by the client, regulator, insurer, or others. Incomplete or missing files can be a cause for concern, particularly when monies have passed through the client account. The firm are required to retain records of transactions for up to five years under the Money Laundering Regulations (regulation 40). When considering billing, also consider whether disbursements have been billed for correctly, and whether VAT has been accounted for correctly on each part of the bill. We have discussed the position of VAT briefly in the first part of this book. In some cases, regulators find that bills have been raised for the sums left on the ledger. This is a breach of Solicitors Accounts Rules, rules 2.5 and 5.1 as it is unlikely this sum was properly due to the firm. Such matters have been prosecuted, particularly where there has been a consistent pattern. The relevant Accounts Rules for billing are rules 2–5.

Client payment

We can review the matters the client is paying for both during the lifetime of the ledger and at the final payment stage. Firms should verify from the file that the items paid for relate to that file and appear on that clients’ matter. We discuss the various parties that may be involved in a transaction later in this Part of the book. If monies are still to pay on the final client bill, despite the use of client account, we can further consider how the bill will be paid by the client. There may be the need to raise this with the client prior to the bill being sent to them. The same checks that can be taken on the initial payment can also be applied to the payment of the final bill. However, a solicitor can find themselves being paid by a third party if not careful. We place a considerable amount of emphasis on checking identity at the beginning part of the transaction, but we sometimes forget the end of the transaction. You may be in a position where you have to verify the identity of the person paying the bill – and even to query their role in the transaction and why they are paying, at the end. Of course, this can pose a difficulty and solicitors may want to insist that the client pays the bill from their own resources or by their own means. This may need to be stated and confirmed at the beginning of the transaction.

Office payment

In all cases, the office ledger needs to be considered in similar ways to the client ledger. The usual pattern is for monies to be paid into the client account on account of costs. Those costs are incurred, either through client account or through office account, and then billed to the client matter. Any alternative process can risk misappropriation from the client. If a payment has been made from client account to office account for something which would be billed to the client, check the payment has been made by the practice.

119

Part 2  Receiving Client Money Office payment – contd

One office account is usually maintained for the purposes of transfer of money through the firm from the client account. Consider whether there is income which is not being declared by not being placed through the client account, and how this is being raised.

Ledger conclusion

It is necessary for the client and office ledger to be brought to zero at the close of the matter, and files should not be archived without these actions being undertaken. A failure to undertake these actions will in time lead to a surplus on the client account. The office account may similarly be in debit and the later transfer of small sums to correct the position on closed files has been the subject of regulatory investigation previously. All client billing should be notified to the client and monies should be moved appropriately. Failure to adhere to these provisions can create an acceptance of poor bookkeeping at the close of the transaction, meaning it can appear acceptable to take small amounts from client account, when that it is not appropriate. In some cases, firms could be accused of allowing small balances to be generated in order to take them from the client account later. A well disciplined firm will bring both client and office ledgers to a zero balance as frequently as is possible, within both the required timeframes and a reasonable overall timeframe in relation to the original matter. The legal regulators have various rules in place related to aged balances, which are balances that have remained on client account or client ledgers for more than one year. It is good practice to obtain client account bank details to return small sums to them, or take as many steps as possible to return the sums to your client. This can include advertising for the client to come forward if you have lost contact with them. Aged balances can in some instances be paid to the law firm. In instances of large, aged balances these commonly have to be transferred to the regulator and be placed in their Compensation Fund. This can lead to an incentive to retain small balances on the client account. It is the writer’s view that this is disingenuous if done deliberately and a breach of the rules (in that law firms are expected to account to their client fully). The writer would like to see a total annual limit placed on the sums that can be withdrawn from client account due to aged balances, to prevent firms taking this action on purpose. However, with all of this said, the return of large balances to the client, or even the distribution of sums received, should be done carefully. We have covered the position of sham litigation as an indicator of possible fraud, and Bowman v Fels (2005) as a relevant decision is covered at page 236. You may need to ensure the bona fides of the distribution of sums or that they have been presented to the Court. Reasonable sized sums being returned to the client or third party, or sent to them in unexpected circumstances could be an indicator of concern and should be investigated further to understand how it has arisen. 120

Receiving client money

Areas of investigation The following are additional areas to consider as investigation points within your firm. You may also consider these lines of enquiry if you are a Reporting Accountant: •

Uncleared cheques outstanding for some time should be written back to the ledger and these should be checked on a regular basis to prevent them being used to cover gaps within the books. Firms may wish to check to whom uncleared cheques have been made out, and for what sums. Cheque stubs should also be reviewed to ensure they match the information provided in the cashbook and bank, and on file.

•

Cash receipts and petty cash are also important to look at. Firms should have a cash policy in place for anti money laundering purposes, to ensure that they do not accept large amounts in monies they cannot trace. Petty cash itself can also be a source of investigation for the same reason. Clients may pay cash directly into the client bank account at the bank. Consider whether you need a cash policy which covers this with the bank.

•

Monies can quite legitimately be paid out of office account for a whole range of different services. If you find activity on files which is suspicious or seems strange, it can be helpful to consider the services also around those activities and whether they give rise to any concern. For example, in the past there has been concern around fraudulent personal injury claims. Around those claims we might also consider the services being used, such as the experts’ reports, how they have been paid for, who has been paid, and when. If you have concern on a particular file or group of files, you may need to look at the third parties also involved, or who is benefitting.

•

Dates on the ledgers are a useful source of information and are often generated automatically by the computer software. If a set of accounts is handwritten they can also be checked against the reconciliation or other calculations done at the same time. It can be helpful to consider whether the dates match those on the file and whether the last movement on the ledger is the same as that on the file or has a consistency with it. Last movements on ledgers which are a long time after the previous action are a cause for further investigation and can reveal inappropriate movements of monies or the reactivation of a file when a new file should have been opened. In some cases it can be legitimate, and again the importance of consistency should be considered.

•

Dates can also be considered in a different way, and this includes the speed of the file and how quickly it is conducted. Fake files are a problem within law firms and it is a problem the writer first encountered when working for the Legal Services Commission (now the Legal Aid Agency, many years ago). Files that are conducted too quickly, follow abnormally consistent patterns, or have consistent patterns of payments to and from certain sources can be indicators of an issue, if they are not firm-mandated. Do look out for similarity in non standardised files as a potential indicator of fraud, as the fake files can be conducted in the same way due to non detection the first time.

•

However, different areas of law may legitimately have different patterns, and firms also have choice about how they set up and take billing. Consider the use of the client account overall. You might consider frequency; whether the client account is ever being used by those who do not present identification to the firm; and how much is received into the account. Taking this overarching 121

Part 2  Receiving Client Money view rather than concentrating on the individual matters can also assist with ensuring the firm has sufficient procedures in place to protect itself from money laundering overall. •

If you are looking at conveyancing files, be sure to consider the use of the mortgage funds and that the draw down, allocation, and use of those funds, is consistent with the expectation of the bank and the client. Mortgage funds that have been received that cannot be used promptly must be returned to the bank. The full amount of the mortgage should be used as a mortgage unless agreed with the bank, and any surplus returned. Funds that have been used (including client contribution) should be consistent with the amounts on the transfer sent to the Land Registry, and with the amount registered by the firm against the property. Purchase prices and mortgage funds should also be consistent with the valuation provided by the estate agent, surveyor, and the information available online. We consider the role of different parties to the transaction later in this Part of the book.

•

Similarly, other transactions can be reviewed to ensure the use of the client account is consistent with that reported to official sources, and stated generally. Matching the transaction to the file and ensuring consistent explanation is important; do also ensure some checks are made on the underlying transactions at the bank.

•

Firms may wish to consider the impact of their fee-earning targets on the behaviour of the firm overall. It is important to ensure that fee earners and the management of the firm have the space to make effective decisions without overt pressure being exerted to take unethical positions or positions which are breaches of the rules. Those conducting internal audits (including for AML) may wish to consider the approach of the firm and the strength of the policies and procedures in the finance team.

Monies from and to third parties Although the title of this book is ‘Client Money’ we do see monies received and sent to other parties. Sometimes this involves the client account, or it may involve the office account. It is worth understanding how third parties can be involved in any transaction, and who commonly might be, in order to consider whether their involvement is proper and appropriate. As explained in the next Part of this section, monies are sometimes held for third parties, for example, in conveyancing this occurs at exchange and completion, if monies are held to order, or if an undertaking has been given. In that situation, the third party is represented, and the monies have been sent by their solicitor; there is no suggestion that advice has been tainted as each party has received separate legal advice. This is a perfectly proper use of the client account, although as we have already explored earlier in this Part of the book, the funds should be checked by both sides. In the table below, we explore where the monies for a transaction might be received from, and what questions you might ask in order to understand the bona fides of that contribution and whether it is appropriate to the file or transaction. Of course, we must understand whether there is a conflict of interest in contributing to client legal work or general affairs, and all of the usual 122

Receiving client money questions that arise in the position. It is important to ensure that the client is receiving independent legal advice from you, and this is not being tainted by the involvement of another person. Clients who are vulnerable or elderly may particularly be in this position and there is specific advice and guidance from the legal regulators and their representative bodies on these points. It is good practice to see the client alone, and not to allow a third party to give instructions for another in a transaction.

Person(s) monies received from (aside from the client)

Questions to ask

Family member

The same identity and source of funds checks as for the client. Understand the geographical location of the person and where funds are coming from in context of high risk jurisdictions. Establish whether they are a PEP. Advise them to obtain independent legal advice. Ensure that the family member is not taking unfair advantage or pressuring the client. See the client alone.

Third party – agent, broker, other representative

Establish whether the third party is genuine. Establish the reason for financial and/or representational involvement and whether it is appropriate for it to continue. The point concerning representational involvement might be quite important, and the advice of the solicitor should not be tainted in any way. Ensure the client is not being pressured. Run checks on identity and source of funds (transaction finance) in the usual way. Consider involvement of any high risk jurisdiction, and whether there is any attempt to circumvent the usual aspects of the transaction by payment of money. Consider whether money is being received from the third party or another, or passing through their hands, and whether this seems usual or reasonable.

Representing your own business – including business partner

Understand who you are representing, and whether there is a conflict requiring independent legal advice. You will need clarity on this point to continue with the retainer. Undertake source of funds checks and identity checks on those providing funds. Establish whether they have the right to provide those funds and the tax position. Ensure that the client is not pressurised and that the other side or any other party receives independent legal advice. Consider the involvement of a high risk jurisdiction.

Bank or other financial institution

Ensure the bank is real and an established high street lender or other respectable financial institution. There are cases of clients using fake banks or non traditional lenders, and of banks being impersonated in scams. Review the records at the FCA, and consider whether the scenario is believable. Consider the location of the bank as part of your overall assessment of the transaction. Consider the involvement of a high risk jurisdiction. 123

Part 2  Receiving Client Money Bank or other financial institution – contd

Another situation in which you may receive funds from the bank is in the context of interest. As we have covered in Part 1, there are rules in respect of receiving interest on sums in client accounts.

Other side

The other side are relevant in the context of cases such as Dreamvar (2018) and Purrunsing (2016) in that both sets of solicitors can be found liable, and both should undertake full due diligence, which you can confirm. As we see in Part 4, money laundering information is relevant when it comes to you in the course of your business dealings – including the dealings with the other side. It is relevant to check to ensure that the other side are genuine solicitors or legal professionals and to maintain your own list of known contacts and telephone numbers. You may also wish to check that they are insured, and whether the transaction falls within the scope of the Compensation Fund. If the matter is intended as litigation or has gone before the Court, then Bowman v Fels (2005) may be relevant. See Part 4 for further analysis of that case.

Regulator or public body

In some cases, you may receive compensation from the regulator’s Compensation Fund into the client account if you are acting for a client who has been subject to intervention. While the funds may not come from the intervened firm (they may come from the Compensation Fund), it can be worth monitoring the transaction closely as it has arisen in, or is associated with, a firm which has been intervened. If you are instructed by staff members of any public body, you may need to consider whether they are politically exposed persons and where the funding for the transaction comes from. If the funding comes from the public body but is being used for a private purpose this could be an indication of misappropriation, bribery, or another crime. You may be able to see the results of this in the named receipt of monies into the client account on the bank statement.

Staff

There is a general prohibition against own interest conflict. If a staff member is involved in or providing funding for a transaction for a client, there could well be a conflict of interest and all parties may need to be advised to take independent legal advice. By even approaching this position, the staff member could have breached the rules of professional conduct, and this may also need to be considered by the firm.

Debtor

Sometimes a debtor is a client of another firm, but often they are not represented. Consider asking the debtor to demonstrate their identity to the law firm before paying the debt and requiring that funds come from a bank account in their name. In future, and with the development of increasing focus on anti money laundering, we may see debtors (even as a third party), being asked to demonstrate how they have raised the money to pay the sums due.

124

Receiving client money In all cases, it is appropriate to consider the bank accounts the sums come from, how much is received, and whether it is consistent with the approach in the transaction.

Payments out Earlier in this Part of the book we covered the need to consider how much is paid out to different parties; whether or not those transactions are legitimate; where the payment might come from (client or office); and the importance of ensuring the payment has been made. There are a variety of people and organisations who may need to be paid. For payments to the client, on client instructions, or to other non standard organisations involved in the transaction, we may ask similar questions to those seen earlier in this Part of the book, covering: •

Who the payment is to be made to (the name on the bank account);

•

When the payment is to be made;

•

Whether the location of the payment is consistent with that of the client explanation, and whether it poses a red flag, such as an unusual payment overseas;

•

How the client has instructed payment be made or whether there has been an unusual request in this sense;

•

What we are returning to the client (or the third party).

We have seen in the cases of aged balances that it is helpful to retain the client bank account details (and ensure these are the clients’) and these are the details that should be used to return funds to the clients. Undertaking checks to ensure the correct payments have been made at the bank and offer consistent explanations with the file is a useful means of monitoring the transaction. The firm’s overheads are not a payment that should be made from the client account, either directly or placed on to bills for the client. The writer has seen some instances of firms attempting to charge additional amounts on bills for the overheads of the firm. Both the legal regulators and the Legal Ombudsman have objected to this and consider that the overheads of the firm should be covered by the profit costs charged. Some firms, it appears, struggle to understand the terms ‘overheads’, ‘profit costs’ and ‘disbursements’ and in a sense some of these are historical terms which have been carried forward into a more modern age. With large numbers of solicitors practising and greater consumer knowledge and buying power, the terms used become more important. Consumers are not expected to pay overheads in other professional industries, or in shops, and instead are given a total price, including VAT. The same should be true of the solicitor’s practice and their billing. The following table shows the payments that may be made out regularly by a solicitor firm and whether we expect them to be billable to the client, or whether we expect them to be paid from the office account. 125

Part 2  Receiving Client Money To be billed to the client*/**

To be billed to the firm

Expert witness

Referral fees

Medical expert

External accountants instructed by the firm for the use of the firm (for example for the annual accountants’ report).

Estate agent fee (not referral fee)

Auditors

Court fee

Recruitment consultants

Searches

IT consultants or IT services

Surveyor

Marketing companies

Bank or financial fees for transaction

Client entertainment

Taxes for the transaction on the services incurred or where they are otherwise liable

Salaries

Travel to see client (if agreed)

Office rent, office equipment, and photocopying

Insurance which arises during their legal transaction

Taxes for which the firm is solely liable (such as corporation tax)

Government agency fees (such as land registry fees)

Professional indemnity insurance

* In Part 1 we have explored the Solicitors Accounts Rules, rule 2.2, which allows the firm to move monies into the office account with the agreement of the client, or for disbursements where the firm would be liable for the costs. ** It is also noted here there are a variety of different funding agreements and arrangements that can be put into place for the client, including, for example, via insurance. We are not covering those arrangements in this book, but the point is made here that these are funding arrangements for the client. Beyond the list already specified, the firm will have their own bookkeeping in place which should specify the amounts incoming and outgoing, and the costs that are more broadly charged to the firm. This list will be much wider than the list above, but finance staff will have a key role to play in understanding the bills being raised with the firm and whether they are legitimate. If a firm has an undeclared source of income alongside bills being paid to unusual sources, this would be an issue to raise with the MLRO. There may be a perception that the MLRO is purely focused on client matters, but it is important to ensure the firm is legitimately founded and funded, and this is in line with the terms of the firm’s regulatory authorisation. In all cases, consider the sums billed to the client and office and the consistency of those with the bills raised, as well as the likelihood of the bill being genuine given all of the information available. You might ask: •

how much has been billed?

• to whom? •

where are they based?

•

when was the bill raised? 126

Receiving client money Consistency can also be important. Ask whether the sum is consistent with what you would expect and in line with the profile of the firm. Ask how frequently the sum has been charged, and whether or not you would expect the firm to be billing this amount at this frequency, and who the bill is being sent to. Of course, client money should be kept separately to office money, as we have seen in Part 1 (for example, Solicitors Accounts Rules, rule 4). When referring to payments in and out of the client bank account, or even the amounts billed, and their ultimate destination, the point is to consider the underlying legal transaction as the basis for the payment. The Accounts Rules are widely worded in that sense, with one of the bases for withdrawing client money being ‘for the purposes for which it is being held’. This is a wide definition, but the SRA have clarified that the client account cannot be used as a bank account (Solicitors Accounts Rules, rule 3.3), and that the monies should only be used and linked to the legal transaction taking place. We might say there was a set expectation about the type and nature of payments which can and would usually take place within any area of law and these should be able to be specified by a firm; beyond that the use of the client account might be considered as a banking facility (in breach of the rules), if it was not explainable. We can also see that the Accounts Rules provide for third parties to give instructions to make payments out from client account, under rule 5.1(b). This is usually in circumstances where the monies are held to the order of the party on the other side, while they are waiting for a transaction to be concluded. The SRA can also authorise payments from the client account under the Accounts Rules, rule 5.1(c) and this rule is usually utilised in the cases of aged balances. Of course, the SRA sometimes intervene into (close down) practices and take control of the client monies and files; such a power could be used at this time, or to direct the activities of the intervention agent. Those working with the accounts may also wish to look into the sums utilised by the business in the office account and how the business is run as a whole. A further discussion of this is included in Part 3 of this book.

Costs Costs can be an important consideration in legal services and there is a separate area of costs law devoted to the subject. Of course, sometimes those in Finance departments and Reporting Accountants do not have the experience or knowledge to understand the latest changes or requirements in different areas of law, and funding for legal services has changed dramatically in last twenty years, with legal aid being replaced by insurance led funding arrangements. It is worth taking the time with your Finance teams (or as Finance teams) to understand the funding of cases your firm is taking on and the ethical and legal considerations of those funding models. Familiarising yourself with those models means the firm has confidence in the charging position it is adopting for clients and how this should be implemented throughout the firm. As a Finance or accounting team this can also assist in understanding whether billing is at a level which is 127

Part 2  Receiving Client Money appropriate or ethical for the client, and whether there are any concerns about how the matter is being funded, and by whom. Of course, there are a lot of legal and compliance considerations to take into account when dealing with charges for clients, and these are not covered within this book. The legal contract with the client is often a consumer contract for services and there are provisions at law which apply to the services and their charges, alongside a system of regulation and problem solving, which the writer has in other publications likened to a system of jus honorarium. That being a system which sits alongside legal remedies, to provide an alternative consumer focused system of redress. It is worth bearing this in mind, as law firms have been used to utilising the services of the Legal Ombudsman or the regulator rather than perhaps being subject to the law in this area. Should these services not be available in the future, the position of consumer complaint and redress might be quite different.

Concepts of the Accounts Rules Again, whilst not mentioning AML, the Accounts Rules cover a variety of situations which may be relevant to money laundering. The Accounts Rules have a fairly open interpretation. The SRA do not mention checking source of funds (transaction finance) specifically, or enquiring about client financial health (source of wealth); this is covered in the Money Laundering Regulations. However, the Code of Conduct in the latest iteration does cover checking identity (see the Code of Conduct for Individuals, rule 8.1 and the Code of Conduct for Firms, rule 7.1(c)). Of course, the Accounts Rules themselves do have anti money laundering implications. When discussing anti money laundering, in comparative terms, the holding and transmission of money is some of the highest risk available given the specific criminal offences attached to the process. Let’s have a look at some of the direct concerns: •

Holding client money: Solicitors and other lawyers hold client money by virtue of the provisions in the Solicitors Act 1974, sections 32–34, and the SRA make the Accounts Rules to cover those requirements. If we start with the basic premise that some work is high risk for money laundering, and therefore must be regulated, we can see that honoured within the Money Laundering Regulations at Chapter 1 and in the references to the regulated sector in the Proceeds of Crime Act, Part 7, by virtue of Schedule  9. However, some of the industries that are regulated are just seeing clients and advising or providing other services – they are not actually holding the client’s own money. For example, estate agents do not hold the clients’ money, but they are regulated for the purposes of the regulations and POCA. Therefore the law firm attracts a higher level of risk, particularly when we consider the offences related to the proceeds of crime. Holding and handling the client money goes beyond the basic identity requirements within the Money Laundering Regulations and POCA, and further into a managerial requirement for that money. We can see this managerial requirement in the fiduciary duties of the solicitor, practice, or other lawyer. 128

Concepts of the Accounts Rules However despite this additional risk posed by the holding and management of client money, there is not a specific requirement to deal with this within the Regulations. Instead, we can see the focus squarely placed on dealing with client identity. Anecdotally, it may be true to say that a large number of prosecutions before the Solicitors Disciplinary Tribunal deal with the Accounts Rules and it may be that the assumption is made that this will deal with the position. However, the Accounts Rules are rules which are designed to govern the handling of client money itself, rather than in making an assessment of the risk of that money or the situation surrounding it. The Tribunal generally consider breaches of the rules, including the wider Standards and Regulations (or Codes of Conduct from the SRA in force at that time). We might need to unpack this bundling up of the handling of client money alongside client identity and overall risk of the transaction, and separate out the requirements into specific issues. The holding and management of client money as an AML issue may require management and consideration in its own right by the SRA, with a separate or defined set of professional conduct rules or regulations. This approach may equally apply to banking in financial services and also to cryptoassets, as well as to other lawyers. •

Client bank accounts: The Accounts Rules require the maintenance of a client bank account and the use of individual ledger records to manage a number of transactions. We will see in Part 4 of this book that consent can be refused for a transaction and the law firm can be left with sums of money on account. While this is rare, the principle is the same and the requirement on solicitors to maintain exceptional accounting records becomes even more important – solicitors have to be able to identify and accurately remove the sums due to the individual client. Again, we will see in Part 7 that the Law Commission consulted on the ability to ring fence sums within an account but the requirement for excellence in ledger keeping remains. Managing individual client accounts is similarly impacted, and these are also covered both by the activities of the practice and their record keeping.

•

Movement of monies by the practice: As we have seen, for the purposes of managing the client money, there are several rules about the billing, use and transfer of that money, and in what circumstances it can be withdrawn. These rules have the effect of doing two things: –

Implying permission to act in a certain way, given by the regulatory authority: The Accounts Rules are worded in a proactive and permissive way; allowing the money to move and creating the suggestion for all parties (including the firm and the client), that it will. In fact, no such permission may have been granted at all. It may need to be said that the Accounts Rules and their use are subject to the requirements to report, and consent to continue with the transaction, where appropriate. There may also need to be a separate set of requirements for when the transaction cannot proceed.

–

Suggesting a position of movement of those monies or of the transaction as a whole: A  psychological difficulty can arise if the transaction cannot move, for example if consent has not been granted by law enforcement following a report. Those around the transaction are confronted with a situation which almost never exists. Solicitors and 129

Part 2  Receiving Client Money other lawyers, as well as those involved with legal transactions as a whole, are used to them proceeding, and this requirement is underlined by the regulators and complaint handling bodies, who expect the consumer to be served. We need far greater practice in deliberately delaying and taking the time to further consider transactions, for legitimate reasons. •

The holding of monies for other persons: The Accounts Rules recognise that the money can be held on behalf of another person, or may in fact belong to the practice. The practice holds the money on trust when it is held for the client or third party. The requirements in the Proceeds of Crime Act may necessitate the practice taking legal advice to ensure they are compliant with any movement of any monies. There may be implications for billing even if a third party is at fault, as the practice may only be able to take fees which are ‘adequate’ for the services legitimately performed. This requires a consideration of those services which were or have been undertaken and whether they were legitimate, as well as a consideration of the proposed bill. Transactions on the other side may also be disrupted. With the increased focus on anti money laundering within the professions and the introduction of oversight regulation in the form of OPBAS (the Office for Professional Body Anti-Money Laundering Supervision), there may need to be specific regulatory rules covering the areas of suspicious transactions. Of course, the Accounts Rules, in combination with legal advice, could be seen as a proxy for safeguarding the rights of individuals within or through a legal transaction. There is an intended forward movement by the Accounts Rules and the (probably) similar intention of the firm by taking legal advice. At the moment, the transaction could be suspended for up to seven days awaiting consent, and longer if law enforcement intend to take action. The remedy for the client may be a legal one, but we also have to ask whether the situation is an erosion of human rights and the disproportionate use of power by the state. Practices may be advised to make a report as soon as possible within the transaction and advise clients not to change the parties or source of funding, otherwise the transaction will be placed at risk.

•

Use of oversight mechanisms within the Accounts Rules: We have identified these as being the accountants’ report, COFA, and the regular reconciliation. These oversight mechanisms can result in further reporting. Suspicious activity reports made by those with oversight may compound the issue for the client and cause problems for the law firm. Those working within a practice may have restricted information about any report or suspicion within the firm in order to avoid tipping off, which may mean those exercising oversight do not receive the information they require. While a report to law enforcement or ring fencing of some monies may just create a ‘footnote’ to an oversight mechanism, it is worthwhile acknowledging this situation. This may be another aspect of reporting that needs consideration.

•

Availability of client funds and the payment of interest: Similar to the implications above, the wording of these provisions of the Accounts 130

Concepts of the Accounts Rules Rules creates a suggestion that client funds should be available to the client regardless of the situation. The payment of interest is also to be offered to the client; both of these positions are also creating the expectation of the obligations to the client, possibly in any situation. The trust is paramount and in ordinary situations those monies would be due to the client, but there is a conflict which requires resolution in the payment out to the client or attempt by the client to take their or additional sums from the firm when law enforcement are involved. It is possible that one solution to the various concerns listed above would be to create, within the Accounts Rules, a ‘holding’ account for the holding of client monies for transactions which cannot proceed, with such situations envisaged and provided for in consultation with law enforcement. Such an account would be subject to a reconciliation in the same way and subject to an accountants’ report, and oversight of the COFA. However it would ensure funds were recognised as being subject to the consent of law enforcement and could not be removed without that consent. Furthermore it would prevent the psychological position of trying to move forward with the transaction when it needs to stand still, and underline that the consent or other direction required from law enforcement overrules the Accounts Rules or any usual conventions within the transaction. If such an account were created it would need to be under the control of the COFA and not used for any other funds. Of course, in communication with the client, legal advice would be needed, as it is currently. However, it may be possible for the regulator, representative bodies, and law enforcement, to provide agreement to such an account, or a further set of rules that deal with the position and underline the requirement to seek consent. Currently, under section 335 of the Proceeds of Crime Act, explored further in Part 4, consent to proceed should only be withheld if law enforcement intend to enforce a moratorium period, usually meaning action would be taken within 31 days. Reading this section, consent (or implied consent), would usually be given in most circumstances. Given action might be taken if consent was not given, the client might already be aware of the situation if you find consent is refused. However the delay while consent is sought and the consequences for the practice in the holding of client money in such a situation needs very careful management from the law firm. In all, it may seem that there is something of a blank space in the Accounts Rules. At the moment, there is a lack of acknowledgment of the anti money laundering implications of holding client money and receiving tainted funds into the client account. Part 3 of the book is about risk assessments and the ways we can design them to take account of the range of risks posed by law firms and their operation. Similar to this Part of the book, the focus goes beyond the current requirements and into a broader interpretation of risk assessments which aims to create a perimeter around a law firm to keep out any concerns of broader crimes and scams, as well as money laundering.

131

Annex A: Anti Money Laundering Advice Form This form is to be used by a member of staff when they are asking for advice in respect of an anti money laundering concern on a file. Staff should complete boxes 1–8 and give the form to [compliance / the MLRO/ MLCO] with the file. The form will be returned with the boxes 9 and 10 completed. The member of staff should complete box 11 once the actions have been taken. A copy of this form should be stored away from the client file. Compliance, the MLRO, or the MLCO should tell you where to store it. If a report needs to be made, staff should use the Money Laundering Reporting Form. Compliance / the MLRO / the MLCO can also use this form to provide advice after a report has been submitted using the Money Laundering Reporting Form. 1.

File number and client name:

2.

Area of law and matter description:

3.

Ledger position:

4.

File position:

132

Annex A: Anti Money Laundering Advice Form

5.

Due diligence undertaken?

6.

High risk issues identified:

7.

Previous advice given:

8.

Question posed:

Compliance / MLRO / MLCO Use – to be completed and returned to the fee earner. 9.

Advice given:

10.

Next steps:

133

Part 2  Annex A: Anti Money Laundering Advice Form

Fee earner use – to be completed when the actions have been taken 11. Actioned:

134

Annex B: Anti Money Laundering Reporting Form

Fee Earner Name Supervisor Name File reference number Asset in question (for example, property or finance) Client name(s) Client passport number or driving licence number Ledger position Due diligence position High risk factors File position and upcoming actions Specify what is left to complete on the file:

Advice received previously? To be completed by the fee earner – Please explain your concerns with reference to your suspicions and the assets in question:

Signed Fee Earner:

Date:

135

Part 2  Annex B: Anti Money Laundering Reporting Form

For compliance / MLRO / MLCO use only To be completed by the MLRO – Action taken / advice given by the MLRO (including where report is made to NCA):

The MLRO or compliance should also complete the Money Laundering Advice form if advice is required to be given to the fee earner about any report. This should include advice concerning the next steps on the file and tipping off. Signed (MLRO):

Date:

This document should be retained on a central file and not with the client file to avoid accidental disclosure to the client. Fee earners should be given the advice separately and should have access to the document to confirm the advice given, when necessary.

136

Part 3

Risk Assessments and Risk Management Contents Introduction137 Money Laundering Regulations requirement 142 Firm-wide risk assessment 142 Individual (matter) risk assessment 152 Worldwide and continental risk assessments 154 National risk assessments 157 New technology 160 Lateral AML 160 The current position – external client focus 165 Process mapping areas of law 168 Reconsidering the requirements in the Money Laundering Regulations 169 Mapping a business – identifying areas for consideration or action 171 Key departmental issues 175 Identifying patterns and trends 180 Independent audit function 182 Policies and procedures 184 Financial position and external data sources 186 Conclusion190 Annex A: Business Continuity Plan 191 Annex B: AML Risk Assessment 1 194 Annex C: AML Risk Assessment 2 198 Annex D: AML and Client Money File Review 200 Annex E: Transaction Finance and Client Financial Health Risk Assessment 202 Annex F: reflective AML Risk Assessment 205 Annex G: Sample wording for file storage and file review policies 206 Annex H: Departmental or Individual Client Matter Risk Assessment (for EDD) 208

Introduction We can see risk assessments as a managerial solution to the problem of money laundering. We cannot know everything about our client; nor would that be commercially possible. It would cost a large amount of money to get to know our clients in full detail and understand every aspect of their transaction. Some of what we see when the client comes to take professional advice is taken on trust, and the adviser forms a picture of the transaction and the client in an overall piece of work. There may have been a time when local solicitors had a fair amount of knowledge about those in the area; some still do, and we do see a lot of local solicitors serving those communities. However, solicitors are increasingly employed by large commercial organisations or are serving their customers remotely, and this is particularly true for volume transactions, but can also be the case with international delivery of advice. 137

Part 3  Risk Assessments and Risk Management The shift away from local knowledge and towards remote delivery means we need to understand the profile of the work taken on by a firm to effectively manage it and minimise the risk of being involved in money laundering. We can also consider how best to protect the perimeter of the firm, which helps both to protect the core workings of the firm and ensure that it is not used for money laundering or is less likely to fall victim to scams and other threats. Understanding the full risks of the firm, rather than simply those presented by the start of a client transaction, is also helpful for spotting changes to transactions and their potential impact, which can help to build the defences of the law firm. As we have seen in Part 2 of this book, the focus in the Money Laundering Regulations is on the initial part of the transaction, but we can broaden our scope more widely than that and build in further checks and balances, including from finance and accounting, other parts of the transaction and the other side, and other business departments, such as Human Resources. This Part of the book focuses on the risk management of the firm and the way in which the business can read the Money Laundering Regulations as providing opportunities to develop their risk assessments in different ways. We also consider the implications of the various risk assessments already around us, where they place emphasis, and how we can develop our risk assessment to meet the requirements in the Regulations, and the needs of our own firm. However, we will start with the basic requirement for a firm wide risk assessment, contained in the Money Laundering Regulations at regulation 18. Over the coming pages we cover the concepts of a firm wide risk assessment and the other type of risk assessment required for anti money laundering (AML) – that being the individual transaction risk assessment. We consider the ways in which these can be completed, and options for the firm. After that, we consider the broader risk assessments available to firms which should inform their risk based approach to money laundering. Each regulator has their own risk assessment, focused on their area of law or practice. This is informed by the law enforcement owned ‘National risk assessment for money laundering’, and the supranational risk assessments conducted by international bodies such as the European Union and the Financial Action Task Force (FATF). More information about the risk assessments required by different bodies is available in the Money Laundering Regulations 2017, Part 2, Chapter 2. If your firm is of a reasonable size, you should consider your risk assessment at firm wide, department and individual firm level, taking account of the regulator’s risk assessment. If your firm is large, has a particular specialism, or international focus, you should also consider the national risk assessment and even international risk assessments such as at EU level. This will be particularly relevant if your large clients or supply chains operate at a national, European, or international level, or if you have overseas staff or offices.

138

Introduction The risk assessments should link together, taking account of the various highlighted risk factors and how they might impact each other. This should ensure your firm is protected at a variety of levels. Firms should consider the risk assessments that sit around theirs and use them to inform the firm wide approach. For example, a law firm regulated by the Solicitors Regulation Authority (SRA) which conducts work in the UK and EU might use the SRA risk assessment; the UK national risk assessment; and also the EU approach. If you particularly trade in a country overseas or have links there you might also use the risk based approach of the regulators or law enforcement there, or take it into account. There are regulatory bodies and organisations (such as law enforcement, government agencies, international organisations, and other pressure groups), who monitor and publish information about risks in most countries and internationally across the world. There is a wide range of different sources for your risk assessment, particularly if you read a foreign language or are prepared to translate.

Returning to the firm’s obligations to create risk assessments, there are templates provided at the end of this Part of the book, and also in the case studies in Part 5 of this book. Some of these templates are tabular and use risk based mathematics to assess the impact and probability of an issue occurring. Others are textual risk assessments which describe the risk position that could occur and the firm’s analysis of how this should be presented. However, you do not have to use a table, or any mathematics, or indeed any particular format to complete a risk assessment. You can produce a written textual risk assessment for your firm, covering the requirements in the Regulations, and analysing risk factors which are pertinent to you. This might be a written analysis on one side of A4. Theoretically, your risk assessment does not even need to be written as text. If you wanted to communicate it to staff, you could produce it as a presentation, or even as spoken audio or video. Of course, many of us find the creative process stimulates more critical thinking, so consider how you might work most effectively on this task. As long as the piece of work you produce analyses those risk factors, and documents them effectively, you will be in compliance with the Regulations. Consider what works for you and your firm, and how best allows you to think about the types of money laundering concerns you face in your sector and in your business. The templates included in this Part of the book and in Part 5 have a particular focus, and aim to take a new look (in some instances) at the traditional templates and how they can be divided and used. For example, in Annex E to this Part there is a risk 139

Part 3  Risk Assessments and Risk Management assessment that centres on the finance which is to be provided for the transaction, by the client. This is a change to the usual procedures, in that it separates out client identity from client money, and takes a broader look at the receipt of client money into the client bank account. Having both identity and finance on the same initial client questionnaire or risk assessment sometimes reduces analysis of the client’s financial position, and the receipt of client money, into just one box, or even just the attachment of bank statements to an identity form. For complex transactions, or where enhanced due diligence is required, far more consideration needs to be undertaken of the monies intended to be received. This also includes an acknowledgement of the difference between source of funds (transaction finance) and source of wealth (client financial health), and the importance of their place in the risk assessment of the whole transaction. For example, we may need to risk assess the client money differently in light of additional risk factors posed by the situation; in fact, the situational analysis might be quite important. The annexes to this Part of the book are: •

Annex A: a risk-based contingency plan template that explores both general risks to the practice, as well as risks that can be posed by the financial position of the business as a whole.

•

Annex B: a standard (tabular / mathematical) risk assessment template that can be used by a firm to complete their firm wide risk assessment. This template re-defines the risks set out by the Money Laundering Regulations and provides greater depth to the questions being asked, including finding a place within the firm wide risk assessment for considering the important task of handling and receiving client money. The definitions and use of this risk assessment’s terms, as well as the placement of handling client money within the risk assessment, are explored further on pages 143–149.

•

Annex C: a text based risk assessment using the same definitions as Annex B, but allowing the reader to present their considerations in an alternative format.

•

Annex D: an anti money laundering and financial file review which covers many of the points we have discussed in Part 1 and Part 2 of this book.

•

Annex E: we have mentioned this earlier; this form covers client finances for the transaction, as well as client financial health, and the receipt of client money.

•

Annex F: a reflective risk review which allows a firm to reflect on the risk present in a file at a later stage, or when the file has closed.

•

Annex G: sample wording to use in policies and procedures for closed files and file reviews.

•

Annex H: a departmental or individual matter review which can be used to understand whether to undertake enhanced due diligence on an individual file or as standard practice within a department. If enhanced due diligence is needed, the assessment can be used to document the actions undertaken on the file to minimise risk and in accordance with the Money Laundering Regulations, regulation 33A. The review can be used at departmental level to cover groups of files or the work of a department as a whole. 140

Introduction In Part 5, we demonstrate the use of a number of different policies and procedures and how they might work in practice. The templates provided in Part 5 are in some cases different to the Annexes to this Part of the book, to provide variety and scope for practices to find a solution which is best for them. Alternatively, they demonstrate the use of these templates. The risk assessments in Part 5 include: •

An individual matter risk assessment form at pages 310–312.

•

A  client money risk assessment, at pages 317–319 and 320–322, which differs to the one provided at Annex E.

•

Completed written and tabular risk assessments in the style of Annex B and Annex C, which show how they might be written by a firm in practice. The worked examples of Annex C are at pages 286–294. The format of the worked risk assessment in Annex B is slightly different in Part 5 (pages 298–305), and comes with more detail about how it might be implemented.

•

A mitigated matrix risk assessment, which is another and different style of risk assessment, is also demonstrated in Part 5, at pages 306–307.

The templates are provided to allow the reader scope to produce their own risk assessment, offer guidance on the formats and style of risk assessment other firms produce, and confidence that their risk assessment will be of the type appropriate for a law firm. The risk assessments are subject to copyright and should be used only internally within firms, and not commercially or in any other way. Firms should ensure the templates are suitable for their needs before using them, and note that the regulators do like firms to produce their own risk assessments, so yours should use information and examples relevant to your firm directly. Firms should not use the completed risk assessments word for word as their own; these are just examples to offer confidence and reassurance. This book is written with an awareness of the amount of documentary evidence that can be produced and supplied in order to demonstrate compliance with the Regulations, and it is not suggested in any way that all of these templates have to be used. We can also question whether the use of directional risk factors from the regulators and others takes away some of the decision making meant for the staff and Money Laundering Reporting Officer (MLRO). How can we say whether a scenario has objectively met the tests for reporting and suspicion if staff and the MLRO are being directed that a position is suspicious? We perhaps need a separate category which is not suspicion, to reflect the experience of law enforcement with different modus operandi of known scams, and a direction to report these particular issues. This may be able to be communicated to clients or the wider public to be clear that such matters must be reported. We discuss the operation of the tests for suspicion and offences in Part 2 and 4 of this book. Returning to the risk assessments, this Part of the book covers firstly the requirements for the firm wide risk assessment, followed by the individual risk assessment, and the relationships and possible gaps between the two. Following this, we look at the sources of information that these two internal risk assessments draw upon from national and supranational authorities. After this consideration of the position and main sources commonly used, we take an alternative look at the position of the risk assessment within the firm in a perspective the writer has called ‘Lateral AML’. 141

Part 3  Risk Assessments and Risk Management This wider look at AML within the business allows us to re-consider the narrow approach to AML taken within the Regulations and to use our AML risk assessments as a workable management tool which can be utilised to prevent a wider range of concerns or attacks against the business. If we envisage a perimeter around the firm and the way in which it does business; we might say this perimeter is accepted and respected by genuine and legitimate clients. However, it is not by those who would seek to harm the business in a number of ways, including in cybercrime attacks, transactions which are not genuine, and even internal threats by staff. We can work on creating this perimeter to deliver a wider solution in risk management to the business and staff.

Money Laundering Regulations requirement There are a number of references to risk assessments within the Money Laundering Regulations, but broadly speaking these risk assessments cover: a.

An overarching firm wide risk assessment, which is discussed further shortly, provided for at regulation 18 and regulation 18A.

b.

An individual risk assessment for each transaction, which should be completed at the commencement of each transaction (regulation 28(12)).

c.

A requirement for policies and procedures to identify and assess transactions which are large and / or have no underlying purpose (regulation 19(4)).

d.

An ongoing risk assessment for each transaction, to be completed as the transaction progresses particularly if the situation changes or if the matter requires enhanced due diligence (regulation 27(8) and (9) and regulations 33(3A)(f) and 33(4)).

Regulations 19 and 19A require policies, controls, and procedures to be in place within the firm which reflect the level of risk the firm is exposed to, and which are discussed with and implemented by staff members.

Firm wide risk assessment Every firm should have their own whole organisation wide risk assessment of anti money laundering, to carry out their due diligence effectively, and to reflect the concerns raised on and by reporting within the firm. This should consider customers, countries, products or services, transactions, and delivery channels. Your firm risk assessment should inform the individual risk assessment you conduct on your client. Under the Money Laundering Regulations, the firm must conduct a risk assessment, and this has been taken seriously by the regulator, with firms being disciplined for failing to follow this requirement. The risk assessment applies firmwide to the type and nature of the instructions the firm is likely to receive. This includes and extends down to client due diligence as well; the firm must consider the size and value of the transaction, as well as the nature of the relationship with the client. 142

Money Laundering Regulations requirement

Variations in firm risk profile It is important for firms to understand the risk profile of the business. This will vary according to the type of clients the firm represents. A firm may have a higher risk profile if: •

They deal with high risk overseas clients, particularly those in tax havens, or from countries on the Financial Action Task Force list of high risk jurisdictions or at high risk for corruption.

•

They deal with a high risk area of law such as conveyancing, insolvency, probate, debt management, litigation, or company law.

•

They deal with companies set up for tax avoidance purposes.

•

Their clients are companies with complex structures or who use nominee directors.

•

Their clients are located nationwide.

•

They don’t always see clients in person.

•

They make a conscious decision to take clients with a higher risk profile.

Local firms who operate in one area only with a relatively low upper transaction limit, and who see all of their clients in person, are likely to have a lower risk profile for money laundering. The requirement for a firm wide risk assessment is contained in the Money Laundering Regulations at Regulation 18, where it specifies that a risk assessment should be undertaken to understand the risk profile of the firm, according to a number of factors. We have re-presented the categories here for ease of explanation: a.

Service offering (shown as ‘Delivery Channels’ in the Regulations): This means how you do business with your customer, and how the customer might access your services during the advice process or at the point of sale. For example, will you meet them face to face, or will you provide advice and your bill by email? You might also offer some products to purchase on your website, or conduct meetings over the internet, by telephone, or by email. When considering the full breadth of the firm, you might also think about the client interactions with your firm comprising not only the fee earner, but also reception, the finance and accounting teams, marketing, IT, and other touch points across the firm. Risk varies according to the method by which services are delivered. For example, if the client is based some distance away, do you usually speak to them on the telephone or by email rather than meeting with them in the office face to face? If so, you need to take additional measures to ensure they are who they say they are, as meeting face to face can be a more effective measure of the bona fides of a person than a telephone call. Our service offering can impact other parts of the risk assessment as well – for example, seeing clients face to face might mean you restrict transactions to the local area. This might lower your risk in other parts of the risk assessment, as you also know the likely risks in your locality. 143

Part 3  Risk Assessments and Risk Management You will need to assess the risk of money laundering in relation to each way clients access your service, according to how they might be able to either launder money directly, or indirectly be part of a wider scheme to. If you offer products to download via a website, are you confident about who might purchase them – thus a. sending money to your firm, and b. whether they would ask for a refund? The presence of a law firm name on a bank account can convince another person as to ‘source of funds’. Other common concerns which might feature in this part of a risk assessment include: •

A greater risk awareness of clients that do not want to meet in person.

•

Certainty as to where money has come from, particularly where you are receiving large sums, or the transaction is otherwise worth a large amount.

•

A consideration of your supply chain and your service offering as part of that supply chain (thus linking you to the other side’s client, and others, as we have seen in the cases of Dreamvar (2018) and Purrunsing (2016) – discussed earlier in Part 2).

Taking a broader approach to the category, as previously discussed, also allows us to bring in other areas of the business which may be part of the service offering to the client. These areas include finance and accounting (through the provision of the client account, and account management services during the legal transaction), and IT. The role of IT might include the provision of an online portal to provide services to your clients and where they can view their transaction. If you stop and consider the full range of interaction you have with client, it might be an illuminating experience. Some firms are offering accounting alongside their legal work, and if we look at Third Party Managed Accounts, for example, specialist companies are now being paid to hold monies for clients in a role traditionally undertaken by law firms. When law firms hold monies for clients it is not viewed as a separate service and is included in the price. You may find it helpful to plot out each stage of a legal transaction to identify the various touch points with the client or their finances. The writer wonders whether in the future we will see greater flexibility in the delivery of legal services. As well as alternative business structures (ABS), with the options of packaging services together with others in the supply chain, we may also see an unbundled legal service, with each part of the process being charged for separately. b.

Advice and legal transactions (shown as ‘Services’ in the regulations) – For most firms this is the areas of law you work in, such as wills and probate, commercial law, or conveyancing, and the risks posed by those areas of law. If we asked the question of firms ‘what do you do?’ these would be the standard transactions you would usually deal with, or the advice you would usually give. We can make a distinction between legal advice and legal transactions; the former being guidance given about the legal position in any situation, and the latter being any transaction that requires a lawyer and takes the client forward in some way. An example of a transaction might be a conveyance, probate, or even a Court appearance. 144

Money Laundering Regulations requirement These are the areas that are traditionally covered in law firms when dealing with AML risk assessments, and a review of risk assessments may find this section populated by the common problems in each strand of legal practice. There is nothing wrong with this approach at all. As well as considering areas of law, you may also consider any non traditional areas of work you assist with, or additional add ons, such as reputation management. When ensuring you are writing this risk assessment for you and your firm, you will also need to consider what particularly your firm do, perhaps that distinguishes you from other firms.

Risk profiles in different areas of law The following are examples of risks present in each area of law. Commercial property: complex / large transactions, contract races, unusual pattern of transactions, transactions not at arm’s length, obscured beneficial ownership (including overseas obscured ownership). Residential property litigation / litigation: unusual or sham property litigation, Bowman v Fels (2005) litigation, litigation where property is mortgaged. Construction: unusual transactions or disputes, bribery and corruption in public works, speculative lending on overvalued land or property, land banking. Residential conveyancing: cash transactions, monies from overseas, unusual instructions, urgent instructions, fake sellers / absent owners, incorrect information on the conveyance or to the mortgage company, flipping, failure to maintain mortgaged property. Family: tax evasion, Bowman v Fels (2005) litigation, legal aid fraud, obscured income or assets. Estate admin / probate / trusts: setting up trusts to hide assets, complex or unusual trust structures, tax evasion, taking unfair advantage of elderly people. Corporate: complex and unusual structures or unusual deals, lack of commercial or economic reason, lack of underlying transaction, urgent transaction, overfamiliarity with legal adviser. Employment: whistleblowing and internal allegations, quick settlements for large sums, funds used for employment disputes. Public law: consider the position of politically exposed persons (PEPs) and the risks of bribery and corruption. c.

Customers (shown as ‘Clients’ in the regulations) – We have seen in Part 2 of this book that the approach of the Money Laundering Regulations is to focus on client identity. That is at a transactional level, and identity has to be considered for each client. A  firm wide risk assessment then takes this up a level, and you should consider the types of clients that your firm 145

Part 3  Risk Assessments and Risk Management generally receives, who your target clients are, and what their profiles are or might be. This might be, at a firm level, focused on groups of clients. For example, if you do wills and probate, you may have a practice focused on elderly clients, or you may have a number of clients with family trusts. You can then analyse the money laundering risks associated with these types of clients, for example, taking unfair advantage or fraudulent transactions related to elderly people, or tax issues associated with trusts, and how you will combat these issues. It is common to find these types of group risk factors discussed by the regulators in their risk assessments, and you will wish to take account of their approach. We discuss the regulatory and national and supranational approach later in this Part of the book. If one or two clients are sufficiently important to the firm, they may make it into the firm wide risk assessment, however you may also need to assess whether that client has undue influence over the direction of the firm. Firms in this position are asked to note the SRA’s annual renewal which asks a similar question about influence over the firm. You may also find this applies to one or two clients who have particularly risky profiles, or certain departments which have an over-exposure to work associated with money laundering. The risk assessment may give you pause for thought about whether the work you take on as a practice can be skewed by the risk of one department or client group, and how this can be managed. Considering how and why your work attracts risk is important, as can be considering the type of work you will take on, and why, which can also lead you to limiting some types of work or only taking on work to a certain point or within a certain strand. Particular risks that are sometimes found in this area within firm wide risk assessments include: •

High net worth clients and high net worth transactions: these are highlighted as a risk within the Money Laundering Regulations at regulation 19(4), and need careful consideration and management. It can be worth emphasising the benefits of a very thorough review of the position to the client as the same position works the other way; a transaction can be protected from fraud or the later suggestion of misuse, by the AML review.

•

Clients with the expectation of using services for different purposes, for example, who might expect to use the client account as a bank account, or that the law firm is there to provide wider services beyond that of legal advice and transactional support.

We have covered when a client is not a client briefly in Part 2, however we additionally need to consider whether this requirement to consider ‘clients’ goes far enough, and whether: •

the client has business or other relationships that may impinge on the position of the solicitor, or

•

the solicitor has business or other relationships that can impinge on the work they undertake, but which are not labelled as ‘client’ relationships.

The first of these two points is most clearly covered by the intention of the regulations, and the position of the client may arise as a factor which presents a higher risk of money laundering under regulation 33(6). The second point 146

Money Laundering Regulations requirement is not immediately obvious within the Money Laundering Regulations, but for solicitors or other lawyers would be an authorisation and professional conduct issue as a conflict of interest. In respect of the second issue, the government are putting together requirements for various types of wider business relationship to be registered at Companies House (or its restricted form) in the future, which we cover in Part 7 of this book. d.

Geopolitics (shown as ‘Countries or geographic areas’ in the regulations) – This requires an assessment of the type of work you take on, and where it originates from. We have already discussed in Part 2 of this book concepts of where the individual comes from, but we can again have perhaps a wider discussion about originating areas of work, or countries or geographic areas (including within the British Isles), where different proportions of work originate. You might be a practice focused on local clients, with very little need for clients from overseas to instruct you, in which case you might discuss the risk factors within your local area. This might include crime rates, or areas of deprivation; it might also include patterns of spending and investment. You might assess what you would consider to be typical for your area, and what would raise an alarm. Alternatively, you might be a firm focused on overseas clients. An example would be a law firm with a large client base in the United States. In this case, you would need to consider the position of the clients in the US; that might mean looking at the profile of the country, and the local area(s) of the clients within that country. There are worldwide resources discussing the AML position of each country, along with an assessment of their AML compliance available from the Financial Action Task Force and the European Union. The UK may make their own assessments in due course. High risk jurisdictions are now defined by the Financial Action Task Force, and their list is followed by the United Kingdom – see The Money Laundering and Terrorist Financing (High-Risk Countries) (Amendment) Regulations 2022. The FATF have reports available on both high risk countries and other countries which are not rated as high risk, allowing you to make an effective assessment of a range of jurisdictional issues. We discuss the FATF later in this Part of the book. However, it is clear that this section of the risk assessment is not simply focused on the high risk jurisdictions and should be a much broader assessment of geography and geopolitical outcomes, even on a local level. We can class ‘geopolitics’ as a term which covers issues such as comparative deprivation and crime rates within localities, different cultural expressions and cross-border issues, and different transport, policing, and wealth distribution according to local authority area lines. These are all issues worth exploring that may influence your risk assessment in different geographical areas. We can also link this part of the risk assessment back to the theme of this book, which is client money. You may deal with clients from your local area, but monies may come from overseas, or clients may have other overseas links. Try to consider the position in the round. Your risk assessment may need to take account of: •

the transmission of monies from overseas; 147

Part 3  Risk Assessments and Risk Management •

exchange rates;

•

financial contributions from a number of sources;

•

how to obtain confirmation of identity from those overseas;

•

communication and understanding the transaction with the complexity of overseas clients;

•

the risk profile of the country or countries involved;

•

the bona fides of overseas banking institutions, or other overseas professionals involved with the transaction.

Ensuring you have covered these points with confidence can form part of your assessment and mitigation for this aspect of the risk assessment. Key points of risk that commonly arise in this area include:

e.

•

Clients (or parent clients) in high risk jurisdictions: the extent of this has been clarified to those that are ‘based in’ the jurisdiction (regulation 33(3)(c)(i) and (ii)), but the writer believes we need to consider financial contribution arising in or passing through these jurisdictions as well. To some extent, a link to the jurisdiction may also be worth investigating.

•

Remote clients: we have already explored the idea earlier in this section on the firm wide risk assessment, that the further away the client, the greater the risk is. This may not just be true for distance when we discuss remoteness; it can also be the physical location and locational barriers that can exist to effective client relationships. If your clients are located in a mountainous or remote area, this will also provide challenges to obtaining the information you require, even if you are based in what is considered to be a nearby large conurbation.

•

Clients that instruct you unexpectedly from out of the area: this is a very traditional measure of concern, but remains true. Firms are encouraged to consider why (if such instructions are received) they are coming from outside their usual zone of reputation. However, if you do receive clients from out of the area on a regular basis, and you are comfortable to receive such instruction, you can find ways to mitigate the risk of this over time – particularly if they are repeat clients or repeat clients from within a similar group, you may be able to get to know them in more detail.

Handling client money (shown as ‘Transactions’ in the Regulations) this is the final part of the firm wide risk assessment, and covers the types of transactions the firm takes on. You may find it helpful to include your parameters for transactions here, such as size, or the extent of the work you take on within a particular area of law. Again, it is possible to analyse your transactions in terms of the client monies you expect to receive, in your risk assessment. You may wish to use the later sections of this Part of the book to consider how the transaction would be structured in terms of the area of law and the monies to be received. For example: •

Do we expect all conveyancing transactions to look similar, and can we standardise them? 148

Money Laundering Regulations requirement •

Can we standardise the financial profile of a wills and probate transaction, or train our financial staff on what to look for?

•

Can we consider each area of law according to the common movement of funds, and how it should be managed, to prevent concerns occurring?

As well as standardising financial transactions, it can also be useful to standardise agreements for those transactions, again providing certainty in the expected movement of funds and the overall profile of the work. Of course, you may receive requests to deviate from these terms if specific advice is required, but in such cases the Finance teams may be able to be notified and acknowledge that request. The types of risk factor commonly identified in this area of the firm wide risk assessment include: •

Receipt of cash: ensuring the firm does not receive large sums in cash. This is usually prevented by a cash limit, and by training staff to decline such a payment. However as explored in Part 2, some firms are now limiting the methods by which they will accept payment.

•

Using the client account as a banking facility: the receipt of client or non-client monies for transactions which do not require the use of the client account, or where those details have been given by mistake. This can often also be countered by staff training and by specifying the type of transactions you will accept client money for. Introducing a policy which prevents client money being received other than in these specific types of circumstances can prevent a Finance team accepting payments without realising the difficulty, or fee earners inappropriately agreeing to monies being paid into the account.

•

Reviewing abortive transactions to establish the cause of the problem: if refunds are asked for, or there is a concern about sham litigation, this is a useful means to highlight any problem and double check the cause. You can include a file review of abortive transactions to ensure the problem is established.

•

Client account transactions: we set out the risks and potential difficulties with incorrect accounting in Parts 1 and 2, and of course there can be internal problems which can reflect money laundering concerns. However, as we will see in Part 4, any receipt of client money risks the receipt of tainted funds, so a mechanism to sample and verify the bona fides of client account transactions is usually worthwhile.

That concludes our analysis of the broad headings included in the Money Laundering Regulations 2017 at regulation 18 which should be covered in the firmwide risk assessment. Firms will also wish to include within their consideration, the particular risks of proliferation financing, which have been added to the Regulations at regulation 18A. The firm wide risk assessment is a tool to analyse and consider your firm in some detail. This differs from the individual risk assessment which is meant to analyse the risk of that individual transaction, and we move on to discussing the individual risk assessment shortly. Later in this Part of the book, we also discuss the broader assessment of risk, including ideas of how to establish a perimeter around a firm, and how to investigate and manage an ongoing financial transaction. 149

Part 3  Risk Assessments and Risk Management

Risk Assess This! The Money Laundering Regulations moved towards a greater focus towards risk assessment in 2017. At the same time, the writer wrote a presentation on completing firm wide risk assessments for a law firm conference. These were the suggested tips: (1) You can approach the problem from a top-down perspective: that is to say, start with the profile of the firm and fill in some risks arising from that profile. Then then have a discussion with each department about their risks. You may also look at the transactions or files in each department. This should give you a good overview of the problems arising in the firm. The risk assessment should help you develop your processes and procedures for each transaction. You may find unexpected or different types of transactions that could be outside of the profile of your firm when speaking to each department or reviewing their work. These unusual transactions may pose novel problems, so these should be specifically fed back into the risk assessment and accounted for. (2) Another approach would be to start with each risk factor in the Money Laundering Regulations, and review the regulator’s guidance in respect of each on their website and in their publications. Then you can consider whether any of the situations they have highlighted apply to your firm. Next, consider whether there are any specific issues you are aware of that the regulator has not highlighted, and add these in. Liaise with all departments, including support departments, to see whether they have any specific issues to add as well. Using either approach, your risk assessment can then be written up, and given back into the firm for additional comment. The final step in both approaches is to act on the risk assessment. Ask yourself, by looking at the items of highest risk – what can we do better? You can implement new procedures, train your staff on specific issues, or address the risks you have highlighted, proactively. A risk assessment need not be a piece of paper at the back of a cupboard – it can inform your proactive management approach and be used as a basis for problem solving.

Risk assessment

New policies/ ways of working

What can we do better?

Use to inform transactional risk assessment

When you act on your firm wide risk assessment you will also impact your individual (matter) risk assessments as well. Make sure your staff are well supported when issues arise that you have been attempting to address. 150

Money Laundering Regulations requirement Templates for firm wide risk assessments can be found at Annexes B and C, and there are also further worked examples or variations in Part 5. You may find when using the template that there can be a large gap between the firm wide risk assessment and the assessment of individual transactions, particularly in large or medium-sized firms. The management or overarching themes of the firm can differ to the individual problems seen on the ground. We can all sometimes be guilty of listening to the regulator, national risk assessment, or other sources of information about potential problems, without considering how they are reflected in the files we receive. Firms may want to consider both ‘top down’ approaches to assessing risk, along with ‘file up’ approaches. You might try asking those handling the files to come forward with the problems they have – even if only for a short period (for example, asking anyone who has a specific problem over the next month to highlight it to compliance as well as within the department), so a snapshot of file based problems can be created for the risk assessment. Alternatively, you may need a departmental risk assessment to take account of that difference, and to feed into the overall risk assessment of the firm. Departmental risk assessments can vary widely in their development, according to the approach of the team in question. It can be tempting to offer a standard set of questions to each department, to generate a similar response and to make the process easier. However, also allowing the space for each team to analyse and work on their own risks can be fruitful and may yield some useful insights. The other approach to departmental risk assessments can be departmental feedback on the types of issues each department faces, being given by the head of that department – perhaps as a result of feedback on file reviews, or the supervision of staff. Otherwise, and if possible to do so, firms can regularly consider both the firm wide position and the individual transaction position, making sure that seen on the files is reflected in the firm wide risk assessment. As your firm conducts other activities such as file reviews, money laundering reporting, management feedback, and client analysis, it can be helpful to feed this back into both the departmental and firm wide risk assessments.

Some regulators are very keen on their risks being included in firm risk assessments, and at the time of writing this was a key point within the Money Laundering Regulations, at regulation 18(2)(a). We discuss regulatory, national, and supranational risk assessments later in this Part of the book. 151

Part 3  Risk Assessments and Risk Management

Individual (matter) risk assessment The individual risk assessment should take place for each client matter, and continue throughout the life of that transaction. As an aside, it is also possible to look back at closed files and conduct new risk assessments after they are closed. That is not to replace the risk assessment undertaken in the beginning, but is to supplement the risk assessment with any new information arising post-closure, to help you make a decision about whether you need to make a report, for example, or even just to further understand the file as a management tool. A different person conducting the risk assessment later may come up with a different conclusion, which may influence ongoing management of the situation. The writer calls this a ‘Reflective Risk Review’, and you can use an ordinary risk assessment form to undertake this, or one that is a combination of the regulator’s highlighted risk factors and the firm’s management or departmental risk concerns. We discuss Reflective Risk Reviews in more detail shortly, and provide an example. When undertaking any anti money laundering work on individual files, such as risk assessments, but also any other tasks, you should be alert to the requirement to make a report if necessary. We have outlined the process for reporting in Part 2 of this book, and cover the law in this area in more detail in Part 4. We might see the risk of needing to make a report arise more clearly in individual risk assessments than we do in firm wide risk assessments, but sometimes firm wide patterns and trends can also be seen on an individual risk assessment as well. Your individual risk assessment might focus on the individual area of law, with particular risk factors to consider for each area. You might then have different forms for each area, categorising the types of risks that may be faced. There are three forms provided in this book that could be used as individual matter risk assessments for you to adapt and change to meet your needs: •

One at Annex E to this Part of the book, which focuses on the receipt of client money.

•

One at Annex H to this Part of the book, which looks at whether the transaction requires enhanced due diligence.

•

One in Part 5, which provides examples of types of risk factors to consider, and spaces for you to add your own from your firm wide risk assessment, or taken from the overarching risk assessments comprising the supranational, national and regulatory published concerns.

There are a lot of different types of risk to assess and you may use different forms for different situations. You may have particular concerns that you would like your staff to look for that you can add or change as the position develops. Staff should also be trained or otherwise made aware of the current regulatory concerns if they are not specified within your individual risk assessments, to avoid gaps. An individual risk assessment should usually be undertaken at the start of the transaction, and should be the go to position for understanding the level of monitoring to be undertaken in respect of any one transaction. However, the risk assessment can (or should) be reviewed as the transaction progresses, and depending on the transaction, you may set a level of monitoring suitable for that situation. 152

Money Laundering Regulations requirement Sometimes the risk of a transaction changes part way through, and the transaction may need a second risk assessment or a further analysis and decision making attached. If you are actively monitoring a transaction then keeping a record of your activity, and documenting your steps, can be helpful in ensuring you are compliant. As well as considering money laundering, risk assessments can also be helpful in reviewing the overall position of the transaction. You might be able to consider the complexity of the work, or the extent of advice that needs to be given to the client. You might need to consider risk in a wider way than just money laundering; for example, the complexity of the matter may lead to concerns of negligence, or time to be spent and the potential cost. Of course, you can tailor your risk assessments in any way you wish to take account of these additional management factors. Risk assessments may need to be undertaken in detail to take account of specific issues such as a PEP, possibly before they are referred to and signed off by the management committee, MLRO, or MLCO of your firm. Those assessing and approving the high risk situation – such as a PEP, would need to be apprised of the details in writing, possibly by a report. Firms can find themselves with a large amount of documentation to complete for particularly risky situations. You may find yourself in the position where someone has not completed a risk assessment on a file, or where a further review is necessary, but one that reflects the previous work done on the file. A  template for a ‘Reflective Risk Review’ is provided at Annex F. The purpose of the Reflective Risk Review is to ensure you have a documented risk assessment on file that reflects the risks the firm is concerned about and considers what has happened on the file so far and what should be done next. It should be dated when it is conducted, and reflect when the actions on the file took place (usually previously). You can use the form to reflect on risk in the transaction, how you or the firm felt about it at the time of undertaking the client matter, what you took account of at that time, and whether your view has changed since then. This is a useful tool to re-consider risk in any file and may have a number of uses, including reflecting on changing risk within a client transaction. The form in the template at Annex F covers the firm’s view of risk, but as mentioned earlier can also cover the regulator’s view as well if it seems appropriate. As well as an individual risk review, which is based around the actual transaction, we can also develop an individual risk assessment for the financial aspects of the legal work or costs. An example of this type of form is contained at Annex E to this Part of the book. For further example, you might consider: •

the amount of monies to be received in the transaction, where the monies are to be received from, and where they are to be sent;

•

whether this is a standard transaction (following the standardised pattern adopted by the firm, for example), or whether there are unusual elements to the transaction;

•

how any unusual financial elements should be managed, and how they should be signed off;

•

whether any other clients of the firm are involved in the transaction, and whether you will need to make client to client transfers;

•

the sources of funds from a purely financial perspective (for example, whether this is this an unknown overseas bank, or a wire transfer); 153

Part 3  Risk Assessments and Risk Management •

whether there are unusual sources of finance, such as non-mainstream lenders;

•

whether the transaction involves cryptocurrency or digital payment methods; and

•

obtaining refund details for the client, alongside their identity information.

This final point may include instructions for which bank account any outstanding balance should be sent to. This instruction should reflect the position of the parties and the transaction; it should also not place the solicitor in either a conflict of interest position between any parties, or the position of using the client account as a bank account – for example, by sending the monies to a third party. Dependent on the complexity of the financial aspects, you could consider assigning the transaction to a suitably senior member of finance staff. This should allow you to monitor the monies as they pass through the firm, ensure the work stays on the path you expected, and requiring the staff to highlight any deviation from the expected financial pattern. If there are changes to the transaction, you can complete an updated risk assessment or Reflective Risk Review, or document your response to the risk. We cover broader, lateral thinking, and applying this to financial and other risk assessments later in this Part of the book. Each firm wide and individual risk assessment should also be reflective of the latest concerns in each area of law and nationwide. Regulators and other national bodies publish information on the patterns and trends they are concerned about, and staff should be made aware of these. Each firm’s risk assessment should take account of these factors, but it is up to the firm how they are documented. This brings us to the end of this short section, which has been focused on the risk assessments the firm should have documented and in place. In order to put those risk assessments in place, the firm has to take account of wider risk assessments, and we examine those in this next section.

Worldwide and continental risk assessments A number of international agencies focus on the threat of money laundering and its prevention. Readers with international clients will find the Financial Action Task Force helpful in their assessment of money laundering risks worldwide, but also in their policy papers and publications that discuss best practice in implementation for different groups of professionals. The Financial Action Task Force sets out an assessment of each country on its website. They look at the law in respect of anti money laundering, anti terrorist financing, and corruption, in force within each jurisdiction and also the evidence of that law operating. They consider whether enforcement action is appropriate and being undertaken. In order to assess and effectively measure the law in operation and being enforced, the FATF issue a number of recommendations over matters we have covered in this 154

Money Laundering Regulations requirement book, including issues such as client due diligence, regulation, and record keeping. However, more complex recommendations also exist, including the specifics of criminal offences for money laundering. The FATF use these recommendations, along with other risk factors, to highlight countries of highest risk. The recommendations can be helpful to compliance for placing into context the requirements that we see being enforced in the United Kingdom, but also for making decisions about high risk jurisdictions and what the gaps may be in countries where deficiencies are highlighted. If you are dealing with FATF high risk countries and would like to understand why they have or had been classified as high risk and what kind of audit criteria they would be subject to, it can be useful to look at the recommendations. Or you may wish to consider the UK policy position with more depth, for example, to understand the reasoning behind regulations, codes, or legislation. A good deal of the FATF recommendations are codified in the United Kingdom within the Money Laundering Regulations 2017, and supported by legislation such as the Proceeds of Crime Act (2002). The European Union also undertake risk assessments which apply within the EU. Although the United Kingdom has now left the EU, law firms with offices in the EU or who do business within the EU are likely to be required to review their risk assessment, and/or the risk assessments within the relevant EU country or countries. At the time of writing, the EU were intending to extend their AML approach to assessing the standard of legislation and enforcement controls in countries worldwide in order to set conditions of trade. It may be that clients from countries without similar standards could face tighter restrictions when seeking to do business in European countries. It is likely to be in the UK’s interests for law firms to be aware of the trends and patterns that the EU identify, for two reasons: (1) We are still geographically part of Europe, and that has not changed. They are our closest geographical neighbours and until a short time ago, we were part of a political union. Their risk factors and the issues they are facing are likely to be relevant to the United Kingdom, and therefore to our risk assessments. (2) Taking account of those risk factors in our actions is likely to increase the likelihood of us dealing with those issues, and therefore ensure our continued ability to trade with the EU. It should not be forgotten that the UK has a trading position and safeguarding the country from criminal activity is likely to be an important part of continuing to do business with our close neighbours. We do however, have to consider the position of international organisations with respect to the rights and freedoms of individuals, and the sovereignty of parliamentary decision making. The risk factors that have been identified and the risk assessments that have been produced are directly relevant somewhere else, and might simply be considered ‘useful’ rather than directive. The difference may come if you are directly required to consider the position in another country, or where you are dual regulated (for example, both in the UK and within the EU), and offering services in both. In such cases you are likely to need risk assessments taking account of the relevant risk factors in both countries, or under both systems of regulation. 155

Part 3  Risk Assessments and Risk Management Consider the position carefully and possibly take advice if you are reviewing a broad position or individual risk factor that would impact your client adversely, but the rest of the transaction appears low risk, particularly in circumstances where that risk assessment is not directly required to be applied to your clients. When we discuss the rights and freedoms of individuals, we need to consider the extent of the implementation of a risk assessment and how that might impact the individual. We need to ensure, for example, when making a report that we are objectively suspicious of the circumstances, and not simply driven to marking the circumstances as money laundering by the trends identified. Implementation and use of a risk assessment implies further judgement on the part of those who read and use it, to consider the position in detail if necessary and to exercise their own view as to whether the position needs to be reported. We can see this in operation within the legislation by the need for the MLRO to make their own decision, after the matter has been reported – intentionally bringing a check and balance into what in some cases can otherwise be a document and form driven approach to risk management. Readers may legitimately find a level of disconnect with some international and supranational measures if they do not seem to quite fit the circumstances of their transactions, and we have discussed earlier how firm wide risk assessments can also have a similar disconnect to individual circumstances. It is not difficult to imagine that a broad description of a position affecting a number of countries might not quite apply to one individual or company, or their transaction, but we might need to either take account of it, or discount it after full consideration. Accordingly, firms may wish also to consider their position and their own geographic or other presence when deciding how far to go with implementing a risk assessment with international factors. Small firms, and even medium sized firms, may not need to consider international issues or foreign countries unless they have clients from such an area. They may simply need to complete their risk assessment according to their own profile. Firms being asked to take on international clients, or even a greater risk profile of work may need to ask themselves whether they are bending too much for one transaction. The writer has also highlighted in other works, the ethical considerations of accepting instructions from overseas developing nations in the context of financial inclusion. In some cases, some development agencies have advocated the use of highly sensitive personal data in order to be able to confidently verify the identity of persons from those countries, and begin to offer financial products and services. Solutions include the potential use of biometric data to enable modern world financial solutions to be provided with confidence. There are significant challenges posed by those in low-income situations and in extreme poverty. Those challenged to obtain and secure identity documents, may ask for the world’s poorest people to provide their highly sensitive personal data in order to be financially included. The writer’s view is that beyond the requirements of the GDPR and Data Protection Act 2018, there are ethical and security issues in seeking and retaining such data, and firms who are instructed in such situations may need to consider their management position, as well as what they are asking their client to provide. Legal advice on ethical grounds and to manage risk may be appropriate, however all firms need to seek their own  path. 156

Money Laundering Regulations requirement One of the most recent developments to impact overseas clients and possibly the geographical position and reach of the firm has been the introduction of the Register of Overseas Entities. Introduced by the Economic Crime (Transparency and Enforcement) Act 2002, the Register requires those overseas entities (such as corporate bodies) owning land in the UK to register with Companies House. We discuss this further in Part 7.

National risk assessments There is an overall UK wide national risk assessment for money laundering, which can be useful to consider if you are looking for more information about money laundering as a whole within this country. Don’t forget, while we consider the risk of money laundering presented to the law firm by the transaction as an issue, we can also consider the risk of the individual client on a much broader basis as well – what might the client be involved in that has not been apparent on this transaction? Reviewing and understanding the risks across the country can help you to understand the types of scenarios your clients might face, as well as some of the risks that are present in your marketplace but might not be immediately apparent. There is a danger that risk assessments produced by regulators (which are discussed later), focus on the risks they see which relate purely to law firms, rather than to the law firms’ clients. The relationship between a lawyer and a client may need to be quite close, and the lawyer may need to understand the profile of any client in some detail. Reviewing a law firm based risk assessment from a regulator may not be sufficient to understand the risks presented by a client or client business, as they are from a different sector. Understanding the overall national picture might be more useful and credible. We should also note here that some other sectors do have risk assessments conducted by their regulators, which you can review, but not all will as not all sectors are regulated for money laundering. If you wish to go further down this route, looking at the AML risk assessments of other agencies, or non law regulators, can be helpful. Law enforcement agencies such as the police, Action Fraud and HMRC also produce their own risk assessments. Depending on the area of law you work in, such risk assessments may assist you or your department, and we mentioned the possibility of a departmental risk review earlier in this Part of the book. If you are a regulated law firm, you will need to look at the risk assessment produced by your regulatory body. This may be (if you are in England and Wales), the Solicitors Regulation Authority, Council for Licensed Conveyancers, Bar Standards Board, CiLEx Professional Standards, the Faculty Office, or other such body. Their risk assessments take account of an overall national risk assessment for money laundering, as well as specific concerns within their own regulatory area. Their concerns may be reflective of the types of concerns that present themselves in your day to day work. However, remember that some regulators oversee firms of varying sizes, with very diverse work profiles. As a result, you may need to consider which aspects are most relevant to your work. 157

Part 3  Risk Assessments and Risk Management

Key risk factors There are some key indicators of money laundering risk that come up frequently within the sector, which the writer has complied over many years. These include the following: Management of the firm and the firm itself: This risk factor may be particularly apparent to the writer due to her experience in regulation, however we are all aware of fake firms. Do be aware of who is on the other side of a transaction. We also know that some firms could be infiltrated by people intending to do harm, and this was a concern during the introduction of alternative business structures. Although firms are overseen, they do present risks and could be managed in ways which are less than honest. It can sometimes be helpful to realise that the regulators regard law firms themselves as risky for money laundering. Conveyancing, company / commercial, private client (particularly trusts), debt recovery, landlord and tenant: Certain areas of law are more likely to be highlighted as risks for money laundering than others. Investments can be made in property, and this can be hidden in trusts. Debt recovery can pose difficulties for ensuring the bona fides of the monies received. Certain countries and foreign clients: Acting for clients who are overseas can mean you do not meet them face to face, which can pose difficulties. The previous advice for money laundering some years ago was to ‘know your client’, which is almost impossible if they are some way away. Society has also moved on and remote working is now possible – even around the world. Many more transactions are conducted remotely and we need new ways to identify the risk related to clients. PEPs: Politically exposed persons have increased in their prominence in the Money Laundering Regulations since the 2000s, and now command more attention. Treasury Sanctions List: This subject has become increasingly important in recent years and law firms are required to check lists of potential clients against the sanctions lists published by HM Treasury. Those with international clients or interests are most likely to be affected. Complex structures and nominee directors: Sometimes corporate entities are set up in complex ways and nominee directors are used to provide a face of the corporate entity. Be cautious with any corporate structure that you cannot understand or seems overly complex. Transactions between companies and individuals not at arms’ length: Transactions that are being conducted within families may be done for tax reasons and / or may be a trust. Take care to understand the implications of these transactions and their risks. This book does not cover tax evasion but does recognise it as specific risk for money laundering. We also note the increasing attention paid to trusts in recent years. 158

Key risk factors

Non face to face: Matters that are conducted remotely do provide more opportunity to hide problems from the lawyer or to fake an identity. All work conducted remotely should be subject to enhanced due diligence. Cash funding / cash intensive businesses: In many senses, there is very little that can be done about the cash economy and its risk for money laundering. Transactions made in cash can be the proceeds of crime from a variety of sources. Law firms can combat this problem by refusing to accept sums in cash above a certain amount. Cash intensive businesses as clients should be carefully risk assessed and you could also involve their accountant in this process. E money (eg Paypal; Google Wallet; Apple Pay): At the moment, these transactions are limited in their size. However, they are in their infancy and not everyone has an account. You may find a transaction funded in this way is funded by another person. Consider carefully whether you will accept e money and, if you do, whether you would have any restrictions on who the payment comes from. Bitcoin and digital currencies: Bitcoin and other digital currencies pose a specific risk for money laundering. Bitcoin providers have recently been added to the Money Laundering Regulations and there have been a number of concerns raised about their legitimacy and use. It is possible to transfer Bitcoin around the world without restriction and to change Bitcoin into some national currencies. The lack of checks and balances has meant it is high risk for money laundering. A further discussion about cryptocurrency is provided in Part 7. Hawala/chop systems: A  hawala or chop system is a system of money exchange. If we imagine A and B working together transferring and exchanging money. They do this both informally and as a business. A lives in one country, and B in another. One day C comes in to see A and asks to transfer £10,000 to D, giving A £10,000 in cash. D lives in the same country as B. A telephones B and asks B to give D £10,000 in local currency. B does as is asked and provides the money in cash. B is short £10,000, and later recoups the money from A – for example he might take a charge over A’s house. In the meantime, D has received £10,000 from C and their direct financial connection is not detectable without significant work, meaning D  and C  can use this method to transfer laundered money if they need to. A CPD exercise of this problem is provided in Part 6 of this book. Financial centres and offshore banks: Some financial centres are transit centres for money, goods, and even people. Consider whether the base of the organisation you are working with is genuine or where the income is coming from. Offshore centres can be used to avoid tax and disclosure of beneficial ownership. Other contributors to funds: Source of funds checks are usually aimed at the individual providing instructions. Ensure you check source of funds for anyone providing a sum towards the transaction, particularly those providing capital contributions. You will also need to check their identities. There is an additional risk that these individuals can be used to muddy the waters of the transaction due to conflict of interest between the parties. Asking them to take 159

Part 3  Risk Assessments and Risk Management

independent legal advice allows you to minimise that risk and also prevents any professional conduct issue. Taking independent legal advice is also the answer to any opposition to providing this information on the grounds of family confidentiality or embarrassment, as it allows another party to confidentially check funds and identity and confirm the same to you. If you are in another location in the British Isles, consider the regulatory risk assessments which apply to you. This may include risk assessments from The Law Society of Scotland, the Faculty of Advocates in Scotland, or the legal regulators in Northern Ireland, including The Law Society of Northern Ireland. If you conduct cross border work between the devolved administrations of the UK, you will need to review a number of regulatory risk assessments, and note the differences in the application of the Proceeds of Crime Act 2002 between those locations. Readers will note that some sections of the Proceeds of Crime Act differ in Scotland and Northern Ireland to England and Wales, and it is of note that some of the underlying criminal justice system and a number of crimes also differ in these locations. As we have explored in Part 2 of this book, to have money laundering, you must first have a crime, and the law in respect of the laundered funds has an intrinsic relationship to the criminal law which applies to the initial crime. You may find differences in interpretation and enforcement in border areas, in cross border activities, and even in day to day work, and this may influence your approach to risk. The same position may apply to those close to borders, who may experience law enforcement investigations for cross border activity that could impact their work. As a result, you may need to include this as a specific risk in your firm risk assessments.

New technology The Money Laundering Regulations also require any new technology adopted by the firm to be risk assessed. Firms may feel this risk assessment falls within their services or service offering.

Lateral Anti Money Laundering The risk assessment process we have seen so far is flat in organisational terms. For example, if we drew it on an organogram, we would see it considers the mainly risk of the way the business delivers its services and focuses on the core business of the organisation. That delivery of services or core business can also be mapped on a straight process map, and the starting point might be the transaction, which is also risk assessed. The focus of the consideration of risk is on the main business purpose of the organisation. For example, for a lawyer, the focus is on the delivery of law – for an accountant the delivery would be on the delivery of accountancy services. If we look at the categories of the risk assessment, they cover the products and services and means by which those services are delivered. We are seeing a heavy focus on the delivery of the core solution that the business is set up to provide (or that the 160

Lateral Anti Money Laundering business is apparently set up to provide, noting that some businesses can operate as fronts for other businesses). However, any business is composed of more than core service delivery. We can see that many businesses, including law firms, cover a wide range of departments, which we might know as Human Resources, Information Technology, Business Development and Marketing, and any other number of departments that sit alongside the delivery of core product offering. We also must cover Finance and Accounting, and we have covered some content about risk assessing client money earlier in this Part of the book. However, we can examine the Finance and Accounting function more closely and look at the ways we can track client money through the business as an AML issue, and how we can examine office money. We can also look at how other business functions can also be analysed in a similar way. In this sense, we are considering anti-money laundering more laterally – we are taking a new, sideways view, to a pre-existing set of expectations. The Money Laundering Regulations provide that the focus of risk assessments and other activities, such as due diligence, is on the transactions. This Part of the book is not taking away that focus, or providing a means of non-compliance, but is allowing other parts of the organisation to participate in the anti-money laundering process alongside their colleagues in the core business. You may find looking at AML through this lens allows other functions to fulfil more of their expected roles – for example, the COFA of a law firm may find themselves better able to assure compliance with the Accounts Rules, by taking on some of these ideas, and may find more direction in the application of their overall role. If you drew an outline of your organisation, what would it look like? You might want to draw it on a piece of paper in front of you. You might draw the focus of the organisation, for example the areas of law. You might instead draw an organogram, with all the different departments. You could also look at the pieces outside and inside your organisation, including where the internal and external stakeholders of your organisation meet and liaise. A traditional business might include the following departments: •

Core business (whatever is being sold)

•

Finance and Accounting

•

Human Resources

•

Business Development

•

Legal and Compliance

•

Operations (also including administration and customer service)

Sometimes, we might also include a separate category for management and governance functions, such as the Senior Management Team. These sometimes sit separately from the rest of the business, and encompass decisions that in large or different types of organisations might be separate departments, such as Strategy and Communications. A small law firm would not have all of these departments, but is likely to have a separate function for finance, and possibly for business development and maybe compliance, even if some of these functions are outsourced to other providers. 161

Part 3  Risk Assessments and Risk Management We can see that there is potentially a large amount of the business that is not the explicit focus of the risk assessment and client due diligence parts of the Money Laundering Regulations. However, the Regulations do require senior management and governance leadership in certain elements. For example, we can see the Regulations require: •

an audit function, dependent on the size of the firm or the nature of the work carried out (regulation 21(1)(c));

•

training of staff to spot transactions and warning signs of money laundering (regulation 24);

•

training of staff in positions of responsibility to meet their obligations under the Regulations (regulation 24);

•

screening of staff (regulation 21(1)(b));

•

appointment of staff responsible for compliance (the MLCO), and reporting (the MLRO), the former being an optional position. The relevant Regulations are regulation 21(1)(a) and 21(3), and see also the Proceeds of Crime Act, Part 7;

•

adoption of policies and procedures and internal controls to meet the Regulations, under regulation 19. These are also seen to apply on a group wide level under regulation 20.

Some guidance, (most notably, the Legal Sector Guidance for Anti Money Laundering), has focused on the roles of the governance structure to provide the required direction for regulated businesses. There is undoubtedly a lot to adopt, and some regulated businesses will find it a struggle to put in place the level of compliance required to meet the regulations. However, adopting some of the ideas from the coming pages may provide more day to day low level or departmental solutions to those problems, providing an opportunity for compliance to be driven through those departmental lines rather than just from the top down. Ultimately, this might be more successful than a set of policies and procedures imposed by the senior management. As a compliance consultant, the writer is used to seeing senior management concerned that ways of compliant working are not implemented and that office manuals are barely looked at. Managing a busy law firm can be a difficult task, and efficiency and pragmatism is highly valued. Adopting one or two of the ideas from the coming pages might help engage staff more closely, particularly if the anti money laundering position of the firm took account of the professional requirements in that specific area of business. A lateral AML review can also provide a different area of the business for compliance to focus on rather than simply the client relationship. Service delivery can be placed under strain by the amount of initial information in the client care letter. The increasing demands of regulation are becoming a customer service issue, which runs counter to the requirements of the regulators and Legal Ombudsman for openness and transparency in the client relationship and financial transactions. The purpose of lateral, business focused, thinking in anti- money laundering, as well as providing a whole firm, balanced solution to the challenges of financial assurance, is also to provide a perimeter around the firm. This perimeter is intended 162

Lateral Anti Money Laundering to secure the firm from attempts at fraud and criminal activity that could cost the firm money, implicate the firm, or cause reputational damage. We can imagine the perimeter as covering all the departments of the firm, not simply those that undertake core business. Covering all the departments allows us to train staff, implement policies and procedures, and involve the relevant members of the workforce in decision making related to the risks of criminal offences, and the receipt of monies tainted by the proceeds of crime. We have already, in Part 2, defined the difference between a crime and money laundering. Examples of the former might be cybercrime incidents against a firm, or a crime committed by a client which comes to the attention of the firm during the course of a retainer (but may not involve the use of the proceeds of the crime, yet). We might wonder whether either of these situations would also involve a report to the National Crime Agency (NCA) for money laundering, and it perhaps depends on the facts of the case and what happened next. Of course, we cannot simply assume the threat to the firm will be external; the threat could also come from within. The writer has seen examples of criminal activity coming from employees, and also of firms being purchased by those with malicious intent, demonstrating that firms are at risk from those within (and within the legal marketplace), as well as externally. Creating a perimeter is important to allow us to assess a broad range of situations, rather than those that just relate to the client transaction. We might look at finance and accounting as a whole, including accidental deposits in client account; billing and receipts into office account; and the income for the firm as a whole, including any outside investment. We might also consider the cyber risk the firm is exposed to, and the employees the firm takes on, as potential risk factors. Considering the risk as a whole allows us to see the breadth of opportunity for crime against a firm, including money laundering. If we make the assumption firstly that we are seeking to defend against all types of crime, and secondly, that there can be an overlap with money laundering and many other types of crime, this helps us to create the basis for the perimeter. We need to defend the firm and take proactive managerial steps to recognise the basis of our business, and the need to protect it, with an assertion that it is a legitimate and validly operating organisation. There can often be questions amongst staff about whether what they are reporting is money laundering or another type of crime, and conceptually the difference can be hard to understand. We have covered the difference in Part 2. We might find ourselves drawing a timeline of a fictional crime, with the attempt to utilise the funds at the end of the transaction; we then have to draw a line and say, for example, ‘it was theft, but at this point, when the perpetrator tried to use, convert, or disguise the funds, it became money laundering’. We might look at our anti money laundering procedures and see there is a line for reporting which allows the individual to make a report to their Money Laundering Reporting Officer, and for the Money Laundering Reporting Officer to make a report to the National Crime Agency. There are prescribed forms and codes for this purpose, and a defence to money laundering can be obtained. You may have forms in your firm for your staff to use to report their suspicions, and there are also examples in Annexes A and B to Part 2. However, are we then saying that staff and contractors within or associated with the firm cannot report other types of frauds, crimes and scams perpetrated against the firm, both internally and externally? You 163

Part 3  Risk Assessments and Risk Management may need a separate reporting system for other types of crime or scams, with a separate process for reporting them to the appropriate law enforcement. As well as a reporting system, you might wish to consider procedures for reporting these other types of crimes and scams, who will be responsible for dealing with them if they occur, and contingency planning to recover any aspects of the firm affected. Identifying the types of crime you would like to be reported internally, communicating this to staff, and developing plans for next steps and recovery, can help you ensure staff know what to do at an early stage of any incident. The writer has also seen cases where there have been co-occurring incidents at a law firm. Whether these are cybercrime incidents, attempts to de-fraud client account, or fake client instructions, sometimes we can find more than one incident occurs at the same time. This raises concerns that this is a co-ordinated attempt on the law firm; an attempt to find a weak point in a firm; or an attempt to distract the management with one concern, so an attempt can be made elsewhere. Understanding the nature of these attempts, and mapping them, can be a useful tool in contingency planning and risk assessment. We explore ways to do this further over the coming pages. If you are concerned that a number of attempts are being made, you could in this situation, plot the concern(s) on a risk assessment map covering each department, showing any of the following: •

impact in each department;

•

reports made in each department;

•

concern by management regarding each department;

•

any other measure decided upon by the management team, that demonstrates the risk in each area.

This may provide the oversight you need of any situation to ensure you manage it effectively. If you are considering a report, or you have made one, you can also use this type of firm wide mapping to ensure the rest of the business remains unaffected, and there are no unseen impacts. You will, by utilising this approach, maintain the perimeter of the business and you may find or guard against malicious attempts you had been previously unaware of. Proactive management will want to understand how the risks of each department can manifest themselves and take steps to find those risks. The approach just described, of using a whole firm risk map, can be used when an incident has occurred, to help manage the situation. It can also be used on an ongoing basis to easily demonstrate checking in each area to see whether there are any difficulties. Of course, this Part of the book is about risk assessments, and we can discuss some of the known AML concerns and scams that can affect each area of law, but also how other areas of your business can be impacted by AML concerns and crimes as well. You may wish to consider adding your other business departments into your firm wide risk assessment, and even involve them in individual transactional or other departmental risk assessments. We can also go beyond waiting for reports to be made to the Money Laundering Reporting Officer, or the COLP or COFA – or regularly checking in with each department. We can proactively take steps to consider the risks of: 164

Lateral Anti Money Laundering •

monies received into the business;

•

staff handling those monies, or otherwise involved with clients or in the business;

•

the tools and technologies we use to service our clients, and in the business;

•

the relationships we have and develop, particularly externally;

•

our marketing channels, and how we receive our clients;

•

our group interactions (relating here to the corporate structure we may be part of);

•

our supply chains in the broadest sense.

Taking a much broader approach to our risk assessments allows us to analyse our areas of potential risks. We may make assumptions that all is well within our businesses, and that basic processes are being followed. It can come as a surprise later when there are concerns raised because someone has managed to circumvent those processes. We have the ability to audit our functions internally, and we can ask questions about those functions and how they are safeguarding client money, or supporting the business. However, those audits relate to firms with a large size or particularly risky work. We might, as a matter of good business management, want to ensure we have a handle on some AML concerns before they are picked up by an internal or even external auditor, and this should be possible for small firms as well. There are additional steps we can take to build in better processes, which go beyond those designed for traditional law firms, to ensure our approach is effective in its delivery. Over the coming pages, we will explore some of these methods of investigation, analysis, and procedure building. These sections are likely to be useful to business managers, COLPs, COFAs and MLCOs, who wish to ensure the most effective compliance procedures are implemented in their firm as part of good compliance management and as excellent evidence for the regulators.

The current position – external client focus The Money Laundering Regulations 2017 (as amended), place the focus of anti money laundering on the outset of external client transactions, by requiring the established business to focus on counter fraud measures in respect of identity, and checking of funds where appropriate. By focusing on the individual client transaction, we are focusing on a small aspect of the work of the firm; that being, in the case of lawyers, the legal transaction. There may be many other parts of the work of the firm that can be impacted by scams, potential frauds, and attempts to clean the proceeds of crime. We may not be paying sufficient attention to the perimeter of law firms as a whole, and the operation of other business departments within the firm, to both protect those transactions, and to ensure the wider business is not either the victim of a fraud or utilised to launder the proceeds of a crime. However, this book does not replace the content from the Money Laundering Regulations 2017 or of the Proceeds of Crime Act 2002. Those are legal 165

Part 3  Risk Assessments and Risk Management requirements and the business should implement them in full and audit against them (as required). Nonetheless, the business may find that it wishes to take additional steps to prevent and manage malicious attempts upon the firm and as a matter of proactive and professional management there are additional AML and counter-fraud angles that can be considered. The current position is that the firm need to consider the identity of the client (and where necessary, their beneficial ownership) at the outset of the transaction. They should not proceed with the business relationship until they have verified this and checked the source of funds for the transaction. There are other requirements that focus on this initial step in the process, including requirements to further consider politically exposed persons, high risk countries, and other risk factors for AML. These requirements all have one position in common – to consider and check the identity and bona fides of the client at the outset of a transaction.

Any business, including legal business, is made up of more than client transactions. While that might be the reason for existence of the law firm (to serve the local community, for example), and might comprise a large amount of work coming into the firm, the firm has a broader footprint than that. With the steps taken in pursuit of AML, it can come as a shock to any firm to find themselves the victim of fraud or unwittingly involved in money laundering through another route, or part of the business which has not been considered fully. We might take a step back and ask whether or not we are making assumptions by following this process. Are we assuming the businesses are competent, equipped, well-staffed, and with positive intentions prior to following this process? Making these assumptions can place a great deal of onus on the regulator and in this case The Law Society to provide vetting, oversight, and leadership regarding good business, management, and even IT skills. The regulators do not have an economic remit and frequently law firms fail, or are intervened for other reasons, and in other cases they or the individuals are prosecuted. There is limited vetting for the hundreds of thousands of solicitors in England and Wales; they undergo education, but do we know any more about them and whether or not they or their employees have connections to criminal activity? Firms will realise that the SRA is a proactive regulator, but it does not personally visit every firm in the country on a regular basis to cover their operations, their counterfraud measures, or to ensure the bona fides of their operations. 166

Lateral Anti Money Laundering The concept of lateral AML is to supplement the firm’s consideration of the legal transaction with a further review of the full position of the firm. Instead of the legal process and transaction being the sole point of anti money laundering assessment, the firm itself and all of the touch points should be considered when managing, reporting, and auditing for AML. We might start by saying that the business has a number of different departments where there could be evidence of money laundering and that they could also be vulnerable to fraud or other breaches as a result. If we seek to divide up the business, we might as a starting point look at: •

Finance and accounting: This is another starting point for AML investigation, encompassing the monies received into the firm, the transfers made between clients and the firm, and the use by the firm of the office account. Anti-money laundering is of course, primarily about money, and the focus can be placed on a different process by investigating the financial functions of the firm and the holding, receipt, or processing of monies or other assets. The title of this book is ‘Client money’ but the office account may need a full investigation as well, noting any areas of income and outgoings, and the potential influence on the firm, as well as their bona fides. When we consider the geographic risk of the firm, we might also look at the means to transfer money from that third country. Or we could consider financial issues, such as exchange rates, or the instability of different currencies, as risk factors which could impact transactions and also the firm’s position in holding the monies, particularly if it was to be sent overseas later in the transaction. We have also considered the risks posed by handling client money in the risk assessment categories and titles we have used earlier in this Part of the book and the templates, but client touch points with Finance and Accounting department directly can also be a source of concern and miscommunication and might be restricted to limit risk.

•

Human Resources: Crime is committed by people, and the writer’s experience is that firms in positions of reporting to the regulator are sometimes the victim of internal activity which is malicious. This can include infiltration by groups, individuals, or even purchase by those with criminal intent. The writer has seen a number of interventions take place because of the activities of an individual or following purchase by those with dishonest intentions. Some of these concerns may be red flagged internally by HR in the individual or developing relationships with clients, or there may be attempts to by staff to circumvent usual procedures. In the case of dishonest purchase, a full vetting of prospective buyers or investors, needs to be undertaken. When recruiting or considering new persons for their firms, HR may look at individuals who have previously had conditions imposed, or where there is a regulatory disciplinary history, as a risk.

•

Operations (including IT and sales and marketing): Cybercrime has become a large issue in the sector, with a number of attempts at disrupting the operations of firms or diverting monies due for a legal transaction. Sales and marketing are also areas where fraudsters can look to gain traction, with fake or scam referrals into the firm, or concern around the expert or third party reports being used. 167

Part 3  Risk Assessments and Risk Management •

Legal business: We have covered earlier the need to consider the process for obtaining clients into your firm. You may also risk assess those connected to your clients or those otherwise involved but outside of your firm, for example third parties or clients on the other side. You can also assess your supply chains, and whether the suppliers you work with are reputable and how business is conducted around you. Different categories of law, individual transactions other side and supply chains

Internal and external AML risk

Movement of monies into and throughout the business Legal

Finance

HR

Operations IT

Individual risk and personal links to supply chains

Internal and external AML risk

Cybercrime and human influence

By taking these points and examining them in detail we can consider whether the business has alternative positions it can adopt internally to combat and realise the threat of money laundering to the business as a whole.

Process mapping areas of law Individual areas of law can also introduce risk in different ways. We have covered some of the risk factors in dealing with these areas of law, earlier in the book. However, we can also map their processes to consider how we introduce monies into the client account in different areas.

An example is the conveyancing process, with the standard process tracks of sale and purchase. We can see the receipt of client money into the client account in the different places. These are represented in the diagram above by the (darker) circles behind the squares, and the transfer away as part of the process by the 168

Lateral Anti Money Laundering (lighter) circles behind the squares. In these cases, the firm has to consider two different receipts of client funds. The first is the receipt of client funds for the purchase – they will receive money for their costs and money for the deposit from the client. Often, the second tranche of money will be from the bank or building society. In that scenario, the money from the client to be risk assessed is the deposit and the money for costs; the money from the bank is usually assumed to be legitimate. The firm will have more AML checks to undertake if the property is not mortgaged. Generally speaking, the firm is limited to considering the money for the transaction, and ensuring they can prove where it came from and that it has been properly obtained by non-criminal means. The checks should be more detailed and stringent if a larger sum is presented to the firm. The checks do not, however, necessarily consider the client’s financial position overall and whether or not that is wholly legitimate. The sale process is quite different, and involves the lawyer checking perhaps on the money due for their costs (depending on the price of the property for sale and their quote for dealing with it). It is not commonplace for the lawyer to ask questions of the monies received from the other side. However, given it is being received into their client account, and we are examining possible criminal offences in the receipt of the proceeds of crime later in this book, firms may wish to ask questions or seek assurances about not only the client identity on the other side, but also the money that is being used for the transaction. It may appear diligent to do so. The conveyancer in receipt of the proceeds of sale must distribute them to the client(s). In litigation cases, Bowman v Fels (2005) has been used to justify the distribution of monies following the directions of the Court, perhaps due to the oversight and probing nature of the Court appearance. However other legal transactions that take place either prior to a Court appearance, or which would not ordinarily go to Court, would not be covered by Bowman v Fels (2005). Examples may be debt management which is settled before litigation, or even probate cases. Therefore we require an alternative AML process map to consider matters which go before a Court, and those that stay with a firm, and this can be part of risk management and considerations within individual departments which are impacted. We might, as department heads, compliance officers, or even fee earners, make different decisions about suspicions and reporting if we take into account this judgement, including in our planning and understanding of case management across the board. We might look at a process map for legal matters which leads to distributing sums of money to clients or beneficiaries, and take steps to ensure each the sources of those monies have been fully documented before distribution can take place, if the matter is not subject to the Court’s oversight. We consider the case of Bowman v Fels (2005) further at page 236.

Re-considering the requirements in the Money Laundering Regulations A lateral approach to AML can provide useful ideas for meeting a number of other requirements in the Regulations. 169

Part 3  Risk Assessments and Risk Management •

Policies and procedures under regulation 19: Firms should have in place policies and procedures to meet the requirements under the Money Laundering Regulations. We can use the earlier ideas to add to our policies and procedures to further develop our defences against money laundering to ensure we cover the risk posed to the entire firm, rather than a short position of just the transactions related to the individual or corporate client. There are ideas for developing these processes and procedures at pages 184–185. However, there is nothing to stop processes and procedures going further than the requirements in the Regulations and developing innovative solutions. We could consider action to be taken beyond reporting to the NCA, once a transaction is red flagged, or the firm finds a number of concerns. In response, the firm could decide to introduce enhanced due diligence across all transactions, for example. Or if the concern was financial, they could decide to undertake a deeper dive of financial audits across a sample set of files, or start to audit against the client bank statement for the receipt and movement of funds to and from actual bank accounts, as discussed in Part 2. We could also introduce a Central Response Unit as an alternative to the individual reporting we currently use. This could be implemented still to abide by the current law (for example with an MLRO still in place), but with as a team with a wider response remit that covers the firm’s response to reporting, such as possible tipping off, monies in client account, and how to manage any other co-occurring attempts on the firm. Other areas where we may make a broader consideration, include:

•

Audits under regulation 21: Firms can implement audits to consider the effectiveness of their approach to AML, the implementation of their policies and procedures, and the overall compliance of the firm. Considering the position laterally can help us identify patterns and trends in AML concerns and where our weak points are overall. It can also help us see whether there are patterns to the activity of concern, or whether the firm is being targeted as a whole. AML audits can be introduced across the firm (not just in the legal departments), for example in Finance, IT, Human Resources, and other departments. These audits can help identify issues to aid prevention of crime against the firm on a much wider basis. We discuss audits further, shortly.

•

Staff training under regulation 24: Staff are required to have relevant training to ensure they understand the position related to AML and can identify transactions of concern. Regulation 21 also requires that staff are screened, and their knowledge and suitability is assessed. Both positions lend themselves to a broader consideration of the role of Human Resources in the fight against AML and the consideration of tailored training for staff within their roles across the whole business, rather than just focused on the individual legal transaction. Further ideas for staff training are provided in Parts 4, 5 and 6 of this book, but training may encompass broader ideas beyond anti money laundering, including cybercrime; firm policies and procedures and the office manual; firm expectations of ethical decision making; and the indicators of crimes and scams we might see across the business as a whole. 170

Lateral Anti Money Laundering •

The appointment of the nominated officer under regulation 21: Nominated officers (such as the Money Laundering Reporting Officer or the Money Laundering Compliance Officer), might consider their wider knowledge of the business and whether they need some assistance and support in working with the various departments to ensure a wide business approach is taken, capturing all aspects of the risk the firm faces. The MLRO may also require training in wider business functions to ensure they understand the discussions in matters that are reported to them by non-core business departments.

As discussed earlier, firms can choose to have a Central Response Unit in place to deal with the challenges of money laundering red flags, rather than simply relying on one person (in the MLRO). This could also draw on expertise and experience from across the business, and develop multi-function analysis and response to any concerns raised.

Mapping a business – identifying areas for consideration or action We can map a business and map our supply chains to find areas for investigation or for the introduction of measures in our policies and procedures. There are three examples shown below which cover the breadth of the business, and also the vertical and horizontal supply chains you might find connected to a business. To map your business, you can use your organisational structure. You might also use any visual representation you wish, or the examples provided below. We could map a legal business as follows:

Legal departments These are the departmental lines you have in your legal services work and cover the areas of law you would usually look at. These are the traditional focus of the AML risk assessment and general AML work. An example of a firm who operates in a few areas of law, and ideas from mapping some general of concern, are shown below: Example: area of law

Common concerns or outcome concerns from supply chains or business process map

Wills and probate

Firms setting up in areas frequented by elderly people to take unfair advantage;1 outside or associated businesses targeting elderly people; fraudulent or fake probate; fraudulent beneficiaries.

Commercial

Business connections and wider relationships; reputability.

Personal injury

Fraudulent experts and witnesses; fraudulent claims and fake litigation.

Crime

Referrals into other areas of the business and the use of the proceeds of crime; receipt of referrals from crime departments; receipt of referrals from criminals or those laundering money.

Consider firms around you and the possibility of fake firms

1

171

Part 3  Risk Assessments and Risk Management

Operational departments While our focus would usually be on individual areas of law in the Money Laundering Regulations, the operational departments can also provide us with a focus for consideration and risk assessment. As we have seen, delivery channels and services may also focus on the operation of different areas of the business in a variety of ways. Operational

Common concerns or outcome concerns within business process map

Finance

Payments in and out of the client bank account and office bank account; transfers between clients; large sums; source of funds; wealth and financing; third parties; unusual relationships. Differences between payments at the bank and those expected or recorded on file.

Operations

Unusual requests; unusual areas of law; direct liaison with external third parties; influence in the business.

Human Resources

Background of staff; staff living beyond their means; malicious intent from applicants and staff; staff external membership of different groups; conflict of interest.

Internal audit / compliance

Perspective (including authorisation level); quality of decision making and knowledge; authority and seniority; conflict of interest.

Training

Perspective; sales; equality; information offences; conflict of interest.

Governance structure

Decision making; external influence and direction; infiltration; conflict of interest; wider financial position of the firm and association with other business or income received from non-core business.

IT

Cybercrime; individual security and confidence tricksters; fake websites; compromised IT equipment; fake experts or compromised experts; external storage of information and IT backup; external support for client portals. Internal HR procedures or external support.

Sales and marketing

Fake referrals and fake businesses (including at conferences and exhibitions); ensuring good quality and compliant business leads in a pressured environment; information offences.

Inter-group departments / asset managers

Investments; business associates; ensuring appropriate regulation; gaps.

Business managers

Unusual business results (also applicable to Finance and Accounting).

We can also use this type of mapping to explore the impacts on different groups involved in the process. We might examine the different impacts on different staff groups, for example secretaries, fee earners, and front of house. They may deal 172

Lateral Anti Money Laundering with different issues such as identity checking, tipping off, and handling cash or the threat of theft of cash. These are just the internal groups; other external groups can include those you or others within the firm have relationships with, or third parties involved in a transaction. Mapping your supply chains and understanding all parties involved in a transaction and where issues might arise can give you a full understanding of how to map and prevent fraud, and the use of the firm for money laundering.

Supply chains Supply chains are often grouped into: •

horizontal – these cover those who perform the same role as you in your industry; and

•

vertical – these cover the other organisations and individuals around you that help you perform your specific role in the supply chain and help your transaction move forward.

We can plot our supply chains to help us understand where the issues lie. This is one way of understanding the risks involved. We can also make lists of those we do business with – whether in our vertical or horizontal supply chain – and understand how we may be impacted by their actions or what occurs in their business. For example, legal supply chains may be impacted by cybercrime if a malicious email copies itself across a business and into the address book of another firm. This may continue to happen until many firms are impacted. Mapping our supply chains and investigating them allows us to pinpoint all vulnerabilities to crime and money laundering, and secure the perimeter of the firm. To map your supply chains you can look at: •

horizontal – consider the law firms or lawyers (including non-solicitor firms, for example notaries, barristers, or licensed conveyancers), around you; and

•

vertical – consider the businesses or individuals around you that perform different roles, but help you perform yours.

You can either list these in a table like the ones here (showing personal injury examples), or in the diagram. When listing or mapping, consider the possible weaknesses or vulnerabilities which could accompany using any provider and what typical AML concerns there are that might impact your services.

Vertical supply chain table and map Vertical supply chain provider (or step where we require or use another party)

Possible concerns

For example – expert witness

Reputability, fraudulent claim, bribery, conflict of interest

173

Part 3  Risk Assessments and Risk Management The diagram below shows a process for advertising Personal Injury services (without referrals). From this map we can see in the process, some of our vertical supply chain partners. In the comments underneath we can see the concerns that might arise at each stage.

Example vertical supply chain map

Referral fees are prohibited in Personal Injury cases under the Legal Aid, Sentencing and Punishment of Offenders Act 2012; however services can still be advertised if they are compliant with the regulator’s requirements for advertising to be nontargeted and unobtrusive. We can raise concerns about advertising in many circumstances, and here we might say that we would need to be sure no referrals were sent (for example if a marketing agency erroneously decided to contact people directly to demonstrate the effectiveness of their work, the law firm would not be able to accept it). The law firm would also have to ensure that the work received from such publicity was genuine; and that persons were not being individually targeted or contacted as part of any advertising contract. Care would need to be taken about the placement of adverts, and that specific community literature (for example targeting elderly clients), was not used, and that no high pressure tactics or sales were generated as a result of any contract. These are all listed as concerns and notes to different steps in the diagram. Working with supply chain providers (in these instances advertising agencies who design and place general advertisements – which is permitted, as opposed to lead generators or referrers, who are not), is a complex process, and one where very real care needs to be taken that what might be perceived to be ordinary conduct of business (such as permitted in another sector), does not occur in legal services. Similar process mapping can be undertaken in other areas of law and across the full process map of each type of legal transaction or in each area of law to assist in identifying areas of concern and where risks to the firm might arise.

Horizontal supply chain table and map Horizontal supply chain provider (or step where we require or use another party)

Possible concerns

For example – law firm, required for a PI referral fees (prohibited), reputability, recommendation where we do not conduct own vulnerabilities as a law firm the work

174

Lateral Anti Money Laundering

Example horizontal supply chain map

If there were fake firms in your horizontal supply chain, what would be the impact of the breaches on your firm? What would happen if the firms in your horizontal chain were all legitimate but had an AML or other criminal concern? Consider whether you would be aware and how you might forward plan for such a situation. You may need to consider your touch points with the firms around you and how you might communicate with them about AML issues and criminal concerns in light of the requirements for tipping off (covered in more detail in Part 4). An effective plan can be a useful risk management tool and part of your firm’s risk assessment, or response to it. The example supply chain mapping demonstrates that it can be worth drawing out your supply chains in some detail. Any supply chain can have a number of weaknesses, and only a small amount of the supply chain is drawn out here. Sometimes a large number of issues can be identified that could impact the delivery channels or services of a firm. These issues may be worth targeting specifically as part of your AML risk assessment. You can map your supply chains from full end to end in some detail, considering both external suppliers and commonly encountered third parties, as well as common issues which arise at each stage in the matter. All of this can help you identify issues to incorporate within your policies and procedures, as well as your risk assessment. Of course, we have just mapped a short version of the supply chains in personal injury and you will have a number of areas of law to consider, which should give real impetus to individual departments in developing risk assessments and action plans.

Key departmental issues Some departments are key to the operation of the firm and the prevention of money laundering. We can take an in-depth look at: •

Finance and Accounting

•

Human Resources

•

Information Technology

Finance and accounting This is another viable starting point for the Money Laundering Regulations 2017. The Finance and accounting departments see the monies from the client when they arrive and can monitor the entirety of the financial aspects of the transaction. This can include where the monies arrive from, who is sending them, and where they go. The Finance department have much more information than is generally recognised within the Regulations and can effectively track the monies, their 175

Part 3  Risk Assessments and Risk Management source, and destination. It is worth building in this aspect of money laundering into your risk assessments, considering building in checking source of funds (transaction finance) and wealth (client financial health) with your Finance team directly, and including matching the destination of funds into your policies and procedures. Other policies and procedures you can consider are limiting the disclosure of client account details, and requiring a time delay and sign off before returning accidental deposits, which can also allow you to make a report where necessary. Another area to consider can be the overall sources of financing for the firm and the involvement of third parties. Law firms can be externally owned and there is a consideration of the involvement and influence of external finance and whether this has been declared to the regulator. The trial balance can be a source of investigation, as can unexplained expenditure or unusual patterns of income. It can be worth considering whether the firm or Finance team can standardise procedures to show the sums taken on each transaction in a similar fashion. Conveyancing departments can utilise this well. Transactions can be worth set amounts with similar sums taken each time. If you operate a firm that undertakes standard transactions, working with your Finance team to implement a set policy for handling them can provide confidence that the firm’s client account is not being used for anything suspicious as it keeps the financial aspects of each transaction within set bounds. Other departments may also be able to implement this approach, so you have a few standard ways of working across the firm and clarity in the position of each ledger. Specifically, you might consider the Finance department checking the source of funds as coming from the client’s bank account (and verifying the identity and involvement of any third party). You might also consider at this point understanding the size of the transaction and the consistency with other transactions in that department. You might be able to verify the transaction for consistency if, for example, the department in question ask for a standard £300 on account of costs for a new transaction and that is what you receive, from a client bank account in their name. A similar process can be undertaken for other receipts. You can also ask questions at this stage to ensure client monies are for a legal transaction and that a ledger and file have been opened accordingly. Your Finance team can be involved in all of these checks and the new ledger and file can be a point of direction for finance as client funds need to be recorded accurately for each new matter. During other, later aspects of the file, you might find that monies leave the client account. Again, as a Finance team, you could put in checks to ensure the destination of the funds have been checked and verified and that this is a proper part of the legal transaction. Any movement of client monies could be checked internally, and verified to ensure it was a proper part of a legal transaction; the parties had been verified, and ID was obtained along with reasoning for movement if necessary. Of course, the changes to the Solicitors Accounts Rules (covered in Part 1 at page 53) mean that client monies can be stored elsewhere with client consent, and that some monies can be taken for fees and disbursements in some circumstances. Do ensure your policies and procedures are consistent and within the rules, and consider whether staff should be prevented from undertaking certain actions by your procedures. We cover this further in Serious Breaches. 176

Lateral Anti Money Laundering

177

Part 3  Risk Assessments and Risk Management

Human Resources Instead of starting with the identity of the client, or the source of the monies, here we must start with those individuals handling the transaction. Firms can be subject to insider threat; the threat of persons within the business acting in furtherance of crime or with malicious intent. To counteract this, policies to check references; for criminal convictions; and for banned associations, can all be helpful. It can also help the firm to consider who their clients are and whether staff or others would be motivated to take action against them, for example, for political reasons. Personal security can also extend to personal devices and use of the internet. Equipping your staff to understand that their IT security at home can also impact the position at work is helpful. We might bring browsing habits, bills to pay, or other errands that require IT access, into the workplace. Training your staff to understand the risks they take online and making a distinction between the workplace and personal life is important. It can be helpful to extend the training to cover personal lives and taking a wide approach whilst making a distinction can help to protect the firm. There can also be wider concerns around recruitment. Do be aware that recruitment scams are on the rise and candidates are sometimes being asked to pay to be put forward for a job role. Consider carefully who you use to recruit your candidates and the agency’s working practices. Broadly speaking, training staff to be aware of the various possible scams out there and keeping them abreast of opportunities for counter fraud is helpful, and can make them more aware when dealing with the traditional requirements of the Money Laundering Regulations 2017. To implement the these ideas, you might consider mapping your processes, and examples are contained in pages 177 and 179; the latter being the HR example: Of course, you can map your steps in more detail than this, and with a greater eye to the possible frauds and risks for the firm, but you might start with a decision to hire new staff. This might then bring considerations of the bona fides of recruitment consultants. Further into the process the firm would consider potential candidates, and this might include questions about their disciplinary history, convictions, possible regulatory conditions, and banned associations. The firm might then include references in their checks. When starting, the new hires might undergo AML training, finance training (to include the standardisation discussed previously), and reporting, as well as personal security and cybercrime training. Other scam training might also be included such as impersonation scams impacting public authorities. Staff might be monitored for their compliance on an ongoing basis, and have access to reporting across the firm into the MLRO and MLCO, or into other reporting lines that are appropriate within your firm. You might also make provision for staff departure and if they need to contact you after the event in respect of AML matters. Sometimes issues can arise in their new workplaces which are relevant to the work they undertook for you, and might require you to make a report. Do consider how to manage such an event and matter. 178

Lateral Anti Money Laundering

179

Part 3  Risk Assessments and Risk Management

Information Technology Cybercrime is a major concern for most law firms and there are a number of reasons why cybercriminals will look to target law firms. It might be to obtain client personal information and bank details. It might be to obtain privileged legal advice given to another. The intent might overall be malicious – to disrupt the firm’s operations; or damage the reputation and credibility of the firm; or to undermine legal services. However, threats are constantly changing, and new threats emerge. Do bear in mind your own WiFi networks and passwords and the use of devices outside of the office. Allowing clients to use your WiFi, or allowing staff to login to external WiFi can pose a problem. For example, some external WiFi can be evil access points, set up to extract personal data and passwords. Similarly, contactless payment devices can by distraction, be replaced by payment devices which are unconnected to a firm, so do be careful in your reception area if you use contactless payment.

Exercise The point of this exercise is to consider AML in your firm and where you can expand consideration of your business operations to include attempts at countering fraud and scams against a firm. Undertake either or both of these tasks: a.

Map your firm and risks arising from fraud, scams, and money laundering.

b.

Map your supply chains and general processes both internally and externally. What areas can you find to tackle with AML and counter fraud procedures?

You can work with your colleagues to undertake these tasks, including in the areas highlighted.

Identifying patterns and trends It is important that we see the firm as a whole picture, and of course criminals may target a firm in a variety of places simultaneously to find a way to obtain an advantage. By implementing policies and procedures across the firm, and training staff in different departments to contact the Money Laundering Reporting Officer (or another central point), when there is a potential issue, we can gain an overall picture of the firm and whether or not each department is subject to any difficulties. You might, for example, decide to implement a traffic light system to demonstrate any issues across your firm, coding each department according to whether there is a difficulty, and the severity of the problem. Legal

Finance

Human Training Resources

Governance IT

Sales and Business marketing Management







Concern

Concern

Concern

180

Lateral Anti Money Laundering This diagram shows a concern flagged for cybercrime (which would be flagged red) which has caused a concern on a legal transaction (also red) and may (or may not) have an impact on client account as the situation develops (which would be coded yellow for now). The remaining departments might be coded green. The situation might have been an attempted payment diversion fraud (Friday afternoon fraud), which has caused the legal file to be double checked for any other fraudulent correspondence. The client account appears unaffected but the Finance team are monitoring the situation. You may also flag external concerns raised by adding another half box colour, or by using another traffic light map. It might, for example, show if we knew about a similar concern elsewhere – at another firm perhaps. This type of mapping allows us to see the impact of attempts on the firm. If we had further attempts on the firm, for example a payment into client account unconnected to the firm or clients, or a client instruction which was unusual or presented the warning signs of fraud, we could add additional half boxes or deeper colours to flag the additional concern. Such mapping then allows us to make connections, future plans for such situations, and importantly and effectively, to report all concerns to the relevant authorities with full details. The authorities might be the National Crime Agency, Action Fraud, and the police. Of course, the above mapping relies on: •

having a strong oversight of each department, with strong procedures to identify such concerns; and

•

staff who are well trained – this training would also encompass reporting from across the organisation, including from departments which are not traditionally associated with work covered by the Money Laundering Regulations;

•

allocating responsibility for reporting to the appropriate authorities and actioning any oversight steps resulting from the traffic light system. We might assume this would be done by the MLRO, but reporting could be undertaken by another person, or oversight team, depending on the governance arrangements in your business.

There are further steps you can take to identify patterns and trends, including looking for: •

connections between incidents;

•

repetition at different times of year;

•

people in common;

•

places where concerns have arisen from or where staff have been recently;

•

departments who are targeted; or

•

methods of operating which you see regularly.

As well as training staff and relying on them to report matters, you can also take proactive steps yourself to check this is happening through: •

auditing across all aspects of the business;

•

mystery shopping your firm; and 181

Part 3  Risk Assessments and Risk Management •

creating training scenarios which have to be reported internally, allowing your staff to practice.

Independent audit function We should mention the independent audit function as a risk management tool that can be used to assist the business in confirming its overall view of risks, and ensuring these have been managed. The purpose of the independent audit function under regulation 21(1)(c) of the Money Laundering Regulations is to double check that the requirements of those Regulations have been met, and provide advice and support back to the business about improving effectiveness. They also have an important role in ensuring that the business has confidence in their ability to manage AML risks as they arise. The audit function can identify and close gaps in the AML provision and make sure the business is fully equipped to deal with the situations that can take place. There can be a case for managing the audit function in house, provided the function can be managed separately to the delivery of the main services in question, or for outsourcing the function if you would prefer a truly independent view.

File reviews You might consider an internal file review process to be part of your AML audit function, if your file reviews encompass AML. You may also need to adopt a wider approach to AML audit beyond file reviews and into policies, procedures, and coverage of the regulations and legislation. File reviews can be done for a large variety of reasons, and you can specifically audit to ensure that your anti money laundering on files is compliant. Your file reviews might consider the following things: •

ID and source of funds (transaction finance);

•

PEPs, sanctions, beneficial ownership;

•

company structures;

•

conflict of interest;

•

indicators of fraud / other criminal activity;

•

changes in instructions;

•

monies in and monies out (it came from the correct bank account and was sent to the correct bank account);

•

accounting fully to all parties using the correct bank accounts;

•

office account use;

•

anything unusual in the transaction;

•

internal reporting when needed. 182

Lateral Anti Money Laundering

It can often be helpful to try to audit the whole file. You can revisit it at various stages and see how the file has progressed. Auditing small parts of a file or parts of paperwork in isolation can produce the incorrect answer. A sample file review for AML and client money is attached at Annex D.

Audit techniques The requirement for AML auditing varies according to the size of the practice and the work undertaken. However, undertaking an audit can be beneficial for a variety of reasons. Auditing across the business can also be undertaken for more general reasons. Firms often do this (for example in file reviews), to ensure quality and consistency. We can also undertake similar techniques in other areas of the business to ensure proper and due procedure is being followed and the business is not being placed at risk of inappropriate use. There are a number of audit techniques you can use when discussing positions within your firm, or seeking to verify policies and procedures. Auditing relies on the use of different lines of enquiry to verify whether the policies and procedures are working in practice, and whether there are any improvements to be made, either in those policies and procedures, or in how they operate. You can: •

verify documentary evidence, including in departmental records and management information, as well as file reviews. We can refer to auditing departmental records as ‘departmental work review’ as the equivalent of ‘file review’. You might, with the correct authority, be able to review recruitment records and records of recruitment consultants for example;

•

conduct interviews of all staff members, including management;

•

make enquiries of teams.

The use of management information can be undertaken selectively; for example, you might seek to see files at different stages of a lifecycle to check they are as reported, or you might look for files that present a certain pattern. This might include reviewing bank statements or the cashbook first to identify large deposits, and then reviewing the corresponding files to check the identity of the individuals and that this matches the bank statements. To enable you to find files with certain patterns, you might look at lists or details of different types work across the business, including: •

open and closed files: showing for example, type of matter, monies held, client names, date opened;

•

staff: this could be organised by staff absence, recruitment, or movement, which may allow you to see patterns or connections in other parts of the business;

•

cashbook entries: showing the transactions at different times, which you can check for size or anything else unusual; 183

Part 3  Risk Assessments and Risk Management •

bank statements: which can be checked against the cashbook, and for similar enquiries to the cashbook;

•

trial balance: showing office account entries into different places;

•

referral arrangements and marketing databases: including client referrals and connected files;

•

correct lists: firms you do business with regularly and who may bypass usual procedures because you are confident you have their correct details. You may also have lists of firms you do business with infrequently and rarely, and whose bona fides you need to check;

•

email records: this may be particularly pertinent if you are conducting a cybercrime investigation;

•

client enquiries: this can be helpful when there have been unusual attempts on the firm, and if so, you can review where they have come from.

You can also undertake your own version of thematic review. For example, you could undertake a thematic review of potential cybercrime issues – ensuring you have covered all aspects of a firm’s protection against possible email fraud or security fraud, and that policies and procedures are being followed across all levels of a business. Ensure you have sufficient authority to undertake these tasks and that staff have been informed of them being undertaken and the reasons why. It can be difficult to ensure buy in to an audit process or to any form of monitoring of people’s work at all. Careful communication with the firm, a clear basis and rationale for the checking, and an understanding of how and why it will be done, can all be helpful. Clarity in communication about the process is important. Do ensure you inform people and keep them up to date with what you intend to do. Sometimes it can be more difficult to undertake these tasks internally than it is externally; standards such as ISO:9001 require businesses to produce management information across the board for external auditors. There should be no reason why internal audit should not have access to the same functions for examination, although sometimes we find that the external auditor is given greater internal access than an internal auditor. Of course, the position can be political (as in organisationally political, and about the exercise of power and knowledge within a business), but the internal auditor or compliance officer should also be able to undertake their role.

Policies and procedures The policies and procedures of the firm can be adapted to cover all of the aspects of the business in this Part of the book, and more. You might expand your policies and procedures to cover: •

Cybercrime: as well as the standard issues required by the regulator, you might include use of external WiFi, checking the firm’s online presence, and the cyber security of those in your supply chains.

•

Personal security: including confidence tricksters, internal threats, and personal security at and after work. 184

Lateral Anti Money Laundering •

Background checks: this might include DBS checks, references, checking motivations for working in legal services, and the monitoring of referrers into the business or those with business relationships.

•

MLRO reporting policy: this can be expanded to cover reporting across the business, not just in legal departments. All staff can be made aware of the need to report if they have an AML concern. There may also be a requirement to report fraud more generally, and a consideration of wider risks within the business, establishing a perimeter, and overseeing it. You might want to consider how this oversight position would work if you do establish and report on any perimeter issues, and who would oversee the actions. In some firms it may simply be the management team.

•

MLRO sample forms: AML reporting forms can be made available across the business (not just in legal departments) and developed to cover possible police matters as well. Forms may also be designed to allow your oversight structure to give feedback and direct action on wider issues than simply AML, in order to deal with any attempts on the perimeter. These feedback and action forms might be similar to the feedback aspects of the MLRO forms at the conclusion of Part 2 in Annexes A and B, and these forms could be adapted themselves to fit this additional purpose.

•

AML full firm: training and audits to include vulnerabilities and known scams can be made available to all staff. You might compare incidents and increase monitoring when a scam arises. An idea expressed earlier in this book was to implement enhanced due diligence for a short time on all transactions if one is received which is a concern, or sample an additional cohort of files to ensure they have been conducted correctly and in line with the Regulations. Firms can take decisions themselves about additional work they might do beyond the requirements of the Money Laundering Regulations and the additional thematic or incident response work they might undertake in order to re-secure the perimeter of the firm following a money laundering concern or report.

•

Finance policy: this might be updated to include checking on the financial indicators of money laundering, and additional checks suggested earlier in this Part of the book and in Parts 1 and 2. There is also an AML and Client Money file review at the end of this Part of the book in Annex D. Firms can consider specific finance based file reviews to ensure consistency and the proper operation of the accounts. They may also want to update their policies and procedures to include how to deal with the receipt of tainted funds into the law firm, which we cover further in Part 4 of this book. At the end of this chapter there is also a further section on financial analysis that may inform your further ideas for policies and procedures within your firm, including for due diligence, ongoing monitoring, and in internal investigation.

•

Governance and audit arrangements: this might include responsibilities for monitoring AML and attempts on the firm; mechanisms to do so (such as the traffic light oversight system); and systems of audit and contingency response.

•

Sales and marketing policies: these might include understanding how to generate good quality sales leads into your firm, and how to vet the type of leads that are being generated, along with the firms providing them. 185

Part 3  Risk Assessments and Risk Management

Financial position and external data sources Further to the discussion of lateral AML, there is more we can do to analyse the financial position of the firm and build that into our risk assessments. Traditional financial analysis focuses on two things: the comparative position of the business to others in the same position; and the relationship between different financial measures of the business itself. These latter measures help us to understand how the business is performing and why is it performing in that way. If we imagine that the business has a number of traditional financial measures, such as profit, profit before tax, income, and expenditure, we can also see how these can be analysed in more detail to find out how the business is run and what type of decisions we can make about the business. This is helpful when financial forecasting or planning, but may not automatically or traditionally be linked to anti money laundering. However, to fully consider an AML position laterally, we can consider this financial information about the businesses we work in and the businesses we work with. For example, there is a range of information that is published about companies that is available at Companies House. This shows us how a company is performing and basic information such as the profit or loss it is making, as well as some information about the income and expenditure. Similar information is available for all companies at Companies House, and larger companies have to provide more information under the Companies Act (2006) and for the benefit of shareholders. There are some quite complex measures we can use in financial analysis and forecasting to tell us more about our own business and those businesses we might work with. However, let’s start with the basics and some ideas about how we can consider this straightforward information along with the AML information we gather. We can use these ideas to analyse both our own business and the businesses we work with and contract with to give us a greater understanding and appreciation of the risks we face in our own work. We can also use them to complete our due diligence or monitoring of transactions, or to consider the position of our own firm as part of the perimeter.

Financial considerations Income: the question is where this income comes from, and whether that seems reasonable given the amount of money the business charges for its services, the number of clients it has on average, and the average time it takes to service those clients. Some businesses might have a large turnover which might not seem reasonable given the amount of instructions undertaken. For example, to understand whether or not the instruction levels are correct for law firms we can look at other indicators of the number of transactions such as at the Land Registry, wills registered, or published court decisions. If the income seems incorrect given the number of transactions, we might ask whether there is another source of that income beyond the stated legal services. 186

Lateral Anti Money Laundering

We can perform similar checks on client businesses, and this could be a ‘control’ measure we could use to assist our enhanced due diligence or ongoing monitoring of a transaction. We might ask whether the profile of the business seems correct. Profit: again, when we consider income we might also consider overheads and whether these seem reasonable in the context of the amount the business would be spending on their offices and other services. We may be able to observe the business operating and consider whether the level of declared expenditure appears correct. Outcomes of profit which are particularly out of line with the performance of any sector might require a further explanation, particularly those which are quite high. It is possible to use financial ratios to analyse the performance of any business (law firm or client) and to establish whether it seems reasonable considering expectations of that type of business within that sector. When undertaking ratio analysis, you may find available published details of the expected financial ratio outcomes within different sectors. If we were considering profit, we could consider gross profit margin, for example, to inform us of the performance of the business considering the overheads. There are fairly standard expectations of business performance in this context, but they can vary between sectors. Some more examples of different financial ratios we can use are considered over the coming pages. We can use this type of ratio analysis to look at our law firm; the law firms we work with; as well as potential clients. The use of this type of analysis for potential or instructing clients could be part of client due diligence. Operating profit: this is another ratio which allows us to consider the profit raised for core business and that raised from other business interests. The question might be whether those other business interests are or were legitimate and whether they have been fully declared. If there is other income, there may be the presence of money laundering. Another place to match the operating profit of the firm is against the trial balance which should also provide more information about the ongoing expenditure of the firm and an indicator of the correctness of the declared overheads of the business. Return on investment (ROI): this calculation also allows us to see how much has or is being generated within the business and to what extent the business is making money for itself. Again, sums out of keeping with the sector and sector performance may be a cause for question, and if illegitimate income was being used, the ROI might be quite high. The ratios listed so far also consider the efficiency of the operation of the business (as do other financial ratios). Both the ratios already listed, and other efficiency ratios could be used to provide more information about how the business is performing, but can also provide clues as to whether or not the income level is real. An overly efficient firm, beyond what would be expected, would give rise to concern as it may be that matters being put through the business were not real, and may warrant further investigation. Liquidity: this measure can be used to explore how cash rich (including at the bank) a business is, which might be a cause for consideration. Alternatively, 187

Part 3  Risk Assessments and Risk Management

it can be used to match to the turnover of the business and understand the work rate, and the business’s ability to complete work in a timely fashion, or be paid for it promptly. Liquidity measures may also tell us whether a business can meet its ongoing obligations and whether there would be the potential for undue financial pressure on the business, and when that might arise. Assets: the assets of a business may be generating additional income, but they may also be a subject of investigation to determine their bona fides and the source of their purchase. It can be easy to mis-declare assets and any declared as providing additional income could be verified. Debt ratios and financial leverage: ratios of debt can tell us about how much debt the company is in, whether that debt is serviceable, and how sensitive the company might be to changes in its income. From an AML perspective, it can be helpful to understand whether the company could be subject to undue financial pressure. However, the debt ratio may lead us to another question about who the company owes money to, and whether in light of its debt, the legal transaction it is undertaking is reasonable. If this measure is applied to a law firm, we may be able to understand it’s compliance with the Code of Conduct provisions related to financial viability (see for example, SRA Code of Conduct for Firms, rule 2.4), and the likelihood of a possible intervention (see for example, Solicitors Act 1974, Schedule  1, paragraph  1(1)(d) and Administration of Justice Act 1985, Schedule 2, paragraph 32(1)(c)). Accounts receivable: this calculation can be used to tell us how long bills are outstanding before they are paid. This is an interesting calculation to consider with law firms given the operation of the client account, and may be better with another type of business. In all cases, the use of these ratios and the knowledge that there are different outcomes expected in different sectors, means that we can use them to establish a picture of the operation of a business and to ask ourselves whether that seems consistent with the picture we have been given in client instructions and through due diligence. In order to apply them directly to some sectors, you may need to do some research into the expected financial standards and results within that sector. This type of analysis can be substantial, and may take some time. It may therefore be most appropriate for larger firms, or could be considered for specialist due diligence, or for issues in your supply chain related to your perimeter. Additionally, you may find erroneous results with small firms as not all information has to be declared. Nonetheless, asking questions about what you see on financial statements can be a helpful way to ‘know your client’ and understand the workings of your client’s business, which is an excellent supporting due diligence measure, or ongoing control mechanism. It is also a good way to understand the businesses you work with in your supply chains, and can help you understand and verify the decision making in your own business as well. 188

Lateral Anti Money Laundering To use these and other financial ratios requires a working knowledge of the balance sheet of an organisation, and the profit and loss accounts. This information is often publicly available, or some information is. You can also use this information to consider the position internally and whether or not there are areas of concern within your accounts which indicate a problem on files or with the financial set up of the business as a whole. Individual departments can also be considered to the extent that such data is available within the business. Of course, you can then manage the risks to your business if you are equipped with this information; your analysis might look at your client businesses; those businesses you work with; or your own firm. For example, if you analyse your own accounts, you could consider the extent to which your law firm could be subject to external financial pressure to take on work which was not legitimate. You might also consider the extent to which the income generated by your business came from turnover from client files. Each department within your firm could be considered to ensure the length of time and efficiency of files was in keeping with what was expected and within acceptable bounds, minimising the risk of fake files (which might be completed too quickly), or even matters which had not been declared to the Money Laundering Reporting Officer (which might be delayed). For example, if one department has a large number of abortive matters because the approaches from clients are not passing client due diligence, this might be apparent from the financial analysis if those measures were undertaken. Matters could be identified and the trends reported appropriately. In firms with a number of offices or with a number of large departments, income can be generated which does not come through the client account. This analysis allows you to see where other sources of income may be by department and to consider whether or not the client account and files are a true representation of the work and income of the firm or whether there are other undeclared sources of work which may be a cause for concern. Similarly, if a business is making a loss, the question may be asked whether or not the business can sustain itself in the future and what sources of income it may have. These sources of income or investments should be checked to ensure they are genuine. The same is true of all investments. We have seen in Part 1 and will see again in Part 4 that there are serious consequences for turning a blind eye. Unfortunately, however, it does happen and those who work in firms can be unaware of the activities of those in charge or the people in other departments. We have already covered in this section that Human Resources and other departments have a role to play in ensuring staff and partners of firms are genuine and their work is above board. However, this role can also fall to the Finance team, and understanding the role of different ratios and financial analysis is important in analysing and verifying the structure and operation of the business. In addition, we can use the same tools to risk assess those businesses around us that we see and interact with. You may use these ideas to form part of your firm wide risk assessment. You may also take the view that your firm wide risk assessment should be a number of documents which look at and analyse the business from a variety of different angles, and the combination of expertise from across the business is what provides the opportunity to create the most effective risk assessment. 189

Part 3  Risk Assessments and Risk Management

Conclusion The use of risk assessments is an important part of understanding the perimeter of the firm and its capacity to withstand both attempts upon it and attempts from within it to perpetrate crimes and/or launder money. Understanding your business as a whole is important in this context. Often we consider that it is simply the area of law that requires analysis and discussion, but the whole business can be covered by the Regulations and is also within the scope of the Proceeds of Crime Act. Law firms out of scope of the Regulations may also choose to undertake the exercise voluntarily, as a means to protect the perimeter of the firm. Our whole businesses need to be assessed and analysed to ensure they are operating within expected boundaries and are not being used inappropriately. Undertaking these analysis tasks on a regular basis is an excellent way to demonstrate compliance with the regulatory requirements and to be able to confidently present your business to potential customers, others within the field, and to the regulator as well.

190

Annex A: Business Continuity Plan

[Using this continuity plan: This is a basic plan template which can assist you in developing your firm wide approach to issues that may disrupt the business. The risk assessment columns rely on an assessment of impact and probability which is a calculation of risk. That calculation says that we should measure the impact of the occurrence and the likelihood of it happening to assess the overall risk. Impact being the size of the shock or other force you would suffer if it occurred, and probability being how likely it is to happen to your firm. You do not have to use this measure as it is not exact or prescribed, but it can assist you in developing your picture of risks within your firm. You can also add additional rows as required. The section concerning business as usual, which contains examples including turnover, liquidity, and utilisation, is also intended to be used to describe risks. For example, the risk of failing to meet your turnover target, due to the problems you fill in as impacting your ability to do so. So, you would list your turnover target, possible negative impacts, and use the plan to ensure business continuity in the event of those negative impacts arising. The plan can be used in the same way for the other financial measures in this section (i.e. to manage possible risks to your financial targets) Additional rows with further financial measures can also be added]. Business Continuity Plan: [Insert Name of Firm] The objective of this plan is to ensure continuity for our business in times of risk. We have established a risk committee who will make decisions in the event of extreme circumstances or significant risk to the business. The committee is made up of [insert names] who have details of the indemnity insurer, Information Commissioner’s Office, [delete as necessary: Council for Licensed Conveyancers, Solicitors Regulation Authority], utilities services, staff, client information (including storage), premises, local council, and local police. Any personal data will be processed according to legal obligation or contractual obligation under the GDPR.

191

Part 3  Annex A: Business Continuity Plan

Possible risk

Action to be taken and person responsible

Ensuring files can continue – how / person responsible

Risk – likelihood of this occurring Impact (1–10)

Probability Total (1–10) risk score

Outcome – mitigation and oversight

Banking failure Cybercrime or Computer failure

Regular / emergency back up

Staff incapacity / illness

Identify key staff

Flood / Fire / Property Damage / Evacuation

Evacuation and fire action plan in place. Emergency accommo­ dation

8 4 Files stored electronically (example) (example) and back up off site. Accessible through home computer

Lockdown / Work from home requirement Utilities failure Legal incident – major claim Compliance issue – such as serious breach or staff arrest Internal or external money laundering issue [insert risks] [insert risks] [insert risks] [insert risks] [insert risks] Business as usual / towards the strategic goals in the long term plan

192

32

Fire safety plan and action / evacuation plan in place

Annex A: Business Continuity Plan

Achieve turnover of [insert] by [insert]. Turnover of [insert] expected for this financial year (to insert date). Turnover could be impacted by [insert] and this could cause [insert] difficulties to arise

4 4 (example) (example)

Improve liquidity position to a ratio of [insert] by [insert date] Liquidity could be impacted if difficulties [insert] and [insert] arise. Improve efficiency [insert] by [insert date]. Efficiency could be impacted by work received or by [insert difficulties]. Improve fee earner utilisation [insert] by [insert date]. Work received or ongoing could be impacted by [insert risks]. [insert risks] [insert risks] [insert risks]

193

16

Annex B: AML Risk Assessment 1

[Using this risk assessment: This risk assessment is a basic risk assessment template which can assist you in developing your firm wide approach to risk, and in meeting the requirements in the Money Laundering Regulations 2017. The risk assessment template relies on an assessment of impact and probability which is a calculation of risk. That calculation says that we should measure the impact of the occurrence and the likelihood of it happening to assess the overall risk. Impact being the size of the shock or other force you would suffer, and probability being how likely it is to happen to your firm. You do not have to use this measure as it is not exact or prescribed, but it can assist you in developing your picture of risks within your firm. You can also add additional rows as required. The definitions within the categories of risk are as described within the book at pages 143–149 and follow the books’ interpretation and categorisations of the headings at regulation 18 of the Money Laundering Regulations 2017. However, users of this template should note the exact headings in the Regulations are different, and you may wish to use the headings more directly yourself].

Introduction [Describe your firm here, along with a discussion of your regulatory body and their assessment of current risks. You can if you wish also mention any relevant national and international risks, identified by relevant bodies, and your sources for the same. In compliance with the Money Laundering Regulations 2017, regulation 18A, ensure you also consider proliferation financing].

194

Annex B: AML Risk Assessment 1

Category of risk factor

Risk factor

Impact of event (out of 10)

Probability of event (out of 10)

Total (out of 100)

Risk mitigation

Customers: previous, existing, and current client base, including areas of law, prominent clients, and groups of clients.

For example: Possible PEPs

[in this column insert impact score]

[in this column insert probability score]

[in this column insert total of impact × probability]

[in this column discuss your mitigation of the risk, so the actions you will take to prevent the risk occurring]

[insert risk factor related to customers] [insert risk factor related to customers]

Geopolitics: Areas in which the firm’s clients are based and drawn from including local towns, cities, counties, parts of the United Kingdom, or overseas jurisdictions.

For example: High risk jurisdictions

Advice and legal transactions: Including the areas of law you work in and offer, the types of advice you give and the legal transactions you offer. You may also wish to include work you do not offer.

For example: Residential conveyancing

[insert risk factor related to geopolitics] [insert risk factor related to geopolitics]

[insert risk factor related to advice and legal transactions] [insert risk factor related to advice and legal transactions]

195

Part 3  Annex B: AML Risk Assessment 1

Handling of money: Including the receipt, processing and payment out of client money. The methods of compliance with the Accounts Rules and handling of potentially tainted funds. This category also considers the size of any transaction (including the amount passing through the client account), or otherwise.

For example: Payments in cash

Service offering: This is how services are presented to the client at the point of sale. For example, are services delivered online (online legal advice), or are they delivered in person. This would also include home visits, advice clinics, products available to download, and any other means of accessing your service.

For example: Online delivery to remote clients

[insert risk factor related to handling of money] [insert risk factor related to handling of money]

[insert risk factor for service offering] [insert risk factor for service offering]

196

Annex B: AML Risk Assessment 1 Other risk mitigation – staff training [Here add details of training undertaken or planned for staff]. Updates to this risk assessment This risk assessment was last updated on [insert date]. The next update is planned for [insert date].

197

Annex C: AML Risk Assessment 2

[Using this risk assessment: This risk assessment is a basic template you can use to complete your own risk assessment of your firm. The categories we have specified to complete – customers, geopolitics, advice and legal transactions, handling of money, and service offerings – are defined within the book at pages 143–149, but you may wish to use the headings within the Money Laundering Regulations 2017 at regulation 18. Although this risk assessment seems quite straightforward, you may need to add a reasonable amount of information and detail to complete it properly. Ensure you also consider the risk of proliferation financing in compliance with regulation 18A].

198

Annex C: AML Risk Assessment 2 [Insert Name of Law Firm] Risks to our practice are posed by [include customers, geopolitics, advice and legal transactions, handling of money, and service offerings]:

Example scenarios which could pose a risk to our firm are:

We have the following policies in place to cover this:

We will decline the following instructions:

We will train our staff to watch for:

Print name:

Signed:                     Date: 199

Annex D: AML and Client Money File Review

File reviewed by: Date: Client name: Matter number: Area of law: Related file(s): Fee Earner:

Check

(Y/N / N/A) Comments

Due diligence conducted? Appropriate due diligence for the scenario (including PEP / HRJ / size / other factor)? Does due diligence need to be repeated? Source of funds (transaction finance) and source of wealth (client financial health)? Reliance? Presence of issue flagged on internal firm wide risk assessment? Or by regulator? Client matter risk assessment completed? Ongoing monitoring of transaction? Concealed identity transaction (usually corporate or trust)? Ledger position All matters on ledger consistent with file? Payment requests or monies received? Client account as bank account? Experts – use consistent with file? How much has been paid? Client to client transfer? Method of monies received – consistent bank account names / locations / timing / currency? Monies transferred or paid out – consistent names / locations / amounts / timing / currency? Third party presence – checked?

200

Annex D: AML and Client Money File Review

Check

(Y/N / N/A) Comments

Transfers to third party? Transfers to office for disbursements, taxes, or other matters the client will pay for? Payment also made by office for the same sum? Signatures and sums consistent throughout file? Discounts, rebates, or money returned? Special arrangements for tax? Special relationships with clients? Involvement of other advisers? Client attitude – complaint / pressure to complete quickly / disinterested? File conducted in an appropriate and usual manner throughout and consistent with client profiles on both sides? Matter prompt conclusion or settlement? Costs correct? Who has paid final bill and have those monies been checked? Other files with same pattern? Matter outside of firm’s expertise? Report made to MLRO? File marked accordingly? Report made to NCA? Fee earner and others advised about tipping off and possible arrangements? Client exit strategy being used? Further reports made as appropriate? Involvement of management team? Comments and next steps:

Remedial action to be undertaken: Signed as agreed: Date: Remedial action undertaken: Signed: Date:

201

Annex E: Transaction Finance and Client Financial Health Risk Assessment

This risk assessment is conducted of an individual transaction and is designed to ensure the client money received from the client has been appropriately checked and verified. This form should be used internally when the client is making a large deposit into the client account. It is not required for sums that are de minimis (for the firm to define). If sums are to be used just for the fees of the firm, please seek advice from the compliance team before dispensing with this form – if the deposit into client account is large, the form may still require completion. Clients should be advised prior to your use of the form (and ideally at client care stage) that the firm are required to make financial checks of their transaction and they will be asked to prove their source of funding. Clients should also be advised that these checks relate to anti money laundering requirements and laundering the proceeds of crime is a serious offence. Note that this form does not cover all of client due diligence, but instead provides a focus on the receipt of client money as part of that process. Source of funds (transaction finance) Please specify the source of funds (transaction finance) for this transaction:

Please also obtain proof and specify that proof from the list below: Bank statement (please obtain six months’ bank statements in case of large amounts)* Accountants’ letter Wage slip Annual company accounts Pension statement Other (please specify) Please specify amount to be used in this transaction as a whole, how you have verified this amount, and the explanation provided by the client:

202

Annex 3E: Transaction Finance and Client Financial Health Risk Assessment

Individual transaction verification: In cases of high risk circumstances, please verify the exact source of funds for each aspect of the transaction. *bank statements showing large amounts coming in or out should not be accepted without further explanation of the source and movement of those funds.

PEPs Client is a PEP (Y/N). If yes to PEP status, please confirm management team approval. If yes to PEP status, please confirm checks and documentary financial evidence of source of wealth (client financial health).

Enhanced Due Diligence Source of wealth for a non PEP. This is usually for enhanced due diligence. Ask the client to declare their source of wealth (client financial health) and provide documentary evidence.

Receipt of client money for the transaction Specify how much will be received into the client bank account. If more than one payment is expected, specify each payment (even if approximately). Specify when these sums will be received into client account. Specify the bank account that will be sending this money (supply bank details, name of bank account, name of bank, and location). If more than one, specify each. If time has passed between initial due diligence and receipt of client funds, please ask client to prove source of funds or undertake individual transaction verification again before depositing money.

Other risk factors (please specify and seek senior management or compliance approval) Other AML risk factors from firm wide or regulator risk assessment. Funds coming from high risk jurisdiction. Funds coming from concealed ownership entity (for example, trust or corporate structure). Funds arising in litigation to which Bowman v Fels (2005) applies. Unknown overseas bank or wire transfer. Non mainstream lenders. Cryptocurrency or digital payment. Funds coming from other source regulated for AML.

203

Part 3  Annex E: Transaction Finance and Client Financial Health Risk Assessment

Funds certified by accountant or bookkeeper in cases of businesses or those with complex income sources. External funding of client lifestyle by third party.

Internal management If money will be sent elsewhere during the transaction, specify where money will be sent and why (provide bank details here). Ensure genuine legal transaction and bank account details are known and verified. Have you conducted due diligence on the other side? Is this a financially standardised transaction? Are there unusual financial elements? Are other clients of the firm involved and do you need to make client to client transfers? Obtain client personal account details in the name of the client for a refund of any outstanding sums.

Overall assessment. Please provide your risk assessment of the receipt of this money into client account. Please consult with compliance if any risk factors are apparent. Your risk assessment of the money should also relate to your overall consideration of the transaction.

Sign off to proceed beyond client gate and into client acceptance: Fee earner name:

Management team member name:

Date:

Date:

Position:

Position:

204

Annex F: Reflective AML Risk Assessment Firms can use this form to consider and reflect on the risk of the file. Firms may use it for the purposes of management of any situation; to learn lessons; or to recategorise risk on this file, as well as any other future or associated files. The risk assessment contains a number of categories to be completed when the form is used. These reflect the actions already undertaken on file, and also allow space for a reflective risk assessment looking at the risk from that time. More columns can be added as needed. There is a space at the conclusion of the form for a reflective risk statement by the fee earner which allows them to reflect on the file and their assessment of risk both at the time and currently. File number Reflective risk assessment undertaken by Fee earner with conduct of file Date reflective risk assessment undertaken Date of file (approx.) Risk factor

Y/N/ Comment or Action (action to be highlighted)

PEP Size and value of transaction High risk jurisdiction [insert risk factor from firm wide risk assessment] [insert risk factor from firm wide risk assessment] [insert risk factor from firm wide risk assessment] [insert risk factor from firm wide risk assessment] Reflective risk review: My risk assessment of this matter currently is (also specify why and any actions to be taken): The risk assessment at the time was (also specify why): Name (person undertaking reflective risk assessment): Signed (person undertaking reflective risk assessment): Dated (by person undertaking reflective risk assessment):

205

Annex G: Sample wording for file storage and file review policies

Before using this wording you will need to assess whether it is suitable for your needs, and to what extent. Remember this is a template for you to edit as you require; not all of the below will be relevant to your firm. This wording combines both file management and destruction, and file reviews. It can assist with tackling aged balances, retention of original documents, and overwriting of old file ledgers with new client matters. Reviewing closed files as part of your file reviews can also help with all of these issues, and provide a level of assurance about any likely negligence claims as well. You will need to consider whether this wording is suitable for your firm in this structure, and of course you may consider a separate file review section of your office manual. Do bear in mind your own insurance requirements for the retention of files and amend as appropriate.

This firm is obliged to keep our papers and files for six years to meet client, insurance, and regulatory requirements. It is our policy not to retain files for longer than necessary. Client files are stored confidentially and securely in [state where]. This policy is also in keeping with our data protection obligations. Files with anti money laundering concerns will have a separate compliance file containing the AML documentation. The separate file will have the same destruction date. The compliance file will be destroyed internally. Staff members may not be aware of the separate file or have access to it. All clients are informed of our confidentiality, data protection, and file storage and destruction policies at the outset of the matter in our client care information. Please direct all requests for access to client data (known as subject access requests) to the Data Protection Officer; they will handle the request to ensure any compliance issues are managed effectively. More information about our data protection obligations and our policies can be found in the data protection section of the Office Manual. Where the client requires file storage for longer than six years, or there is another requirement to keep the file, such as a condition of the insurance, the file will be stored. In cases of client request for storage (and where we agree to store the file) we may make a charge of [insert amount] to cover storage, as appropriate. Please speak to the COLP if you receive any requests for storage beyond six years where the file would not ordinarily be retained for longer. 206

Annex G: Sample wording for file storage and file review policies

Examples of matters where we would retain the file for a longer period include: [insert details]. Before closure all files will be reviewed by the fee earner to ascertain whether: •

there are original documents or other papers which need to be returned to the client or other party to the file.

•

there are outstanding monies or actions on the file.

No files can be closed if there are outstanding monies or actions. Please speak to the COLP or COFA if you are unsure. All files must be closed promptly at the end of each legal matter, and cannot be overwritten or reallocated to a new legal matter or ledger. If monies remain on inactive files we will invoke our aged balances procedure which can be found in our accounts manual. All files when closed will be marked with a destruction date. Before destruction they will be reviewed by [insert name], who will consider as an additional check whether any monies, papers or documents remain on the file which need to be returned to the client or other party to the file, or whether there are any outstanding actions. Files will not be destroyed where any of these elements remain. Files that have been reviewed and are suitable for destruction will be marked accordingly and passed to [insert name] for destruction. We have a contract with [insert detail] for confidential file destruction. Destruction will be arranged monthly by [insert name]. [Insert name] will remove the file from the computer system at the same time as the physical is destroyed. It is obviously important for us to review files regularly to ensure client matters are progressed, clients receive an effective service, and appropriate advice. We also review files to ensure policies and procedures are followed. Part of our review includes checking whether client monies have been dealt with appropriately, whether closed files have been closed appropriately, and whether there are any indications of money laundering. Open and closed files will be reviewed at a rate of [insert details of how many files and when they will be reviewed, which may be less by seniority]. File reviews may encompass any, some, or all of the following: a review of legal work; the adherence to policies and procedures; a check of the client and office financial position; and an AML review. Example file review forms can be found [state where] in our office manual. File reviews will be carried out by [insert name]. [Option for sole practitioners] As a sole practitioner, I exchange files with [insert name of other local sole practitioner or other internally appropriately qualified person] for the purpose of file review of legal work, management and financial risks, at a frequency of [insert details of number of files to be reviewed, and how often].

207

Annex H: Departmental or Individual Client Matter Risk Assessment (for EDD)

Risk Factor

Further details

Answers to the questions. Please see the MLRO, compliance, or senior management if the answer to any question is yes (or affirmative).

Who are your clients?

Are they unusual? Do they, an associated third party, or their funding, come from a high risk jurisdiction highlighted as such by the UK government or FATF? Do your clients have nominee directors or shares in bearer form? Do your clients deal in cash? Do you deal with complex structures? Do you deal with offshore banking or private banking? Is there a risk of biological weapons?

Where are your clients?

High risk jurisdictions? (See above) In countries known or reported to have links to the drugs trade or corrupt finance? In countries with sanctions? In countries with terrorism concerns?

208

If yes (or affirmative), steps you have taken to minimise risk in accordance with regulation 33(3A).

Annex H: Departmental or Individual Client Matter Risk Assessment (for EDD)

What will I be doing for my clients?

Will I be forming companies or trusts? Will I be received money from third parties? Will I be dealing in new technologies? Will any of my services be linked to any scams? Will the transaction be large and / or high value?

What type of work do I usually take on?

Any of the work already mentioned? Anything else high risk? Could there be anything high risk about the work being taken on?

How will I see my clients?

Over the internet? I will not see them

209

Part 4

Legislation, Regulatory Outcomes, and Offences

Contents Introduction212 Holding client money 214 AML legislation 218 Money Laundering Regulations 2017 219 Implementing the Money Laundering Regulations 220 Proceeds of Crime Act 2002 225 Reporting – requirement to report 227 Reporting – consent 230 Offences – a two stage process 232 Main offences and defences 232 Criminal conduct outside of the UK 234 Summary of defences 234 Legal professional privilege 235 Legal professional privilege, arrangements and litigation: Bowman v Fels (2005)236 Continuing with the transaction 237 Tipping off 240 Liability244 Terrorism Act 2000 245 Criminal Finance Act 2017 245 Sanctions245 Companies House requirements 246 Third Party Managed Accounts 246 Money Laundering Reporting Officers and business governance 247 Compliance functions in AML 252 Training253 Forms of learning and assessing learning 259 Process maps – acquiring the proceeds of crime 260 Considering the whole transaction 265 Regulatory outcomes: making a distinction between regulation and law enforcement266 Conclusion270

211

Part 4  Legislation, Regulatory Outcomes, and Offences

Introduction This Part of the book first explores the legislation and offences underpinning the holding of client money, and second moves on to discussing the legislation in force for money laundering. In each of the smaller sections, we discuss some of the case law, and the relationship between the system of regulation for holding client money and the prosecution of criminal offences in law firms. It is fair to say that the relevant legislation in both anti money laundering, and solicitor regulation (particularly as applying to holding client money), has been solid and consistent for a number of years. This Part of the book reviews both of these tenets of holding and receiving client money and looks at: •

their proactive operation, in permitting the holding of that money; and

•

the limitations of that position, in the preventing of receipt and holding of the proceeds of crime, or the operation of non compliant law firms.

Law firms are used to the emphasis being placed on the proactive operation of the rules (so allowing them to hold client money) and most law firms have and operate a client account without considering whether or not they should. The reaction sometimes to being asked to complete due diligence is that it is too weighty, or the client may object and go elsewhere. We however should see the legislation and case law as supporting a dual approach of: •

permissively allowing a large number of comparatively small businesses to hold consumer money on trust and supporting that position through regulation and intervention; and

•

simultaneously preventing those same small businesses from holding tainted funds and requiring them to make a report where necessary.

The writer’s experience is that the regulator looks for alternatives to the client account due to the number of breaches of the Accounts Rules and number of interventions required. The question is whether it is in the consumer interest to allow such small and independent operators this amount of power, influence and decision making over the financial lives of the general population. The amount of money being paid for houses is very large now and still the same small firms continue to hold these monies at their discretion, with limited oversight. In addition, the cost of permitting solicitors to hold client money is vast in terms of the actions that have to be taken in intervention, prosecution, re-configuration of the accounts, and compensation, when matters go wrong. That is not to mention the prohibitions on holding the proceeds of crime, which can be challenged by the political or commercial views of solicitors and their partners, who see the due diligence or other compliance requirements as posing a barrier to a successful business enterprise. It should not be taken for granted that solicitors, licensed conveyancers, and others should have in place the right to hold client money, or that this will continue. The advent of new means of working with client money, such as Third Party Managed Accounts (TPMAs), may change the face of the regulatory and legislative requirements in this area. The protections and transparency for consumers may be more appropriate and therefore the risks may be lower in both the eyes of the regulator and the legal sector. 212

Introduction The legislation in place to prevent money laundering does not just encompass holding client money, it also covers the professional activities undertaken by a range of persons in a range of sectors. This includes the Proceeds of Crime Act (POCA) 2002, the Terrorism Act 2000, and the Money Laundering Regulations 2017. POCA requires staff to report suspicions of money laundering to the Money Laundering Reporting Officer (MLRO), and for the MLRO to report their suspicion to the National Crime Agency (NCA). POCA also provides offences for acquiring or concealing the proceeds of a crime, or arranging money laundering. It also provides further offences for failure to report suspicions, and for tipping off those under investigation for money laundering. The Terrorism Act 2000 also contains similar provisions and offences for non-reporting, and those making reports under the Proceeds of Crime Act may come across references to the Terrorism Act provisions when doing so. In anti-money laundering, the Proceeds of Crime Act 2002 has been in force for twenty years and provides the United Kingdom with an effective and consistent position to oppose money laundering. If we compare the Proceeds of Crime Act to international obligations, for example as measured by the Financial Action Task Force (FATF) in their recommendations (discussed briefly in Part 3); the Proceeds of Crime Act clearly reflects the FATF’s requirements. We also implement a changing set of regulations; those being the Money Laundering Regulations. The Money Laundering Regulations have been updated a number of times to reflect developing international expectations. The latest set of Regulations were introduced in 2017, and have been subject to minor amendments. Some of both the major and minor changes have been driven by the European Union and their directives. EU expectations as to the standards required for AML are continually changing. Despite Brexit, we might expect our regulations to keep pace with the regulations and requirements of the EU, given the need for ongoing trade with our international partners and neighbours. In this Part of the book, we start by looking at the provisions for holding client money, an area of regulation which is primarily governed by the Solicitors Act 1974. Following that, we consider the legislation for AML, which we discussed briefly earlier, and then we go on to look at specific criminal offences for dealing with laundered money.

213

Part 4  Legislation, Regulatory Outcomes, and Offences When there is a concern about the handling of client money, this gives rise to issues in professional conduct, which are considered and prosecuted by the regulator, including before the Solicitors Disciplinary Tribunal (SDT). It is also possible for solicitors to commit criminal offences in this regard, and in some instances law enforcement will become involved. We can make a distinction between this type of breach, and the position of money laundering – or even holding monies tainted by the proceeds of crime. In the latter situation, law enforcement are the appropriate body at first instance, with the involvement of the regulator coming later if required. Solicitors, licensed conveyancers, and others then need to ensure they are protected from any concern that may arise in respect of their clients’ behaviour. They also need to draw a clear line in professional conduct, to defend themselves and their firm.

Holding client money The main legislation in this area is the Solicitors Act 1974. This forms the primary basis for holding client money for solicitors. The relevant provisions are: •

section 32 which provides the basis for holding client money and which requires the regulator to produce Accounts Rules;

•

section 34 which provides for the annual Accountants’ Report;

•

section 35 and Schedule 1 which allows intervention (closure of the solicitor firm) following a breach of the Accounts Rules, and we discuss this and its further provisions shortly;

•

Schedule  1, Part 2, para  6 which provides that the regulator will hold the intervention money on trust and establish the beneficial interest.

The Act also establishes the Compensation Fund. This Fund compensates clients in the event of a shortfall due to solicitor dishonesty with client money (sections 36 and 36A). Of course, we have already seen in Part 1 of this book, that the regulator has produced Accounts Rules as required by the Solicitors Act 1974, and we have explored their workings. Any breach of those rules leads to a potential disciplinary outcome by the regulator (and possibly before the Solicitors Disciplinary Tribunal). The further statutory provisions just discussed may also come into play depending on the situation. Further discussion of the range of disciplinary provisions is provided at pages 266–270 and 66–68 of this book, but includes conditions on practice, fines, and rebukes, alongside strike offs and suspensions. Similar provisions exist for licensed conveyancers, and their main legislative basis is the Administration of Justice Act 1985. Relevant provisions exist for the holding of client money and implementing accounts rules (section 22), annual accountants’ reports (section 22(3)), intervention (section 31 and Schedule 5, and both regulators also have provisions in the Legal Services Act 2007). The Council for Licensed Conveyancers (CLC) also have similar, but not the same, requirements for disciplinary action, and the main relevant provisions of the Administration of Justice Act are sections 24–30. 214

Holding client money The Administration of Justice Act 1985 also has some provisions relevant to solicitor practice. As well as the Solicitors Act, and the Administration of Justice Act, there are two other Acts which altogether sit as the basis for solicitor practice in England and Wales. The two further Acts are: •

the Legal Services Act 2007

•

the Courts and Legal Services Act 1990

The four pieces of legislation work together to form the ‘nuts and bolts’ of solicitor legal practice and establish the basis for the entity in which the solicitor works. The Legal Services Act 2007 includes provisions for alternative business structures (ABS), including at Part 5. The Administration of Justice Act 1985 covers the regulation of entities known as ‘Legal Services Bodies’ (which may be relevant, depending on the type of structure lawyers practice within), see section 9 and Schedule 2. The Courts and Legal Services Act 1990 covers the regulation of Registered Foreign Lawyers (whose regulation sits parallel to the regulation of solicitors); see section 66, and Schedule 14. Further discussion of the frameworks for solicitor and other legal practice is available in Serious Breaches. One further relevant piece of legislation is the Financial Services and Markets Act 2000. This Act exempts some legal services activities, which could cross over into financial services activities, from regulation by the Financial Conduct Authority (FCA). The list of exemptions is provided at Part XX. The provision of financial services to legal services clients must be incidental and complementary to regulated legal services. We can see the legislation providing the following responsibilities to the regulated community: •

holding client money

•

holding client money within the terms of the regulator’s Accounts Rules

•

obtaining an annual Accountants’ Report

•

ensuring the scope of client account services does not exceed the breadth of their legal advice or transaction

These four Acts also contains the provisions for intervention. Intervention is the forced closure of the practice by the regulator. Breaches of the Accounts Rules are a ground for intervention as is reason to suspect dishonesty. Both of these grounds are commonly used to intervene where there are breaches of the Accounts Rules and there is some evidence of solicitor misappropriation of client money or fraudulent use of the client account. If breaches of the Accounts Rules are serious the Solicitors Regulation Authority will proceed to an intervention. If the breaches are rectifiable and are not intentionally dishonest, or are not demonstrating a pattern of behaviour which causes the regulator concern, they are unlikely to intervene. Interventions can be undertaken for other reasons including bankruptcy, abandonment of a practice, and even undue delay. Interventions for breaches of the Accounts Rules are most frequently used when client funds have been dishonestly removed from the client account; where there is evidence of false accounting; or where there are other frauds operating. The writer has seen instances of deliberate tax evasion, mortgage fraud, and systemic 215

Part 4  Legislation, Regulatory Outcomes, and Offences inappropriate removal of client funds from client account, all result in interventions. In addition, practices whose accounts are so poorly kept as to be indecipherable, have also been intervened. In some cases, this latter example has also been later proved as dishonesty, rather than recklessness or negligence. As we have already seen in Part 1, solicitors hold client money on trust for the client or other beneficial owner. This relies on effective ledger keeping and a clear understanding of the financial position of the practice both relative to the clients and between the clients. It is rare to see action taken against a solicitor for breach of trust as a result of breaches of the Accounts Rules, because of the position of intervention and the Compensation Fund. If there is a breach, and it is in any way serious, the regulator steps in to cover the situation and provides a neat solution to the problem of the trust for the clients. Without intervention and the Fund, we may see more practices and solicitors themselves liable for breach of trust. This in itself is an excellent reason to maintain accurate ledgers and reconcile client account, noting of course that economic collapse could cause the failure of the Compensation Fund due to the number of interventions associated with issues of insolvency. In an intervention, the practice is closed by the regulator. The regulator takes all of the monies (both client and office, usually), and all of the files and papers. Any aspect or all of the legal practice can be closed by the regulator. Usually, an intervention agent collects the papers and the monies, and closes the practice. The agent is sometimes a solicitor practice and will work with the clients of the firm to work on any immediate matters that need attention. Following this, or in some cases straightaway if nothing is urgent that day, the client has a choice of who continues with the work. Sometimes the intervention agent can take on the client matter themselves in the longer term if the client consents. On occasion, some of the work will fall to the regulator, and this includes where matters are closed or are close to closure and a small amount of work remains to be completed, or where the books of account are completely awry and need to be reconstituted. In these instances, the regulator may have to do some of the work and clients may need to go direct to the regulator to obtain their files. Clients whose matters are ongoing and are left out of pocket by the intervention, for example if they have been impacted by the dishonesty of the firm intervened, may be able to make a claim on the Compensation Fund. Those within the regulated community caught by the regulator undertaking such frauds and scams that result in Accounts Rules breaches, may not only be intervened, and have their practice closed, but they may also be subject to separate disciplinary action. In these types of circumstances (with dishonest intent), this would be before the Solicitors Disciplinary Tribunal, and the sanction would likely be a strike off or suspension. If the responsible party was an unadmitted individual, they would need to use section 43 of the Solicitors Act 1974, which has the effect of removing an individual from any current or future employment by a solicitor or their practice. The Solicitors Disciplinary Tribunal also has the right to fine individual solicitors and their firms. In Part 1 we covered some of the outcomes for common Accounts Rules breaches and what to expect. There are decisions published on the regulator’s and the SDT website of recently decided cases. The SRA publishes basic information, but the Tribunal publishes the 216

Holding client money full text of the decision. So, for example, if a decision is made by the SRA about an Accounts Rule breach, we might be able to find out that a solicitor has had a condition imposed, or that a practice has been fined, but we would not be able to see the reasons for the condition or the fine. Decisions are also only searchable by name or available to see on a more general basis for a limited period after publication, so you either have to know the name of the person who has been disciplined, or know when it is going to be published, to find the decision. The need to know the name of the individual, and the limited information published about the subjects, constrains the information available publicly about the internal decisions of the SRA. By contrast, the hearings of the SDT are generally held publicly (unless there is a specific reason for them to be held privately), and are often reported in the legal press. As well as prosecution for the professional conduct issue, the Crown Prosecution Service and/or HMRC can make the decision to prosecute for criminal offences, if any have been committed. The writer has seen instances of solicitors being prosecuted for the following: • Fraud • Theft •

Tax evasion

•

Money laundering

The decision to prosecute for a criminal offence rather than or before a breach of the professional conduct rules is one for the law enforcement agencies, and that decision making is not covered within this book. However it is useful to say that prosecutions can take place, and that decision is beyond the scope of the regulator’s remit. If a decision is made to prosecute the solicitor for a criminal offence, this prosecution usually takes place prior to any regulatory decision. The regulator waits for the outcome of that prosecution before bringing a separate prosecution themselves, if appropriate. If a solicitor has been prosecuted for a serious criminal offence involving client money, the prosecution is likely to be before the SDT, and the sanction a serious one – such as a strike off. Criminal prosecutions can also bring with them suspensions of practising certificates, under the Solicitors Act 1974, section 13B. The effect of the suspension of the practising certificate is to immediately remove the practising certificate until such time as it is reinstated by the regulator. A practising certificate is suspended upon a criminal charge for an indictable offence, or for any criminal charge involving dishonesty. The outcome prevents the solicitor from practising after a charge has been read to him or her, and while a police investigation is ongoing. This provision allows the regulator to pause their investigation while the police undertake their work, safe in the knowledge the solicitor who has been charged cannot practice. These scenarios do not just arise in respect of handling money or anti money laundering, they could involve any criminal offence. The suspension of the practising certificate may cause a problem for the firm. If the solicitor involved is: •

a sole practitioner (with a firm they manage by themselves), or

•

part of a partnership (or other entity) where the partnership (or other entity) is also accused of being involved or perhaps turning a blind eye, 217

Part 4  Legislation, Regulatory Outcomes, and Offences the firm may be intervened simultaneously (alongside the suspension), or even before the police charge. The police may then charge, with the professional conduct investigation occurring last. If, however, the solicitor has acted alone, and the firm were unaware, but have acted appropriately, the firm may be fine, and continue to operate, albeit with the responsible solicitor unable to practice. The firm may need to take immediate action to replace any partner or senior solicitor responsible or in this situation. Suspension of a practising certificate means the solicitor cannot undertake any reserved work, and the position can be very serious for those who practise alone, as they may not be able to attend to client matters, and their professional indemnity insurance may also no longer be valid. Without immediate agreement to lift a suspension from the SRA, the suspension of a sole practitioner’s practising certificate could be (without someone to stand in), the end of that practice. Further exploration of suspension of practising certificates and the consequences are discussed in Serious Breaches. Prosecutions for dishonesty or lack of integrity are some of the most serious cases the regulator deals with. Given the requirement to handle client money, and represent others before a Court, solicitors are expected to adhere to the highest standards of honesty, probity, and trustworthiness. Cases of dishonesty, particularly involving the Accounts Rules, or matters before the Court would be prosecutions of the most serious kind – and held before the Solicitors Disciplinary Tribunal. A  distinction between honesty and integrity has been noted in the cases of Wingate and Evans v SRA  (2018) and SRA  v Malins (2018). Breaches of both principles would still be taken extremely seriously by the regulator. Further discussion of the requirement to make a report in such cases is again a feature of Serious Breaches. It is always worth making contingency plans to cover the event of unexpected incidents for firms and individuals, including for those who are sole practitioners. Ensure you have someone who can step in if you are unwell or if something unexpected happens. If you do not have a person in mind directly, build a relationship with a reputable recruitment consultant or a freelance solicitor who might be able to step in and help out. An example of an outline contingency plan is provided at Annex A to Part 3 of this book.

AML legislation The Proceeds of Crime Act provides the offences for money laundering, and enforcement basis for the AML regime in the United Kingdom, allowing the police and law enforcement agencies to bring criminal proceedings against those suspected of involvement in money laundering. Alongside this enforcement and criminal legislation are regulations which cover the professional operation of anti money laundering efforts in the United Kingdom. The Money Laundering Regulations 2017 specify the actions that should be taken in certain industries to prevent money laundering. This is a set of Regulations aimed at professionals handling monies (such as lawyers); other relevant industries (such as estate agents); and financial services. The sectors caught by the Regulations are regulated by their industry or sector professional body, or by HMRC, and are required to operate to the specified standard. 218

Money Laundering Regulations 2017

Money Laundering Regulations 2017 The Money Laundering Regulations 2017 are the current set of Regulations for law firms to prevent money laundering. As we explained earlier in this book, the basis of these Regulations have been with us for some years, with regular updates being made. Since 2003, there have been some key changes in the wording of the Regulations which place more of the emphasis on the verification of identity as part of due diligence. We can also see a change in emphasis in the risk assessment, in enhanced due diligence, and in the development of politically exposed persons, with greater prescription in how these terms are met. The Regulations themselves are similar in their structure and overall content to how they were twenty years ago; but the requirements now are more stringent and provide greater clarity as to their meaning. Firms will have more work to do on complying with the requirements than they did in 2003. The current Money Laundering Regulations took quite a lot from the 2007 Regulations and there is a good degree of similarity for those who look to rely on their continuing systems from the 2000s. Some law firms will have very wellestablished systems in place to ask for identity and understand the nature of the client relationship. In some respects, if a previous system has been working well, is continuing to serve the law firm and offer internal value, there is no need to replace it wholesale. The reporting requirements and some of the definitions have been updated and simply updating policies and procedures and renewing staff training may be sufficient to comply for some firms. New emphasis has been placed on the oversight of the Regulations by the introduction of the Office for Professional Body Anti-Money Laundering Supervision (OPBAS). We covered OPBAS and their role briefly in the Introduction and earlier in the book, and readers will remember that they are the anti money laundering oversight regulator for the professional regulators. Each professional legal regulator has obligations and responsibilities in supervision under the Money Laundering Regulations (see regulation 7, and Part 8), meaning the regulators have to ensure compliance. Consequently, law firms are experiencing a renewed interest in their compliance with the Money Laundering Regulations by their professional regulator. This may mean firms have to make more effort to visibly comply, or may face more prosecution decisions for not complying. The consequences for compliance efforts, compliance teams, and management in firms, might be dramatic as more firms seek to reinforce their existing efforts. 219

Part 4  Legislation, Regulatory Outcomes, and Offences The 2017 Regulations do not distinguish between the sectors which hold client money, and those that do not. The same regulatory requirements apply to both. We can raise a question about how the financing of a transaction should be considered within the sectors that do, and whether those accepting money from clients directly should undertake more financial due diligence than they do currently. We have explored some of the possibilities in Parts 1-3. At the moment, law firms are required to check source of funds (transaction finance), source of wealth sometimes (client financial health), and satisfy themselves to a reasonable degree of the overall position of the transaction. The ‘reasonable degree’ increases with the risk of the transaction, and additional checks can be required as part of enhanced due diligence, or ongoing monitoring. Politically exposed persons are subjected to additional requirements in financing due to the risk of corruption. However, the checks required at this stage seem quite loose in comparison to the severe consequences for handling the proceeds of crime, and we discuss the criminal offences involved in the receipt of impacted client money, shortly. The writer has witnessed a greater focus on the policies and procedures (termed ‘systems and controls’), by the regulators over the last five years, and both the Regulations and the Legal Sector Affinity Group Guidance have also adopted this position. Although under the previous regulations law firms required an internal firm wide risk assessment, it is fair to say that the SRA at least did not place too much emphasis on this requirement, and it may have been more common to see firms undertaking individual file assessments, with the overall operation of an MLRO monitoring the risk of the firm. Some firms of course did have them in place and the recent focus on this area under the 2017 Regulations has benefitted those with a history of understanding the requirements and assessing their business as a whole.

Implementing the Money Laundering Regulations We have discussed in detail how to comply with the requirements for due diligence in Part 2, and how to design a risk assessment in Part 3. However, it is also useful to discuss how you might engage your staff with the subjects. Instead of viewing the Regulations and legislation as flat, firms in some cases require support and guidance in how to make these documents living, and a key focus of the work of the law firm. The risk assessment is intended to be a useful document within the firm and should guide staff towards understanding which areas their management would most like to see taken account of. Regulation 18 specifies what the risk assessment should cover, but this list might be a distraction in a sense, and instead, grounding the risk assessment in the operation of the firm and making it speak to as many of the staff and departments as possible, might be a better and more pragmatic solution. You might try the following: •

Discussing your risk assessment with individual departments and department heads to gauge their view on its reflection of risk and its usefulness.

•

Requiring reporting of near misses or requests for advice by department heads, to ensure the risk assessment is capturing what is really happening on the ground and in departments. 220

Money Laundering Regulations 2017 •

Considering management information in your risk assessment to look at the operation of individual risk assessments at a file level and the percentage of these that result in requests for more information on client identification or finances.

•

Discussing a cut-off point or ‘underlying purpose’ statement for your firm wide risk assessment to prevent it being taken over by small concerns. There may be a time and place for minor or housekeeping issues to be raised and managed and there can be a separate procedure put in place to manage such requests.

•

Considering the ‘weighting’ of your risk assessment and whether it is dominated by one or more departments. If some departments are missing, consider working with them to involve them more closely in the process. You might also consider whether one department receives more client money, or receives a high number of instructions, and whether this needs to be taken into account in the way your risk assessment is structured.

The office manual, firm intranet, or other internal information systems are often the places to go to find out more about how any firm complies with the requirements in anti money laundering. There are a number of policies and procedures to implement in order to comply with the Regulations, and indeed the Regulations require policies, controls and procedures at regulation 19. This in many cases means an operating system or operating model which embeds the regulatory requirements within the day-to-day work of the firm. The following policies and procedures should be implemented or considered, with further thought given to how to communicate them to staff, and ensure they are being followed. The policies and procedures required include: •

Risk assessment procedures to assess the full range of client facing work and to consider its risk of money laundering under regulation 18 (dealt with in Part 3). To bring this to life, it can be helpful to assess the consequences of each piece or type of work both comparatively to other risk within the industry, and also within the firm as a whole. This can mean asking departments and staff, “how risky is this piece of work for us, and how risky is this for the client?”

•

Procedures to undertake client due diligence, enhanced due diligence, simplified due diligence, and to identify high risk instructions under Part 3 of the Regulations (we cover this in in Part 2 of this book).

•

Systems to consider the outsourcing of AML checks, including in client identity under regulation 39 (we cover this in Part 2 of this book).

•

Procedures to check files for such high risk transactions, implement enhanced due diligence, and monitor the transaction on an ongoing basis under regulations 33 and 33A (we cover this in Part 2 of this book).

•

Systems to check source of funds and source of wealth under regulations 28(11)(a), 33(3A)(c), and 35(5)(b) (we cover this in Part 2 of this book).

•

Procedures to vet all staff and train them in respect of money laundering, including training in the identification of money laundering concerns, under regulations 21 and 24. 221

Part 4  Legislation, Regulatory Outcomes, and Offences Training is the main means of communication concerning anti money laundering for some employees within some firms. Of course, much professional training for qualification also requires the learner to demonstrate their individual competence, including in dealing with AML. Firms are required and expected to provide training regularly, up to once per year, so this regular communication ensures they understand how to comply. •

Further specific training can be read into the provisions for MLROs at regulation 24 and MLROs require a detailed understanding of their responsibilities and that of the firm. We cover more information about training and learning later in this Part of the book and in Parts 5 and 6.

•

Systems to identify and monitor money laundering concerns, including those concerns identified and raised by the regulator, under regulations 18 and 19.

•

Reporting procedures, covering the requirement to report to the MLRO if there is a concern about money laundering, at regulation 19(4)(d). See also the Proceeds of Crime Act, sections 330 and 331.

•

Appointing a person of sufficient seniority to be the MLRO at regulation 21(3). The Regulations also allow for the appointment of an MLCO (Compliance Officer) under regulation 21(1)(a).

•

Internal or external audit and governance systems to ensure money laundering is considered within the firm and this is regularly checked under regulation 21(1).

The types of processes specified by the Money Laundering Regulations are described in various places within this book (primarily in Part 2). They include: •

Client due diligence (CDD): the process of checking client identity, which we discuss in more detail in Part 2. This also includes both simplified and enhanced due diligence; processes which require less and more checking, respectively, depending on the circumstances. The relevant Regulations are contained in Part 3 of the Money Laundering Regulations. You must identify your client. This includes information about their identity, address and – in the case of a corporate body, trust, or other entity – their registration, and legal and beneficial ownership (see regulations 27 and 28). If a company or client is overseas, we still need the same information. This might mean looking in overseas registries for companies, or obtaining overseas passports and visas, for example. The old adage of ‘KYC’ – know your client – is important. The better you understand your client and their intentions, the more likely it is that you will conduct effective due diligence. Ask questions, meet the client in person, and consider whether the information is consistent and likely to be true. You should attempt CDD at the earliest possible opportunity, to avoid disrupting your business relationship with clients, and to ensure your client can find alternative representation should you have to cease acting for them. Under the Money Laundering Regulations, you should also note that you are required to repeat or check your due diligence again if you have legal reason to contact the client within any calendar year (regulation 27(8)). This may 222

Money Laundering Regulations 2017 be as simple as an e-verification check, although confirming details with the client direct may be prudent. –

Client due diligence can be excluded due to de minimis provisions in the Regulations at regulation 27. Firms with clients who are approaching these amounts may decide to conduct client due diligence in any event due to currency exchange rate fluctuations. You may also decide that although the transaction is only worth this amount at the moment, in future it may be worth a considerable amount more. An example may be land for development, which in the long term might be worth a much larger amount. Some firms may decide to conduct client due diligence on all clients regardless of the apparent amount of the transaction due to the potential worth of the position in other ways, and there might be a question as to whether the inclusion of the sum is simply taking a transaction at face value rather than examining its true intent or meaning. Of course, clients could set up transactions for lower amounts to avoid client due diligence requirements.

–

As part of client due diligence, there are specific requirements for corporate due diligence as distinct from individual or personal due diligence. This includes identifying and verifying beneficial ownership and, in some instances, checking the authority of the individuals instructing the solicitor. Group structures and persons involved with these may also have a part to play in instructing the solicitor, or in decision making and they (individuals and entities) may also need to be verified. The relevant provision is regulation 28.

–

A further part of client due diligence can be the checking of source of funds (transaction finance) and source of wealth (client financial health), as relevant. This is important, and goes beyond simply obtaining a bank statement. The source of funds (transaction finance) is not ‘the bank’ and this is a common misconception, unless there is a mortgage or other finance being drawn down for that transaction, from said bank. The source of funds is where the money is coming from for the transaction, including, for example, the deposit. This might be evidenced by payslips, a statement from an accountant, pension information, or bank statements demonstrating savings over a period of time. Source of wealth (client financial health) is slightly different and refers to the person’s overall lifestyle, income, but also – if they are wealthy – where that wealth came from. This might be family money that has been inherited, or it might income from investments or corporate ownership. When dealing with wealthy individuals you will need to take some steps to check whether or not they are genuinely who they say they are, and also where their wealth has come from. There can be difficulties with individuals who seek to hide their identity and beneficial ownership of corporate entities, as well as trusts, and partnerships. This can sometimes be a front for money laundering or for other criminal activity. In some cases it might be legitimate and there can be valid reasons for not wishing to publicise ownership, so we cannot always be quick to judge the situation as presenting a risk of money laundering. However, circumstances in which corporate (or other beneficial) ownership is disguised can be an indicator of financial crime. 223

Part 4  Legislation, Regulatory Outcomes, and Offences The new Economic Crime (Transparency and Enforcement) Act 2022 is introduced to try to manage the overseas ownership of corporate assets in the United Kingdom, and to tackle the investment of illicit funds. In particular, it requires overseas corporate entities holding or owning land in the UK to declare their beneficial ownership. Those required to register are being advised to obtain advice in their country of origin to ensure beneficial ownership is correctly disclosed. The Economic Crime (Transparency and Enforcement) Act 2022, along with other mechanisms, such as unexplained wealth orders, attempts to tackle the use of the proceeds of crime to make large investments in the United Kingdom. By forcing the declaration of ownership of assets, the authorities (and sometimes the lawyers representing them) are able to make an assessment of whether the asset or investment is in keeping with the owner’s lifestyle and income and whether it seems suspicious. The Act introduces specific offences for failure to disclose such ownership, and making a false declaration. •

Reliance (using another to undertake CDD with a formal agreement to do so): is possible under regulation 39, however, your firm remains liable. You must enter into correspondence with the person you intend to obtain a written agreement from. If you outsource CDD checks you will likely also need to check source of funds yourself. Do ensure your third party has undertaken checks for the correct individuals, including those providing finance for the transaction. Obtaining such documentation can be awkward sometimes, however it remains a requirement.

•

High risk circumstances: additional processes are prescribed for dealing with some circumstances which are deemed to be high risk. These fall into the category of ‘enhanced due diligence’ and are covered by regulations 33 and 35. These include dealing with politically exposed persons (who are persons holding high ranking political, business, or defence based positions within a state infrastructure), and overseas jurisdictions which are considered to be high risk. These jurisdictions change regularly. See regulation 33(1)(b). The Regulations regarding PEPs apply to domestic PEPs as well as foreign nationals. PEPs, and close associates of PEPs (including family members) should be asked for information on source of funds and their source of wealth. This means obtaining information on their funding for the transaction (for example, their bank statement), as well as information on their general wealth – this might include for example evidence of their family wealth (trust documents, accountant statements, etc). Further information about politically exposed persons is available in Part 2 of this book. Conducting enhanced due diligence means asking for more information about the client, their business relationship, and the transaction. As a result of the 5th Money Laundering Directive, there are specific requirements relating to information which must be obtained if you are dealing with clients from FATF nominated high risk countries. At the time of writing, the UK had adopted the FATF list of high risk countries. Another list of high risk countries is also available from the European Union, and although this list is not currently being used by the UK, there is a relationship to the conclusions of the FATF as the EU takes them into account. The EU are planning to start their own assessments. 224

Proceeds of Crime Act 2002 •

Policies and procedures: this covers the processes and corporate position required in respect of money laundering for those subject to regulation. Requirements cover all types of regulated structure, including individuals, companies, and group structures. Risk assessments are required for all those who are regulated. Separate governance arrangements and even independent audits are required for those with high value, complex, or high risk companies or workflows. The relevant provisions are regulations 19–21.

•

Staff training and recruitment: this is covered by regulations 21 and 24. Regulated firms are required to consider the suitability, knowledge and skills of those they recruit, and to train their staff to recognise and understand key indicators of money laundering. –

Failing to train staff is a further criminal offence, and this offence also encompasses failing to train staff appropriately. This means inappropriate training (for example, suggesting that reporting is not required), may be an offence. The relevant regulations are 86 and 88 and also note Schedule 5 of the Money Laundering Regulations. The reader’s attention is also drawn to the provisions within the Proceeds of Crime Act, section 334.

Leading on from the requirement to train staff appropriately, there are a range of criminal offences at the end of the Money Laundering Regulations 2017 in Part 9, Chapter 3, including offences for: •

Misrepresenting the position in respect of money laundering or misrepresenting the regulator’s position in respect of money laundering.

•

Disclosing information which has been disclosed in the course of some employment positions.

These are lesser known offences, and are rarely prosecuted. There are also offences for failure to comply with any part of the Regulations, which can be met with a fine, or a summary conviction of up to three months.

Proceeds of Crime Act 2002 In all of this we must remember that this book is not a criminal practitioners’ handbook per se. It is a discussion of law firm regulation, and how a firm might deal with the law on money laundering in relation to their transactional and general compliance. A criminal practitioner might have reference to this text, but it is not designed solely for them. The intended audience is compliance professionals, other legal practitioners (solicitors and licensed conveyancers), and those training to undertake this work. The book is also suitable for those working in law firms more generally, or associated with them – for example, Reporting Accountants. If firms are at all concerned about their position, they should take independent legal advice, and there are a variety of firms available to assist. The Proceeds of Crime Act is a weighty piece of legislation. It, in effect, criminalises a wide range of actions within any part of a transaction which is being used to launder money. You do not have to be proactively laundering money to be caught by the criminal offences in this Act. If you work in the regulated sector, the Act 225

Part 4  Legislation, Regulatory Outcomes, and Offences criminalises passive non action in the face of suspicious circumstances, therefore creating a positive obligation on the person who can see (or should be able to see), money laundering or the indicators of money laundering within their working lives. Further consequences for a law firm also arise when accepting money into the client account; at this point they could commit an offence if the money was part of a transaction to launder the proceeds of crime. Law firms and their staff are legally obligated to take steps to identify and report money laundering or suspicion of money laundering. The Proceeds of Crime Act sections 327–329 covers the offences for dealing with money you know or suspect is from criminal conduct; sections 330–332 cover the offences for failure to disclose your suspicions. The obligations relate not only to Money Laundering Reporting Officers, but also to staff, meaning it is important to have systems and procedures in place for: •

staff to report their concerns to nominated officers;

•

those concerns to be identified as important and about potential money laundering; and

•

appropriate staff members to make well informed and reasoned decisions about whether they are suspicious and whether the firm should make a report to the relevant law enforcement agency;

•

evidence to be kept of that decision making process.

Firms will want to ensure their staff are protected from potential criminal offences and that their processes are open and transparent, allowing staff to report their concerns. We start here by discussing reporting. Due to the wide sets of circumstances required to be reported, and the severe (criminal) penalties for failing to do so, reporting creates a net of required procedure around a law firm or other firm caught by regulation for money laundering. All other parts of POCA, and the Money Laundering Regulations, operate in this context; the context of these reporting obligations, which in a sense outweigh other aspects of the legislation. Once we have covered these important reporting obligations, we move on to the other offences within the legislation. These offences particularly relate to how a firm might deal with a transaction which is reportable; for example, how they might handle monies received in suspicious circumstances. We also cover the defences available to the offences. At the conclusion of this section related to POCA, we cover the role of the Money Laundering Reporting Officer and the firm, along with the liability for reporting. The application of the Proceeds of Crime Act 2002 is wider than the Money Laundering Regulations. POCA criminalises money laundering and involvement in a money laundering transaction on a more general basis than simply within the regulated sector. If we imagine a person comes into a law firm and places an instruction, they are not necessarily working in the regulated sector. However, that client is still subject to the law in respect of money laundering. It is important to remember that the solicitor or licensed conveyancer is also the same – a person subject to the law, first – in the same way as any other person. However, the 226

Proceeds of Crime Act 2002 Proceeds of Crime Act goes beyond that personal position and applies it to a professional position as well, with specific reporting duties. Accordingly, the offences and requirements apply in a firm and professional context as well as in a personal context. However, it is important to remember two things: •

The solicitor (or other professional) caught by POCA at work, may also be caught personally.

•

Even if that person is not caught professionally by POCA, they may still be caught personally if circumstances arise in their personal lives which involve money laundering.

There may be an incorrect perception that professionals can get round the requirements of money laundering reporting if matters occur in their personal lives. That is not entirely correct, as although they will not be required to report in the same way, the other offences for money laundering will still apply to them personally. Of course, the Money Laundering Regulations discussed earlier apply to professional transactions (and would still apply to the solicitor even if they conducted them in their private life).

Reporting – requirement to report The requirement to report your suspicions of money laundering is contained within Proceeds of Crime Act, in sections 330–332. The requirement is: •

For the staff member in the regulated sector to report to their Money Laundering Reporting Officer;

•

For the Money Laundering Reporting Officer to report to the National Crime Agency.

The report is required if the professional is suspicious of money laundering, or if they know that money laundering is taking place. The individual and the MLRO, as well as the firm more generally, should be trained in the anti money laundering requirements relevant to them and able to spot the warning signs of a suspicious transaction. As we have seen in Part 3, the regulators make available a number of lists of warning signs and factors to consider, and firms can add these into their own risk assessments as applicable. A failure to make a report creates a criminal offence for the individual if they do not report to the MLRO (section 330), and for the MLRO if they do not report to the National Crime Agency (section 331). In both cases, the offences arise if the individual is suspicious of money laundering. Consequently, a large weight rests on the test for suspicion as well as on the judgement of the individual making the report, and their senior MLRO. The result of the offence is that both the individual and the MLRO spend some time considering whether the circumstances are suspicious or not, and in justifying those concerns through minute taking, advice giving, or otherwise capturing the thoughts and discussions of the internal decisions at the time. The requirement is to make the disclosure to the MLRO promptly, and for the MLRO to make the disclosure to the NCA, also promptly. As well as being a legal 227

Part 4  Legislation, Regulatory Outcomes, and Offences requirement (in sections 330(4) and 331(4)), this is also a suggestion in common sense as it takes time for the NCA to make their decision about providing consent or otherwise, and this can derail a transaction and tip off the client if there is a delay. The beginnings of any legal transaction can be a mixture of taking identification, establishing the legal issue, and understanding the circumstances, so if the decision making to make a report can be established here, it can be absorbed into these types of circumstances without giving rise to concern. Of course, some firms may decide that they do not want a client or situation where there is any cause to report, and firms often put in place barriers to instructions in different situations. It becomes more difficult when the client has already given instructions before suspicions have arisen, because of the provisions concerning tipping off. We deal with tipping off later in this Part of the book. One defence for failing to make a report is reasonable excuse (sections 330(6) and 331(6)). However, this is not defined by the Proceeds of Crime Act, and the Law Commission recently considered whether it should be clarified. In most circumstances it should be possible to make a report. Another defence for the individual employee is in circumstances where training has not been provided (section 330(7)(b)), and the employee does not know or suspect money laundering. However, this latter position then risks a prosecution for the law firm management (including individuals) under the Money Laundering Regulations for failure to provide training, as we have already covered earlier in this Part of the book. As we have seen, there are potential criminal offences involved in a variety of nonactions relating to statutory AML and reporting processes. This squarely places the requirement to train and report at the door of the law firm themselves. Legal professional privilege (LPP) is also a defence to reporting, and no report is required if LPP applies (section 330(6)(a) and (7B)). These provisions are not mirrored in the provisions for nominated officers, and as we have seen in Part 2, the MLRO and MLCO often have to give internal advice and support as well and are themselves employed by a firm. However legal professional privilege only arises if the client is seeking legal advice, or if there are proceedings contemplated or otherwise. There is also a secondary hurdle to pass – LPP cannot be relied upon if the retainer, the continuation of the retainer, or potentially the ongoing actions of the client, are taking forward a crime (including that of money laundering) in any way. This means the firm can only give privileged advice to clients who are seeking to avoid a crime, or to prevent a crime from taking place. To summarise, for legal professional privilege to apply, the client must be: A.

Seeking legal advice or considering proceedings with their solicitor.

B.

Not in any way involved in or about to be involved in a criminal offence (including where the solicitor is advising and acting against it).

Previously, the Crown Prosecution Service has recognised the complexity of this decision making in individual circumstances and suggested that they were not seeking to undermine legal services and prosecute solicitors who believed advice was subject to legal professional privilege. Those in the regulated sector are obliged to make a report if the matter comes to them in the course of their business in the regulated sector (under Proceeds of 228

Proceeds of Crime Act 2002 Crime Act section 330(3)). This does not mean in the course of the transaction, but in the course of their wider business, meaning if you suspect money laundering on the other side of a transaction, you should also make a report. Two relevant cases in this matter are Purrunsing (2016) and Dreamvar (2018), which are discussed further in Part 2 of this book. However, a personal requirement also arises under the Proceeds of Crime Act sections 327, 328, and 329 (offences for concealing, arranging, or acquiring). We will see that the professional requirement can apply to receipt of funds as client (or office) money, but those specific offences could be interpreted quite widely and could see a personal action taken against a professional in respect of any activity that fell into those categories. We should also remember that solicitors and others can hold money personally and have a personal practice. A positive obligation towards action is created by the requirement to report. This is an unusual position in that it criminalises non-action. We can see a parallel across to: • the mens rea of recklessness (R v Caldwell (1982); •

the professional prosecution of solicitors for turning a blind eye, and the attitude of the regulator (particularly the SRA) towards wilful blindness.

The criminal act is minus the actus reus, and so the non-action is in the face of the indicators or circumstances of money laundering, which mean the individual(s) or firm should have realised it was money laundering and made an appropriate report or reports. We might even see a different relevant act arising prior to the non report, perhaps in the failure to keep up to date with AML training, or the failure to create an appropriate risk assessment, that led to this later point. The common law provides some explanation for the standard of suspicion, which is low, again casting the net very wide as to whether or not a report is required. The leading case is R v Da Silva (2006), which established an explanation of suspicion in the context of reporting as being ‘the defendant [referring to the person making or who should make the report] thinks there is a possibility, which is more than fanciful, that the relevant facts exist. A vague feeling of unease would not suffice’. In recent times, the regulators and law enforcement have tried to expand on this by employing psychologists to discuss how we might form suspicion. It remains to be seen whether this approach will develop and inform the tests required. Circumstantial evidence is permitted, and the jury could infer the professional had the necessary knowledge. Solicitors and others, for whom anti money laundering (and to some extent, professional conduct), forms part of their qualification processes, may be in a difficult position in attempting to claim that they had not had training and therefore did not understand the standard for reporting. As the test for suspicion is low, any matter that might form any indication of money laundering should be reported to the MLRO. Once that report is made, the individual has protected themselves (in so far as the transaction or situation is concerned, provided they had no further input in the money laundering, transaction, or situation). By making a report at the early stage, without becoming involved, they have a defence to money laundering. Those who have unwittingly become involved can also make a report at a later stage, even at a much later stage, and this might also show some awareness of the position and co-operation, albeit belatedly. 229

Part 4  Legislation, Regulatory Outcomes, and Offences Given the test is so low for reporting, the firm may take an approach of encouraging staff to report all and any concerns at all to the MLRO, to protect the staff. The MLRO may be in a similar position, and decide to report any and all matters. There are recent moves to add a cost to reporting, but these look set only to affect the firms and businesses who report thousands of matters per year, meaning it is likely to be very large businesses, rather than high street law firms, that will be impacted by them. We discuss the role of the MLRO, their requirements and pressures, later in this Part of the book. The regulators now publish lists of circumstances which may indicate money laundering which should also be considered within a firm’s risk assessments. We might say these indicators also inform whether a report should be made as they give an indication of whether the regulator is concerned about a position and whether a firm should therefore be monitoring for that situation occurring. Of course, a firm’s risk assessment is wider than that and should also encompass the factors the firm is concerned about, which may be more informed by what they see on a day-today basis. This risk assessment may be more grounded than that produced by the regulator, and there could be a deviation between what the regulator considers suspicious and what the practitioner perceives to be so; particularly given the individual circumstances of the matter. Sometimes the matters that come to the attention of the regulator can be at one end of a spectrum of activity within a sector (for example at the serious, or even unusual end – in some cases some frauds can also be quite far-fetched), and the regulator’s perception of activity within the sector can be impacted as a result.

Reporting – consent If you suspect money laundering and you wish to continue with a transaction, you must seek consent. This consent is obtained from the relevant law enforcement agency when you make a report to them. At the moment, that law enforcement agency is the National Crime Agency. Obtaining consent provides a defence to the criminal offences associated with money laundering. Accordingly, as we have seen: •

If you are a staff member, and you know or suspect money laundering, you will have a defence if you make a report to your MLRO (section 330 of the Proceeds of Crime Act);

•

If you are a MLRO, and you know or suspect money laundering, you will have a defence if you report to the National Crime Agency (section 331 of the Proceeds of Crime Act);

•

If you continue with the transaction, you will have a defence if you obtain consent from the National Crime Agency (section 335 of the Proceeds of Crime Act).

If you do not obtain consent, and you continue to act when there is a concern about money laundering, you will fall foul of one of the criminal offences at sections 327– 329 of the Proceeds of Crime Act. As discussed earlier, these offences apply to the wider general public rather than just the regulated sector, however the obligation to make a report, and seek consent applies simply to the regulated sector. We have 230

Proceeds of Crime Act 2002 covered the requirement to make a report, and in the coming pages we cover the criminal offences committed if you fail to do so. The procedure for obtaining consent is covered in the Proceeds of Crime Act section 335, where it also specifies that the law enforcement agency should provide a response within seven days if it does not consent. It does go on to say that the position is that those seeking consent will have implied consent if the consent has not been granted within the time frame, at section 335(4). The report to the National Crime Agency is known as a ‘Suspicious Activity Report’, although some people also call the internal report by the same name. Consent may not always be required, and you may be in a position where you have declined to take on a transaction or retainer, but you need to make a report of your suspicions. This can be done without seeking consent to proceed as you will not be going any further with the transaction. Seeking consent can be complicated, and you will need to specify what is it you are seeking consent to do. This might be quite specific; you will need to specify the exact steps of the transaction all the way through to the final outcome, and what you are asking consent for at each stage. It can be worth drafting this for each department in advance so you are well prepared. You might, for example, draft consents for common types of transactions so you are ready if you need to obtain consent. If there are a variety of different possible outcomes, you may choose the most likely and make a further report for consent if necessary. The process of obtaining consent can take up to eight working days, if you make your report correctly. There are also codes to use when completing the forms and the forms need to completed correctly or they could be rejected, and you would then need to re-submit the request. The information required by the forms is quite extensive, and the extent of the request can seem at odds with the test for reporting, which as we have seen is very low. The forms perhaps assume that the reporter knows or has access to a reasonable amount of information before reporting, which may not be the case if the situation has arisen early in the transaction. It is worthwhile for the person who will be making the report to familiarise themselves with what is needed in advance. This can also help to gather the required information before making a report to the NCA. If a report is made incorrectly this can lengthen the time frame for reporting, and the report can be returned to the person making the report to ask for more information. The report is made on day zero, and from the following day, the agency has eight working days to respond. The Agency should only refuse consent if they are going to take action within the next 30 days; this provision is known as the moratorium period and is discussed in section 335. If you do not receive a response from the NCA within eight working days, you have deemed consent to proceed. This means you can assume your request has been received, actioned and approved, but you should stay within the bounds of the consent you have asked for. A deviation from this consent will require a further report. Do ensure you do not take any action while you are awaiting a response from the National Crime Agency as this could fall within the offence of an arrangement. We discuss this further in the next section. 231

Part 4  Legislation, Regulatory Outcomes, and Offences

Offences – a two stage process The offences within the Proceeds of Crime Act are quite wide ranging and cover all manner of circumstances. We might say it was very easy to be caught by them. If we also say that fraudsters are, by their nature, seeking to present something as true which is not, we might then say solicitors and other regulated professionals are in a difficult position. They are in a role which brings them into contact with or makes them a target for people who would attempt to deceive others, and if they are deceived professionally, they could also have committed a criminal offence due to the wide ranging nature of the powers and offences designed to combat such fraudsters. Solicitors and licensed conveyancers need to keep their wits about them. However, the offences within the Proceeds of Crime Act have been designed with a safeguard, which may provide some relief to the practitioner: •

For the offences of arranging, concealing and acquiring, you must first have criminal property (or, for arranging, suspect you do under section 328(1)). Without criminal property (property acquired by committing another offence), you cannot have one of these money laundering offences. So, while suspicions are being reported, that is not necessarily the same as reporting a criminal offence. You may be holding money in the client account and may be suspicious of where it came from, however that is not the same as definitely holding criminal property.

•

For the offences of failing to disclose, there are a range of defences beyond reporting and consent, such as legal professional privilege. We cover these shortly.

The complexity of the offences and multi-stage process provides a safeguard against the criminalisation of those who have not deliberately done anything wrong. It is important to report suspicions, and to ensure that you have taken the steps outlined in this book to prevent money laundering, but the position of the law also provides some support to professional practitioners as well. The law perhaps recognises that those practitioners have to have some scope to be able to perform their role in good faith – by demonstrating co-operation with law enforcement, within the bounds of their delivery of a legitimate service to clients.

Main offences and defences The main offences for money laundering within the Proceeds of Crime Act are contained within sections 327 – 329. The Proceeds of Crime Act criminalises any handling of monies from the proceeds of crime. It also criminalises any attempt to clean those monies or become involved in any scheme to do so. The specific offences are: Concealment (section 327), which is any attempt to conceal the proceeds of a crime. The actus reus goes further than just covering the proceeds of a crime, and includes actions to arrange that cover. There are defences to this, which include reporting your suspicions, or reasonable excuse. 232

Proceeds of Crime Act 2002 Arranging (section 328) which is any action taken in the furtherance of a crime of money laundering. If you are a regulated professional and you suspect money laundering, this could be anything you do which is not reporting your suspicion. This criminal offence is more directly linked to the crime of failure to report as the failure and continuing action are criminalised together – meaning if you suspect money laundering, fail to report it, and then continue with your action (for example proceeding with your file), you fall foul of the two offences in failure to report and arranging money laundering. The wording of this offence covers almost any step you might take on a file or in a transaction and means any action at all other than reporting is covered. We examine in this book the position related to client money, but a firm does not need to have received any client money in order to be involved in an arrangement. It can simply be taking steps which move forward a transaction in some way. Often, firms can take these steps in the beginning before client money is received. If you have received client money, and you are suspicious, you will also need to consider the additional offence of acquisition. We have looked at the systems for obtaining consent, and arrangements can also apply while consent is awaited. If you seek consent, you will need to wait the full time period and/or for a response from law enforcement before taking any action so you do not commit an offence. The decision in Bowman v Fels (2005) referred to arrangements directly, and said that steps taken in Court proceedings and the distribution of funds in accordance with the Court’s direction are not ‘arrangements’. Firms may have to consider whether there are other criminal offences that could be committed by relying on this case, including the other offences in this list. Bowman v Fels (2005) is covered later in this Part of the book. The defences to arrangements are making a report to the MLRO and reasonable excuse. Acquisition (section 329) the final offence in this group is one of acquisition and we might say, in a way, this is the offence we are principally concerned with exploring in this book. If the law firm acquires the proceeds of crime in receiving client money, they theoretically commit an offence. However, the defences to this position are reporting your suspicions, reasonable excuse and adequate consideration. We explored billing briefly in Parts 1 and 2. Of course, firms accepting the proceeds of crime deliberately and intentionally would not ordinarily have a reasonable excuse. We are exploring in this book whether there is a case for the requirement to do more in the area of handling client money, given the broad focus on identity and anti money laundering ‘systems’ (policies and procedures), within the Money Laundering Regulations. We could ask the question whether further work needs to be done in respect of analysing client money within firms to meet a suggestion of ‘reasonable excuse’, or to define and clarify suspicion to avoid an accusation of committing the offence. We have explored in this book the ways in which this could be achieved. Of course, as we have already seen, the Regulations and POCA simply require a consideration of source of funds (transaction finance) as appropriate, and source of wealth (client financial health) for politically exposed persons, or in enhanced due diligence. Parts 233

Part 4  Legislation, Regulatory Outcomes, and Offences 2 and 3 of this book in particular consider the ways in which further checks could be undertaken to verify client source of funds. Similarly, the defence of adequate consideration should allow a firm who has conducted legitimate work for someone (and which the firm are satisfied is entirely above board), to bill for their time in doing so, to a reasonable amount. The amount of the bill could not be overly high to ensure the firm receiving the sum had only received ‘adequate consideration’ (in other words, adequate payment) for their efforts. To put it another way, if the firm was suspicious perhaps of part of the situation related to a client, but was not suspicious of the rest of it, and the work they undertook was legitimate, necessary and above board, they could make a reasonable charge for it and have a defence. However, the firm (MLRO and staff member(s)) would need to make a report of their suspicions. When we consider adequate consideration, we should also note the development of price transparency (under the SRA  Transparency Rules and similar CLC requirements), which may have an impact on how much firms can charge in respect of this defence. These three offences are meant to be wide in their application, and they create the effect of halting a transaction completely. If the firm suspects money laundering, they have to make a report in order to continue. If consent is refused, the continuation of the transaction could be an arrangement, as could continuing in the face of suspicious circumstances without making a report.

Criminal conduct outside of the United Kingdom There is an exemption to each of the offences outlined here, which is that criminal conduct which occurred in another jurisdiction where and/or when it was not criminal is not covered as money laundering (sections 327(2A), 328(3), and 329(2A)). Practitioners in this situation or who believe they are in this situation are advised to consult the Proceeds of Crime Act directly and take advice where needed.

Summary of defences There are defences to the offences in the Proceeds of Crime Act, and we have covered some of them when discussing the criminal offences. For ease of reference, the defences available within the Act (for the sections we have covered here), are: •

Adequate consideration, this being the provision that would allow the firm to take their fees if their transaction was legitimate (available for the offence of acquisition);

•

Reasonable excuse, which is not well defined, but may be in future;

•

Disclosure, which means having made a report (this can be either internally, or externally to the relevant law enforcement agency);

•

Legal professional privilege, which we explore further below (available for the offence of staff failure to report). 234

Proceeds of Crime Act 2002

Legal Professional Privilege A report to the MLRO or National Crime Agency may not be needed if you are a professional legal adviser and the retainer is covered by legal professional privilege (LPP) (section 330(6)(b)). However, it is noted that this section does not apply to the MLRO, and their section for reporting (section 331) does not include the same defence for legal professional privilege. Legal professional privilege (defined as privileged circumstances by POCA under section 330(10)) is a complex area, and the exemption for LPP does not apply if the retainer is in furtherance of a crime (section 330(11)). Sometimes this will mean that if you suspect money laundering, and the retainer would further that position (including assisting it), you would need to make a report and LPP (or privileged circumstances) would not apply. The position can take us full circle. If we start by saying a client approaches a firm asking for privileged legal advice in circumstances that would be otherwise be reportable (for example to avoid a crime), and would like to also deposit money into the client account in an associated transaction. That client money may not just be for fees. We have to ask whether those two actions are separate, so while the privileged legal advice (and payment for the same), might not be disclosable, the underlying transaction might be a crime and the client account is in use for that underlying transaction. The relevant offences of acquisition (section 329), concealing (section 327) or arrangements (section 328) in the Proceeds of Crime Act might come into effect with the receipt of client money or an underlying transaction. The two aspects of the retainer should not be confused, and the overall retainer might be in furtherance of a crime, with privileged circumstances intended to disguise it (for example, apparently deliberately asking for part of the advice required). In such circumstances, the underlying transaction is reportable if in furtherance of a crime, and if the overall retainer is also in furtherance of a crime, it is also reportable and the defence of legal professional privilege (or privileged circumstances) does not apply. Legal professional privilege, its extent and application, is a separate and sometimes intricate area of law, but might be thought of to apply when the person has sought advice on: a.

the pure application of the law in reference to a particular situation (possibly as distinct from a matter being a standard transaction)

b.

litigation, and where this is a realistic prospect

The Proceeds of Crime Act defines ‘privileged circumstances’ slightly wider, which also allows the advice to be given by legal advisers, who are not necessarily barristers and solicitors, and that the circumstances may extend to any form of legal advice at all. This wider definition should also be borne in mind as an issue of law which has applied in the United Kingdom, and also as a standard of international law which is relevant to the situation. However, practices would again find it useful to have a discussion of the position of LPP as relevant to their practice in advance of any problems. They might discuss when they think LPP applies to the work they do. Bear in mind that a suspicion of money laundering may negate the LPP if the transaction or advice furthers the money laundering or any other criminal intent. 235

Part 4  Legislation, Regulatory Outcomes, and Offences LPP is a separate area of law with case law which does not necessarily pertain directly to the issue of AML and the reporting of others. The criminalisation of non-action in AML reporting (as discussed earlier), makes this a particular area of consideration for LPP, as non-action can support positions of confidentiality and privilege. The correct decision is a complex one for practices to make. At times the distinction might be very fine indeed, and practices are encouraged to seek their own legal advice about the application of LPP to their work. One further point is the client perception of legal professional privilege in this situation. Clients may have the erroneous belief that they can say anything to their legal adviser. Firms might wish to correct that situation or belief in their client care letters, in their communications with clients, or in their advice to clients.

Legal professional privilege, arrangements and litigation: Bowman v Fels (2005) The case of Bowman v Fels (2005) is a well-known authority which establishes that following the Court’s direction in the distribution of monies is not an arrangement (section 328), within the meaning of the term in the Proceeds of Crime Act 2002. The case has been used as a justification for distribution of money in litigation matters. However, in the writer’s view the application of the case must be taken to require that the parties have been forthright and honest with the Court.

Bowman v Fels (2005) Bowman v Fels (2005) states the ordinary conduct of litigation is not an arrangement under section 328 of the Proceeds of Crime Act 2002. In Bowman v Fels (2005) a case had been delayed because of a report to relevant law enforcement by solicitors. The Court found it need not have been delayed. The writer would make the following points: •

The decision did not conclude on the other aspects of POCA; the question was posed as to whether it was an ‘arrangement’, however the positions of ‘acquisition’ and ‘concealment’ also need to be considered, meaning: –

the firm may have acquired the proceeds of crime (an offence as acquisition (section 329)) in receiving client money for the litigation (or for other related matters), and this is not covered by the decision Bowman v Fels (2005).

–

the firm will need to be honest and open with the Court to avoid an allegation of the offence of concealment (section 327).

•

In the case of a distribution where there was the proceeds of crime, the recipient of the monies may need legal advice as they would be acquiring (section 329) the proceeds of crime and may commit an offence.

•

There may be issues with international practice and Bowman v Fels (2005). International litigation and the professional practice of Registered Foreign Lawyers (and even some solicitors) could be impacted due to 236

Proceeds of Crime Act 2002

law enforcement provisions abroad. If funds have arisen in international litigation this could also be an issue, for the same reasons. The same may be true in cross-border practice, and reliance on the judgment could cause an issue in Scotland, Northern Ireland, or border areas. •

Currently, a Registered Foreign Lawyer cannot practice on their own account in England and Wales – they must be in partnership with Registered European Lawyers or solicitors, perhaps intended to offer some supervision. A Registered Foreign Lawyer is not necessarily covered by Bowman v Fels (2005) overseas, leading to some potential differences in interpretation. See Serious Breaches for more information about the status of Registered Foreign Lawyers.

•

We may ask whether litigation has arisen in England and Wales or otherwise because of Bowman v Fels (2005), and whether that defeats the principles? If we imagine that the inherent jurisdiction of the Court and their oversight of the situation allows the matter to proceed, the question is whether that oversight could be defeated by an attempt to involve the Court itself in an offence. We might say that if litigation arises to take advantage of Bowman v Fels (2005) then the Court case or litigation is part of a wider arrangement to launder money and the Court case itself is an arrangement. This might apply regardless of where the litigation arises. The regulator (for example, the SRA) may also consider this inappropriate and a breach of the relevant Principles.

•

There are perhaps far more significant criminal activities than those covered by Bowman v Fels (2005) and those can halt civil litigation by way of SAR Moratorium and/or High Court order. You may also not feel comfortable informing the other side, particularly if you suspect their involvement in money laundering (see the Proceeds of Crime Act 2002 sections starting with 333 (including A–E) and also in particular 333C(2), as well as section 339ZB).

•

The defence of adequate consideration – you may have a defence to being paid (noting acquisition is not covered by the decision, and this is an available defence). You will need to ensure your fees are reasonable.

Continuing with the transaction It can be helpful to consider how to continue with the transaction once you have sought consent, or if consent is not granted. Making a contingency plan in advance is helpful to see and understand your way through both scenarios. This contingency planning is different to the contingency planning we have covered previously; we can draw a distinction between contingency planning for firm wide difficulties, and those for individual transactional difficulties. We have already covered the need to seek consent and have your plan of the transaction mapped out in order to obtain that consent. If you obtain consent it will likely be based on the wording you drafted and submitted with your report to the NCA. When continuing with your transaction you must follow that wording, and run your transaction through accordingly. This is why it is so important to cover all aspects of the case in your wording submitted for consent. 237

Part 4  Legislation, Regulatory Outcomes, and Offences Failure to obtain consent will result in the firm being unable to continue with the transaction. Firms may wish to take legal advice at this point to assist with any specific issues that arise related to the transaction. However, an advance contingency plan can assist with how to deal with the following types of issues: •

Client exit and client care issues: this can include sample letters drafted in advance, and a client care procedure developed to deal with AML scenarios. It can seem complex to consider how the client can be dealt with without tipping off (which we cover further shortly), but the scenario is in some ways no different to dealing with a conflict of interest between two clients. In both situations a client retainer must be terminated immediately and the client in question cannot be told why. We cover further points below under ‘reputational management’.

•

Remaining monies on client account: sometimes money will have been taken in advance from a client and a practice will need to make decisions about what to do if they have been refused consent to proceed. Practices are likely to need independent legal advice at this stage. However, there are some situations you can plan for, and you can also consider who you might approach for advice, and when, during the reporting process. We have already discussed ‘adequate consideration’ and you may be able to be paid for the work done to date if your work is not in furtherance of a crime and appears reasonable to make a charge.

•

Reputational management: internal and external communications can be very important. We cover tipping off further over the next few pages, but the need to ensure the position is managed internally is essential. Staff can panic at the situation and you may want to restrict communications to a select group of people, including those who will deal with any complaint. Informing other staff members that certain people will deal with any issues can also be helpful. The confidentiality owed by solicitors to their clients and former clients will prevent many potential problems becoming public at the hands of former disgruntled clients. If there is a complaint and you have made a report of suspicious activity, you may be able to speak to a solicitor at the regulator or Legal Ombudsman, to explain the situation.

•

Involvement of the authorities: this is a likely occurrence if the firm has been refused consent to proceed. Your client may be well aware there could be or would be action against them, and if that is the case, they may inform you in advance. In such situations, the client may need specialist advice and may need to go to a specialist law firm. You as a firm may also need separate specialist advice if you have received monies or instructions and have to deal with the authorities. However, as previously, this can also be planned in advance as a contingency, and you can consider who would advise you.

•

Storage of the information: this is important in light of the provisions related to tipping off, but also to maintain client confidentiality. Consider in advance where and how you would store files and information.

Developing a contingency plan, drafting sample letters, and putting together a step-by-step instruction or procedure for staff to follow, can be enormously helpful in this situation, as can maintaining a list of firms who can assist with any specialist advice required. 238

Proceeds of Crime Act 2002

Client care and decision making – individual skill sets What skills does it take to manage a complex situation in anti money laundering? You might need your very best skills in complaint handling, or your most interpersonally charismatic individual to manage a situation if the requirements have caused a client care issue. You may also consider quite strong personalities suitable depending on the client you are dealing with. Consider whether this impacts who you might train or ask to work in this area. It is helpful to have someone available with the following skill sets: Excellent communication skills – Do you know anyone with a nice way with words or a strong ability to place an argument? If the response required is in writing, this might be the job for them. Ask them to draft a letter to use in future. Otherwise, and if the client is in person, you might look for someone with the ability to diffuse a situation – usually that is someone calm, level headed and often someone able to be direct without being aggressive. However, depending on the situation, a strong personality can also be suitable. Charming/well-liked – A  popular person is often a person with good communication skills, sometimes in unseen ways. Identifying a person who is a good salesman or good presenter can be helpful; they can be a useful ally and a person to call on in a difficult situation. Persuasive/skilled at saying nothing/deflecting difficult questions – A diplomatic person is also useful here and may be able to develop phrases or scripts that you can use with your staff to deflect difficult situations. Perceives and understands emotion in situations – Don’t forget that you may be dealing with clients in complex situations who may not be to blame or who may be presenting a front for someone else. You may be giving privileged legal advice to those in difficult situations, so this skill set could be considered for development and acknowledgement. Previous complaint-handling experience or training – In the writer’s experience you can hear and see the difference in the response of people who have previous experience in complaint handling, particularly those who have dealt with a large number of complaints. A professionalism, quick judgement, and in some people a lowering of the voice to convey gravitas, are all common. You may also helpfully find they have their own way of structuring complaint responses or staying calm when others become cross. Confidence – In anti money laundering, this can be in short supply. The consequences can be so grave, and the positions of the people within the firm can be a reflection of their own political views. We must also remember that law firms are still largely owned by individuals and there may or may not be internal cross departmental support, causing a further crisis of confidence. Those with personal assurance in their own judgement; those who are willing to support others; and those who don’t give up; all demonstrate valuable personal skills. Willingness to take on difficult tasks/make big decisions – Anti money laundering has some big decisions in reporting, and is a hard job. Look for people with these abilities to make the department a success. 239

Part 4  Legislation, Regulatory Outcomes, and Offences

Tipping off There are specific offences for tipping off within the Proceeds of Crime Act. The relevant sections of the Proceeds of Crime Act are section 333A and section 342, and a similar provision arises in the Terrorism Act 2000 at section 39. The relevant section of the Terrorism Act is included here, as reports which are made under POCA (or which you believe to be relevant to POCA) could also be applicable under the Terrorism Act. The offences are for: •

Disclosing information (with a particular emphasis on disclosures which harm an investigation) (section 333A and section 342).

•

Destroying information (which may also include hiding or fraudulently producing information) (section 342).

Both of these offences apply when you are aware there is an ongoing money laundering enquiry. Section 342 of the Proceeds of Crime Act contains the separate specific offence of prejudicing an investigation. The information can be disclosed for the purposes of obtaining advice, and internally (see section 333B). The information may also be disclosable if you are satisfied it would not harm any ongoing investigation (section 333A). However, to be safe, you are likely to wish to restrict disclosure. This means as soon as you are aware the investigation has begun, you cannot say anything concerning that investigation to the subject, or potentially anyone else. As a firm, you may wish to ‘cast a net’ over those involved in the investigation, and keep the information within a select group. This involves being careful about who is told about the investigation within the organisation. You might include: •

the fee earner with conduct of the case;

•

the person making the report (if different);

• the MLRO; •

anyone else directly involved from the firm.

This net should prevent those who are aware of the ongoing investigation from disclosing it to other persons. This might include other persons within the firm, external to the firm, and also to the clients. You may have exemptions for seeking legal advice and for discussing the position within the internal group created. The need for legal advice should also underlie the role of the MLRO or MLCO, and a suitable person within the organisation (or external to the organisation) may need to give advice about what can be said to the client while consent is awaited. This may be nothing at all, or may be a holding letter that you can prepare in advance. Be aware that taking any steps at all in a matter while consent is awaited can amount to an arrangement, so again the persons in the group may need to be advised about what they can or cannot do. 240

Proceeds of Crime Act 2002 This may seem complex to manage and a harsh penalty – to make a law firm wait eight working days. However, for most firms this will be manageable within the context of a case. Nonetheless, you should not delay in making a report as this can lead to tipping off concerns at a later stage; you can also find yourself in difficulty for not making the report as soon as the suspicion arose. Overall, it is a good idea to consider the full circumstances of a case at the outset, and make a report as soon as you are able to, and if necessary. In a provision which seems at odds with the rest of the legislation, it is possible to inform a client of an investigation to dissuade them from criminal conduct (Proceeds of Crime Act 2002, s333D(2)). However this is a complex provision to use, not least because it appears out of keeping with the remainder of the Act. Those considering it may wish to take legal advice first. You may be able to give legal advice to prevent an offence; for example if a client does not wish to disclose a disclosable matter to the mortgage company, you can advise them to do so, otherwise they might be committing mortgage fraud. A further provision which provides an exception is (Proceeds of Crime Act 2002, section 333C). Under this section, you can in some cases inform the other side of the concern, if: •

The disclosure is made to another lawyer in an European Economic Area state, or one with an equivalent AML regime.

•

The disclosure relates to a client or former client of both parties, or a transaction involving them both, or the provision of a service involving them both.

•

The disclosure is made for the purpose of preventing a money laundering offence.

Both parties must also have equivalent professional duties of confidentiality and protection of personal data. Generally speaking you must not say anything, and it is important to realise the limitations and potentially strict interpretations of these exemptions. Tipping off is an offence and it should not be taken for granted that you can inform the other side. The tipping off offences can seem daunting and it is important not to say anything to the client or another person. Again, there are parallels across to confidentiality in the Codes of Conduct for solicitor behaviour. Solicitors and their staff already have to be careful how they handle client information, and although this is more stringent (with a criminal offence behind it, and therefore a stricter approach), similar principles apply. The ability to be discreet with client information is a key skill within a law firm, and the further tipping off requirement in the AML legislation underpins the necessity of the particular personal quality of discretion. Therefore it is fair to say that there are skills and personal qualities already in use within law firms that can be applied to the need not to say anything about a money laundering investigation. Similarly, effective complaint handling, or template letters developed in advance, can assist you in being ready for a slight delay in the transaction. You could even manage all expectations at the outset with information in your client care letters about how long transactions can take. Or, you might write a letter that informs the client you will revert to them as soon as possible. In other cases, you may simply be able to say nothing, because legal transactions usually 241

Part 4  Legislation, Regulatory Outcomes, and Offences take much longer than a week, and some period of waiting is within the bounds of reasonableness as part of a normal legal transaction. It can therefore be important to ensure you conduct your client due diligence at the start of the transaction, and we have seen how the current legislation places the checking of identity and source of funds (transaction finance) at the start of any legal process. It can be essential to get this timing correct. Changes of parties or contributors to the legal process can re-start this clock and it is possible to inform the client of this if there are alterations. Similarly, if the client is in an unusual situation and their due diligence may take slightly longer, then also managing their expectations can be useful. It is not unreasonable to expect a firm to take their time in getting due diligence and other AML checks correct, and other parties to the process should ensure they take account of this. Sometimes pressure exerted by other parties to the conveyancing process, for example, is the cause of complaints, mistakes, and even failures in due diligence. Making sure that you have taken the correct steps comes first and the writer would like to see more emphasis placed upon this in a conveyance (and potentially other transactions), rather than on speed of the transaction, to ensure the process is safe for all parties and there is a reduction in the opportunity for property fraud. After all, most purchasers are genuine purchasers, often normal couples, families, or hard working individuals, and for them the priority will be a properly executed transaction, rather than a conveyance conducted in record time which is open to fraud and misuse. Similarly, while fees are paid on completion, and those involved in a conveyance will want their monies to be paid, they could also find themselves liable for their actions if the transaction is tainted by fraud because of their haste or undue pressure on either party. In all cases, conducting usual due diligence and discussing this with the client, is not tipping off, unless the firm have begun a specific investigation into the circumstances related to this particular client or group of clients. It is possible to ask a client about their source of funds (transaction finance), source of wealth (client financial health), or whether they are a PEP, or for further information about their position, without committing this offence. It should also be noted that in all legal transactions, the lawyer owes a duty of confidentiality to the client and discussing the ongoing position of the transaction with other parties (such as in a conveyance, estate agents), could be a breach of that confidentiality. Therefore, protecting your clients’ rights to a confidential transaction by taking a strong line on confidentiality (across the board, with all legal work) can go on to prevent undue pressure; protect the transaction; and prevent the liability of third parties, such as estate agents. Ironically, taking steps to prevent discussion with third parties can protect all parties to the transaction, including those third parties themselves. Perhaps this is a point that needs to be made more strongly in some parts of the legal services industry. We can make a distinction between disclosure to the other side to prevent a criminal offence or to comply with the law where there is an AML concern, and a breach of confidentiality. The former should only be done where there is a fairly extreme situation, which puts others at risk of criminal offences. This is quite different to the ordinary professional conduct basis of confidentiality. 242

Proceeds of Crime Act 2002 Making time to advise those involved with the client file about tipping off is important, and this role may fall to the MLRO, MLCO, or even COLP or COFA. You may also engage external legal advisers. We discuss the role of the MLRO and comparative other roles in the coming few pages, as there is not a clear role for internal legal advice and there can be conflicts of interest. You can make space on your reporting forms for feedback to those making a report, and include within that a space for tipping off advice. There are example forms in Annexes A and B to Part 2 of this book. You may also wish to consider ongoing storage of the file, and who may be party to the contents of the file going forward. Some firms choose to separate out the main part of the file and have a separate AML file, which is stored separately. You may also wish to exclude this AML part of the file from the firm’s computer system, or prevent persons from looking at it, to ensure limited access within the firm. It can be helpful to colour code files so you know which files contain information which is strictly confidential. Ensuring you do not take this confidential information with you to the client meetings is important. You will also wish to ensure the information is stored confidentially in the long term, of course respecting the destruction dates of the files in line with regulatory, insurance, and client requirements. However if you take on new staff, for example in your compliance team (who might expect to have access to the file), and later there is a query on the file, they should be in a position to answer the query without disclosing the report. Of course, time passes and circumstances change. Once suspicion has passed information may be disclosable, including reports made to law enforcement. The relevant case is Parvizi v Barclays Bank (2014). In a similar situation the report might be disclosable, but there are a variety of considerations including whether the firm had legal advice themselves and to what extent that would prohibit disclosure of information. An interesting case is where the firm is sold. The question in those cases is whether files which have resulted in reports can be brought by a new firm. In some cases, firms take files only; in other cases they might buy the entire firm. If your firm is purchased by another, ensuring the genuine nature of the purchaser is important before any form of disclosure. In fact, both sides will need to take some steps to ensure the genuine nature of the sale and the purchase, including provisions for AML. It is important, while on the subject of tipping off, to clarify that the provision for tipping off is only invoked once someone is suspicious of, or has knowledge of money laundering, or when there is an ongoing investigation into money laundering. Simply asking the questions required of a client at the commencement of the matter or during ongoing monitoring is not an active AML investigation; rather it is a standard response to the regulatory requirements, provided there is no reason for suspicion at this stage. The provisions in tipping off are not meant to prevent standard questions about client identity, proving identity, and proving passport status, from being asked, or for information to be sought which clarifies the money being used for the transaction. However, the writer’s view is that clients perhaps have the right to understand the reason why that information is being asked for and that this explanation should be provided openly. 243

Part 4  Legislation, Regulatory Outcomes, and Offences

Liability Following a number of cases related to the liability of regulated businesses for the reports made to the authorities, a change was made to the Proceeds of Crime Act 2002 covering this point. There is now no liability for reporting if the report is made in good faith (section 338). Practices making reports where they are genuinely suspicious should usually be fine, but take legal advice if there are complicating circumstances. We have discussed the relevant case law and change to the Act briefly in Part 2. An ongoing client care issue with a client, or any aspect of a case (for example, bad feeling), which could be a cause for concern from a client, could theoretically be cause for asking a client to go elsewhere. If you could be accused of bad faith because of a breakdown in a relationship, and you feel this would hamper your ability to act within the law, the client should seek new representation. This might be the tipping point; if you would consider asking a client to go to another law firm because of a fundamental disagreement, then consider how it might affect the relationship if a report needed to be made to the authorities. The writer would like to see the provision on ‘good faith’ clarified in future. However, clients of course do need protection from individuals who would seek to disrupt their transactions, and we unfortunately cannot pretend that all solicitors (or indeed businesses) act honestly and scrupulously all the time, as we can see from the number of cases at the Solicitors Disciplinary Tribunal. We need to take a step back and consider both the rights of the client and the need to report. The need to report comes about as part of a drive to ensure a lack of criminal activity in basic legal transactions. Other transactions, such as in financial services, are also impacted. Sometimes clients arrive with legal problems but in suspicious circumstances. We also know that money is being laundered as the evidence of criminal activity is, in some places, apparent. As a result, law firms are placed in the position of needing to report. We also need, on the other side, to take account of the rights of the client. In the cases discussed in this short section, clients were deprived of access to their monies, which impacted their financial position very seriously. Law firms are not in the same position as banks, and their handling of funds will commonly be in respect of one 244

Sanctions transaction. Firms that handle significant amounts of funds for clients may need to take specific legal advice if the need to report arises due to the impact on that client. We note, of course, that the law changed, and no liability attaches to reports made in good faith.

Terrorism Act 2000 This book is principally about receiving client money in the context of anti money laundering, rather than in the context of terrorism, but some people define money laundering widely to also encompass terrorist financing and activity. The regime under the Terrorism Act is also therefore worth a mention. It has a broadly similar reporting and consent regime, although individuals can act with prior consent. Those familiar with making reports will also realise the information technology systems are the same, but with slightly different requests for consent available at (sections 21ZA–21ZD). Offences of interest are contained within the Act at sections 15–18, including those for money laundering as a specific offence related to terrorist activity.

Criminal Finance Act 2017 Introduced in 2017, the Criminal Finance Act introduced the concept of an unexplained wealth order, which could be used to force individuals with large amounts of unexplained assets to provide details of where and how those monies have been raised. This order comes with the threat of confiscation. The Act also extended the deadline by which the NCA have to take action should consent be denied to continue with a transaction. Law enforcement currently have 31 days as a result of this Act, which can be extended by a High Court Order. The Act also gave the power to seize property from suspects, rather than just cash. Legislation being introduced at the time of writing is intended to make unexplained wealth orders easier to use, and the relevant Act is the Economic Crime (Transparency and Enforcement) Act 2022.

Sanctions Sanctions can be imposed on individuals and companies by the British government in response to concerns about terrorism, money laundering, or war crimes. These are often mirrored in international law by international sanctions. We have discussed the requirements for complying with sanctions when a client is subject to the same in Part 2 of this book. The Sanctions and Anti-Money Laundering Act 2018 set out the powers of the United Kingdom to impose sanctions following exit from the European Union. In 2022, the Economic Crime (Transparency and Enforcement) Act brought in new provisions which aimed to reduce the timescales needed to introduce sanctions, and streamline the process for their introduction. 245

Part 4  Legislation, Regulatory Outcomes, and Offences

Companies House requirements The list of those who are required to register with Companies House has grown dramatically in the last few years and as well as Company Directors, we now have requirements to register Persons of Significant Control. Recent proposals to drive transparency mean there are new requirements to register for those from overseas who own companies (or similar entities) with interests in land in the United Kingdom. At the time of writing, it was proposed that other business relationships may also require registration in the future, and the government was in the process of introducing the Economic and Corporate Transparency Bill. Companies House is discussed further in Part 7.

Third Party Managed Accounts We have assumed so far that the money in question is coming into a client account belonging to a law firm. We could also see a situation where the money was placed into a Third Party Managed Account. As payment service providers (PSPs) are regulated by the Financial Conduct Authority (FCA), TPMAs will also be required to comply with the Money Laundering Regulations in their own right. This will mean possibly two sets of checks on the transaction and the client, and two judgements being formed about whether the transaction is genuine and real. The TPMA may be reliant on the solicitor in some circumstances. The TPMA will obviously need to be careful, and all of the offences mentioned earlier in this Part apply to the TPMA provider as equally as they do to the law firm. They will therefore have their own policies and procedures, decision making structures, management direction in AML, and potentially a veto over the type of clients they will accept according to risk. The TPMA provider may be in the position where they suspect a client, but the law firm does not. Or they could have made a report, but the law firm may not be aware, meaning potentially funds cannot be accessed while consent is awaited. The TPMA provider may not be able to discuss the position with the law firm. In some instances, law firms may find the services of the TPMA provider closed to the clients. Law firms who take on riskier work may also have difficulty working with a TPMA provider for this reason and it is worth considering your own risk profile and risk assessment when making management decisions about how you will provide services in the future, and to whom. Firms may also find the TPMA provider regulatory style and context slightly different given they are regulated by the FCA, which has its own requirements and suggestions for compliance with the Money Laundering Regulations. We have covered the regulatory position and enforcement actions that can be taken by the SRA in earlier Parts, and also touch on the subject again later in this Part of the book, but of course the TPMA provider, as regulated by the FCA, would be subject to different investigation and enforcement actions and potential consequences. We have covered the position of internal malicious intent in Part 3 and the possibility that fake law firms or fake purchasers of law firms exist. This is covered as part of establishing the perimeter of the law firm and ensuring the law firm’s ongoing security. There is the possibility that the TPMA provider could see suspicious movement from a solicitor firm within the accounts, and this may include on the 246

Money Laundering Reporting Officers and business governance part of one individual within that firm. Firms, as well as being alert and maintaining their own perimeter, may also consider the perspective another body can bring in the movement and maintenance of client accounting. The viewpoint of the other body may also ensure the accounts of the law firm have been considered and checked on a more frequent basis. Of course, this position may not just apply to TPMA providers, and may apply to any third party who is involved with banking or cashiering at the firm. Any person or body in the position of overseeing or handling client money may form their own suspicions, and can act as an important check and balance, both within and external to, the firm. We see in Part 7 of this book there are aspects of solicitor led TPMA provision which could get lost between the SRA and the FCA, and the two Ombudsman schemes that cover this area. It seems unlikely that the cross over between the parties in the Money Laundering Regulations will suffer the same fate given the potential criminal offences involved, which also attach to the individual employees and management directly.

Money Laundering Reporting Officers and business governance MLROs have complex tasks and they have to make an assessment of the likelihood of money laundering, sometimes in difficult situations. Their role is to make the decision as to whether to report, within the context of the situation and whether they are also suspicious. Their decision making is separate to that of the individual who made the first report. It is possible for the MLRO to decide not to report, and it might be quite common. Often, the MLRO role is used, not as a reporting or decision making role, but as an advice giving role across the business. We have seen the introduction of the parallel Money Laundering Compliance Officer role and this may assist in making a distinction going forward. MLROs are intended to be senior individuals within a firm, with access to all of the information and intelligence a firm might possess. Accordingly, the decision making of a MLRO might be different to a junior fee earner if the MLRO had access to management information about a client that altered a decision. The MLRO also may have more experience and knowledge of anti money laundering than their junior colleague. After all, the more senior person has likely been in a responsible position for longer, has more qualifications, and is likely to be trained to a level appropriate for a Money Laundering Reporting Officer within a firm. The MLRO position within the firm is intended as a firm nominated position with authority and oversight across the business. They are to review circumstances and reports and consider whether to make a report to the relevant agencies. The position arises under the Proceeds of Crime Act 2002 sections 330 and 331 and the Money Laundering Regulations 2017 regulation 21(3). The related MLCO role arises under The Money Laundering Regulations, regulation 21(1) (a). 247

Part 4  Legislation, Regulatory Outcomes, and Offences The MLRO is responsible for: •

Receiving reports (under the Proceeds of Crime Act 2002, section 330).

•

Reporting (under the Proceeds of Crime Act 2002, section 331).

•

Decision making (under the Proceeds of Crime Act 2002, section 331).

The MLRO may also be responsible for staff training. If we read section 330 of the Proceeds of Crime Act, it provides for the report to the nominated officer, and a defence if the individual has not received training. That training is stated to be deliverable by the ‘employer’ of the individual, but it might be taken by many firms to be that the ‘nominated officer’ is also responsible for arranging and managing that training and the section of the Act makes that connection. The Money Laundering Compliance Officer is a separate role and is responsible for: •

Firm wide compliance with the regulations, including policies and procedures (under the Money Laundering Regulations, Regulation 21(1) (a))

Returning to the MLRO, as a consequence of their position, Money Laundering Reporting Officers need to have: •

Unfettered access to information within the firm.

•

Authority and respect within the business.

•

Positional authority to make the decision (for example, within their job description).

•

Support of senior management and junior colleagues.

•

A  good understanding of the firm’s position in respect of AML, and the various risks the firm might face.

•

Oversight of the knowledge and understanding of AML within the business.

•

A  detailed understanding of the requirements for AML reporting, the consequences, and the risk areas that have been highlighted within their firm’s operating area of law.

There are a number of offences or parts of offences within the Money Laundering Regulations and the Proceeds of Crime Act that are associated with the role of the Money Laundering Reporting Officer. These include: •

Staff member requirement to report.

•

MLRO requirement to report.

•

Disclosures and tipping off.

•

Prejudicing an investigation.

•

Ensuring any attempt at an offence of concealing (327), arranging (328), or acquiring (329) the proceeds of crime is reported, thus preventing or curtailing those offences.

Their role is preventative and proactive; to prevent criminal offences, and proactively deal with them when they arise or might arise. We can draw a parallel to the ‘perimeter’ around the firm, that we have set out as a possible management approach earlier in this book. 248

Money Laundering Reporting Officers and business governance Therefore, the weight of the role of the MLRO can be a heavy one. Both the firm and the individual tasked with the role are likely to find themselves in a position where the individual needs gravitas within the business; the support of a number of departments; and inclusion in key decision making structures, both formally and informally. However, beyond the internal political positioning of the MLRO, their knowledge and experience in the subject is also essential.

The theory of the role of the MLRO The Money Laundering Reporting Officer and deputies have an important role to play in defending law firms from the risk of becoming involved in criminal activity. The role might involve: Instructing experts Acting upon advice Giving advice Seeking views of internal stakeholders

Seeking views where possible Keeping others informed when possible Exchanging information when possible Being proactive / available

Legal, compliance, risk and internal advice Working with others where possible

Reporting

MLRO Role

Providing support

Receiving reports Advising on reports Contacting the NCA Drafting SARs Requesting a consent defence

Assisting staff Dealing with clients Reallocating files Providing leadership Organising training

Firms, faced with important decisions about whether to report (and the consequences), are required to place this decision with one person. Their knowledge of the Regulations, legislation and reporting requirements should be excellent in order to occupy such a position. Indeed, training for MLROs is a requirement within the Money Laundering Regulations and an offence if not adhered to. What is less clear is the relationship between the Money Laundering Reporting Officer and the firm as a starting point. This is a relationship which can become a governance issue, with the centralisation of decision making in one person. It can see the MLRO at odds with the interests of the business. That is not to say that the business is in favour of money laundering, or would not report, but that sometimes the complexity, strict application, and number of offences within the statutes and Regulations leaves businesses in a defensive position. The MLRO has a tightrope to walk in terms of maintaining compliance with the requirements, and looking after the interests of the business, or being part of a governance structure that does so. In response, there has been some recognition by regulators and others of the governance challenges. The Legal Sector Affinity Group have confirmed that businesses should consider overall responsibility within their firms, and the senior management team are the most appropriate place for this to sit. We also see the introduction of a new function within the firm – the Money Laundering Compliance Officer; a person, who is responsible for compliance with AML within the business. 249

Part 4  Legislation, Regulatory Outcomes, and Offences This person is not discussed within the Regulations in detail, but is another example of a management level position which looks at AML in the firm. Of course, both the Compliance Officer and the Reporting Officer could be the same person in a small firm, but they may equally be different people, and the independence of the other person might add additional value through a new viewpoint. So potentially, we now have two people within the governance structure who are responsible for AML, alongside another two people who are responsible for legal services compliance. We have explored some of the functions of COLP and COFA earlier in the book, and the weight of compliance responsibility becomes clear. There can now potentially be four compliance focused people around the senior management table of a legal services firm, possibly skewing the direction of the decision making within the business. We cannot always say that compliance has a strategic direction to lend to the business. We could instead see that the business’s overarching commercial decision making, future direction, and financial position, could all be subject to compliance requirements, at the expense of overtly commercial and profit driven decision making. Of course, large businesses are often criticised for placing profit before ethical decisions. As the United Kingdom we may have made the democratic decision to place our compliance requirements and consumer or anti crime measures where they are. Businesses do have to comply with those requirements. The varying roles adopted by MLROs and others in AML in legal services, as well as attitudes towards compliance, can be evidence of a personal political position, which may also be apparent within businesses as a whole. The writer has written about this subject in other publications and training courses, examining the role of compliance as a political issue, which can be framed on the political spectrum. We could see the left wing as supporting the state intervention, including in the oversight of business, and the right wing as favouring market forces and less state intervention or regulation. Attitudes towards compliance vary dramatically within the legal services industry, and rather than seeing a negative attitude as one of non compliance (in the context of the requirement to co-operate with the regulator), the writer sees this as evidence of a particular political viewpoint. We all have the right to those views, and in fact some of those views (and their existence) might also be protected under the United Kingdom General Data Protection Regulation. Returning to the subject of the role of the MLRO, we do not have clear lines that clarify the extent perhaps of advice giving within the firm, nor of the relationship between the position of the firm and the position of the MLRO. We can see there needs to be some anti money laundering advice given within a firm for the statutes to work. This is likely to be about the operation of the Money Laundering Regulations, and the Proceeds of Crime Act. Firms may find themselves needing legal or compliance advice about: •

the extent of their compliance with the legal requirements;

•

the operation of the Acts in certain situations;

•

whether or not to make a report;

•

their actions on any file before and after reporting;

•

what to do in cases of non consent; 250

Money Laundering Reporting Officers and business governance •

how to approach the client and tipping off provisions;

•

how to conduct internal investigations; and

•

liaison with the authorities.

However these requirements for advice can equally apply to the individuals within the firm and the question can arise in any serious situation whether or not the firm and individual need separate legal advice. This could be complex for the firm and the individual and cause a serious issue for those employed within legal services who hold roles that could be impacted by money laundering or the money laundering regulatory and legal requirements. Whether or not individuals are fully aware of the implications for their role is difficult to say, but the increasing use of less qualified individuals within the sector, who are supervised by solicitors, may mean they are not. Risk and compliance support

Staff

Advice and support

MLRO

Liaison

National Crime Agency Consent

Legal advice

The MLRO or MLCO may have to take on this advice giving role, or supervise the staff if such a situation arose. This could cause issues for the firm if the MLRO or MLCO felt underprepared, and we have set out earlier in this Part, ideas for how the firm might tackle such issues in advance so they are ready. However, there can also be uses for external legal advice to generate new ideas; bring a new perspective; or provide assurance to the firm of an independent view. Sometimes this independence also calms down a situation and allows breathing space within a governance structure, which helps effective decisions to be made about the matters that have been advised on, and those which remain solely with the firm. Similarly, independent legal advice can also assist those who are in employment and who receive that advice either directly, or through the firm. This perspective, particularly from someone very experienced in this area, can assist in supporting the individual and clarifying the seriousness (or otherwise) of the situation. Employees of the firm may need separate legal advice to the firm themselves; and in some serious situations this can apply to the MLRO, as well as to individual employees. Firms may wish to consider how they might react in such circumstances. Either way, it is important to recognise that the process of reporting, preventing tipping off, and consent, is a rarely utilised process for some firms. If firms know their clients well and operate within set boundaries (which include a solid risk assessment of money laundering), they may rarely be in this situation, as they may successfully avoid this type of work. This means it is a procedure which needs supporting as it is implemented, and may need additional external legal assistance. 251

Part 4  Legislation, Regulatory Outcomes, and Offences

AML Review Plan For those starting in the MLRO, MLCO, compliance or related AML role, the weight of work to do can seem daunting. This AML Review Plan can help start your journey on the right path. References to the Regulations are to the Money Laundering Regulations 2017 (as amended). Take the time to prepare, and review your: Policies and procedures – Get yourself aligned with the Regulations and check you are up to date. Risk assessment –There are templates in this book. These could be simplified if you were a smaller firm as the requirement is always to consider the risk attached to your firm. Client due diligence – Are you completing this accurately? Does your risk assessment take account of PEPs, geographical risk, and the list of high risk situations in the Regulations? Are you asking for enhanced due diligence when you should be? Training – Train your staff on the Regulations and the Proceeds of Crime Act 2002. It’s a criminal offence if you don’t. Ensure they know where the high risk situations are in your firm and how to assess the risk of dealing with each customer, when to ask for more ID, and when not to. Nominated individuals – You must have at least one at Board/Management Committee level person who is a nominated individual, and it is possible to have another, who can be a less senior member of staff. The SRA will need to approve individuals under the Regulations (Regulation 26). Audit function: Consider whether you need one under regulation 21(c).

Compliance functions in AML There are new posts available under the Money Laundering Regulations, including Money Laundering Compliance Officer, alongside the Money Laundering Reporting Officer. The SRA must now be notified of these postholders and updated with details of any changes. Candidates for these posts will be screened, as will those holding positions relevant to financial crime. The SRA have not specified the nature of the screening but maintain memoranda of understanding with external organisations. The roles of the COLP and the COFA are fairly well defined as responsible for the professional conduct within the law firm, with the two roles sitting separately within the firm and looking after compliance with the Standards and Regulations, and Accounts Rules, respectively. The roles are drawn from the Solicitors Code of Conduct for Firms, point 9 and the Authorisation of Firms Rules, rule 8. The positions arise originally from the Legal Services Act 2007, sections 91 and 92. The positions of COLP and COFA are known as HOLP and HOFA in licensed conveyancer 252

Training and ABS firms, and also arise from the same section in the Legal Services Act 2007. This book seeks to dispel the myth that the role of finance and the COFA is smaller than that of general compliance and the COLP. There are many more functions and mechanisms of analysis that could fall within the function of the COFA, if we took a position that considered finance first, rather than legal services first. The business of the law firm is legal services and the COLP’s role fits more clearly within that core business which leads to their voice being the starting point. Turning the perception the other way around and starting with finance, can give us an unseen view of the firm, and clues as to the operation of files, funding, and financial performance, which may lead us to conclusions about the firm and its compliance, but reached in a different way. There are already roles of MLROs and MLCOs and this book does not seek to challenge those. We might say that there is an overlap between the roles of the MLRO and the COLP and COFA in the ethical and financial decision making that occurs within a firm in respect of anti money laundering policy, the risk design of the firm, the work taken on, and the financial limits of the firm. We can also see roles for the COLP and COFA in ensuring adherence to the rules of professional conduct if any suspicious behaviour arises. If we consider the two posts of COLP and COFA, we can also read into them a need to conduct file reviews or internal audits to make sure they are overseeing the position of the firm. There is an overlapping requirement to conduct audits (albeit independent), within the Money Laundering Regulations at regulation 21(1)(c). The various audits – COLP, COFA, AML, independent, internal, or external, could be combined into one or undertaken in ways which meet all of the requirements of the COLP, COFA, and MLRO/MLCO. However, as we can see from this book, there are a number of investigatory starting points for the Finance team and combining an audit based in finance with a legal audit or general compliance review, would give a lot for an auditor to undertake in one go. In such a situation you may need to split the audits to be undertaken at different times, and with different emphasis. The Money Laundering Regulations are obviously a separate set of legislative requirements to the Codes of Professional Conduct, the Accounts Rules, and the Standards and Regulations more generally. The Money Laundering Regulations have not been written with solicitors or licensed conveyancers directly in mind and apply to a wider range of businesses, not all of whom will have COLPs and COFAs or nominated individuals for compliance. This means there is an additional and slightly overlapping expectation on law firms. In considering the weight of compliance expectation we also have to consider the range of sources of compliance material that firms are expected to comply with, which goes beyond the SRA and CLC published material. The Legal Sector Affinity Guidance, which is lengthy, is a good example of the intense compliance position.

Training Both the Money Laundering Regulations and the Proceeds of Crime Act require staff to be trained to understand the relevant provisions, and how and when to make a report to their Money Laundering Reporting Officer. The extent of the training is detailed, and even more so for the MLRO and others with decision making 253

Part 4  Legislation, Regulatory Outcomes, and Offences responsibilities. Over the coming pages we consider how firms can implement this training in their firms, with options for training plans and schedules. There is also an alternative (simplified) training schedule for general compliance training available in Annex A to Part 5 of this book, as well as further ideas and suggestions for training plans within the case studies in Part 5. Of course, Part 6 of this book also contains a large amount of training and learning activities and you can build these in with your staff as well if you would like to. Serious Breaches has even more learning activities and CPD is also featured throughout that book. Two key recommendations the writer would make are to: 1.

consider the syllabus you would like to implement to meet the requirements in the legislation; and

2.

how this can be tailored to the staff groups and levels of knowledge and understanding you have within your firm.

Planning the content of your training can be done with an experienced AML trainer. Alternatively, you can ask them to deliver standard content; the design of which should be suitable for most levels. Staff are required to be trained on: •

The law related to anti money laundering – including terrorist financing and proliferation financing (regulation 24(1)(a)(i)).

•

How to spot transactions which indicate money laundering (regulation 24(1) (a)(i)).

•

The law related to personal data and anti money laundering.

The firm must also vet staff and train them according to their level (regulation 21). For some firms this will mean: •

making an assessment of individual staff or department capability;

•

making an assessment of organisational capability;

•

designing a training plan which addresses organisational and individual needs.

For small firms, for firms with a stricter budget, or for firms who would like to establish a broad baseline of understanding across the firm in AML, a standard approach to firm wide training could also be used instead of analysing training needs. It will be for the firm to decide how they might approach this type of training and learning and what they are seeking to achieve. Some firms might value the analysis that considering learning needs can bring and believe they will strongly benefit individually from a tailored approach in the long term. For other firms who are at different level of AML understanding in their firm, they may want a more standard approach which they can build on in the future. If you are approaching a trainer who has a standard AML package, ensure it meets your needs by discussing it with the trainer and asking which other firm types and sizes have received this training. You may also want to establish when it was last 254

Training updated, and what type of feedback they commonly receive. A  well-established trainer should be able to give you a good idea of who the training is designed for and how it is received by different staff groups or different types of firms. Returning to the organisational learning assessment, this requires an individual with a strong understanding of all levels of AML, and the ability to assess the gaps in knowledge across the organisation. The person responsible might be asking the following types of questions: •

What AML knowledge and skills do we need in the business?

•

What AML knowledge and skills do we already have?

•

How do we fill any gaps to ensure the business is fully informed?

•

How can I assess the effectiveness of that training?

•

How can I ensure the training is embedded within the organisation and the learning is carried forward?

•

Does this knowledge and these skill sets relate to any other part of the business, and can we match those lessons across to translatable learning in both areas?

These are complicated questions to ask. There are vast theories of organisational and personal learning about how we learn and what constitutes learning something to a point of competence. We have already covered that in some cases of AML concern, the business may need to use external legal advice. However, a good degree of knowledge may also need to be contained within the business before they can understand when to take that advice and what advice to take. If we can start planning to learn, as we can identify those gaps in understanding, what should be covered in the training, and think about a subsequent measure of the training success. It is important at this stage that we discuss briefly how people learn, and as a further point, how that learning can be measured. Again, these are subjects which are vast, with many years of empirical research behind them. We discuss forms of learning and a couple of ideas for learning assessment later in this section. We might start by saying that learning is not only done in a classroom; it can be on the job, informally with friends or family, outside of the workplace, and even from the comfort of our front room. Learning does not have to involve a textbook, or an exam; it might involve a discussion with a colleague about how to do something; watching a video on a related subject to broaden your understanding; or even simply the day-to-day operation of your job. It is very important to remember that experience counts, and every time we do something (whether that may be something new, or the same day-to-day task), we are likely to have learnt something, or if we are doing something similar to previously – we may have confirmed our knowledge and deepened our experience. Over time we see the expression of that experience as confidence, familiarity, and assurance. We may also see it as strong awareness of the immediate vicinity and touch points of that job role. Accordingly, you might ask what knowledge or experience do you have of certain AML tasks, or what knowledge and experience can you find within the firm? Are 255

Part 4  Legislation, Regulatory Outcomes, and Offences those people with that knowledge and experience in the right places or do we need different people to do certain job roles which encompass AML? The process of developing our organisational training might start with an assessment of what we need to know within the firm, related to money laundering, and there are examples of organisational learning needs analysis for different levels in Part 5. In terms of training, we can outline a very thorough set of training according to the level of the staff and the areas they work in. The writer proposes this would cover: Level 1 – Beginner level This level would look at the beginning points of AML, and would in effect, be a minimum level of knowledge for most junior staff within a law firm. The writer would usually advise that all law firm staff reach this level of knowledge or competence. This would include: •

A definition and basic understanding of money laundering (as laundering the proceeds of crime, and as different to the crime itself);

•

Some of the key indicators of money laundering, including those which are particularly pertinent to your law firm;

•

The role of checking client identity and the process in place in your firm;

•

The requirements of the UK GDPR and Data Protection Act 2018 and the basis for processing client due diligence related personal data;

•

The reporting process at a basic level – this being the requirement to report to the MLRO, how to do it, and the tests for suspicion.

Level 2 – Risk aware level This next level might be for staff who were particularly interested, and for all solicitors or staff of a similar grade or higher. That would include senior paralegals, CiLEX, licensed conveyancers, managers, supervisors or advisers, mid-senior level finance staff, and anyone else with any degree of responsibility for another person or who manages their own caseholding and who may need to understand particular risks on a file. This level would be combined with the beginner level, or taken later. This level would include: •

The contents of the firm’s risk assessment for money laundering, as it applies to their role. This may be their department’s part of the risk assessment;

•

The categories of risk within the Money Laundering Regulations 2017, including simplified due diligence, standard due diligence, and enhanced due diligence;

•

Particular areas of risk to note including politically exposed persons, sanctions, group structures, and high risk jurisdictions;

•

Receipts of source of funds and source of wealth;

•

The content of the supervisor’s assessment for money laundering. 256

Training Level 3 – Intermediate This level would cover the legislation within AML in more detail, and would be suitable for all compliance staff, and anyone who might be involved in the reporting process. You may also consider this suitable for departments with a high risk of money laundering. This level would in particular cover: •

The requirements of the Money Laundering Regulations and an understanding of the latest changes in supplemental legislation;

•

The offences in sections 327-333A;

•

The detail of the offences in relation to the reporting process;

•

The roles of the MLRO and MLCO and relevant reporting agency (such as the National Crime Agency);

•

Other criminal offences and where to report them;

•

Legal professional privilege;

•

Circumstances in which a report would be disclosable to the subject;

•

The processes for audit and checking of AML within your firm (noting the separate suggested session for intermediate finance, below).

You would usually teach this level with other lower levels in one or more training activities, to build on the knowledge in the lower levels. Level 3 – Intermediate finance and compliance This separate sub-level is particularly relevant to Finance staff, as the name suggests. It may also be suitable for those running their own case holding or supervising the same, and compliance staff would additionally find this material relevant. This level would be suitable for those in compliance, or working in, or with, Finance staff to undertake the additional investigations considered in Parts 1–3 of this book. This sub-level should be covered alongside the levels previously, and could cover: •

Receipts of source of funds (transaction finance) and source of wealth (client financial health);

•

Matching bank details to the client identity;

•

Changes in client details;

•

Unusual bank deposits;

•

Requests for payments to third parties;

•

Using a client account as a banking facility (Solicitors Accounts Rules);

•

Receipts of unknown origin connected to client matters;

•

Further investigations of the type specified in Parts 1-3 of this book.

This module may also cover checking client details on the other side of the transaction, and key indicators of financial fraud relevant to the areas of law the 257

Part 4  Legislation, Regulatory Outcomes, and Offences firm work in. For example, a conveyancing firm may cover indicators of mortgage fraud which may be relevant to the Finance team. Level 4 – Advanced This type of training should be undertaken by the MLRO, the MLCO, and any other decision making body or structure within the organisation. This training might cover all of the previous training, and the following: •

External supervisory risk assessments for AML as applicable to the firm overall, including national and international assessments;

•

The AML position (risk and potentially legislative content), of any country with which the firm regularly does business;

•

The reporting process in detail, including the contents of the forms required and the codes for reporting required by the NCA;

•

The case law, and the position on disclosure and liability;

•

Defences and exemptions to the offences in the Proceeds of Crime Act 2002, sections 327 – 331;

•

A detailed examination of the position on legal professional privilege;

•

Tipping off and prejudicing an investigation and associated offences;

•

Group and institutional disclosures;

•

A management level overview of the roles of the MLRO and MLCO, including their decision making and advice giving;

•

Staff training, learning and support in AML;

•

Exiting a client relationship;

•

Taking legal advice and protecting the organisation.

Level 4 – Advanced compliance This type of training could be sought for anyone in the MLCO role or dealing with the compliance of the organisation on a more general level. You could cover: •

Policies and procedures required by the organisation, including under the Money Laundering Regulations;

•

Auditing against those policies and procedures internally, and engaging external auditors;

•

Developing your internal risk assessment;

•

The differences between large and small law firms and different risk profiles, and how to assess risk accordingly;

•

Common AML scenarios and how to resolve them or design policies to overcome them;

•

New and emerging trends in AML – for example, at the moment, Bitcoin.

Again, any Compliance Officer or MLCO at this level may be expected to understand all the other levels as well, depending on the extent of their role. 258

Training Level 4 – Advanced legal This sub level would be suitable for internal counsel who was not occupying one of the other roles, but could also be undertaken by an MLRO or MLCO. This level is particularly concerned with the legal implications of the reporting process, beyond that covered by the Intermediate level. This level would be considered for anyone who is giving advice, and may also be required for the MLRO. In particular the following could be covered: •

Offences within the Money Laundering Regulations;

•

The prosecutions policy of the CPS, and regulators;

•

The defence of adequate consideration and implications for billing;

•

Relevant cases before the Solicitors Disciplinary Tribunal;

•

Prosecutions of solicitors and other professionals for AML before the criminal Courts, and the associated offences;

•

Exiting a client relationship without entering into an arrangement;

•

Unexplained wealth orders and confiscation processes;

•

When a client should seek representation by a criminal solicitor or barrister;

•

Contingency planning for the firm in such a situation.

Obviously, the operation of the roles of the Money Laundering Reporting Officer and those of the average multi department high street law firm are quite different from those with a specialist law practice in criminal law. This book is not about the detailed operation of the police investigation after a report has been made to the authorities, and we can see that in some cases a client if a transaction is stopped, or the client is found to have been laundering money, they would need new representation by a criminal solicitor rather than by a firm not specialising in crime. If for example, the firm has been engaged to complete a conveyance for a client, they would not then go on to represent that client if an unexplained wealth order was issued, however the firm may need to understand what one was in case such an event occurred. This book is concerned primarily with the procedural implementation and interpretation of the Money Laundering Regulations, the Solicitors Act 1974, and the Proceeds of Crime Act, but practitioners, including MLROs particularly interested in the operation of the criminal law in this area, could take their interest further through additional training and education.

Forms of learning and assessing learning As we have already specified, the types of learning method your firm could adopt to impart the information are many and varied. Solicitors no longer have to do formal CPD; instead they can reflect on their practice and decide what learning suits them. Of course, the learning requirement is prescribed by the Money Laundering Regulations and law firms and other regulated businesses have to provide training and learning in AML. 259

Part 4  Legislation, Regulatory Outcomes, and Offences You might decide that you would like this training and learning to be formal and structured, and this is a popular way to demonstrate that the training and learning has been undertaken. Obviously if the matter came to the attention of the regulator, they would be able to see clearly that the activities have been undertaken by the production of the certificate, for example. Formal training and learning is usually classroom based; sometimes with an exam. The design of the exam should be directly linked to the content of the course, with a pass mark which is appropriate to the level expected of the delegates and achievable by those learners, following that course. Do bear this in mind if you decide to set up your own internal course with an exam. Results at a lower or higher grade than expected require a review of the course and exam to consider these points. There are other forms of learning you may wish to consider, alongside structured ‘chalk and talk’ . You could consider ‘on the job learning’. This might be suitable if you had someone competent in a particular area who could supervise a learner to achieve certain goals – for example to successfully complete client due diligence, or to consider what AML policies and procedures were needed in the firm. If formally observed and recorded by the competent staff member, with feedback and repetition where necessary, this may lead the learner to a position of competence. This type of approach can be undertaken for a number of staff at the same time. The key thing is to record the learning and ensure you maintain ongoing records. You might also consider reflective learning statements or self assessment questionnaires. These can help you understand the level of knowledge staff are obtaining from simply doing their jobs on a day-to-day basis. Some learning may already be in place, for example staff who already know about the firm’s AML risk assessment from team meetings, or from reviewing it to consider due diligence outcomes. Appreciating that we learn on a day-to-day basis can be helpful when asking staff to complete reflective assessments. We can explain to staff that we want to record that everyday learning and be able to show it to other people; this can be followed up by asking them to complete a reflective statement or questionnaire after undertaking an AML task. This type of learning is different to supervised learning on the job as it is not supervised, but staff are still likely to learn from the law firm around them. Asking staff to complete a reflective review or questionnaire can be helpful in maintaining your AML training and learning records, and demonstrate what staff can learn themselves on the job. You can also ask staff to put together the training and learning in house, and this can help your internal education. To assist, there are exercises in Part 6 of this book which you can use at each level to ensure you and your team have met your learning objectives. There are also case studies at Part 5 which demonstrate the implementation of the multi level approach just outlined and show how you can use an assessment questionnaire to test the level of staff, and approach their training and learning accordingly.

Process maps – acquiring the proceeds of crime Earlier in this Part of the book, we considered the receipt of client money which had been tainted by money laundering and the scope of the offence of ’acquiring the proceeds of crime’ (under the Proceeds of Crime Act, section 329). 260

Process maps – acquiring the proceeds of crime We can note reasonable excuse as a defence and consider to what extent the firm need to have undertaken reasonable checks to ensure the money was free of suspicion. We can discuss what reasonable checks might mean – noting that the Money Laundering Regulations require ‘systems’ to be put in place to ensure the practice complies with its obligations. However, there are two observations to make about those requirements for systems: 1.

They are intended to be risk based, and there is a large emphasis on risk in the Money Laundering Regulations.

2.

Financial analysis only takes place or is specified in the sections that require source of funds (transaction finance) to be checked, or source of wealth (client financial health), including in the case of enhanced due diligence, and/or PEPs. We do not often check the actual source of funds matches the bank accounts used to send the money, or that our source of funds checks cover the exact amounts and monies used.

The end result is a comparative lack of checks taking place in the receipt of client money. This is particularly so in comparison to the structured checking that takes place for identity, which has the effect of categorising identity into different risk areas according to occupation and worldwide location. Clients also have to prove that identity. Client money could theoretically go through the same analysis and be graded or categorised according to how it has been acquired, where it came from, and the evidence to support those assertions. Similarly, the means of acquiring that finance could also be graded. At the moment, this level of analysis has not been added by those writing the regulations for money laundering, and this leaves something of a gap in the sophistication of risk based decision making available to law firms and others in receipt of client funds. We might see the Money Laundering Regulations as leading on to the Proceeds of Crime Act provisions in a process map, and if we plot the requirements for the acquisition of the proceeds of crime as client money on this map, we can see there is a gap in the requirement for analysis and discussion which leaves the recipient law firm with few options or solutions. Clients may also feel the same way, with the powers available to law enforcement fairly strict and stringent beyond a certain point, but with little in the way of warning or graded risk investigation. Of course, it is not for the state or law firms to necessarily warn clients of the consequences of laundering money unless they ask for that privileged advice, or appear to require it in some way. However, the writer is in favour of greater education about legal services for all members of British society, and that includes in the criminal offences that can be prosecuted and the consequences of individual actions. If we consider the process map from the Money Laundering Regulations to the Proceeds of Crime Act, we might see it as follows: 261

Part 4  Legislation, Regulatory Outcomes, and Offences

We can see the defence available to the law firm in the report being made in respect of the suspicion. However, the question might be raised about when the suspicion arose, and whether in fact it should have arisen earlier, leading the firm into possible questions over acquiring the funds into their client account and what steps they have taken to check them. The law firm can find themselves in a position where they are looking back at what they did and asking, ‘why didn’t we check this or notice this in the beginning?’ The risk based approach means they can be in compliance with the law at the earlier stage, but find themselves re-visiting, re-examining, and investigating this early decision making, when they are further through the transaction. We need to see this initial assessment as an important step in a proactive decision about whether or not to accept client money, rather than assuming that we will. Money Laundering Regulations: Identity and source of funds. No reason for suspicion This step falls into question

Receipt of client money

Reason for suspicion arises in transaction and report is made

Proceeds of Crime Act arises in offences for reporting, acquiring, arranging or concealing

For law enforcement to consider next steps

Firm falls into criminal offences and criminal defences in POCA

The process, in the undertaking of the transaction, and the receipt of client funds, can quite quickly becomes one of a criminal offence and available defence position. This can be the case even when it may seem on the face of the initial transaction that all is well, and that firm may have followed all steps required at the outset. The possible criminalisation of the position may implicate both the law firm in receiving the suspected proceeds of the crime, as well as the person providing the monies to the law firm. Given the test for suspicion is so low, you may also argue that criminalisation arises too early in respect of the client as well, and this is part of the difficulty in reporting suspicions. The next steps do not become any easier as further offences could be invoked in tipping off the client. However, putting this to one side, and focusing on the first steps of the transaction, might remove the need for any concern later within the process. 262

Process maps – acquiring the proceeds of crime We may need to see more detailed consideration of the following: •

How each tranche of money involved in a transaction has been generated. For example, if the client account receives £500 at the beginning of the transaction, and a further £1,000 later in the transaction, a firm could ask for proof of source of funds (transaction finance) for each individual deposit with them (whether directly into the client account, or in cash). Also, rather than understanding, for example, how the client makes their general income through bank statements, it may be possible to start asking clients to directly prove how individual client account transaction finance will be raised and once this has been verified, to keep this money separately in advance before each transaction with the law firm takes place.

•

Whether to extend a specific form of reliance to accountants and bookkeepers to certify sums being used in a transaction. This could be used as a safeguard against the risk of the use of businesses and those with complex income sources to launder money.

•

The overall lifestyle of the client and how this is funded and supported, beyond the income that is declared or being used for the transaction. This may be a consideration of source of wealth (client financial health), but the lifestyle of the client may be funded by a family member or another third party, and this could be checked as well to avoid participating in a wider position of money laundering (even if the individual legal transaction has not been impacted).

•

Communication of the requirements for financial checks to be made more widely known and available, including to clients. This may ensure potential clients have all of their documents in order before instructing a solicitor.

•

Consideration of current risk factors for identity and due diligence in developing greater risk assessment categories for the assessment of client account funds. These include:

•

–

location of the funds worldwide and their relationship to high risk countries;

–

whether any of the funds come from sources which are currently regulated for money laundering;

–

the use of strategic litigation (for example to take advantage of Bowman v Fels (2005)); and

–

funds received from corporate structures or trusts with concealed identity aspects.

Certified or bank copy statements provided by the bank, to prevent forgeries or altered copies being provided to the solicitor.

These types of further consideration could be built into the Regulations, along with a strategy to start to inform potential clients of the need to undergo financial checks. However there is nothing to prevent a firm from undertaking this type of analysis themselves in order to protect themselves, and an example client money risk assessment form is contained in Annex E to Part 3 of this book, which covers some of these points. 263

Part 4  Legislation, Regulatory Outcomes, and Offences We might see, instead of the current process, an additional step being added in, as a ‘gate’ for the receipt of client money. This might be a point at which the firm proactively signs off the new client and the receipt of client money and allows both into the firm. Prior to the point of sign off, the firm could possibly reject any client and any money that is sent in. Sign off could be undertaken by a senior person within the firm, who considers all aspects of AML, and even other compliance issues (such as conflict of interest), as well. Money Laundering Regulations: Identity and source of funds. No reason for suspicion

Receipt of client money

Reason for suspicion arises in transaction and report is made

Proceeds of Crime Act arises in offences for reporting, acquiring, arranging or concealing

For law enforcement to consider next steps

Of course, there is an issue with providing bank details to others. If client account details become well known to outsiders, that they may seek to use them and send monies to the client account. Those monies then get returned and it looks as if it is a legitimate transaction from a solicitor. At the moment, the only ways to prevent this are: •

to ask for funds not to be sent;

•

to restrict client account details;

•

to hold on to received funds pending consideration of whether such funds are suspicious as money laundering;

•

to use an outside service such as a TPMA, which does not have the same reputation as a law firm; or

•

to accept payment via a service such as Paypal, which allows you to return any sums you did not expect to receive. However, the use of Paypal does pose confidentiality issues for solicitors and licensed conveyancers.

Returning to the issue of the ‘gate’, we saw earlier in this section that the initial and legitimate enquiries of the law firm in asking questions about the transaction were not tipping off, provided there was no concern at the outset. However, if the law firm is concerned about the transaction at the early stage, it could trigger that concern more immediately. Putting in place a gate system would allow the firm to consider very deliberately whether they would accept client money in the circumstances presented. In some cases, firms could choose to use a separate form of a client account (possibly with a specific name) for money received pre-gate, which would assist the firm, and potentially the regulated community if questions were raised elsewhere about where the money came from when it was returned. Any situation in which the client did not pass the gate system could be referred to the MLRO for decision making as to whether it was reportable, or simply too high risk for the firm to accept. This may take account of the idea that some firms deliberately do not take on some high risk work. A ‘gate’ as an onboarding tool also has wider benefits for the firm as it potentially helps concentrate decision making about new clients or instructions, and the 264

Considering the whole transaction receipt of client money, into the hands of those who have particular expertise in anti money laundering. It also allows the process to be managed centrally, with more detailed governance and oversight. At the moment, the process is quite haphazard in some firms, with a greater emphasis being placed on the decision making of each department and their ability to generate new instructions, rather than on the standard or quality of the client instruction. This emphasis means the commercial presence of the firm is often placed before the consistency of the risk assessment in the transaction. While it may be rare to have a client who brings the firm into the position of invoking the defences in the Proceeds of Crime Act, the seriousness of the position if it does happen, and the requirement to have systems and procedures in place, may warrant the central oversight. Culturally, law firms generally expect each department to pull their own weight with client instructions and income and this may sometimes be seen as an expression of the personal practice of the individual solicitor. Consequently, there may be an issue with implementing such a procedure in some firms and across the industry there can be a resistance to going beyond what is absolutely necessary with clients, to avoid losing the client instruction. We may have some way to go, therefore, before such a gate is acceptable. However, a pragmatic and forward facing firm who were compliance conscious could implement such a requirement and may see the dividends in less AML work and less risk within the perimeter of the firm – a position that may also be appealing to an insurer. That secure perimeter position might also be quite attractive as a business partnership prospect to other commercial entities within the regulated sectors who have to demonstrate their own compliance to their own regulators.

Considering the whole transaction We saw earlier in this Part of the book that s330 of the Proceeds of Crime Act requires a report when the information comes into the possession of the individual in the course of their business. This means a wider consideration in reporting than simply the client relationship, and can be on the other side of the transaction as well. Solicitors may have fallen into the position of trusting the professional on the other side of the transaction, and may assume that the consistent standards of training and oversight and guidance from The Law Society, the SRA, and other regulators, means that all law firms or all lawyers (in very broad terms), will be taking those steps to identify their clients and ensure the client’s financial position is not tainted by the proceeds of crime. Unfortunately, no system of law firm policies and procedures is completely solid and there will always be ways to test such systems – particularly while the emphasis is placed squarely on a risk based interpretation of the Regulations. This means for those firms who perhaps lean into that risk based approach, they have a chance that some clients will pass through the initial due diligence we described earlier, but who are not genuine. The continued diligence of those on the other side of the transaction is necessary if we see that risk basis as being honoured in that way. Alternatively, we may see some firms who decide that they are going to take those additional measures to minimise risk. They may be risk averse firms – firms whose risk appetite is much lower than others, and who seek to lower their risk at every step of the process. They may also develop their own lists of firms who take a 265

Part 4  Legislation, Regulatory Outcomes, and Offences similar approach to theirs and underline what they are doing with very detailed and effective compliance. In taking this approach, and banding together with others that do the same, we could theoretically see the development of a ‘gold’ standard of AML compliance and checking, which could be achieved by some firms and relied upon by others. If we draw the process map out again that we saw in the previous pages, we see it occurring twice – once on each side of the transaction. We might then ask where in the process can we facilitate this exchange of information? We might ask whether we require a formal process in the Regulations to be added that allows the exchange of due diligence information to satisfy both sides that each other is genuine. Other regulated sectors may also be in the same position – banks, for example, might need to know before they receive funds (and of course they too can commit an offence by being in receipt of the proceeds of crime). The formal exchange of information and perhaps a requirement to do so would prevent both sides from being in receipt of the proceeds of crime, albeit for the ‘other side’ this might occur later in the process map we have drawn. We have seen the requirement in the Proceeds of Crime Act to report matters that occur during the course of business mirrored in the decisions in Dreamvar (2018) and Purrunsing (2016), where firms were found liable for the failings in client due diligence in other parts and on other sides of the transaction. In these cases, it may have been arguable that the transactions had the hallmarks or suspicions of being not quite right, but they continued anyway. A large effort has been made in recent years, and under the supervision of OPBAS, to ensure regulator risk assessments are implemented and made available to law firms. These risk assessments specify some of the concerns about fraud and other suspicious types of circumstances that can arise, and in some cases there are descriptions available or additional information by area of law. Firms are encouraged to consider these as part of their risk assessment, which we consider in more detail in Part 3.

Regulatory outcomes: making a distinction between regulation and law enforcement So far in this Part of the book, we have considered the legislation and criminal offences which form the basis of reporting and suspicion. The systems for reporting and suspicion operate alongside a system of regulatory enforcement which is separate and distinct from the criminal and law enforcement decision making which we have outlined earlier in this Part. The focus of the regulatory bodies has changed over the last ten years, and particularly with the advent of OPBAS. If we look back twenty years ago, to when the writer started working for the regulatory bodies, there were regulatory prosecutions for suspected money laundering, and for the misuse of client account. However, the regulatory guidance in these areas was different, and with a greater focus on ‘KYC’ – know your client. The regulatory bodies do receive concerns of situations that amount to, or are, suspected money laundering. In these cases, they liaise with the law enforcement authorities to consider the next steps. In some instances, law firms are intervened due to the associated Accounts Rules breaches, dishonesty, and/or criminal charges which are brought against those involved. 266

Regulatory outcomes: making a distinction between regulation and law enforcement In other cases, where the law enforcement concern is not sufficient to warrant prosecution, the regulator takes steps or action. Regulatory concerns might be raised by report direct to the regulator by any concerned party, or they may come via the reporting routes to the NCA discussed earlier in this Part of the book. In some cases, those reporting may not be aware that the concern is specifically about money laundering, or even is a breach of the Accounts Rules. Regulators receive reports from third parties (such as the other side), clients (via the Legal Ombudsman), other solicitors, the Court, and even concerned bystanders. The regulator has to consider how to approach each report and assess the risk it poses, perhaps in a similar way to law enforcement activity. They then make decisions about whether the matter can go forward and what information they might need. The regulator has a number of actions it can take if they are concerned about money laundering or breaches of the Accounts Rules. These include: •

Regulatory visits

•

Forensic accountancy inspections

•

Thematic reviews

•

Asking questions of the subject – this can include raising an allegation with the individual or firm concerned

•

Taking other steps to contact the firm

•

Gathering information from other sources

The SRA’s powers for regulatory investigations arise under the Solicitors Act 1974, sections 33A and 44B–44D. They also make their own disciplinary rules which govern those processes, currently known as the SRA  Regulatory and Disciplinary Procedure Rules 2019. The nature of the action may depend on the concern raised about the firm or the individual. More serious concerns warrant more serious action at an earlier stage. The regulator has to prove any allegation about the firm to the civil standard. This is a reduction from the sliding scale of proof which was used by the Solicitors Disciplinary Tribunal before this point – the sliding scale meaning that the more serious the allegation, the higher the standard of proof required. More information about this change is available in Serious Breaches. This previous standard of proof provides us with something of an explanation of the link between the level of seriousness and proof required before criminal prosecution is considered, and the point at which the regulator would take over. The difficulty with the new standard of proof is that serious allegations, with attendant serious consequences, are being prosecuted with limited proof. In some cases, the lack of information provides the answer – for example, where there are no accounts for a practice, which is a clear breach of the rules of professional conduct. However, in other cases, there could and are possibly likely to be enforcement mistakes and miscarriages of justice where the allegation is serious, but the proof available is low. The enforcement powers available to the SRA and CLC are outlined in Part 2, and further detail is available in Serious Breaches. 267

Part 4  Legislation, Regulatory Outcomes, and Offences However, the full range of powers is not often used by the CLC. The CLC have historically more frequently undertaken regulatory inspections as an alternative to regulatory prosecution and consequently there have been numerically less enforcement outcomes. The regulated community is significantly smaller and the impact of the regulator’s attention on such a small community could mean far more disproportionate regulatory enforcement outcomes for this section of the legal population. At the time of writing, there were signs this position was changing, but the CLC also face a more uncertain future due to the potential consolidation of the legal regulators for AML and into a single legal regulator. Due to their small size, they are unlikely to be chosen as the basis for either regulator. The enforcement power chosen, and the outcome of the matter varies according to the seriousness of the situation. If a concern is presented which is potential money laundering, with some credibility behind the allegation, the SRA may decide to take immediate action and there could be consideration of intervention of the firm, and suspension or strike off of the individuals. If the allegation is one of misappropriation of client money, again the action may be the same. However, if the allegation is one that the firm does not have the required risk assessments in place and has taken a cavalier attitude towards the Money Laundering Regulations, the outcome may be a rebuke or fine, if the impact was limited. The same may be true if the firm had breached the Accounts Rules, in an unintentional way, but had limited the damage by repaying any sums owed to the client account; the firm may receive a fine or rebuke. In some cases, Practising Certificate conditions may also be imposed on the firm or individual to prevent a repeat of the situation. There are indicative outcomes for the type and nature of the breach for SRA regulated firms, and these are available from the regulator’s website. Within the breaches just described, we also have to take account of persistent or repeated breaches, as well as the intent and motivation of the individual. We have assumed that the individual or firm have not had this occurrence before, or that when the occurrence happened it was not deliberate. In cases where the intent is to breach the rules; to gain a dishonest advantage; commit a criminal offence; or the action is taken maliciously; the regulator views the situation more seriously. Of course, we have also considered impact earlier in this Part of the book, and the position of those that have been affected is relevant – if the action has caused a particularly large impact, the regulator may get involved, or if those affected are vulnerable in any way, there can also be a cause for regulatory prosecution. The nature of the breach is also relevant to the regulatory prosecution. What in some circumstances is seen as being a ‘remedy’ can also be something of an enforcement action. The position of Practising Certificate conditions occupies this space and are sometimes referred to as being a ‘regulatory’ solution rather than a prosecution act, in that imposing the Practising Certificate condition is intended to control the situation and allow the practice to continue. An example is the imposition of a training outcome on the Practising Certificate when the regulator believes that the solicitor concerned would benefit from the additional training in order to manage a specific risk posed by their current level of knowledge or skill. The outcome might be considered low level in comparison to some of the other regulatory outcomes available, but it takes steps to solve the problem with the firm or individual solicitor. 268

Regulatory outcomes: making a distinction between regulation and law enforcement We explore these differences in types of situations and regulatory outcomes in Serious Breaches, as well as examining the different levels of regulatory enforcement action available and possible or likely, and the importance of solicitor and society perceptions of the seriousness of breaches. We also take a detailed look at the outcomes related to Practising Certificate conditions. In the positions we have seen earlier in this Part of the book, for example the receipt of client monies into client account, where they have been tainted by the proceeds of crime, there may not be a direct regulatory requirement to report to the regulator unless a rule of professional conduct has also been broken. If the law firm are in compliance with the law in respect of the handling of the suspected proceeds of crime, they may not have breached any of the Accounts Rules, or the rules of professional conduct. Breaches of the rules of professional conduct are likely to occur if individuals or firms are complicit in money laundering, turn a blind eye, or fail to report to their suspicions. As we saw in Part 1, the Accounts Rules set out the system for handling client money, including how the firm should be organised and how their systems, procedures, and controls should be set up. The system is prescriptive and does not allow deviation or much interpretation. There are therefore more likely to be breaches of these prescriptive rules if money has been moved inappropriately, or a procedure has not been followed. If the procedures and the law have been followed correctly, but the money is the proceeds of crime (which is entirely possible), the breaches (if any) may arise in the Principles or Codes of Conduct rather than the Accounts Rules. In most cases, the outcomes of the decisions taken by the regulator are also published. They are available on the regulator’s website for a set amount of time, and are searchable by name. This action is taken by the regulator both as a deterrent, but also as a means of ensuring the transparency of their decisions. The regulatory enforcement powers available are extensive and range from suitability for minor breaches, through to serious issues of criminality that warrant major attention. The SRA spend a significant amount of money in investigating the issues and in closing down practices which have been impacted by dishonesty and criminal actions. In the writer’s experience, the SRA receive more concerns about the Accounts Rules than they do about suspected or actual money laundering. We might see the role of law enforcement play a part here, and they obviously take on some of the work. The regulator’s role with the Accounts Rules is to provide a more frontline service and in Serious Breaches we explore the link between minor breaches through to major breaches and their linked criminal offences. In this book, we have a different starting point: looking at policies and procedures, the criminalisation of handling certain types of client money, and the point at which that offence occurs. The Accounts Rules, however, do more clearly span the provisions of regulatory enforcement action than suspected or actual money laundering, and the SRA have a greater role to play in enforcing their breach, with a large number of the serious breaches going to the Tribunal. Of course, misappropriation from the client account is also theft, and in some cases there have been dual regulatory and criminal prosecutions, as there are sometimes in money laundering cases. 269

Part 4  Legislation, Regulatory Outcomes, and Offences The message might be that the first port of call in suspected money laundering is law enforcement, and this is covered by an Act of Parliament. Regulatory issues are dealt with separately before a separate Tribunal, and this usually includes breaches of the Accounts Rules and breaches for dishonesty or lack of integrity. The legislation clearly ensures the professions cannot carry on or legitimise money laundering as a group without being subject to law enforcement and state oversight, through the report to the law enforcement agency. Solicitors occupy an important constitutional position. Their regulation and representation is part of the fabric of the state; their position requires their independence, which is achieved through separate regulatory outcomes, but they also require a safeguard against being undermined by those who launder money.

Conclusion The Money Laundering Regulations have been written in response to underlying developments in the European Union and elsewhere in the world over a number of years. They sit alongside a statute which criminalises a number of actions in handling and receiving the proceeds of crime. The risk basis and regulatory style of the Money Laundering Regulations is in contrast to the severe criminal offences that can arise very quickly if the Regulations are not adhered to or interpreted in the right way. This mismatch in the legislation and Regulations causes particular problems for the receipt of client money and the offence of acquisition of the proceeds of crime. Of course, law firms are advised to then make the report and rely on that as their defence to prosecution, but the risk basis of the Regulations as a starting point means some transactions will get through. Unfortunately this means firm decision making at the beginning of a transaction, or pressure from a client part way through a transaction, could be called into question later if issues are raised about how the transaction is conducted. Firms reliant on the wording and risk based approach could find the adequacy of their decision making challenged. We have explored in this Part of the book the question of how the client onboarding and reporting process works and whether firms need to do or demonstrate more compliance awareness or more detailed systems for checking financial issues at the earlier stage of the transaction. Law firms are different to some of the other types of firms that are regulated for anti money laundering, and the risk of the client account in itself may need to be taken into account when measuring the law firm’s adherence to the Regulations. We might be able to say that the client account causes such a risk within the transaction, both to the position of the firm, and to the risk of the transaction overall, that much greater consideration needs to be given to the receipt of client money at the very opening part of any legal transaction – necessitating more in the way of compliance systems, and less of a reliance on a risk based approach.

270

Part 5

Case Studies

Contents Introduction272 Case study 1 – Finance policies 273 Scenario273 Commentary273 Solution274 Sample wording 275 Case study 2: AML identity checking – natural persons 278 Scenario278 Commentary278 Solution279 Case study 3: AML identity checking – commercial clients 279 Scenario279 Commentary280 Solution281 Case study 4: risk assessments 284 Scenario284 Commentary284 Solution – written risk assessment 290 Solution – tabular risk assessment 298 Commentary305 Matrix risk assessment 306 Solution – Mitigated matrix risk assessment 307 Case study 5: transactional risk assessments. 309 Commentary309 Solution313 Case study 6: Finance team information 315 Commentary315 Solution – Client account form 319 Case study 7: AML training 322 Scenario322 Commentary323 Commentary: proposed training plans 326 Commentary: training and learning needs assessments 329 Solution332 Annex A: Sample Compliance Learning and Development Plan 333 Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons 337

271

Part 5  Case Studies

Introduction This Part of the book focuses on practical solutions to the issues we have covered so far. We look at how to implement the requirements of the Money Laundering Regulations 2017 and the Proceeds of Crime Act (2002) (POCA), in ways drawn from the writer’s experience. The case studies in this section are all fictional. They offer sample forms, policies, and risk assessments, that you can use as a basis for work in your own firm. The case studies are intended to demonstrate some of the problems and issues that arise in practice and how policies, procedures, and proactive compliance can be used to deal with some of those issues. Towards the end of this section there are learning needs assessments for different roles in anti money laundering (AML). These last sets of suggested solutions can also be used with the training and development plans available in this section, and in Part 4, and with the continuous professional development materials in Part 6. As with all sample or template forms, plans, or policies and procedures, you have to ensure they are fit for purpose within your own law firm. This remains your own responsibility, as does the maintenance of them, and their implementation. You may find your risk profile is different to that of another firm. This can place the emphasis of the policies and procedures in a different way. Do take the time to consider where your firm lies on the implementation of AML and the risks you face. Your individual firm risk should be reflected in your office manual and what is provided here should not be used without considering your own practice, and your specific requirements. The templates here should be amended and adjusted to meet your individual needs. The provision of forms and templates is not intended to provide advice to the reader, but is intended to simplify a complex and sometimes time consuming subject. Equally, if you already have policies, procedures, and forms which are working well, you might use this section for inspiration and new ideas to take back to your own firm. We all benefit from understanding how other similar businesses operate and the templates here are numerous. You might want to look for new solutions to a particular problem you are facing, and this is also an excellent use of this Part of the book. In any event, the templates provided here are subject to copyright. They are for individuals and firms to use within their own law firms only and should not be used commercially or in competition with the writer. We can all imagine the dusty office manual in the corner of the office, taking up space on a shelf, and that is very little used. There are also ideas in this section for bringing to life your office manual and the policies and procedures within it. Again, these ideas are not for everyone, but do try to take the time to consider the ways in which you can communicate the principles of the Accounts Rules and AML across the board within your law firm. Communication skills are vital in the delivery of your message. Engaging staff in the learning process, or communicating that AML, financial probity, and Accounts Rules compliance is important to your law firm, can work wonders for instilling values and expectations amongst your staff members. Simply leaving the office manual in the corner of the room is not going to achieve this goal. Accordingly, take the ideas expressed here as proactive mechanisms to communicate with your staff, and develop their practical and personal understanding of the ethical and procedural requirements of the Accounts Rules and AML, and their importance within your firm. 272

Case study 1 – Finance policies

Case study 1 – Finance policies We have seen already in this book that there are a number of ways to use the Solicitors Accounts Rules to develop first a clear policy that defines our expectations as to the holding of client money, and secondly, that allows the COFA (or other finance staff), to investigate the handling of client money. This case study considers those points, with sample procedures. It links compliance with the Accounts Rules to anti money laundering requirements, and to human resources.

Scenario Fictional law firm Diamond Acorn LLP have complied with the Accounts Rules for many years, primarily by keeping things simple. They have one client account, and one office account, and they reconcile daily. Their firm turnover is £500,000 per year and they have four small but agile litigation focused departments, each headed by a partner who has an equity stake and who brings in a similar level of fees. Their departments are in Personal Injury, Employment, Family, and Litigation. Although a small firm, they are well respected, and the ethos of the firm has been firmly placed as high quality. Their family law department has recently won a large and unusual case for a wealthy individual, which has attracted a lot of attention and publicity, and that department is expanding under the leadership of its dynamic and well educated partner. The COFA and the Finance Assistant have noted the growth in income in this particular department, and the projected growth for the future. The firm will need to handle the client monies from this department, and there could be a question as to whether the partner will leave to start their own firm or whether the firm will be divided in some way in recognition of the family partner’s success. In any event, the firm expect to hold a considerable amount more money, and not just in family law; as time passes the firm start to see a major increase in instructions across all departments as word of mouth spreads about their quality work. The firm realise they will need to recruit to meet demand, and that their previous small and bespoke service will need to become more procedure driven or standardised to deliver the required level of compliance. The introduction of the new Accounts Rules under the Standards and Regulations has also caused the COFA some concern, and the partnership decide to review their mechanisms for holding client money, to ensure the partnership is protected, and new recruits do not seek to hold monies outside of the client account. The COFA also decides that in order to have oversight and meet the requirements of the role, someone will need to investigate the accounts on a more regular basis.

Commentary In this scenario, we are seeing the shift of a bespoke arrangement in a small firm, change up a gear and meet demand. The difficulty with an increase in instructions and a step change in the size of the firm can be in monitoring the client account and the files to ensure compliance with the Accounts Rules and the requirements 273

Part 5  Case Studies in anti money laundering. It becomes objectively far more complex to monitor the files and the client account in a larger firm by adopting an individual file review approach and the firm need to re-set their procedures so they can oversee the firm’s incoming and ongoing work, to ensure effective management. Smaller firms can find that with a proactive COLP or COFA (or both), they can maintain compliance through the COLP or COFA’s day-to-day activities, including oversight of the monies coming into the client account, and in regular financial file reviews. However, in a larger firm, greater procedural controls need to be in place to ensure the monies the firm is receiving are checked, the monies going out are verified, and that individual matters are conducted compliantly. It is unlikely that one person, however competent, can do this on a large scale, so procedurally, the firm need to consider the risk posed by the instructions, incoming and outgoing monies, and the movement of monies within the file or between matters, as well as the client identity and other AML risk factors. These approaches can all be standardised in cases where the firm are receiving mass scale instructions and need to find a way to ensure staff do the same thing across the board. There is also a need to ensure the firm achieve buy in with their approach, and that the new ways of working are adopted by the firm. In this case, we might assume the changes would be fairly easily adopted, because the firm will recruit new staff and can impose the new policies and procedures upon them, allowing them to find their ways of working with the new methods. However, commitment would also need to be sought from the partners and existing staff to the vision for the future.

Solution The firm adopt a number of solutions. These include standardising payments where possible in each department, through fixed fees for minor work and specified agreed disbursement providers with set costs. The firm also decide to introduce more formal policies and procedures to ensure the input and output of the client and office accounts, and in fact any financial activity, has been checked on the files. The files, ledgers, and bank statements will be subject to spot checks and sampling thereafter in the form of financial file reviews, and external (client and other) relationship reviews. The firm introduce: •

An extended due diligence policy, covering monies received, ensuring that client due diligence or equivalent risk based checks have been conducted on monies received into the firm, whether these be client monies or office monies. This policy sits alongside their enhanced due diligence policy and forms a part of the checks required for enhanced due diligence, as well as applying in other circumstances.

•

A formalised policy for financial file reviews, specifying what will be checked and when, including a review of all transfers between client and office account.

•

A ‘monies out’ policy covering client billing, sign offs of the amount to be billed and when, and the circumstances in which monies would be paid out of office account and out of client account. This policy also covers scheduling file financial reviews to check the client due diligence of who will be receiving the monies; verifying the monies against the file; and in cases of the monies 274

Case study 1 – Finance policies being paid from office, ensuring the business relationship and reasons for the payment. •

A ‘client money’ policy, defining their firm’s expectations for what meets the definition of client monies, and what meets the definition of office monies. Specifying who holds the client money is also part of the solution, with the firm limiting the circumstances in which it would be held outside the client account, and vetting each of these circumstances through the MLCO, MLRO, or COFA, accordingly.

•

Disciplinary action for failure to adhere to the firm’s policies and procedures, and this is implemented within the Human Resources section of the office manual.

To introduce these policies firm wide, the firm decide to train the new staff in the new ways of working, leading those job roles into completing the new forms of file reviews and overarching checks, as part of wider job roles also supporting the growth of the firm. Existing staff are also trained, but their job roles do not change as the firm also retains their previous individual file reviews, and some pre-existing detailed ways of working. To achieve buy in at partner level, the firm decide to re-iterate their shared commitment and vision to quality output. As a group, management articulate the reputational impact of compliance concerns. This leads to a firm wide vision of overarching and shared management compliance decisions made between all partners. The transition to new ways of working is not managed in a project format, but the COFA forward plans the projections for income. As a result, the new policies and procedures are introduced within six months, with all staff being given a start date. A  staff celebration is held on this date. Staff are encouraged to proactively find solutions to any problems with the new procedures that have not been foreseen. Any formal difficulties are referred to the management structure for resolution, and proactive work through with the staff. A further celebration of success is held one year later.

Sample wording Extended due diligence policy ‘This firm adopts an extended due diligence policy which also covers additional checks on client money. Our extended due diligence policy sits alongside our policy for enhanced due diligence and is part of the processes we implement to meet the requirements for additional checks on a transaction. However, we may conduct extended due diligence in situations beyond enhanced due diligence, and detail of the circumstances in which this policy applies are set out below. As a firm, we need to be alert to the requirements in the Money Laundering Regulations to: •

conduct enhanced due diligence on some transactions, including for PEPs, high risk jurisdictions, and other positions of high risk; 275

Part 5  Case Studies

•

obtain information about transaction finance in some cases – usually where we will receive a large amount of money into client account;

•

form an effective risk profile of our clients, and monitor risk throughout a transaction.

As a result, we require you to complete the Transaction Finance and Client Financial Health Risk Assessment [in Annex E, at the end of Part 3], in the following circumstances: •

all deposits above £[insert amount] into client account;

•

all transactions above £[insert amount] either in transaction worth, or overall position worth, regardless of whether this money is received into client account, and in such cases, the form should be completed to the best of your ability;

•

all files attracting enhanced due diligence;

•

any other file or external relationship where you are asked to do so by the management team, and this may include matters related to office monies.’

Policy for COFA (financial) file reviews The following wording can be added to any finance manual, if suitable:

‘It is important for the firm to understand the movement of client money and how it is utilised. As a firm we must comply with the Solicitors Accounts Rules. Consequently, in addition to reconciliations, we will conduct regular reviews of the accounts, monitoring individual files, ledgers, bank statements, and the overall accounts. We will use the financial file review available at [insert where, but here available at Annex D, at the end of Part 3] to review [insert number] of files per month. We will also regularly [weekly] review: •

The client matter listing

•

The client bank statement

•

Client to client transfers

•

Client to office transfers

•

Cash receipts

• Cheques •

Uncleared sums on the reconciliation

We will consider any sums, and client or other details (or overall entries) which are unusual or require action. We will also take a spot check of files to double check that transfers between clients, or to office, which have been made, were required. Finally, spot checks will also be undertaken to ensure matters have their own ledger. Staff are reminded of their obligations to keep client money safe.’ 276

Case study 1 – Finance policies

Monies out policy

‘It is the policy of this firm to consider carefully all monies paid out of client account or between client ledgers to ensure they are genuine, and do not cause concern. Accordingly: •

Bills on files will be standardised where possible, with fixed fees being charged for minor work and only approved disbursement providers used within our terms of agreement with them.

•

Bills can only be raised for sums due on individual client matters with the authority of the partner supervising your department.

•

This firm does not bill in advance.

•

This firm does not remove money from the client account unless: –

a bill is due for work and disbursements incurred;

–

a refund is due to the client;

– a payment has to be made on behalf of the client which is a proper part of a legal transaction. Payments out and bills should be signed by your supervising partner. This firm maintains a list of payees (such as HMRC), and will ask you to ensure you have considered whether due diligence should be undertaken on the person other side, and whether we have verified the bank details of those receiving the sums. This is part of the Transaction Finance and Client Financial Health Risk Assessment [in Annex E, at the end of Part 3], which you may have been asked to complete. In each case, you may be asked to verify the payment against the file, and client instructions. File reviews will be undertaken against the sums billed and incurred against client and office account, in accordance with our COFA (financial) file review policy. Additional monthly spot checks of monies paid out of client and office will be made by the Finance team, to verify the payment details and reasons for the payment against the file and other information available. Instructions for payments from office account should be made by a partner, and a review will be undertaken of the relationship, recipient, and reasons for payment.’

Client money policy This wording can be inserted into any finance manual, where suitable. Firms may also wish to note that the firm could adopt a different approach, and changes to the definition of client money have been made by the SRA. Further information about the changes to the definition of client money is available in Part 1 of this book. 277

Part 5  Case Studies

‘This firm adopts the policy that all money received into the firm from clients is client money. This money should be placed into the client account. Please deposit cash with the Finance team for banking into the client account. Monies cannot be held outside the client account or elsewhere; we keep all client money in the client account. Money for costs and disbursements must first be placed into the client account before billing, and bills can only be raised once work has been completed.’

Human Resources ‘This firm adopts strict policies for the use of client account and receipt of client money. Failure to follow these procedures will be a disciplinary matter.’

Case study 2: AML identity checking – natural persons Scenario Two fictional solicitors, Mr Glason and Ms Reddy, are starting a new firm, Glason Reddy. They are going to exclusively conduct conveyancing, which is within scope of the Money Laundering Regulations. They will be operating a client account, and are searching for the right COFA to join them in a role they are creating. The COFA will design the financial systems for the firm. At the moment, Mr Glason and Ms Reddy are putting together their application for approval by the regulator. They decide to design an AML and identity checking procedure that will meet the requirements of the Money Laundering Regulations 2017 (as amended). Mr Glason and Ms Reddy in the beginning decide to focus on client due diligence and identity checking for individual (personal, non commercial) clients.

Commentary Having an extended, financially focused, due diligence procedure is not a requirement of the Regulations, but it is an option for Glason Reddy in the future if the COFA decides to implement that type of procedure. For now, Glason Reddy simply need an AML policy which meets the requirements of the Regulations, and of course all firms can adopt this approach with a policy which covers the appropriate obligations at the relevant stages of the transaction. To fully meet the regulatory requirements, firms may also need to add: •

A risk assessment and departmental risk assessments (which are covered later in these case studies and also in Part 3 of this book, with templates available).

•

A mechanism for reporting, and this might include reporting forms to report to the MLRO, and feedback forms for the giving of advice to staff from the MLRO. Using these forms also makes it easy to keep a record of your ongoing 278

Case study 3: AML identity checking – commercial clients compliance and tailor any training to staff as necessary. Sample forms are available in the annexes to Part 2 of this book. •

Job descriptions for the COLP, COFA, MLRO and MLCO and any deputies.

•

An AML training policy for the firm (some of which is covered later in these case studies and is also included in Part 4).

•

Any other financial policies the firm might require, and of course these will be designed by the COFA in the case of Glason Reddy, but firms reading this may want to implement their own.

Asking staff to adopt any process or procedure can be difficult, as it creates a set pattern of behaviour which may or may not be efficient or welcome. Sometimes staff can be negative about policies and procedures that are quite rigid, but in AML there is not a choice; it is a criminal offence if not adhered to and we must comply for a good reason. In this situation, Glason Reddy need to consider how they will communicate the policy with new staff and with clients. We cover communication with staff in the next case study, along with ideas for solutions, including in visual, audio, and televisual media.

Solution The firm decide to design an AML and client identity checking policy for natural persons which meets the requirements of the regulators. This is contained at Annex B to this Part of the book. The firm complete the section on enhanced due diligence themselves, and firms adopting this procedure will also need to consider their enhanced due diligence. The firm also decide they need to communicate their policy effectively with their new staff and clients, and record their own audio to play: •

to staff as part of their induction when they join, and

•

to clients as part of their client onboarding service.

The script for this audio is featured under Case study 3.

Case study 3: AML identity checking – commercial clients Scenario Glason Reddy are still producing their application and office manual. They move on to produce a business plan, and start looking at their intended client base. They intend to target clients from within their local area, primarily within a fifty mile radius. They are based in a local town centre and will look for passing trade, advertise in the local press, and accept referrals from local estate agents. Both partners of Glason Reddy come from other firms further away, but have decided to ‘meet in the middle’ and open their firm in a town with limited legal services delivery. In writing the business plan, the partners realise they would also like to attract commercial clients as they may need the income. The partners look into how to market their services to these clients operating in their area and consider 279

Part 5  Case Studies a specific marketing budget for this purpose. They decide to add an additional section to their AML policy which covers commercial clients.

Commentary In this situation, Glason Reddy do not have to create a specific policy for dealing with commercial clients, however they could if they wanted to. Glason Reddy can choose to amend and add to their existing policy with text in areas that would suit, or even a section covering commercial clients specifically. Alternatively, they could produce a brand new policy covering the specific risks and challenges in AML and due diligence when dealing with businesses. Firms who do a lot of work with commercial businesses may find a separate policy to be the most suitable approach. It allows the firm to differentiate between the types of work that the firm might bring in, however, you may also find that it is another policy to add to the large office manual. If you are concerned about the mechanisms you have for communication, you might try a colour coded graphic for staff, covering the identification you will and won’t accept for each different type of client, along with the supplemental information that may be required, for example in identifying the source of funds (transaction finance). You might also find this is the most effective shorthand way to communicate your identification procedures to clients as well. Of course, you can also create your own televisual and audio solutions to offer to clients, and within the firm. This can be helpful in explaining how and why you check client identity and what it is you are looking for. You can record these yourself using your own camera on your computer, or using a microphone and a voice recording application. There is an example script within this Case study. Having a script can help you feel confident about what to say – or of course you can record your own. The benefits to creating your own visual, televisual, and audio solutions include: •

Using your own voice, or image, or one that represents the firm – providing a personal message.

•

Tailoring the message to your client base, ensuring that you provide the service the client requires. This can be due to client vulnerability, disability, or because your client base is elderly, for example. You might then have particular needs that you would like to address in your messages.

•

Ensuring you are providing the best possible service to your client. Some client care requirements mean the information provided to the client at the start of the retainer is very long and providing information in another format is another solution.

•

Tailoring your message to staff, for example you could consider what you would want your staff to understand about client onboarding and how it works in your firm.

•

Embracing modern technology. Your audio and visual files could be popular with some client and staff groups.

A sample script is provided at the end of this Case study. 280

Case study 3: AML identity checking – commercial clients

Solution Glason Reddy implement a new standalone AML policy for their commercial clients. They also decide to look at how best to communicate their AML message to their clients, both the individual personal clients, and their corporate clients. Glason Reddy decide to record separate audio messages for their individual clients and for their corporate clients; making a distinction between the two groups. They start by creating a script for their personal clients, which is provided in the template at the end of this Case study. They also decide they can use this to assist with explaining the AML procedure to new staff, and add an additional few words to the beginning of the script for the staff version.

Commercial client AML policy The following wording can be used as part of a wider AML policy or alongside it to discuss specific provision for commercial clients operating from corporate structures.

‘This firm accepts commercial clients as part of its usual business. For AML purposes we must check identity and source of funds in the same way as we should for individual clients. We simply have to remember that we are dealing with a commercial business and not a personal client. As a result, we will ask the client to produce evidence of their identity and address. Evidence of identity and address we will accept includes: •

Certificate of incorporation (for identity).

•

Registration on a professional register as a business (for identity and address if appropriate).

•

Bank statements, utilities, or council bills addressed to the business (for identity and address).

•

Company accounts signed by an individual we are dealing with (for identity and address).

One document for identity should be produced, and a separate one for address. A certificate of incorporation should always be asked for if dealing with incorporated companies. The business should be able to prove both their identity and their address through such means. We will verify the identity and address of the business through e-verification searches and where appropriate by checking the register at Companies House. We will check the company appears on the correct register with the correct details, and we will verify that we understand the position of the listed persons on the PSC register. Mistakes on any register should be notified to the MLRO for reporting to Companies House, where necessary. We will also ask for: 281

Part 5  Case Studies

•

Confirmation of instructing organisation name, registration number, and details of legal ownership.

•

Confirmation of beneficial ownership (which is covered later).

•

The full names of the members of the Board or equivalent.

•

An internal organogram, showing job roles.

•

An explanation of the group structure and group structure diagram (if appropriate).

•

Details about the business undertaken, which offices it uses, and where they are based.

The person providing instructions should be authorised by the business to do so. They should be asked to provide both their personal identification documents and confirmation from the senior management team of the business that they are authorised to undertake this transaction. The personal identity documents we accept are the same as those listed for individuals in our standard AML policy and these will be sought for any individual we deal with. We will confirm personal identity through e-verification. We should also check beneficial ownership of the business. We can usually confirm this information through the PSC register, but we will also seek it from the business themselves and ask them to provide management or corporate evidence. We will also accept confirmation of beneficial ownership from another person or firm regulated to the same standard as us (for example another solicitor). The beneficial owner should be asked to provide identity documents where possible, and these can either be the same as for natural persons or for commercial bodies as outlined earlier. If for any reason we cannot establish beneficial ownership, we will discuss this situation with the MLRO or MLCO and consider accepting identity documentation from the person(s) managing the business. Please refer to the AML policy for natural persons [example provided at Annex B to this Part of the book] for further information about: •

identification for individuals

•

red flags

•

high risk jurisdictions and sanctions

• reporting • intermediaries •

matter risk assessments and repeating due diligence, and

• PEPs. At the present time, we do not accept instructions from overseas commercial clients, but should this change, we will also seek to understand which country’s laws govern the body and we will consider the Register of Overseas Entities. We also do not accept instructions from those in regulated markets, or trusts, societies, charities, or foundations.’ 282

Case study 3: AML identity checking – commercial clients

Audio or video script There are two scripts here; one for clients and one for staff. The staff message should include the message for clients. The message for clients should be recorded a second time – alone, and without the message for staff. You can record these messages as audio or video files. [For staff:] ‘Hello and welcome to [insert name of law firm]. As a law firm we are required to check client identity, address, and financial information. This is called our “due diligence” on the client. It means we know who they are, and that they and the transaction are genuine. Listen to this message for clients which explains the process. You can refer clients to this message which is available [state where – for example on the website], if they would like to know more about identity checking after they have received our client care information. If you have a client with questions about the process, or who would like to discuss the evidence they can provide, please speak to your supervisor.’ [For individual clients:] ‘Hello and thank you for instructing [insert name of law firm]. We are looking forward to helping you with your house sale or purchase. [insert information about the conveyancing process, or other information you would usually include in the client care letter] As part of becoming a client of our law firm, we need to check your identity and address. This is to ensure each client is genuine and to comply with our obligations in respect of anti money laundering. We would be grateful if you would provide either your driving licence or your passport to prove your identity. To prove your address, can you please provide a council tax or utility bill, or a bank statement, from within the last three months. We can also accept your driving licence as proof of address if we have not already used it to prove identity. Please come into our reception with the originals and we will take copies. [Please alter this paragraph as appropriate to meet your procedures]. Once we have these documents, and if you are buying a house, we will ask you to provide bank statements to us to show how you have raised the money for your purchase and/or the deposit. This helps us verify that the purchase is real and you are a genuine buyer. If you have alternative evidence of how the money has been raised, please speak to us directly and we will be happy to discuss this with you. We also run e-verification checks on all of our clients to confirm your identity and address and the details you have given us. You can find more information about identity checking and providing your financial information in our client care welcome pack. [insert further information from the client care letter, about the firm or your team, or that the client needs to know at this stage]. Thank you again and welcome to [insert name of law firm], we look forward to working on your conveyancing.’ 283

Part 5  Case Studies

Case study 4: risk assessments This case study is about risk assessments. We are going to use the previous case studies.

Scenario Both Diamond Acorn LLP and Glason Reddy have been looking at producing their AML risk assessment. Both firms have read some instructions and directions from the regulator about how to produce it, as well as reading the regulator’s risk assessment of what is currently of concern within the legal services sector. Diamond Acorn LLP are producing a brand new risk assessment as they feel their old risk assessment needs a complete refresh, and the firm is moving into new territory as it expands. Glason Reddy are producing a risk assessment for the first time. Both firms realise there are a number of ways to produce the risk assessment, including in tabular form, as a piece of analytical writing, or as a colour coded matrix. Both firms also realise there are decisions to be made about how granular the risk assessment needs to be, and whether it should be top down (imposed by management), or from the ground up (reflecting individual case concerns). In particular, Diamond Acorn need to consider whether to produce departmental risk assessments. Glason Reddy may not need to produce a departmental risk assessment given they will be a small firm, and just conducting conveyancing (albeit both in commercial and residential conveyancing).

Commentary For this case study you will need to refer to the previous case studies. We have covered two firms, Diamond Acorn LLP and Glason Reddy. They each have different ‘profiles’, that means if we tried to categorise law firms in a number of ways, they each would, for the most part, be in different categories. Let’s have a look at some different ways of categorising law firms and how the two firms differ, and where they are the same. You might categorise a law firm by: •

Size: There are two firms. One has a turnover of £500,000 and the other is a start up law firm. Even if Glasson Reddy did well in its first few years, it might only reach a turnover of £100,000. We can say then that the risks faced by Diamond Acorn LLP might be different due to size. Diamond Acorn LLP either have more clients or more complex matters (or both). Therefore there may be more opportunities for them to be targeted by money launderers due to the volume of work undertaken. Of course, we might also say that there are whole other categories of law firm that stretch into the large (£5 million plus), very large (£15–£20 million plus), and city and group (above £20 million turnover). We can see that these 284

Case study 4: risk assessments types of firms would require completely different considerations in their risk assessments, including from each other. The risks encountered by a large or very large law firm might be similar, but of course the very large firm would again have proportionately more risks to face than the large firm. The city firm may differ in other aspects of its profile due to the type and nature of the work, which may not be regional transactional, but might be corporate. Therefore, the city firm has a different type of profile, completely, even when considering size. •

Type of work undertaken: Some analysts segment the legal services market into sub sectors, particularly considering the type of work undertaken. This is relevant to handling client money and AML because the nature of the work undertaken will dictate whether or not the firm receives client money, and whether there are identified risks in anti money laundering. Conveyancing is an excellent example, as it almost always includes holding client money, and is high risk for money laundering as property is an excellent investment. If we contrast that with commercial contract work, this might be lower risk for AML (particularly if we are dealing with well known and established companies, or local authorities, for example), and is unlikely to result in the handling of client monies. A Finance department may work differently with different departments across different areas of law, and there may be different concerns dependent on the department you are working with. Finance teams (as well as other support functions such as HR and IT) may be well placed to also contribute to the risk assessment for each legal department, if one is needed. Support functions may also need their own risk assessment as well. In the case of Diamond Acorn LLP, they have a number of different departments so they might cross a number of areas of law, and have different risk profiles and potential issues. However Glason Reddy only operate in conveyancing. If Glason Reddy expanded to include other areas of law they may also need a wider risk assessment, or they could separate out their risks for commercial conveyancing and residential conveyancing, as is common within the sector.

•

Client base: Firms may also be categorised by their client base. This is particularly true of the division between high street and regional firms, or large city firms, and we have discussed that difference earlier in this section. In this case, both Diamond Acorn and Glason Reddy have a client base that is based on individuals and possibly small corporate entities. The difference between these two firms is that Diamond Acorn have chosen to work with high net worth individuals, and that Diamond Acorn have a larger client base. Those operating within city firms may find the position different again; their client base would look very different to that of a high street firm. Accordingly, the way they assess risk; their identity checking mechanisms; the consideration of source of funds; and their operation of any client account also might be distinct. For example, you might find a city firm assessing some issues more frequently – they may more readily have to consider: –

the overall beneficial ownership of a company;

–

a company group structure;

–

sources of corporate income; 285

Part 5  Case Studies –

the place of origin of a company’s registration, and their ownership (along with the position in relation to sanctions and high risk jurisdictions).

City firms may also consider the use of the client account differently. They will generally need to reflect on larger sums of money in any one transaction. The of money within client account or the worth of individual transactions (including conveyancing) can vary across the country according to geographical area. Large corporate firms may also find that their departments are organised along industry sector lines, or with particular regional or national geographical interests. This can mean their client base drives their work, attaching the risk profile of that sector or geographical interest to the law firm operating in that area. Of course, Diamond Acorn are also litigators and their processes of litigation management will need to work alongside AML considerations of the individual or corporate entity in the manner just outlined. Their client account will be used for fees for Court appearances, expert reports, and for settlement monies or sums that should be re-distributed in line with the Court’s direction. Some of these sums may be quite large and need careful attention. This might be quite different to the individual transactional use of the client account by conveyancers such as Glason Reddy. So we have seen that firms can be considered in different ways, and as such, firms might have a ‘profile’ that tells us who their clients are, where they operate, and how risky they might be. A  law firm who operate only in wills and probate and only take clients from within their town who they meet in person might be a very different risk to firms who operate by taking clients from high risk jurisdictions, or clients who do business through opaque corporate structures. As we have seen, in the last few years there has been a greater emphasis placed on corporate transparency and requiring the declaration of beneficial ownership, including in those structures that operate overseas, but do business here. Risk assessments are discussed broadly in Part 3 of this book.

Example risk assessments There are various forms a risk assessment might take. It might be a written risk assessment that covers a page, it might be a risk assessment in a table format that lists the specific risks and analyses them by mitigation, or it might be a matrix risk assessment that considers whether a risk is high, medium, or low, perhaps according to impact × probability. An example of a firm wide written risk assessment might be as follows:

1. Firm wide written risk assessment This is a risk assessment for [insert name of firm], completed in [insert month and year]. Our firm is a [insert description of firm] practice, with an annual turnover 286

Case study 4: risk assessments

of [insert], and [insert] number of partners. Our client base is primarily [insert], and we also have some [insert] clients. We mostly deliver services [in person / remotely] and our geographical reach is [insert mile radius or jurisdictional coverage]. Our work is [transactional / corporate / advisory / litigation], and our use of the client account reflects that as we often have sums in the account for [insert reason, such as settlements in litigation]. We have assessed the following risk factors in relation to our firm: Geographic area – We are based in [insert locality] which has [good / bad] transport links, and [no / some] challenges with the local geography. [We take local clients therefore/ We] expect to see clients [remotely / in person]. Our geographic reach means we are [not affected / somewhat affected / greatly affected] by local crime rates [and accordingly / however we also] publicise information about our anti money laundering policies to manage client expectations and prevent approaches to the firm. Our locality has populations with overseas links to [insert], and therefore they may also be our clients. These countries [are / are not] on the Financial Action Task Forces’ high risk jurisdictions list for money laundering, and [are / are not] subject to sanctions. We will monitor their ongoing position on an ongoing basis. We [are / are not] developing links with any other geographically significant groups at the moment, [including [insert], and we will monitor the FATF assessment of their position]. Otherwise, our client base is [insert] and we expect their patterns of funds and source of wealth to be [insert description]. Client base – Our client base has been drawn from [our established corporate links / our reputation in industry sectors / referrals from other parties such as … / our local area] and is [national / international / regional / restricted to our town or city]. The majority of our clients are from [insert], and our largest group of clients are [insert], seeking [insert type of service]. The particular risks related to this client group include [insert – examples available in Part 3 of this book and in this case study]. Products, services and transactions – We offer the following services to clients: [insert list] We have established a robust identity checking procedure for all clients, whether individual or corporate, and this risk is considered on an ongoing basis. In addition, we also consider the extent of the use of the client account, who and where funds are received from, and how they are managed within the firm. We are aware of the following scams operating in our areas of  law: [insert – specify area of law and type of known scam or modus operandi of money launderers. Regulatory or national risk assessments are a good source of information] 287

Part 5  Case Studies

In particular, our profile of work has the following risks: [insert list, including risks highlighted by the regulator] These risks are mitigated by: [Insert mitigations – examples are provided in Parts 1, 2, and 3 of mitigations as well as in these case studies] As well as the areas of law we advise on which are listed above, we also offer a client account service to clients, and this is a known area of risk for money laundering. The measures we take to keep the client account free from laundered monies are: [Insert options:] [examples are provided in Parts 1, 2 and 3 of mitigations, as well as in these case studies] We also work with a number of external third parties who offer services to our clients. [Option – these include services provided by persons connected to the firm]. We take a number of steps to check these services including: •

Meeting providers in person.

•

Receiving demonstrations of their products.

•

Conducting trials with clients.

•

Checking their reputation online and with other people.

•

Considering the reasonableness of the product offering and their terms and conditions.

We have to take steps under the Code of Conduct to ensure that our clients are only referred to third party providers where it is in their best interests, so our checks always include consideration of the wider position and ensure that services are genuine. We also confirm that we check the compliance of those in the regulated sector for money laundering, by confirming that they check identification and source of funds where appropriate. Our current third party providers and partners [option – can be found in our Referral Policy – or option – are:] [insert list] As well as all of these services, our clients also [insert or remove options]: •

Interact with us in our premises, and [option – use our wifi].

•

Receive our marketing messages and attend our complimentary events.

•

Use our customer service procedures such as call back services, transaction management, and complaint handling. 288

Case study 4: risk assessments

•

Use our file storage services.

•

Benefit from the ability to retrieve their file.

•

Benefit from our IT services.

•

Benefit from our ongoing care and attention.

As a result, all staff are trained in AML and to spot signs of concern, regardless of whether they are frontline staff taking instructions or staff otherwise working within the firm. This includes those staff who support frontline staff such as HR. Our delivery channel: Our delivery channel is [option – mostly face to face / remote services / a mixture of online and face to face services]. We [option – do / do not] meet our clients in person when we check identity. Our methods for checking identity are [option – passports, driving licences, face to face meetings, credit referencing searches, and visits to client premises]. A full list of ID verification methods is available in our AML policy. [Option] As our method is remote delivery, there are risks attached. We do not meet the client in person, but we do check the methods above, as well as getting to know the client and understanding the reasons for their transaction; this helps to provide a picture of them as a whole. We also have discussions with the client via [option – zoom / teams/ other method], which assists us in verifying the situation. [Option] We are aware that clients could disguise their appearance while on the online call, and staff have been trained to look for body language which could indicate there is a problem. [Option] As our delivery method is face to face, we have the opportunity to meet the client and get to know them. We can look out for signs of nervousness, disinterest, and inconsistencies in the clients’ story as indicators of possible money laundering. We may also look for reluctance to meet or to complete the usual checks. We couple our face to face meeting with ID checks and credit referencing searches. [Option] The use of email can pose problems and clients have been subject to attack from criminals who have posed as lawyers to trick them into sending money to a non client account. We advise all clients that we will contact them directly with client account details, and this is covered further in our cybercrime policy. Overall risk Our overall risk is considered to be [insert], we have policies and procedures in place to tackle money laundering and cybercrime. We are continually looking for new ways to counteract the risk of money laundering and we will take on board new technologies and ideas as they arise. This risk assessment will be kept under review by the Money Laundering Compliance Officer, who is [insert].

289

Part 5  Case Studies

Solution – written risk assessment Glason Reddy decide to adopt a written risk assessment covering the factors identified by the Money Laundering Regulations 2017. The written risk assessment allows them to articulate their thoughts in a way that suits them best; they decide they prefer this method of presentation to that of a tabular or colour coded risk assessment matrix.

Glason Reddy firm wide written AML Risk Assessment This is a risk assessment for Glason Reddy, completed in 2022. Our firm is a start up conveyancing practice, with an annual turnover currently of £0, but projected annual turnover of £70,000 in the first year and £100,000 in the following two years. We have two partners. Our client base is primarily intended to be local. We may have some clients from further afield, but not many as we intend to serve our local area and build on our local knowledge. We will mostly deliver services in person and will meet our clients. Our geographical reach is within twenty miles. We do not intend to have international clients. Our work is conveyancing which is transaction driven, and our use of the client account reflects that. Our client account will be used for purchase and sale monies, firm fees, searches, insurances, and similar conveyancing related products. We have assessed the following risk factors in relation to our firm: Geographic area – We are based in [fictional town] which has excellent transport links and is within ten miles of a city. We have some challenges with the local geography as some properties near us are also in fairly remote areas and may be difficult to access. We expect to see clients in person, although the geography of the locality also means that on some occasions this will be difficult. Our geographic reach means we are somewhat affected by local crime rates, although these are still much lower than the national and even regional average. However we also publicise information about our anti money laundering policies to manage client expectations. Our locality has populations with overseas links to a number of commonwealth countries and therefore in theory our clients may receive monies from these jurisdictions to assist with their purchases. Our client base is however likely to be British. We will monitor the ongoing position of jurisdictions on the FATF list on an ongoing basis. We are not developing links with any other geographically significant groups at the moment, and we are not seeking any overseas clients. We are aware of the Register of Overseas Entities, and the position related to sanctions. Client base – Our client base has been drawn from our local area and is regional and connected to our town or city. Our largest group (if not all) of our clients are intended to be individuals, couples or families seeking to move house and requiring conveyancing services. We will offer services to corporate entities, but these are likely to be small numbers of transactions. We expect to serve companies or businesses wanting to purchase property as an investment or lease premises. 290

Case study 4: risk assessments

Conveyancing is high risk for money laundering as property is an attractive investment. We therefore need to be cautious with all transactions and will conduct enhanced due diligence on all parties to the conveyance as well as checking source of funds. We will note that source of funds evidence can come from a variety of sources and we expect third parties to be separately represented as required. The particular risks related to our client group include: •

Disguised money laundering.

•

Tax evasion.

•

Mortgage fraud.

•

Layering through property investment.

•

Fast sales and purchases with inadequate due diligence on either side.

We mitigate these risks by conducting enhanced due diligence on our clients and by meeting them in person. Our staff are trained to consider the tax position of each client and factor this into our risk assessments. Any mortgage misstatement, undeclared assets or income, or large cash or unexplained / unlikely income will be referred to the MLRO. Property investments are considered carefully and include checks on transaction finance and client financial health to ensure they are genuine investors. Clients are advised our standard transaction time is 2.5 months and this is adopted as a safeguard against fraud and negligence – attempts to speed up a transaction are reportable to the MLRO. We also check the procedures of those on the other side and confirm they have been followed. Products and services and transactions – We offer the following services to clients in residential conveyancing: •

Freehold purchase.

• Freehold sale. •

Leasehold purchase.

• Leasehold sale. •

Providing legal advice in respect of property (for example, extent of title).

•

Arranging searches to check the exposure of a property to different environmental and man made hazards.

•

Arranging surveys.

•

Lender representation.

• Re-mortgage. •

Housebuilder representation.

We also offer services to commercial clients – although we will mainly focus on residential conveyancing in the first instance. We do not represent clients who have purchased property at auction. If we decide to take this on in future this will be noted as a specific risk. 291

Part 5  Case Studies

Our maximum purchase price for a property would be £2.5 million. The average property price in our area is £500,000. Of these services, we believe the purchase of Freehold and Leasehold property would be most risky as this involves raising funds to make the purchase, and involves the firm in utlising those funds. Fictitious clients can try to hide their identities when making a purchase as this prevents them being traced if a property or mortgage fraud is identified. Mortgage fraud is a particular risk and we must make sure all facts are correctly disclosed to the lender, and that we thoroughly check the client identity to ensure the client is genuine. Mortgage frauds sometimes pass through different hands to obtain additional funds from the lender. Where possible, we will ask those within the chain to also thoroughly conduct CDD on their clients and to stick to the established procedures within conveyancing. Any attempt to circumvent the established procedures will be flagged as a risk. We will also get to know our other local conveyancers and establish their AML procedures. In addition, we must ensure the correct purchase price is stated on the contract documentation and the property is not, for example, being undervalued for tax reasons. For this reason, we also monitor acting on both sides or attempts to do so. We have established a robust identity checking procedure for all clients, whether individual or corporate, and this risk is considered on an ongoing basis. We can, if necessary, also visit client premises to guard against fictitious sellers, such as in the case of Dreamvar (2018). In addition, we also consider the extent of the use of the client account, who and where funds are received from, and how they are managed within the firm. As well as the areas of law we advise on which are listed above, we also offer a client account service to clients, and this is a known area of risk for money laundering. The measures we take to keep the client account free from laundered monies are: •

A  client transaction finance and financial health questionnaire which establishes where monies are being received from and the risk associated with them [see Annex E, at the end of Part 3];

•

Regular monitoring of payments in and out and consistency with this questionnaire;

•

Standardisation of payments in the conveyancing process which allows us to spot immediate non standard payments;

•

Regular financial file reviews and spot checks of client to client transfers;

•

A cash policy, limiting the size of the payments of cash we take.

We also work with a number of external third parties who offer services to our clients or who make referrals to us. We take a number of steps to check these services including: •

Meeting providers in person.

•

Receiving demonstrations of their products. 292

Case study 4: risk assessments

•

Conducting trials with clients.

•

Checking their reputation online and with other people.

•

Considering the reasonableness of the product offering and terms and conditions.

We have to take steps under the Code of Conduct to ensure that our clients are only referred by us to third party providers where it is in their best interests, so our checks always include consideration of the wider position and ensure that services are genuine. We also confirm that we check the compliance of those in the regulated sector for money laundering, by confirming that they check identification and source of funds (transaction finance) where appropriate. Our current third party providers and referrers can be found in our Referral Policy which covers those that we refer to and those that refer to us, but a few of note are: •

Estate Agents including all of the local estate agents in [fictional town].

• Surveyors. •

Mortgage and financial advisors.

•

Other local solicitors who do not conduct conveyancing.

For the most part, those that refer to us will be regulated under the Money Laundering Regulations 2017, and so although we also check that they are operating procedures, they should understand the need for this work to be undertaken, and be performing these functions. We do not currently refer our clients out to any other third parties, but if we decide to as the business becomes more established, they will be included here and we will establish their AML procedures. As well as all of these services, our clients will also: •

Interact with us in our premises.

•

Receive our marketing messages and attend our complimentary events.

•

Use our customer service procedures such as call back services, transaction management, and complaint handling.

•

Use our file storage services.

•

Benefit from the ability to retrieve their file.

•

Benefit from our IT services.

•

Benefit from our ongoing care and attention.

As a result, all staff are trained in AML and to spot signs of concern, regardless of whether they are frontline staff taking instructions or staff otherwise working within the firm. This includes those staff who support other frontline staff such as HR. 293

Part 5  Case Studies

Our delivery channel: Our delivery channel is mostly face to face. We do meet our clients in person when we check identity. Our methods for checking identity are passports, driving licences, face to face meetings, credit referencing searches, and we can if necessary visit client premises. This final approach allows us to mitigate the risk of fictitious property owners, such as in the case of Dreamvar (2018). A full list of common ID verification methods is available in our AML policy. As our delivery method is face to face, we have the opportunity to meet the client and get to know them. We can look out for signs of nervousness, disinterest, and inconsistencies in the clients’ story as indicators of possible money laundering. We may also look for reluctance to meet or to complete the usual checks. We couple our face to face meeting with ID checks and credit referencing searches. The use of email can pose problems and clients have been subject to attack from criminals who have posed as lawyers to trick them into sending money to the wrong account. We advise all clients that we will contact them directly with client account details, and this is covered further in our cybercrime policy. Overall risk Our overall risk, despite mitigation, is considered to be medium to high. This is because conveyancing is always high risk for money laundering. However we have comparatively strong measures in place to counteract the risk, including particular consideration given to the use of client account. We also have policies and procedures in place to tackle money laundering and cybercrime. We are continually looking for new ways to counteract the risk of money laundering and we will take on board new technologies and ideas as they arise. This risk assessment will be kept under review by the Money Laundering Compliance Officer, who is Mr Glason.

This risk assessment reflects the firm at the time and allows Glason Reddy to express the position at start up. The other risk assessments in this Part are more detailed in their risk calculations. A  criticism of the written risk assessment shown as the solution here is that there is limited capacity to assess a mathematical risk of the position and compare it in a quantifiable way to the risk of another position. As a result, the risk assessment sometimes comes across as being quite similar to the money laundering policy or procedure. However, the written risk assessment is useful for an initial discussion of the risk posed to a firm, and for those who may be less confident in using the mathematical approach. Small or start up firms can also find it useful as a basis for developing their perspective. Glason Reddy can also add additional risk factors which may be publicised from time to time by their regulator, and this can be done quite easily in this format. It should also be noted that Glason Reddy have assessed their risk as medium – high. This is because conveyancing is always high risk so that is the starting point, but they have strong mitigation in place, so their assessment brings the position down. 294

Case study 4: risk assessments There are measures that can be put in place to combat risk, and there can be a major gap between the profiles of law firms and the strength of their mitigation of that risk. We might assess a law firm that used credit searches and passports only to identify a client, and took clients on a nationwide basis, as being a much higher risk than one who met the client and took clients solely from their local area. Therefore, it can be important to assess not only the risk of that specific area of law, but also the relative or comparative risk that your operation within that area of law poses, taking into account your mitigation. We can also assess risk on a transaction by transaction basis, and this assesses another type of risk; that being the risk of that individual case or situation.

Tabular risk assessment A  tabular risk assessment is different to a written risk assessment because the format places the emphasis on mathematical calculation, rather than on a discursive approach that can start to mirror the AML policies and procedures a firm might have in place. Given the different relative risks of different events occurring, firms may wish to be discerning about where they place their resources and how they make their decisions. This type of risk assessment can therefore suit a larger firm. It is possible to offer this type of analysis in a written piece; for example, if the risk is scored after each section of the risk assessment, but it can be much easier to use a table. A basic table format looks like this: Risk

Risk measurement I

P

Criteria to consider Geographic area [insert geo risk factors]

Delivery channel [insert delivery channel risk factors]

Products and services [insert products and services risk factors]

295

IxP

Mitigation

New risk measurement I

P

IxP

Part 5  Case Studies

Risk

Risk measurement I

P

IxP

Mitigation

New risk measurement I

P

IxP

Client base [insert client base risk factors]

Transaction [insert transaction risk factors]

The purpose of the table above is to allow the reader the opportunity to mathematically score the comparative risk. The equation used here is impact × probability, with ‘I’ standing for impact and ‘P’ for probability – each is given a separate score and the total provided is the overall risk score. The scoring mechanism allows us to rate which actions are most important to the firm overall. Another format for a tabular risk assessment is provided at Annex B to Part 3 of this book. In utilising this method, the person completing the table has to understand what will go into the category of ‘impact’ and what will go into the category of ‘probability’. Impact is governed by the potential for catastrophic events to occur; this is usually based on the severity of the criminality or money laundering that could happen. However, and as an aside, the impact score could also be based on the size of the transaction, the theory there being that the larger the transaction, the more likely it is that some part of it is impacted by money laundering – even somewhere in its chain. It may be worth separate analysis by firms over a period of time as to which size of their transactions was more likely to involve money laundering. We might ask whether two very large transactions, five medium transactions, or ten small transactions, were more likely to be affected, or whether the probability is spread equally. In developing your own risk assessment, you can take into account the circumstances related to your firm in your area (both of law and geographically). Probability is the likelihood that such an event will occur – this might be based on probability assessments from the oversight regulator (such as their experience of reports in a particular area of law), or it might be based on local crime statistics. It can be useful to monitor the regulator’s regular risk reviews and reports, as well as their overarching risk assessments (and national risk assessments for money laundering), as these give an ongoing view on the latest trends and concerns to emerge. A firm can then decide whether or not they think the latest scam will affect their firm – if they think they could be affected it then increases their probability score. We can see that once any factor to be risk assessed is identified; a risk score is attached. The risk then needs to be mitigated. This is the discussion by the 296

Case study 4: risk assessments firm of steps taken or underway to guard against the risk. An example might be if a firm identifies the risk that one party to a transaction – perhaps the other side – may be fraudulent, and calculates the impact of that as being high (in that it could have a devastating impact on the firm if it occurred – perhaps due to the consequent insurance claim and reputational damage). The firm might feel the probability was low, as this is an event that rarely occurs; making the overall total ‘medium’. However, the firm would want to take steps to mitigate it due to the high impact. That means they might check the details of the solicitors on the other side; the clients on the other side; and ask the firms on the other side to confirm the steps they have taken to ensure their clients are genuine. Taking these actions means the firm have mitigated their risk and would need to recalculate their score following their mitigation. Taking into account what the firm are doing we might downgrade the risk score, after all the firm’s actions are reasonable. Therefore, the impact might be downgraded to ‘medium’ and the probability might still be ‘low’, but you could express this as ‘medium – low’ overall if you wanted to. Here, the use of an expression in a range allows us to show both that the firm’s mitigation has assisted the situation, but also that it is fluid. To fill in the boxes, impact and probability, we can use the word format of ‘high’, ‘medium’ and ‘low’, and make an assessment of the multiplication in the box ‘IxP’ if we want to. For example, you might say impact was ‘high’ and probability was ‘low’ making the total ‘medium’. Alternatively, you can use a mathematical score if you want to. If you do score mathematically, try to keep the numbers simple. Using the range 1–10 for both impact and probability keeps the calculations easy to understand and gives you an overall risk score out of 100 for both the initial risk score and the mitigated risk score, again aiding your presentation of the risk assessment. Using such a mathematical formula is an exercise in judgement, as it is not possible to be exactly precise about where we score risk. The danger is, of course, that the risk is scored inappropriately and a risk to the firm is missed or mismanaged. However, there are a number of ways to counteract this situation: (1) Oversight – this is the first mechanism for agreed risk scores which can be set by the decision makers within any firm, or oversight could be with the decision making governance structure in a firm; to ensure that the scoring of the relative risk is appropriate and a true reflection of the issue. (2)

Compliance professional opinion – bringing in external experts can sometimes provide an additional view or second opinion that brings the risk assessment and scoring to life in a new way. This can assist management in making informed decisions which benefit not only from the depth of experience within your firm, but also the breadth of experience of the external person who works across a greater range of firms.

(3) Regular reviews – your risk assessment should inform how you decide to manage the AML risks your firm is facing. You should be able to see whether your risk assessment has achieved the right results and has taken account of the right factors by whether or not the assessment has the desired end effect. Regularly reviewing your assessment will allow you to take account of what else happens in the firm and provide updates to reflect and inform your ongoing management decision making. 297

Part 5  Case Studies

Solution – Tabular risk assessment Diamond Acorn LLP decide to adopt a tabular format for their overarching risk assessment. Their compliance function starts the risk assessment for them, with oversight and final risk scoring decided by the senior management team. Their risk assessment begins life as follows, with each partner expected to add their own additional risks and comments: Risk

Risk Mitigation measurement

Risk measurement

I

P

IxP

I

P

IxP

That we do not meet the client in person and the client could hide their identity.

8

5

40

We try to meet the client in person in the majority of cases as we offer a high quality bespoke service which in most cases the client travels for. We check identity and use credit checks.

8

2

16

That we may miss part of the situation due to the distance between us and the client.

7

3

21

We attempt to get to know our clients very well over a period of time, and clients pay for such a service.

6

3

18

Cross border services with Scotland and the difference in AML legislation and interpretation.

8

2

16

We have limited cross border work but this will be flagged to the MLRO and MLCO for advice.

4

2

8

Criteria to consider Geographic area Nationwide coverage

298

Case study 4: risk assessments

Risk

Some overseas clients

Local area impact

Risk Mitigation measurement

Risk measurement

I

P

IxP

I

P

IxP

6 We have some clients who instruct us on family law and employment matters who are based in the European Union. The EU is low risk for AML, but there could be clients with sanctions.

2

12

We will monitor 6 the FATF and Treasury risk assessments, as well as sanctions. Sanctions are covered on our AML credit checks.

2

12

6 That we are instructed by clients in countries where we do not have AML knowledge. We do not have any worldwide clients at the moment, and rarely receive instructions from this client base. See below re Bowman v Fels (2005).

1

6

Mitigation as above

6

1

6

There is limited risk here.

N/A

No mitigation

6

1

6

N/A We do receive some instructions from within our locality, although our client base is more selective and we attract more nationwide attention. That we are 6 impacted by local crime, or become isolated. However our local crime rates are low and we are in an easily accessible area with good transport links, so we are also not cut off.

1

299

6

Part 5  Case Studies

Risk

Risk Mitigation measurement

Risk measurement

I

I

P

IxP

P

IxP

7

70

8 We have extensive policies in place covering our requirements for cybercrime and to prevent Friday Afternoon Fraud. We also take steps to ensure the client gets to know their solicitor very well. Where necessary, we visit the client in person. We also write to the client if we are unsure or concerned about a transaction. All staff are trained in client confidentiality and not to discuss matters with third parties.

5

40

7

70

We have separate policies and procedures in place for tax evasion, with a separate risk assessment. We require disclosure of all assets and consider the likelihood of the information we are provided with.

7

5

35

Delivery channel Some remote delivery

We have covered this earlier.

10 Extensive use of We have email / electronic vulnerabilities to: communications Cybercrime Friday afternoon fraud Other lawyer impersonation Client impersonation Breach of confidentiality leading to fraudulent event

Products and services Family Law

Misuse of personal finances, hiding financial settlements, tax evasion, and misleading the Court.

10

300

Case study 4: risk assessments

Risk

Risk Mitigation measurement

Risk measurement

I

I

P

IxP

P

IxP

Family Law – contd

10 In short, there is the risk that family law settlements can be used to hide the proceeds of crime and the settlement provides legitimacy. Some of the ways are listed here.

7

70

Files where there 7 is a concern are provided to the family law partner and MLRO for consideration.

5

35

Litigation (this may also apply to other areas of law as well)

Litigation specifically set up in Bowman v Fels (2005) circumstances.

10

5

50

8 In similarity with the family department, we consider whether the litigation seems genuine in the whole likelihood. We do not accept litigation in Bowman v Fels (2005) circumstances.

3

24

Litigation that settles too easily and is a fraud. This can include the collection of debt.

10

7

70

Any concerning 7 cases are to be referred to the litigation partner and MLRO. Debt management is separately risk assessed, and specific consideration is given to this coming into the client account, with separate forms to complete. We flag all settlements within three months of starting to the litigation partner and MLRO.

5

35

301

Part 5  Case Studies

Risk

Risk Mitigation measurement

Risk measurement

I

P

IxP

I

P

IxP

Personal Injury

There have been a number of concerns about frauds in Personal Injury claims.

9

6

54

Often the frauds 6 have turned on the facts of the claim. All facts and supporting statements are carefully considered, along with medical reports. Frauds are more prevalent in some geographical areas and these areas are carefully considered if we receive any instructions. We have a specific fraud policy for personal injury and all claims are specifically risk assessed.

4

24

Employment Law

There is limited risk of fraud in Employment Law due to the disclosure of employment information to HMRC and the requirements to produce evidence before the Tribunal.

8

1

8

No mitigation due to low likelihood. However, if we receive evidence of tax evasion this is dealt with in line with our tax evasion policy and risk assessment.

8

1

8

302

Case study 4: risk assessments

Risk

Risk Mitigation measurement

Risk measurement

I

I

P

IxP

P

IxP

Employment Law – contd

There is a limited 10 risk of employers and employees creating a false scenario of employment to launder money. This might be indicated by sham settlement or unusually large settlement.

4

40

7 We check all employment situations carefully and understand the likely outcomes of the case. We also conduct CDD on our clients, including companies. We specialise in litigation so many matters would have settled prior to this point.

3

21

Client account

10 We operate a client account and there is a danger this could be used as a banking facility or to launder monies.

8

80

7 We have a specific client account policy in place, and our individual transactional risk assessments take account of the monies to be received.

5

35

We could also be the victim of fraudulent transactions in and out of the client account.

10

6

60

7 Our client account policies and procedures take account the monies expected for each transaction, and we have a policy in place for disclosing the client account details.

4

28

We may acquire the proceeds of crime into client account

10

7

70

We have a client 7 money form (see Case study 6) which we ask all staff to complete

5

35

303

Part 5  Case Studies

Risk

Risk Mitigation measurement

Risk measurement

I

P

IxP

I

P

IxP

Customer service Our clients could 7 pose risks to the firm in other ways, such as by depositing large amounts, or bringing fake cash into reception, or trying to defraud a card payment machine.

5

35

4 We have counter-fraud policies in place and our receptionists are trained in how much cash to accept, how to spot counterfeits, and the scams that can occur when using a card payment machine.

4

16

2

20

We don’t accept 10 such instructions and reports can be made to the Money Laundering Reporting Officer. Our individual matter forms contain a reminder.

2

20

4 Wealthy individuals may need to prove the source of their income and overall wealth; they may be PEPs.

8

32

We have specific 4 policies and procedures in place to consider individuals’ wealth and PEP status.

8

32

8 We may need to look beyond the individual and into their company dealings to establish genuine operations.

3

24

At the moment, the regulations requiring this are limited, but we do consider the likelihood of the position and undertake research on our clients. Our clients are generally well known to us.

7

3

21

Provision of There is the services involving danger that the the Court Court could be used to decide the distribution of sums when money laundering has taken place; we do not accept instructions in such circumstances.

10

Client base Wealthy individuals

304

Case study 4: risk assessments

Risk

Clients requiring litigation settlement services

Risk Mitigation measurement

Risk measurement

I

P

IxP

I

P

IxP

8 There is also a concern that we could conduct a settlement for parties that have agreed to settle, in a case which was not a genuine dispute.

5

32

Our files are 6 considered before we commence work by our partners.

4

24

We have covered Bowman v Fels (2005) above.

Commentary The type of risk assessment shown here – the tabular risk assessment – can be used for a variety of different firm sizes; as an overarching risk assessment; or as a departmental risk assessment. You can add sections, such as a description at the start which discusses your firm and the overall profile, and a discussion of governance structure and approvals at the end. This can help put the risk assessment and decision making into context. One criticism of the overarching risk assessment in this format, which may also be true of the written risk assessment, is that it is written at a management level rather than at an individual matter level. Of course, if the risk assessment only took account of the matters that occurred at a file or individual matter level it would be written both after the event, and without any assessment of the top down or full firm perspective. Consequently, it can be important to have both; both an understanding of the issues that present themselves in real life and are likely to be present on the files, and an overarching view of the patterns and trends that present overall weaknesses and how both of these sets of issues are managed through policies and procedures. A  risk assessment can, of course, become very detailed and lengthy if each department needs to be reflected in detail, or if all of the issues on files need to be dealt with. Consequently, large firms may consider individual department risk assessments as well, which can be presented in different ways, or in a uniform manner to reflect the intention and corporate communications style of the firm. Developing department risk assessments can be very helpful to drill down into the specific risks of the firm and how these can be avoided. As law firms are often divided into different areas of law, the risk assessment can seem as if it does not apply to some areas if their risks are not adequately inputted. As a result, creating departmental risk assessments which capture the viewpoints of different individuals within the department can create more local ownership and responsibility as well as interest in the process. Individuals may also see it as a chance to demonstrate their commitment, gain additional management experience, and develop their understanding of AML, all of which may be key skills they can take into law firm management in the future. 305

Part 5  Case Studies You can use any of the templates in this section (or of course, create your own) to create departmental risk assessments which look at the divisional aspects of your firm in more detail. Those risk assessments can then feed into the overarching risk assessment. Returning to our example, Diamond Acorn LLP may benefit from departmental risk assessments, and in particular they could benefit from a review of the expanding family department. Any department which is growing rapidly can have additional risks and may need additional support in putting this together, including in understanding the new types of client work they may take on. Do, however, be cautious when developing a risk assessment at this level as there is a danger the department alone can become responsible for actioning that risk assessment rather than the management overseeing and governing the process. Effective governance within an organisation is important, and the Money Laundering Regulations require risk assessments, audits, and policies and procedures, to be put in place at a management level for a reason. The intention is not to create a disparate system, but a whole or overarching piece of compliance work that provides effective direction and control. Those working in devolved or group style law firms where overarching policies and procedures are developed separately may also find this something of a challenge. Ensuring relevance for your individual work, the involvement of management, and the effectiveness of governance systems is a continuing challenge for the placement and scope of risk assessments in anti money laundering.

Matrix risk assessment A  matrix risk assessment might sometimes be thought to build upon a scoring mechanism like we have in the tabular risk assessment earlier in this Part of the book. Certainly, to build the matrix risk assessment we need to understand our risks and be able to categorise them, which we have spent some time doing in both the written risk assessment and the tabular risk assessment. In common with the tabular risk assessment, this matrix risk assessment uses an impact × probability calculation and allows us to plot where we think the risk will materialise. We do not have to score in advance if we do not want to, so if you would like to use this format, don’t feel you have to complete the tabular risk assessment first. You can use your own perception; discussions and meetings with senior management or your compliance colleagues; formal management decision making; or a process of round robin decision making with departmental colleagues. The matrix risk assessment looks like this: Matrix Risk Assessment – Figure 1 Probability

Impact

High

Medium

Low

High

High risk

High risk

Medium risk

Medium

High risk

Medium risk

Low risk

Low

Medium risk

Low risk

Low risk

306

Case study 4: risk assessments Given we have already allocated scores to Diamond Acorn LLP’s risk assessment we could plot those final mitigated scores on to the risk assessment and see where the firm would need to act in order to maintain their compliance or manage their risks in their business overall. It can help us to visualise the management requirements and challenges if we take those risk scores and plot them across. The solution below should be read with the Matrix Risk Assessment – Figure 1, as this shows which boxes in white are classed as high, medium, and low risk.

Solution – mitigated matrix risk assessment The below matrix shows a mitigated matrix risk assessment for Diamond Acorn, based on the mitigated scoring in their earlier detailed risk assessment. This diagram should be read with the Matrix Risk Assessment – Figure 1 which shows in summary which boxes shown here in white are classed as high, medium, and low risk. Probability High

Medium

Low

High risk

High risk Firm misses part of situation Cybercrime / Friday Afternoon Fraud Mistatement of finances / tax evasion / misleading court Sham litigation (general) Client account as bank account Acquiring the proceeds of crime

Medium risk Client hiding identity Bowman v Fels (2005) litigation Fake employment claim Court used generally in cases involving laundered money Corporate wealth behind individual transaction

High risk Individual wealth and PEP status

Medium risk Personal Injury fraudulent claim Reception frauds Settlements in presettled litigation (not real) Unusual advice requests or hiding behind privilege

Low risk Cross border work (Scotland) EU work Worldwide work Local crime

Medium risk

Low risk

Low risk

Impact

High

Medium

Low

307

Part 5  Case Studies The mitigated matrix risk assessment shows us the effect of the mitigation on our matrix results. It demonstrates that we are reducing our risks, often by lowering their probability. As we have identified those specific risks and taken measures to address them, we just have one point in the high probability box (PEPs), which is perhaps a reflection that some risks are inherent as certain profiles of work exist (we might not be able to reduce the probability in Diamond Acorn’s work profile, unless they turn away PEPs; they just have to manage the situation as it arises). This also demonstrates the importance of implementing and adhering to procedures, and of ensuring that files and other management documentation is checked for compliance. There are a couple of other assessments we might review. EU work for example has come out as low risk, as has some of the other cross border work, due to meeting everyone in person, getting to know them well, and the firm seeking specific advice. The EU has also been noted as considered low risk for money laundering and such an assessment will assist trade. We can take account of the mitigations in our matrix risk assessment and discuss this with the firm management to ensure we are satisfied this is the correct risk assessment score or placement and our mitigation is effective. On discussion, we might change the score and / or placement or management of the situation. That applies to any aspect of the mitigated matrix outcome or overall risk assessment. We also do not have anything in the low impact box, again demonstrating that we are identifying and acting on risks that have a genuine concern to the business and that do require management. If you use this matrix format without using the tabular format, be sure to understand your mitigation and take that into account when deciding where to place your risks. It is also important to be realistic in your assessment, and avoid categorising matters which are high risk as low risk. Do also ensure you take account of the required headings in the Money Laundering Regulations, as they are not automatically provided by this template. You can use the matrix to decide whether or not you are right about your tabular risk score and whether that feels correct to you. For example, we can see in the table that we have a lot of risks which are connected to fake claims and sham litigation; the risk assessments differ for these due to their prevalence in each division of work, and the likely reaction of the regulator, insurer, and other body. We might say, for example, that receiving a fake personal injury claim was more likely than receiving a fake employment claim, which was why it is scored higher in probability, but the impact of a fake employment claim has been scored more highly as it is more unusual, may have an unusual modus operandi, and could have tax implications as well. If we contrast this with fake personal injury claims, unfortunately some of them have been more common, and the sector has become more used to dealing with them, which has allowed procedures and awareness to develop – lowering their overall impact. In deciding where to act, and what to implement, you can use this matrix as a visual representation, and perhaps place it in a prominent place. It allows us the opportunity for a quick reference guide which is a handy communication tool for all staff and management. It can also guide some of our policies and procedures. For example, as we can see, Diamond Acorn LLP have put in place forms for client onboarding which are designed to ask about some of these risks; these forms are referred to in their initial risk assessment. This brings us into the discussion of transactional risk assessments. 308

Case study 5: transactional risk assessments

Case study 5: transactional risk assessments Commentary Under regulation 28(12) of the Money Laundering Regulations, individual transactions should also have separate risk assessments. We can structure these risk assessments in different ways, but the assessment should also be relevant to your firm. If we look at Diamond Acorn LLP again, we can see that they have a number of concerns to be addressed, including: •

client identity and PEP status;

•

source of funds (transaction finance);

•

client wealth (client financial health);

•

client corporate identity or involvement; and

•

wider concerns such as the nature of the transaction and whether it is genuine.

In keeping with the themes in the rest of this book, we can also see that we need to address the funds coming in and going out of client account, and this risk assessment, as well as the advance notice, will greatly assist the COFA and Finance team in undertaking their role. Some, if not all, of these concerns have been addressed in Diamond Acorn’s adoption of the Transaction Finance and Client Financial Health Risk Assessment at Annex E to Part 3 of this book and by their extended due diligence policy. However, this would not cover all matters Diamond Acorn LLP take on, as some are excluded under the extended due diligence policy and the Transaction Finance and Client Financial Health Risk Assessment is only required in certain circumstances. If we subscribe to the idea of a ‘gate’, within due diligence, we may wish to have other forms available to suit different circumstances. If we take a basic starting point for an individual risk assessment, we might highlight the key points from the Money Laundering Regulations and Proceeds of Crime Act that require assessing, usually at the start of each matter. They are: •

Identity checks – enhanced due diligence / standard due diligence / simplified due diligence.

•

The purpose of the matter.

•

Source of funds (transaction finance) / source of wealth (client financial health).

•

PEP status.

• Sanctions. •

High risk jurisdictions.

•

Third party checks, including ensuring that their checks have been done on their clients and the matter to a similar standard.

•

Whether a report is required to the MLRO at this stage.

When considering these issues, we can see that a number of decisions will rest with the firm about how such checks and assessments are being carried out. For 309

Part 5  Case Studies example, the due diligence might be a standard procedure which encompasses for individuals, passport checks and credit rating searches. The credit search company may also include PEP and sanctions checks within their results if you buy specific AML products. As a result, your individual risk assessment form may have some sections which are fairly tick box, but others – such as source of funds or source of wealth – which require more detailed individual analysis. How this process is designed and what to check is based on the firm’s risk assessment. How it is checked is also for the firm – whether for example you check these issues yourself, or buy in outside reports or assistance. There are a number of other factors you might want to add into your transactional risk assessment. These include: •

Known modus operandi and scams in each area of law, and you could have slightly different matter risk assessments in each department.

•

Matters identified from your firm wide risk assessment, and this could include a reflection of the sector risk assessment produced by the regulator.

•

Where a matter starts. Are you starting from the beginning, do you have a referral, or are you taking a file over from another party?

•

Requirements from another. This could include a mortgage lender’s conditions (specified in the UK Finance Mortgage Lenders Handbook) or an insurers’ conditions of funding (if known).

•

Use of the client account, including monies due in, out, and who from and to. This may equally go on to a separate form, such as the one at Annex E at to Part 3 of this book.

•

A  space for discussion of the individual perceived risk of the situation, in light of the requirements in the Money Laundering Regulations 2017 and Proceeds of Crime Act 2002.

Some of those points to confirm are the same as those listed in the Client Transaction Finance and Financial Health Risk Assessment at Annex E to Part 3 of this book. We also have another Client Money form in Case study 6, which might be an alternative. Example of risk assessments for individuals and client businesses might be as follows:

Example Matter Risk Assessment – Individual To be completed immediately Check required or action to be completed

Completed (Y/N)

Identity checks Address check

310

Evidence obtained / outcome (specify) or comment

Case study 5: transactional risk assessments

AML search Inc PEP Sanctions

(If Y to PEP or sanctions then refer)

Source of funds (transaction finance) Source of wealth (client financial health) EDD / Simplified DD / Standard DD (specify, with reason, including large transaction) Ongoing need to monitor? High risk jurisdiction / Overseas jurisdiction Third party Their above checks completed Matter at beginning / middle / end Client account to be used, if so for how much, approximately when, and specify parties from / to. Notify finance? [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] Overall risk assessment Need to refer to the MLRO? Staff are reminded of the need to comply with our policies and procedures when completing this form. Details of the types of identity and address evidence we accept are in our AML policy / procedures. This also contains details of the documentation we accept to prove source of funds and source of wealth, as well as our cash policy. However, passports and driving licences are always acceptable proof of identity, and recent utility and bank statements can be used as proof of address. For the latest high risk jurisdictions please visit the website of HM Treasury or the Financial Action Task Force.

Example Matter Risk Assessment – Company / Partnership / Group / Other Entity To be completed immediately on any file where you are not using the Client Transaction Finance and Financial Health Risk Assessment. 311

Part 5  Case Studies

Check required or action to be completed

Completed (Y/N)

Evidence obtained / outcome (specify) or comment

Identity checks Group identity (and legal jurisdiction) Organisational identity Legal ownership Beneficial ownership Organogram Instructing individual personal identity and evidence of authority to instruct Address check Where do they trade from? AML search Inc PEP Sanctions

(If Y to PEP or sanctions then refer)

Source of funds (transaction finance) Source of wealth (client financial health) EDD / Simplified DD / Standard DD (specify, with reason, including large transaction) Ongoing need to monitor? High risk jurisdiction / Overseas jurisdiction Third party involved? Their above checks completed Matter at beginning / middle / end Client account to be used, if so for how much, approximately when, and specify parties from / to. Notify finance? [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] [other criteria for firm to decide, based on firm risk assessment or regulator risk assessment] Overall risk assessment Need to refer to the MLRO? Staff are reminded of the need to comply with our policies and procedures when completing this form. Details of the types of identity and address evidence we accept are in our AML policy / procedures. This also contains details of the documentation we accept to prove identity, source of funds and source of wealth, as well as our cash policy. However, passports and driving licences are always acceptable proof of individual personal identity, and recent utility and bank statements can be used as proof of address. For the latest high risk jurisdictions please visit the website of HM Treasury or the Financial Action Task Force.

312

Case study 5: transactional risk assessments

File reviews It is important with any system to ensure implementation is effective. The Money Laundering Regulations require audits of the implementation of the requirements, depending on the size of the firm and the complexity or risk of the work undertaken. Audits can be undertaken internally or externally, and your file review system can be part of that auditing process. Of course, if you undertake audits internally there can be questions asked about the independence of the system. We have discussed audits briefly in Part 3. File reviews not only allow you to check the risk assessments are being completed, they also allow you to consider whether or not the solution you have implemented is effective and is doing the job you want it to. You might find you need to reword a particular question if staff have not found it clear, or add a new risk if some matters are being identified as posing particular issues. Do not be afraid to update your risk assessment and make it a living document, reflecting the risks of the firm. You can create a feedback loop of continuous improvement, not simply through file reviews, but through understanding what AML issues are being addressed within the firm on a wider basis as well. Of course, file reviews are an excellent way of identifying problems, but your MLRO will also receive reports of different scenarios, as will the management of the firm, and even heads of department. Individual staff members will also see what is happening ‘on the ground’. All of these sources of information can lead you to identifying criteria to put in your initial risk assessment, and even factors to add to your firm wide risk assessment. By using this type of feedback mechanism, you may be able to prevent matters that have caused problems previously from occurring again. This is a further demonstration of effective risk management and the management of AML issues.

Solution Diamond Acorn LLP decide to update their individual matter risk assessments for all matters excluded under the extended due diligence policy, to take account of their changing work profile. They decide they may need a number of forms to account for different circumstances, and create an effective, flexible ‘gate’. They communicate their requirements across their firm to their staff. They add in some of the specific risks that arise on the firm wide risk assessment into these forms. Instead of implementing one risk assessment per department, they decide to try to summarise some of their firm wide risks on their individual matter risk assessment. They perceive this is possible due to the similarity of the issues their departments face in dealing with litigation; a solution perhaps not possible if the firm took on different types of work in the future. The firm also implement a Client money form (see Case study 6), to cover the full lifetime of the file, and to sit alongside this risk assessment more generally, so remove some entries from this transaction risk assessment as duplication. The firm also perceive the need for a firm wide file review system, which takes account of the risk assessments and how they are being completed, to sit alongside the financial file reviews in Case study 1. They decide to review the system and implementation, as well as the results on a quarterly basis in the first year, by adding extra boxes to their financial file reviews and conducting analysis of 313

Part 5  Case Studies completion rates. Incorrect completion of the risk assessments or failure to address risks will be dealt with by the management of the individual concerned. The firm will implement a feedback loop to add in any new issues that need to be addressed. In addition, the firm will also be implementing an external annual audit in line with the Money Laundering Regulations. The firm’s individual matter risk assessment, tailored to their firm, looks like this:

Diamond Acorn LLP – Matter Risk Assessment – Individual To be completed immediately on any file where you are not using the Client Transaction Finance and Financial Health Risk Assessment. Check required or action to be completed

Completed (Y/N)

Identity checks Address check AML search Inc PEP Sanctions

(If Y to PEP or sanctions then refer)

Source of funds Any evidence of client misstating or hiding finances? Tax issue? Cash Source of wealth PEPs? Any tax issues? Corporate wealth on individual transaction? EDD / Simplified DD / Standard DD (specify, with reason, including large transaction) Ongoing need to monitor? High risk jurisdiction / Overseas jurisdiction EU / cross border? Usual sources of instruction? Third party Their above checks completed Role in this matter and ILA? Matter at beginning / middle / end Date of instruction? Easy settlement refer to MLRO Purpose of the litigation Any evidence this is not genuine litigation or claim, or evidence of Bowman v Fels (2005) situation? If settlement only – satisfied genuine dispute? Have we got all of the relevant information? Unusual advice request

314

Evidence Obtained / Outcome (specify) Or Comment

Case study 6: Finance team information

Overall risk assessment Need to refer to the MLRO? Staff are reminded of the need to comply with our policies and procedures when completing this form. Details of the types of identity and address evidence we accept are in our AML policy / procedures. This also contains details of the documentation we accept to prove source of funds and source of wealth, as well as our cash policy. However, passports and driving licences are always acceptable proof of identity, and recent utility and bank statements can be used as proof of address. For the latest high risk jurisdictions please visit the website of HM Treasury or the Financial Action Task Force.

Case study 6: Finance team information Commentary We have seen so far in this Part of the book that a number of forms can be designed to meet the requirements to have risk assessments in place. What is less common are forms for the use of client money. Often we see solicitors in practice operating a client account with the support of a Finance team. The monies held in client account are held on trust, and the solicitor may utilise those monies to provide the correct outcomes for their client. As the Finance team are unlikely to be party to the advice given to the client in each file, it can be difficult for that team to know and understand how the financial aspects of the file will work. To enable the Finance team, and the COFA in any regulated law firm, to make an effective ongoing risk assessment of the client account, we need to provide sufficient evidence and information about the monies to be received, and where they will come from. Providing this information in advance allows us to better assist the Finance team in understanding what monies to expect; allows the firm to identify and proactively manage unexpected deposits in the client account; and prevents the use of suspense ledgers. We have already provided one form – the Client Transaction Finance and Financial Health Risk Assessment at Annex E to Part 3 of this book. The templates here are offered as alternatives to that form, with different questions and a different emphasis. The form attached to Part 3 considers high risk areas for AML alongside the client account use, whereas this one covers client account use in a way which might be more suitable for those in medium sized or smaller firms. The benefit of the templates here in this case study is the amount of information the Finance team can receive about the transaction and what is expected on the file, which allows them to tie the ongoing client and legal position to the use of the client account. In Case study 1, Diamond Acorn LLP adopted an extended due diligence policy, using Annex E at the outset of some files to answer both AML and finance questions. Not all files would be covered by Annex E and it is a form to be used at the start of the transaction. The circumstances on a matter may change, and finance may need to be notified of a different set of circumstances. Also, where Annex E was not suitable or prescribed, the firm may benefit from an alternative; providing management with flexible solutions and an effective ‘gate’. Law firm client accounts can have many incomings and outgoings and ensuring the indebtedness to each client is managed effectively is important, otherwise the result 315

Part 5  Case Studies can be shortages. Any steps a law firm can take to manage this position could be important, and the forms shown in this section are also designed to be used at different stages of a transaction, where the amounts incoming and outgoing could change. Obviously some firms will have different, pre-existing procedures in place and each firm will find the best way to manage the complexity of the client account. Maintaining records for each client is required by the Accounts Rules, and is essential; as are regular three way reconciliations. However, we might say that the volume of transactions has increased in client accounts since the time when the Account Rules were first envisaged. Solicitors have historically been based in towns and cities across the country, serving their local community. If we go back seventy to one hundred years, this is where we would find them, with local clients. We are now in the position where transactions are conducted electronically, and clients are more remote. It is increasingly common for law firms to seek to grow their business by taking on clients nationwide and working electronically. Local knowledge may be prized in some circumstances, but there is also an assumption that growing a business is a positive position (at least from a commercial perspective). With the ability to work remotely a new opportunity has presented itself; the ability to take on more volume work. Consequently, a greater quantity of transactions are being handled by firms than previously, and law firms are being concentrated into larger entities. There could be the perception that the Accounts Rules are for the smaller firms, but the writer has seen firms with turnovers in the many millions operate well run client accounts, with effective and organised ledger systems, and daily reconciliations. It is undoubtedly a lot of work to maintain such a system. Obviously, the larger firms have teams in place to assist with the financial management of the firm. Sole practitioners and some in smaller firms may find they have the job of both COLP and COFA; overseeing the financial practice as well as the legal aspects of the firm’s work, which can make their compliance with the Accounts Rules less than effective. We also have to remember that the individuals in these smaller firms may be lawyers first, and trained in the Accounts Rules second – they are not accountants or used to running Finance teams. We then have two forces at work – for the larger firms operating in bulk or volume work, the challenge of maintaining a busy client account. For the smaller firms, the challenge of operating in compliance with the Accounts Rules while at the same time maintaining their legal work, with limited resources available to them. As well as the forms in this section, there are a number of other steps firms can take to maintain their compliance: •

Considering the use of the client account – in some cases the client account is one account, in other cases it may be a number of accounts, each with a different purpose or department attached. It can be helpful to consider the reason for holding the money (the area of law might give us some direction here), and the pattern to the movement of money – again perhaps in that area of law.

•

Considering the pattern of movement of monies, and creating a set system for that movement – we have discussed this idea further in Parts 1 and 2, and it results in a standardised system with predictable results that is easily reviewable and manageable – perfect for both a volume operation and for an organised small firm. 316

Case study 6: Finance team information •

Daily reconciliations – while the Accounts Rules require monthly reconciliations, for some firms this will be far too little, and will result in firms looking for small errors in accounting over the course of the previous month. The writer herself has spent significant periods of time looking for small amounts to correct reconciliations. A daily reconciliation, usually aided by a computerised accounting system, can be fast, effective, minimise mistakes, and ensure the practitioner is aware of any issues.

•

Computerised accounting systems – these take many of the difficulties out of performing reconciliations and other accountancy tasks by doing the work for you. There are reports of errors sometimes, and we are of course aware of the Horizon cases. However, there are vast benefits to the speed of using a computerised system.

•

Ensuring new ledgers and files are created for each client or client matter – a lot of confusion can be caused by using old files and ledgers, particularly in circumstances where the Finance team have some awareness of what financial movements should be expected on certain types of files. Reusing an old file for a new or different type of file is not appropriate in such situations and can be an indicator of attempting to circumvent such systems. If a client has monies remaining on the ledger after the last transaction, they should be returned to the client directly. A similar position can arise if a firm operates a ‘general’ ledger for a client; this again can cause difficulty.

The notification forms shown in this section are designed to be used when the practice first takes on a client and / or becomes aware the client will need to use the client account. They are also designed to update the Finance team during the lifetime of the matter as to the monies due in and what they are for. In this sense, they also follow on from Annex E to Part 3 of this book, and can be used to show a change in circumstances as well. If using the forms at the start of a matter, we might make the following assumptions: 1.

That a file has been created for the client already.

2.

That a ledger has been created for the client already.

Sometimes these steps are taken automatically by an integrated file management system and clients of course do not have to use their corresponding ledger if it is not necessary. For example, if a client comes in to have a contract reviewed, and that is their only legal need, they would require a file, but perhaps not a ledger if your firm operated under the latest set of Accounts Rules. However, that ledger might be created automatically. If you are concerned that old files or ledgers have been used or could be used, you could add these points to the forms. The notification forms here are designed to offer an opportunity for the organisation to forewarn the Finance team of incoming funds, and the likely path of the matter. The Finance team benefit by understanding the structure of the case and how it will progress, and what that means for incoming and outgoing monies and this form allows this over the lifetime of the matter.

Finance team – Client account form Please complete this form and return to Finance at client inception if you are not using the Client Transaction Finance and Financial Health Risk Assessment. 317

Part 5  Case Studies

You will also need to use this form at any point the answers to client account questions require updating, for example when a party you expect to receive funds from or pay funds to, changes. Information required

Provide your answer

Client name(s) and client matter number Type of client matter Use of client account expected? Y/N and provide explanation (i.e. what for) Where will funds into the client account be received from? (For example, the client) How much are you expecting? Provide bank details. If from a third party, please complete identity and source of funds checks in line with the AML policy, as well as considering whether they need independent legal advice. Where will funds be sent to from the client account? How much? Please list all parties, including bank details if the party is not already known to us. Do you have an approximate time frame for these payments from and to the parties? If so, please explain. Do you expect to have to provide an account to the client (or any other party) of the full transaction, that we will need to assist with? Will monies need to be sent to any other client or existing matter number? If so, which one, how much, and when? [Optional] We have standard client account operations in some areas of law. Do you expect to deviate from this? If so, explain how.

Signed by Fee Earner: Name: ………………………………………………………………………………………… Department: ………………………………………………………………………………………… Signed: ………………………………………………………………………………………… Date: ………………………………………………………………………………………… 318

Case study 6: Finance team information

Countersigned by Head of Department: Name: ………………………………………………………………………………………… Department: ………………………………………………………………………………………… Signed: ………………………………………………………………………………………… Date: ………………………………………………………………………………………… Provided to Finance Team: Provided to Finance Team on: ……………………………………………………… Signed by Finance Team: …………………………………………………………… Name: ………………………………………………………………………………… The Finance team reserve the right to query the receipt of any funds into client account. Please note, if funds are not notified to us, or paid by mistake, there may be a delay in allocating the funds to your client or repaying the sums paid. A fairly common concern can be mistaken payments into client account. On occasion these can turn out to be fraudulent transactions and those sending payment try to cause confusion by asking for more money back, perhaps in tranches, or for monies to be sent to different places. This form also allows you to take steps to prevent that by tracking who is paying into the client account and why. Often, fraudsters who are making such payments in and trying to cause confusion about re-payment will ask for the monies to be sent back very quickly, so as to prevent effective decision making. The form builds in a delay; creating a procedure to prevent fraud and assist with AML, which allows you to take the time you need to make reports to the relevant authorities, or consider what the person sending the money is asking for, and whether it is a genuine request.

Solution – Client account form Diamond Acorn LLP decide to implement the new form alongside the Client Transaction Finance and Financial Health Risk Assessment to improve the information to their Finance team. They hope it will ensure the effective management of their client account for matters not covered by that form, and during the lifetime of files. They also hope it will prevent fraudulent transactions of any type, or the receipt of the proceeds of crime. They also add new wording to their office manual (and inform all staff of the update). The wording of the manual and email to all staff says: ‘All staff must either use the Client Transaction Finance and Financial Health Risk Assessment or Client Account Form to inform Finance in advance of incoming funds and advise them of the structure of their transaction. Any unidentified 319

Part 5  Case Studies receipts into the client account may not be available for use for up to 10 working days, as time is required for identification and verification. Timely completion of either of the forms allows you to access client funds promptly. The Client Account Form is suitable when the Client Transaction Finance and Financial health Risk Assessment is not prescribed, and during the lifetime of the file, when the AML risk assessment has passed. Staff are asked to appreciate that Finance can be placed in difficult situations. Clients sometimes ask for transfers of funds directly and put Finance staff under pressure. In other firms the depositing of client funds and requests for immediate returns has led to mistakes and losses to client account; some of these situations have been frauds. Finance handle the monies directly and the COFA has to ensure compliance. Please tell any clients in this situation to expect a delay and in some situations possibly some form of identification check. Your co-operation is greatly appreciated and helps to safeguard the firm.’ The new form is in operation within the firm and an example of it completed in a (fictitious) scenario is as follows:

Diamond Acorn LLP – Finance Team – Client Account Form Please complete this form and return to Finance at client inception if you are not using the Client Transaction Finance and Financial Health Risk Assessment. You will also need to use this format any point the answers to client account questions require updating, for example when a party you expect to receive funds from or pay funds to, changes. Information required

Provide your answer

Client name(s) and client matter number

Mrs J Shersby – matter number 6789

Type of client matter

Employment – unfair dismissal – remedy: a. reinstatement; or b.  compensation, holiday pay, and compensation for loss of future rights. We previously completed Client Transaction Finance and Financial Health Risk Assessment for Mrs Shersby when we were first instructed. Mrs Shersby liaised with ACAS directly herself in the meantime, and has reverted to us. The AML has passed and is the same, but the client account use is now clarified here.

Use of client account expected? Y/N and provide explanation (i.e. what for)

Y for our costs and further Y if compensation

320

Case study 6: Finance team information

Information required

Provide your answer

Where will funds be received from? (For example, the client). How much are you expecting? Provide bank details.

Mrs Shersby will pay £500 towards costs upfront and this should be received shortly. Her bank details are ABC Bank, Account Number 1234, Sort Code 99-99 The organisation who dismissed Mrs Shersby, that being [fictional organisation] Ecorreco, or their solicitors. Bank details for Ecorreco or their solicitors not known at this stage, to be provided at a later point.

If from a third party, please complete EDD and source of funds checks in line with the AML policy, as well as considering whether they need independent legal advice

I will confirm that EDD and source of funds checks have been undertaken on Ecorreco with the solicitors on the other side.

Where will funds be sent to from the client account? How much? Please list all parties, including bank details if the party is not already known to us.

Estimate compensation if due £12,912 for unfair dismissal, £500 for holiday pay, and £400 for loss of statutory rights, but this may not be paid as we are hoping Mrs Shersby will be reinstated. Minus our fees of approximately £2,000 (or lower) for basic representation – it is a straightforward case. Case insured against costs from the other side. The compensation if due will be sent to Mrs Shersby, bank details above. Our fees will go to the firm office account.

Do you have an approximate time frame for these payments from and to the parties? If so, please explain.

One-day hearing expected 2022. The matter may be settled beforehand and we are hoping Mrs Shersby will be reinstated. Otherwise compensation may arrive in early 2022. Mrs Shersby will pay the remaining approximately £1,500 on conclusion of the case, if necessary (or the amount of our fees, which may be lower).

Do you expect to have to provide an account to the client (or any other party) of the full transaction, that we will need to assist with?

Yes. We will need to provide an account to Mrs Shersby on conclusion of the case. We may also need to provide financial information to the insurer and agree the sums received with the other side, but it depends on the outcome.

Will monies need to be sent to any other client or existing matter number? If so, which one, how much, and when?

No.

[Optional] We have standard client Not applicable. account operations in some areas of law. Do you expect to deviate from this? If so, explain how.

Signed by Fee Earner: 321

Part 5  Case Studies

Name: ……… Matt Acorn ………………………….………………………………. Department: ………… Employment……………………………………..………… Signed: …………M Acorn…………………………………………………………… Date: ………………30 March 2021………………………………………………… Countersigned by Head of Department: Name: ………………Gary G Acorn…………………………………………………. Department: ………………Employment……………………………………………. Signed: ………………G G Acorn………………………………………………………….... Date: …………………30 March 2021 ……………………………………………. Provided to Finance Team: Provided to Finance Team on: ………31 March 2021…………………………… Signed by Finance Team: ……………S Campbell ………………..……………… Name: ……………Sara Campbell …………………………………………………. The Finance team reserve the right to query the receipt of any funds into client account. Please note, if funds are not notified to us, or paid by mistake, there may be a delay in allocating the funds to your client or repaying the sums paid. From this information, it is clear to the Finance team what is happening with this case and what funds they might be expecting, when. The Finance team are also being provided with bank details; names of parties; and an assurance that due diligence has been done or will be done, on the other side. For any team handling client monies this minimises the risks of handling finances which are the proceeds of crime, and provides an outline of the anticipated use of the client account.

Case study 7: AML training This final case study concerns the training and learning within the organisation. While the Money Laundering Regulations and Proceeds of Crime Act set out the requirements for training and learning, the organisation has to interpret those requirements and provide an appropriate level of learning and support for those it employs and contracts with.

Scenario As we have seen, Diamond Acorn LLP is growing in size and needs to take on more staff. They need to assess the skills those staff have in AML, and put in place 322

Case study 7: AML training a training plan to meet their needs. They are open minded to the level of staff they take on, but overall need a mix of capabilities. They are looking for some new recruits with senior knowledge and understanding, and some with more junior levels of experience to fill a range of posts and meet the needs of the firm as it grows. The firm believe all new staff will require some training from them in AML and they are looking to conduct initial assessments of their knowledge, skills and experience. However, during recruitment Diamond Acorn are also looking to identify anyone with particularly strong AML knowledge and abilities to help the partners lead their firm wide response to these requirements.

Commentary We have seen in Parts 3 and 4 that organisations are required to vet their staff and provide suitable training for them. The relevant regulations from the Money Laundering Regulations are 21 and 24. This training should be undertaken on a regular basis. Some regulators prescribe once every year, or once every two years. There are serious penalties for failing to undertake the correct level of training and learning within your firm, including potential criminal offences. It is therefore important to stop and consider carefully how you will implement a training and learning plan that addresses the variety of information that needs to be imparted and the skills your staff need to develop. We sometimes overlook the skillset needed to implement an effective anti money laundering process. The effective implementation of such a process in the average law firm requires: •

technical knowledge;

•

management skills;

•

time management;

•

critical thinking;

•

decision making; and

•

effective customer service.

It also requires something of a positive mindset towards compliance. All of those skills and attributes can be overlooked as we strive to understand the technical detail of a situation or position. Solutions proposed in this Part of the book encompass not only ideas for subjects which should be covered, and how to work in AML alongside other types of compliance training; we also focus on the idea that individual personal skills may be required when dealing with an AML process. Measuring a person’s personal skillset can be quite a controversial and challenging topic, and you may find you would like to train all of your staff in these skills. 323

Part 5  Case Studies First we start with assessing the suitability of your staff – and then drawing out a suggested approach to delivering training with a law firm.

Assessing suitability The requirement within the Regulations is to vet staff and consider their suitability. This is within regulation 21. You may meet this requirement by undertaking the following: •

A disclosure and barring check.

•

Solicitors Regulation Authority or other regulator history check. For the SRA this can be done on the website on the ‘Check a Solicitor’s History’ page. This search function also provides details of non solicitors who have been subject to enforcement action by the regulator. You may be able to find similar details by reviewing the websites of other legal regulators or contacting them directly.

•

Taking up references from different sources, including previous employers.

This type of assessment is an assessment of the trustworthiness of the individual. It should be noted that there are character and suitability assessments in place for becoming a solicitor, and that the SRA also do not approve those with criminal records to be involved in law firms or hold positions that require specific authorisation, such as Money Laundering Reporting Officers.

Assessing skillsets There is another type of assessment for suitability, and that is the assessment discussed earlier of the individual skillset of the person. We can see this reflected in regulation 21 of the Regulations. This type of assessment focuses on their suitability for their employment context. If we look at the Money Laundering Regulations and Proceeds of Crime Act, we might go beyond the knowledge of the technical requirements and say there are the following areas which lend themselves to the implementation of the requirements: •

Good customer service skills, including persuasion, tact, and diplomacy – for discussing the need for identification, source of funds information, and for obtaining the same from associated family members who may be reluctant to provide the information. Sometimes the bank of mum and dad can cause family embarrassment if financial details have to be disclosed.

•

Complaint handling skills – the ability to diffuse or deflect a situation is invaluable if there are concerns about money laundering; the practice may not be able to say anything to the client at all. Being able to reassure a client, whilst at the same time not saying anything is a key skill in complaint handling – often used while an investigation is ongoing or when there may be an issue of negligence. This skillset can be practised and used, but you may find it useful to seek out people who have a complaint handling, insurance, or customer service frontline background.

•

Presentation skills – you may wish to deliver in house training to meet your AML requirements, and develop and own this yourself. A  well practised 324

Case study 7: AML training speaker can be persuasive and adept at engaging audiences in dealing with this complex topic. •

Procedural analysis – this may be continuous improvement or any other background in dealing with reviewing and developing procedures. Facilitating the development of the process around AML is important. Some firms find they have just the bare bones of the procedure as required by law, when in fact more is required to ensure the firm and staff have the ability to take advice, develop responses, and feedback into the process.

•

Management skills – good management skills may include being visible and leading by example in the delivery of the AML agenda. There are increasing moves to make AML a governance issue so anyone willing to take on the role of MLRO or MLCO should be considered a useful addition. Management skills may also include incident management for reporting, and cross firm scanning for further incidents.

•

Critical thinking – the ability to identify whether or not an issue is money laundering is important. We have distinguished between money laundering and other types of crime, and it is important to be able to consider the difference between types of conceptual issue, and what may or may not fall into a particular category.

•

Legal analysis – the ability to analyse legal information to establish the correct position is also helpful for a MLRO or MLCO. You may alternatively find this available in paid for legal advice externally.

You can assess some of these skillsets yourself by posing specific requirements in adverts, through interviews, and through assessment centres.

Assessing knowledge and expertise The final category of suitability is covered by the knowledge and expertise of the person and how that matches to the job role they are being given. For example, we would say that an MLRO requires a more detailed knowledge of the law in respect of money laundering, than a junior member of staff or someone who works in administration. Over the coming pages we look at the range of training possible, and set out categories of training and learning for your firm to consider. There is also an alternative solution provided in Part 4 of this book.

Assessing training We have seen already that the Regulations and legislation require prescribed levels of training, with specific areas to be covered. Some of these requirements are for all staff – not just those working in compliance or with a particular post. The secretaries and other non fee earning staff also have a role to play in dealing with AML and they also have reporting responsibilities as well; they should therefore also be trained. There is a possible approach to training outlined shortly. There is also an alternative solution set out in Part 4, which covers in detail the legal and management issues that could be covered to train all staff thoroughly in this area of law. Readers will additionally find a sample ‘Compliance training plan’ (covering all aspects of compliance and not just money laundering) at the end of this Part of the book in Annex A. 325

Part 5  Case Studies

Commentary: proposed training plans Standard training Given there is a standard set of requirements, and all staff should be regularly trained, we might start with a set training pattern or requirement, regardless of the assessed needs of the staff. This might sound like too much, but the reporting responsibilities are required by law and become criminal offences if they are not adhered to. As a result, staff need to be informed of the course of action they should take to prevent them from committing a criminal offence, even unwittingly. This information should be conveyed regularly, including in the form of training. The decision of what to cover in standard training is a complex one, but the writer’s experience is that delivery to an all staff group requires quite a bit of work to make the training accessible. For this reason, focusing on the themes of the training (such as signs of money laundering, risk assessments, and the steps in the reporting process), rather than the law, works well. The writer often separates out these two levels of detail and delivers separate legal based training to groups of solicitors / licensed conveyancers / other lawyers as a stand alone session, and this is shown here under the heading ‘Specific training’. If a firm is tight on time however, they can combine the standard training with the legal training (shown under specific training below), all in one session. When considering what type of training to use, you can consider the benefits of face to face training, which can provide a new perspective and give the chance for staff to cover the issues in a new setting. Formal training can often underline the seriousness of the position. However, for ease of covering all staff you can also try video or online learning, or even facilitating regular discussions in how to comply. An example of a standard training schedule (without the legal training) is shown here: Staff Groups / Individuals

Covering

Delivery method

Timetable

All Staff

What is money laundering? Warning signs of money laundering High risk situations Our risk assessment Conducting due diligence Reporting to the MLRO – process and steps you must take Tipping off When to make a report Taking advice Where to find more information

Face to face training

All staff should be trained once every two years. April 2022 (face to face training) April 2024 (face to face training)

Specific training Other individuals may need more specific and detailed training. You might build on the training above by adding additional layers to your training plan. This might be a second layer for lawyers within your firm, who could receive additional training to understand the legal process, including reporting, offences, and the detail of the Money Laundering Regulations. 326

Case study 7: AML training Finally, you may have a final group of compliance, management, and MLROs and MLCOs who receive specific and detailed training to fulfil their roles. This may be the same as any training delivered on the legal process and finance process where appropriate (for example for COLP and COFA), but might also include: •

giving feedback within the reporting process and the difficulties with advice;

•

designing procedures; and

•

the management and legal options for the firm if a report has to be made, including the possible outcomes.

An example of a role specific training schedule covering standard, legal, and management training is shown here: Staff Groups / Individuals

Covering

Delivery method

Timetable

All Staff

What is money laundering? Warning signs of money laundering High risk situations Our risk assessment Reporting to the MLRO – process and steps you must take Tipping off When to make a report Taking advice

Face to face training

All staff should be trained once every one – two years

Lawyers, management, and MLRO / MLCO

Requirements of the Money Laundering Regulations Offences in the Proceeds of Crime Act Legal professional privilege Company and trust registration requirements Case law: Bowman v Fels (2005) and Da Silva (2006) Liability for reporting

Face to Face training

Once every one – two years, or refresher training as required

MLRO / MLCO and management

Governance issues – decisions for management within the reporting process The reporting process – legal decisions to be made Consequences of reporting for clients and next steps for law firms to take Complexity of giving internal legal advice and the benefits of external advice Managing staff and tipping off processes during law enforcement decision making Designing and managing procedures for AML Designing AML risk assessments Updates on the latest legal positions

Face to face training and group facilitation

As required

327

Part 5  Case Studies

Assessing training needs While we have a standard training plan in place, we may also wish to consider the individual learning needs and goals of the staff members we have within the firm, and this also helps to meet the requirements of the regulations. This can help you to measure whether: •

Staff have particular training needs.

•

The training you have in place has been effective.

•

Individual staff members feel comfortable in fulfilling their roles, or whether additional training is required.

•

New starters have any particular training needs, or whether they are qualified to fulfil certain job roles.

•

Appointed officers have sufficient embedded knowledge to fulfil their roles and take the decisions expected of them.

Some matters can be covered by training and learning, but others might require more direct on the job experience. As a result, a reflective exercise or short test can help you measure whether or not the individual has met the standard you expect. There are sample exercises for continuous professional development (CPD) in the next Part of the book, which you can also use as tests for staff members. However, there are also reflective exercises here which can assist staff at different levels in considering whether they would like more learning, development, or experience in any particular area. These assessments can be marked or considered internally by someone with sufficient knowledge, and to many of the statements there is a right or wrong answer. If discussing the outcome of these assessments with the person who completed them, be aware that some of the statements are complex to unpick, and some also contain statements of feelings. In both cases, it is worth probing whether or not there is something more to the explanation or discussion, or where the answer has arisen from. This should be undertaken in a positive way, as the person completing the assessment may be showing some underlying knowledge. Some members of staff may find these assessments quite hard, so consider the level carefully before using them. Do ensure if you take on this task, you are confident in having this discussion and eliciting this type of feedback, bearing in mind you may also be expected to provide feedback as well. The end result of the assessments might be the recommendation of further learning and this should be offered in a supportive way, without becoming too challenging. Sometimes if we have asked for a feelings based response, we need to recognise that an individual has offered a personal perspective and support that personal response. It is not possible to cover all of the required learning within these assessments, so you may wish to add your own statements covering areas relevant to your firm. Alternatively, you can look for patterns of what needs attention and deliver a slightly broader training package as appropriate. 328

Case study 7: AML training

Commentary: training and learning needs assessments Standard training and learning assessment Statement

Your response: Correct / Incorrect / Other – explain

Office use

Your response: Correct / Incorrect / Other – explain

Office use

If I am suspicious of money laundering, I need to report to the Money Laundering Reporting Officer Due diligence is the process of verifying client identity Enhanced due diligence is the process of checking whether someone is a PEP Money laundering is not a serious concern within law firms To check client identity, I need to consider the bank statement of the individual Source of funds means checking which bank the monies came from Our practice risk assessment helps us manage AML risk I know where to find information about the warning signs for money laundering High risk jurisdictions are determined by the practice If I make a report to the Money Laundering Reporting Officer, I am not allowed to discuss it with the client If I make a report to the Money Laundering Reporting Officer, I am not allowed to conduct any further work on the file

Legal training and learning assessment Statement

Legal professional privilege does not apply if the retainer is in furtherance of a crime In the Proceeds of Crime Act an arrangement is any step which furthers money laundering or an attempt at the same Other offences in the Proceeds of Crime Act include concealing the proceeds of a crime and obstructing an officer handling the proceeds of a crime The Money Laundering Regulations create offences

329

Part 5  Case Studies

Statement

Your response: Correct / Incorrect / Other – explain

Office use

The requirement to have a practice wide risk assessment is contained in the Proceeds of Crime Act All law firms should have an internal audit for AML There is no civil liability for reporting if made in good faith Bowman v Fels (2005) creates the effect that the distribution of the proceeds of crime can be made under a contract. Beneficial ownership registers only apply to companies and trusts with more than £1 million in assets. The Money Laundering Regulations specify which regulatory bodies are responsible in AML for which sectors; types of bodies; or professions.

Financial training and learning assessment Statement

Your response: Correct / Incorrect / Other – explain

The client account can be used for any type of transaction the client requires. If the client telephones and asks for their money in client account to be returned, I should send it to them. The money in client account cannot be the proceeds of crime because it is with a solicitor firm. Client money can be transferred between client ledgers as needed. Source of funds means where the money came from, such as the bank or building society it was held in. Reporting to the Money Laundering Reporting Officer is required where the sum is greater than £10,000. Suspicious transactions are ones which relate to the proceeds of crime. Bills can be raised at the end of the matter for the sum left on client account. The client can direct where sums can be sent out to once they have been received, including to third parties. We can accept cash up to £2,500.

330

Office Use

Case study 7: AML training

Management training and learning assessment Statement

Your response: Correct / Incorrect / Other – explain

Office Use

I feel comfortable with the decision making process for AML. I understand my role in the decision making process for AML and feel able to perform it. I understand the legal and financial aspects of AML, including the implications of the legislation and how to investigate a case of concern. I can design and produce a risk assessment for AML. I can design an internal audit for AML. I understand the decisions that should be taken by the business if we need to make a report, and the implications in liability. I understand the timescales for reporting and what might happen next. I am able to produce a contingency plan for handling client monies if consent is not provided. I am able to produce client care documentation for covering client matters if we need to terminate a retainer. I can give advice on individual or linked client files where there is a concern or query about AML. I feel able to exercise a solid degree of judgement in AML. I can see a money laundering report through from reporting to final conclusion.

Compliance training can also be part of a wider training programme for staff, and at the end of this Part of the book, in Annex A to this Part of the book, there is a sample training programme for a medium sized law firm, covering the broad range of training in compliance and professional standards that might be expected within the firm. This sample training programme will not be right for everyone, but it may give you a broad basis of what you might want to achieve within your firm in terms of compliance as a whole. Of course, the SRA and other regulators require an element of reflective practice on an annual basis to sign off the annual renewal. That reflective practice should encompass not only compliance, accounts, and AML, but also the area of law in which the solicitor practises as well. It is important to achieve that balance and ensure that the solicitor has the opportunity to expand his or her knowledge within their own professional practice. Accordingly, your firm wide training programmes would also encompass learning and development in each area of law, and best practice for your staff. Guidance on these areas may be 331

Part 5  Case Studies available from the relevant section of The Law Society, or specialist organisations such as STEP.

Solution Diamond Acorn LLP decide to implement a standard set of training across the board for all staff to complete once every year as set out on page 326. They will implement further training for staff with particular responsibilities as set out on page 327. To assess the suitability of staff they recruit they will conduct disclosure and barring checks, and follow up references, as well as checking regulator websites for adverse decisions. To assess training needs, they will implement the training needs assessments at pages 329–331 at the appropriate levels so they can start to understand where additional training is required and what the focus should be across the firm.

332

Annex A: Sample Compliance Learning and Development Plan

This sample compliance learning and development plan covers a year in a medium sized law firm and indicates the training in compliance subjects that could be offered to staff during the course of the year. Imagine if you had joined a law firm where individuals had traditionally sought their own learning and development externally to the organisation, as required. This might have been done with the support of the organisation; for example if the firm had paid for the external training. But perhaps there was not an organised or co-ordinated view of compliance learning and development offered by the firm, aside from firm wide AML training. This plan reflects a solution to that problem – a year in which the organisation starts to offer wider compliance training internally to all staff. The responsibility for AML training and for maintaining competence and compliance rests with the MLRO and the management of the firm, including the COLP and COFA. The firm may want to build on that requirement and add additional compliance learning. This plan covers a year’s worth of internal compliance training; an investment in time and staff that might leave the firm with a strong legacy in this area for years to come. For smaller firms or for firms without an ability to commit this time, you can adjust the timings and perhaps complete the training over a number of years. To do this and still use the plan below, simply add the relevant year next to the month. You could alternatively change the timings below and run one session once every six months; in doing this you might cover a large number of compliance issues within four or five years. If you use external organisations to deliver these sessions then asking your delivery partner to leave workbooks, exercises, and other materials with you for you to use can also give you a means to refresh those skills in the future and create the beginnings of an internal firm knowledge and training bank. Of course, this is just a compliance training plan, and each department would want to offer their own subject specific updates as well, or source these externally. The plan is also placing the emphasis on offering sessions, and these sessions would usually be offered more than once. The delivery method for each session is not specified and firms could choose to bring in an external delivery partner to assist; consider the vast array of webinars and training delivered through external CPD providers; or develop their own sessions in house if they have the expertise. Don’t forget that some form of AML training should usually be undertaken every one to two years. If a firm completed all of this, they might follow up in future 333

Part 5  Annex A: Sample Compliance Learning and Development Plan years with written learning (such as the sample questions contained in Part 6 of this book). They may also cover any updates required in the coming years.

Compliance Training Plan The following training plan applies to all staff. Staff will be invited to training sessions designed according to their job role. Staff and departments may have their own training plans and objectives and this training is provided in addition to those. The learning and development policy of the firm is to ensure that all members of staff are competent, that is, they have the ability to perform their roles and tasks required in their job to the expected standard. All training will be evaluated by evaluation sheets designed to measure how satisfied delegates are with: the course overall; the quality of the materials; the quality and method of presentation; and whether the course met their learning objectives. Should a delegate feel their learning objectives were not met they would be asked to discuss further learning opportunities with HR, or their line manager, as appropriate. Course evaluations will be used to judge the quality of the course overall; the need for further training opportunities; and improvements to future training activities.

334

335

All finance staff and staff responsible for holding client money

SRA Accounts Rules July

June

All staff

Cybercrime

April

May

Reception staff and other support staff

AML introduction

March

All client facing staff, marketing staff and management

All fee earners, secretaries and partners

AML and Anti Bribery – Intermediate

Feb

Acting with independence – Client Care, Separate Business and Referrals

MLRO, Deputy MLRO, COLP, COFA and deputies

AML – Advanced

January

Dates

April

All staff

Your Learning

COLP, COFA, and All staff SRA Standards and Regulations

Staff level

Training session and time [Insert your own preferred method in each of these boxes, for example, webinar, external trainer]

Delivery method

Separation of client and office money, circumstances in which payment can be withdrawn, client account as bank account, AML issues in holding client money. Source of funds.

Refresher training on IT security issues covering firewalls, user accounts, spam, passwords, and cybercrime issues.

A more detailed look at the requirements for acting with independence for anyone considering a referral arrangement or working with another business.

Covering the requirements for COLP and COFA as well as a broad overview of the Principles and Code of Conduct in the Standards and Regulations.

ID, warning signs, offences, internal reporting

AML – due diligence, ID, source of funds, internal reports, reports to NCA, sanctions, PEPs, high risk jurisdictions, and changes under the latest updates. Common scams. Bribery – Bribery Act offences, financial advantage, marketing.

Expert level training session to cover making reports under POCA

Taking responsibility for your personal development under the Competence Statement and how to get the most from your personal development plan

Other notes

Annex A: Sample Compliance Learning and Development Plan

Staff level

All fee earners and partners

All managers managing staff affected by the Competence Statement

All staff in client facing roles

All staff

All staff

All fee earners and their staff

Training session and time

Conflicts of interest

Management Development – Coaching, feedback, and appraisals in light of the Competence Statement

Client care and Complaint handling

Your Learning – Reflective Practice

336

Confidentiality, Data Protection, and the GDPR

Undertakings

December

October

October

September

September

August

Dates

Delivery method

Other notes

Giving and receiving undertakings in conveyancing and non-conveyancing legal transactions. Ensuring conscious awareness when giving undertakings.

Regulatory requirements in confidentiality and managing conflict and confidentiality. Specific requirements under the GDPR and individual data rights. Obligations of the firm under the GDPR. Links across to AML.

Reflecting on your practice and addressing learning and development needs. Tools and techniques to help you reflect.

Regulator client care requirements. Also, a detailed look at complaint handling, including the role of LeO and their requirements. Third party complaints. Firm compensation and good practice in managing complaints. Continuous improvement, early feedback and regulatory requirements in managing clients.

Covering delivering appraisals, managing feedback, and coaching models useful under the SRA Competence Statement

Covering obligations in professional conduct, identifying and managing conflicts, when to stop acting, acting on both sides, informed consent, and internal policies

Part 5  Annex A: Sample Compliance Learning and Development Plan

Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

If you work in a small firm, this annex provides wording you can use for part of your AML process for natural persons. There are prompts throughout the wording to add your own details, and where additional points would be needed to make the document complete. In particular, you will need to complete the sections on simplified and enhanced due diligence, which have not been filled in, and this allows you to tailor the procedure to your firm accordingly. Do bear in mind that compliance requirements can and do change. Some of these ideas have been current for some time but do keep an eye on the ongoing updates. The wording used in this template can also be used as a template for you to follow, but in your own words. In this way it provides an outline or structure which can be adapted to reflect the nature of your work and can provide confidence about the types of information to provide in your policy. Use of the wording is not mandatory in any way, and you can make your own decisions about your policies and procedures. This wording has not been assessed against the Lexcel or CQS standard, but of course it could be amended to meet those standards. Before using this wording as a sole practitioner or small firm you will need to assess whether it is suitable for your needs, and to what extent. Remember this is a template for you to edit as you require; not all of the template will be relevant to your firm. To re-iterate, the wording here can be used for standard or straightforward policies or procedures in AML related to natural persons. You will need to add additional sections for enhanced due diligence (obtaining more information about a client in situations of high risk); simplified due diligence; and any situation that by its nature presents a higher risk of money laundering. There are prompts for these situations and other sections that are required in the template. Remember, you may not deal with simplified due diligence. This wording does not deal with policies and procedures for AML governance, or your practice wide risk assessment. You will need to consider these yourself, noting that some examples for your practice wide risk assessment are contained in other Parts of this book.

Anti Money Laundering Money laundering is the process of hiding and using illegally obtained money or other proceeds of a crime. If a crime has been committed, and the criminal has 337

Part 5  Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

made money, they will likely try to use it. They may try to make the money seem ‘clean’, by purchasing a property or buying a business. Law firms are particularly at risk as they operate client accounts, and because criminals can use the legitimacy of the law firm to hide the proceeds of their crime. KNOW YOUR CLIENT One of the main ways to combat money laundering is to ‘Know Your Client’. Checking client identity and verifying that against known sources can prevent money laundering as often criminals seeking to launder money use fake identities. Checking identity also protects the firm, other clients, and our transactions from fraud, insurance claims, and regulatory or police investigations. Know your client also goes further and requires us to understand the nature of the client’s transaction and whether it is in keeping with what we know about a client. Following this advice helps us spot fraudulent or fake transactions. REPORTING Where staff know or suspect, or have reason to know or suspect that money laundering or terrorist financing is taking place, staff should report the matter to the Money Laundering Reporting Officer [insert name]. [Specify here if there is a form for staff to use]. This includes situations where the identity we are checking is not correct, or where there is anything else unusual about the transaction. The Money Laundering Reporting Officer will consider whether to make a report to the National Crime Agency (or whichever agency is responsible for receiving such reports at the time) and whether to ask for consent to continue with the transaction. We may have to stop work while we wait for consent to proceed, and we may not be able to inform the clients, due to the risk of tipping off. Staff will be advised by the MLRO about ongoing work and client contact. If necessary, the MLRO will contact [insert named law firm] for advice on how to proceed. RISK ASSESSMENT Our practice [insert name] has conducted a risk assessment and found the following particular risks related to money laundering due to our work in the following areas: [insert areas or types of work / transactions and their risks]. The following areas may be considered more straightforward, without enhanced risks: [insert areas or types of work / transactions], however these will still be monitored for unusual transactions and any red flags that might be present. In each case we ensure that our client’s means and lifestyle are consistent with the transaction. A copy of the firm’s risk assessment can be found [insert where].

338

Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

MATTER RISK ASSESSMENT Each client matter will also have its own risk assessment and a form is provided for this purpose [state where – note, practice to provide. It should include red flags, high-risk jurisdictions, identified practice wide risk factors, and any other indicator of money laundering]. Please consider the risk of money laundering and provide a justification for your assessment of each client matter. CLIENT IDENTITY AND INSTRUCTIONS For straightforward transactions involving natural persons, where there is no reason to consider the transaction presents a high risk of money laundering, we will adopt a consistent approach to checking identification and verifying identity in line with the Money Laundering Regulations and any updates to the requirements. When the client joins the firm, we will establish the nature of the transaction, take instructions, and establish who our client is. Please also refer to the following procedures in this manual for client onboarding [specify here which other policies and procedures would cover client onboarding]. We generally do not accept instructions from an intermediary, as this poses a risk of: •

not acting in the clients’ best interest (and/or a conflict of interest);

•

not receiving correct instructions;

•

the client being taken unfair advantage of; and

•

in some cases, fraud.

All instructions should be taken from the client directly. Please speak to the MLRO and the COLP if you are instructed by a third party to the transaction; the third party is likely to be referred elsewhere for independent legal advice. Those providing finance (such as a house deposit) where we are acting in a transaction, will need to provide identity documents and financial information to the same standard as specified here. Please consider carefully whether there is a conflict of interest in this situation, and refer to our separate conflict of interest policy; they may need independent legal advice. We require all clients to produce their identity documents at the start of the transaction, and undergo an electronic identity check, otherwise we are unlikely to act any further due to the risk to our practice. Difficulty obtaining client identity documents should be referred to the MLRO. We are aware of issues related to access to legal services which will be taken into consideration. Client identity documents should be verified using an electronic search. We will accept the following types of identity documents. Clients should produce one from each list. Documents used for proof of name and date of birth cannot be used for proof of address, and vice versa.

339

Part 5  Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

Proof of name and date of birth

Proof of address

Current signed passport

Council tax bill (last three months)

Current signed photo driving licence

Bank or mortgage statement (last three months)

Original UK birth certificate

HMRC self assessment demand letter Current driving licence

[OPTION: PLEASE ALTER THE ABOVE TO REFLECT ANY SPECIFIC REQUIREMENTS FOR YOUR AREA OF LAW – FOR EXAMPLE SPECIFIC MORTGAGE LENDER REQUIREMENTS]. In some instances we may accept letters from another solicitor or other regulated person confirming identity or even undertaking due diligence for us. Depending on the extent of the work undertaken to confirm identity, this can be known as ‘reliance’ and bears additional risks to our firm. Accordingly, this must not be undertaken for us by another firm or person without the permission of the [insert governance structure – for example the Directors or the Partnership]. Please speak to the MLRO about alternative options for identity documents. The MLRO will consider available money laundering guidance at the time, and consider what alternatives are available. We see identity documents in person, take copies in our offices, stamp and date them, or sign and date them. We check likenesses, and ask to meet all clients in person when checking identity. Fee earners and those working on client files are asked to check signatures provided during the transaction against those provided on identity documents as an additional security measure. We [do / do not] use the HM  Government / HM  Land Registry Safe Harbour Scheme. [In order to operate this scheme we take the following steps …. Insert detail] Electronic identity checks are obtained from [insert detail] and should be run as soon as you receive the client identity documents to allow us to verify and confirm who our clients are. International electronic identity checks are obtained from [insert detail]. We use these identity checks as they allow us to verify the following client details, from the following sources: [please specify – not all identity checks are the same and some obtain information others do not]. CLIENT FUNDS If we will be receiving funds for the transaction exceeding £1,000 then we will obtain details as to the source of funds. Suitable sources of information include payslips, letters from accountants or employers, company accounts, dividend paperwork, and bank accounts in the name of the client. In all cases be aware of large deposits in bank accounts, check the source of those funds and obtain evidence from this list above. Also consider whether the client has paid appropriate tax as required. Speak to the MLRO if you have difficulty establishing source of funds for your transaction. 340

Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

As a matter of policy, the firm does not accept cash payments of more than £500. Please see our accounting policies for details of the procedure to follow when funds are accidentally or unexpectedly deposited in our client account. POLITICALLY EXPOSED PERSONS When we are establishing the nature of the client instructions we will also establish whether the client is a politically exposed person (PEP), as defined by the Money Laundering Regulations in force at the time, and with reference to any approved guidance. We can do this by considering the detail of the situation as described and the client circumstances, and by asking the client if necessary. We will also verify this decision by electronic verification of client identity, and internet searches where needed. Politically exposed persons require the approval of the [insert appropriate governance structure – should be Directors of the business or the Partnership], before commencement of the transaction. If we are instructed by a PEP and the instruction is approved, the MLRO will advise on further checks, including enhanced due diligence. This is likely to include additional confirmations of identity, and stringent checks on the transaction itself. We will likely require additional documentary evidence from a variety of credible sources (including – if available and appropriate – government sources, or sources also regulated for AML) confirming the transaction, and the source and nature of the financing for the transaction. The MLRO will specify the exact documentation as this may vary from transaction to transaction. We will also check and verify both source of funds and source of general wealth for any PEP; the latter means the source of their overall financial position. PEP transactions should be monitored throughout their duration, and any changes to the transaction, source of funds or financing, or any other material aspect of the transaction, should be notified to the MLRO. PEP transactions will always be high risk, and this will be taken account of in our risk assessment. PEP status and the above procedure also applies to the close associates and relatives of a PEP. RED FLAGS Please see the separate tax evasion policy for details of our policy on preventing tax evasion and our risk assessment. Transactions which are over [insert amount], and groups of linked or related transactions will automatically be referred to the MLRO or MLCO for consideration and/or advice. Fee earners are also asked to be alert to unusual instructions or patterns of instruction, as well as transactions which serve no economic or legal purpose. Any matters bearing these red flags should be referred to the MLRO or MLCO for consideration and/or advice. All fee earners (including senior staff) will have their files regularly reviewed in line with our file review policy, and managed while they are away from the office, and such matters will also be considered at this point. 341

Part 5  Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons

HIGH RISK JURISDICTIONS AND SANCTIONS Transactions where instructions, monies or even individuals come from overseas will require consideration as to whether there is a geographic risk, including identified high risk countries for money laundering and terrorist financing, and those subject to sanctions. [Insert wording here concerning whether you have or have not identified any specific risks in your risk assessment]. The practice will provide information to departments from HM  Government, the Financial Action Task Force, Transparency International, and the European Union as to the current high risk jurisdictions. This will be available [in a folder / on the wall] and will be updated every three months by [insert name of administrator]. Please refer any cases to the MLRO or MLCO for consideration and/or advice. In addition any instructions from a jurisdiction with which we are unfamiliar should also be referred to the MLRO or MLCO as a secondary safeguard. We are aware that sanctions can be applied against countries, ships, individuals and corporate bodies; please be alert in new instructions and refer to the regularly updated lists. Our electronic search providers also check for sanctions. Any red flags on the search must be referred to the MLRO immediately. We can also cross check the result with the lists provided by the Office of Financial Sanctions Implementation (or whichever body is responsible at the time). If in receipt of a report, concerning sanctions the MLRO will report to HM Treasury and the firm will immediately stop work on the file until they receive the appropriate authorisation to proceed (noting that the file may not be able to go ahead). REPEATING CLIENT DUE DILIGENCE We will repeat client due diligence when there has been a change in circumstances, a change in the risk assessment of the matter, or where we have reason to contact the client again in any calendar year. This may also arise when there has been a change in the client risk assessment. CCD FOR CORPORATE TRANSACTIONS, TRUSTS, AND OTHER BODIES If instructed by a corporate client we will [insert details] If we find a discrepancy between Companies House records and client information, we will [insert details] We will repeat client due diligence when [insert details] CDD for trusts [insert details] CDD for other entities, partnerships, foundations, societies, charities and any other body [insert details]

342

Annex B: Part Template AML Policy for Small Firms, Covering Natural Persons ENHANCED DUE DILIGENCE We will conduct enhanced due diligence in the following circumstances [insert details….] We will do this by [insert details] [OPTION] SIMPLIFIED DUE DILIGENCE We will consider simplified due diligence in the following circumstances [insert details] Our procedure will be [insert details] Our AML governance procedures, including the procedure for reporting and associated forms can be found [insert details]

343

Part 6

Continuous Professional Development

Contents Introduction  Exercises to be used as exams or discussions  Exercise 1: The Textile Manufacturer  Exercise 1: The Textile Manufacturer – possible answers  Exercise 2: The Luxury Client  Exercise 2: The Luxury Client – possible answers  Exercise 3: Overseas Risk  Exercise 3: Overseas Risk – possible answer  Short scenarios  Short quizzes  Quick fire AML situations  Practice scenarios  Tasks  Reconciliation (and general Accounts Rules) exercises  Annex A: Further information and some answers

346 348 348 348 352 353 357 357 360 361 367 369 374 381 387

Introduction Those law firms and individual solicitors regulated for anti money laundering (AML) under the Money Laundering Regulations are obliged to undertake regular training and learning in the subject, and provide the same for their staff. However, we must also remember the breadth of some legal qualifications. Regardless of whether some firms are directly regulated, solicitors are still obliged to maintain their competence in a number of areas, and the SRA’s Competence Statement provides us with some pointers as to where that is required. Imagine if a solicitor worked in-house in an area that was not regulated for money laundering, but they moved into an area of practice in another firm that was. That solicitor would need to have maintained their practice and professional standards across the board, including in AML. This basic level of knowledge and understanding is important for lawyers and those who work in legal services. This means keeping up to date with the latest developments, or revisiting that knowledge and understanding to the extent it brings you to the equivalent standard of qualification. Holding the title solicitor means those areas of standard knowledge, including AML, should be maintained. 345

Part 6  Continuous Professional Development In addition, and as we have already seen, the Proceeds of Crime Act 2002 (POCA) applies to everyone regardless of whether they are regulated for money laundering or not. This includes law firms whose work would fall outside the scope of the Money Laundering Regulations. Lawyers should also, as a matter of professionalism, understand the limits of their work and how far they can proceed with a transaction and in what circumstances. The proceeds of crime provide an excellent example of a restriction in work for a client. The boundaries of solicitor work in these circumstances, and how to gain consent, are important points to learn. Lawyers handling client money are also obliged to understand the provisions related to the Accounts Rules, both generally, and – the writer believes – how these might relate to their area of practice. This might include how the accounts in their area of law are commonly dealt with, and good and bad practice in accounting to, or presenting information to, the client. Solicitors, licensed conveyancers, and other lawyers are therefore required to complete continuous professional development (CPD) as part of their drive to both maintain and/or deepen their knowledge and experience. The SRA’s specific regulations for this can be found under the Code of Conduct for Individuals, rule 3.3 and the Code of Conduct for Firms, rules 4.2 and 4.3. In addition, the SRA have published various discussion papers and communications aimed at clarifying the steps solicitors and those regulated by the SRA are required to take. The CLC have similar provisions in their Continuing Professional Development Code. This regular training will be expected to meet the Money Laundering Regulations, as well as maintaining competence in dealing with the Accounts Rules, and other aspects of compliance. Of course, all law firm staff and those in legal services more generally will also want to grow professionally, and maintain and develop their knowledge, and the exercises here are also designed for them as well. Ensure you consider how all your staff can develop. We might think that regular training in the same areas will become repetitive; it can in some cases, but a number of points need to be considered: •

Frequent practice generates confidence and over time, expertise.

•

Innovation often comes from deep knowledge and understanding.

•

We all forget over time, and maintaining our knowledge can be as important as extending it.

•

We often need new skills as careers develop, for example, in management, and gaining this skillset can also be important in compliance positions such as COLP, COFA, MLRO and MLCO.

As well as using this book for information and learning in anti money laundering and the Accounts Rules, you can also use it to explore and learn more about regulation and professional conduct. We have also covered something of the current regulatory set up in England and Wales and internationally, as well as the legal services industry, and of course, aspects of the criminal law. If you are an accountant working with law firms, this part of the book may also be of use to you in the Accounts Rules exercises, and there are two quite detailed reconciliation exercises in this Part of the book. 346

Introduction If you are using this book to meet the requirements in the Money Laundering Regulations, you will need to maintain a record of the exercises you have undertaken, and how they have been delivered (for example with your team, or at staff events). This is required by regulation 24(1)(b) of the Regulations. If you work for a regulated law firm, they will wish to keep a record as well under the same provisions. Similarly, regulated firms are also required to confirm their staff have maintained their competence at annual renewal. This applies to both licensed conveyancers and solicitors, and maintaining records of your activities will help you to demonstrate this should the authorities ask for the records to be made available. All staff must be trained on the Money Laundering Regulations. This applies to all grades of staff – including junior staff, and anyone who might handle money or meet clients, such as reception staff. A  failure to train staff is a breach of the Regulations and can be a singular point of failure of a firm if staff do not receive the basic learning for their job. Not having been trained in the regulations is a defence for staff members under the Proceeds of Crime Act 2002, section 330, but the MLRO, MLCO and those responsible, as well as the firm, risk prosecution in the first place for failing to implement training in line with the requirements in the Money Laundering Regulations and the Proceeds of Crime Act. Staff should also have training appropriate to their job role and the level of their responsibility. This means that administrative staff should have training appropriate to the administrative tasks they might undertake – for example in checking identification documents, or the receipt of cash payments. Mid-level staff will require more intensive training and this would include a more detailed understanding of movements of client money permitted by the Accounts Rules, and the factors that lead to concern about the profile of a transaction. Those occupying the most senior positions in the firm should have a very high level of training – this should include the entire management team. While the decisions to report or otherwise rest with the MLRO, and compliance with the MLCO, those with direction setting and overall management responsibility will need to know about and understand such decisions. The training required for the MLRO and MLCO is even greater; they should know and understand the entire process, from initial receipt of instructions through to reporting and the consequences of not receiving consent. They should also have a plan for legal advice and support should they be in a position where a report is made but consent is not received, and/or have a very strong line on the type of instructions the firm will take on and those the firm will not. This Part of the book includes training material, short exercises, and longer written tests and examinations that have been used by the writer in and with law firms. Some of the Practice Scenarios were used by the writer on her ‘Anti Money Laundering’ session of the Practice Skills Course for solicitors, but are also suitable for all grades of professional to practise their decision making. There is also some new material which has been published here for the first time. You can use these written tests and materials to test yourself, test your team, or work through together as a group with other people. The materials in this section can be used as standalone CPD, to review and learn as you work through the problems posed. Or, as suggested in the previous Part of the book, this type of CPD can be a useful follow up to classroom or webinar-based learning. However, all rights are reserved in respect of these exercises (and indeed the whole book), 347

Part 6  Continuous Professional Development and while it is permitted to use the exercises here and materials in the book within your firm, they should not be used commercially or in competition with the writer. Review the exercises here and work through them to add to your CPD. Keep a record of what you have completed in your personal development plan.

Exercises to be used as exams or discussions The following exercises can be used in at least two different ways – either as exams, or as facilitations with your team. Sample answers to both (a guide to the facilitation for the facilitator, and a possible exam answer), are provided underneath the exercises. Using the questions as facilitations with your team allows you to gauge their knowledge and bring a range of discussion points to the group which can help develop your internal processes as well as their understanding.

Exercise 1: The Textile Manufacturer You are based in England. You have a new commercial client – a company whose head office is in Portugal called Camisa. They have a parent company headquartered in England called Woven. Camisa manufacture textiles and they are involved in a deal to buy a small company in England called Seeds and Sewing who manufacture cotton. Seeds and Sewing is very small but profitable and produces very high quality goods. Camisa instruct you in the acquisition of the company. Question 1: What due diligence do you need to undertake? Question 2: What if Camisa had a parent company in a jurisdiction at high risk for money laundering, and were reluctant to disclose beneficial ownership?

Exercise 1: The Textile Manufacturer – possible answers FACILITATION The team are likely to start discussing how they will obtain due diligence on Camisa. Sometimes teams will respond by discussing the specifics of the due diligence required. That might be a discussion of obtaining information about the company and their registration, or the ID documentation or identity checks you can run on the person giving instructions and anyone providing authority within the company. You can go through the Regulations and also encourage the team to think about: 348

Exercises to be used as exams or discussions

•

The Register of overseas entities and whether Camisa need to register in the UK as part of the transaction; they may need independent legal advice about their position and beneficial ownership. The advice might need to be obtained in Portugal, as the company are based there, and Woven may also require advice.

•

Client due diligence on Camisa (regulation 28) and proving beneficial ownership of the company by Woven (regulations 28 and 43). Consider client due diligence requirements for Camisa in the UK.

•

Control exercised by the company in the European Union and the risk of money laundering in the European Union.

•

Enhanced due diligence (regulation 33) and whether this is required as a large and complex transaction or because Camisa are a remote client (regulation 33(1)(f)), and what this might entail. Enhanced due diligence is for the firm to specify, but regulation 33(3A), although concerning high risk jurisdictions, is a helpful reference point.

•

Source of funds (transaction finance) and source of wealth (client financial health) for the transaction and generally (see regulations 28(11), 33(5) (b), and 33A).

•

For the option of the high risk jurisdiction, further consider the implications for enhanced due diligence (regulation 33(3A)), FATF reports, or HM Treasury guidance, sanctions, and whether the situation is suspicious given the additional reluctance to disclose beneficial ownership.

•

Also consider options for client and enhanced due diligence in cases of reluctance to disclose beneficial ownership (see regulation 28(7) and 28(8)).

•

Whether we can use simplified due diligence (regulation 37).

POSSIBLE EXAM ANSWERS Possible grades: • Pass •

Pass with praise

• Merit • Distinction •

Distinction with praise

Question 1 is the pass / fail exam. Question 2 should only be attempted by those expected to pass, and a correct answer to question 2 leads to a higher overall grade. When looking for an answer, any wording which means the same or similar will achieve the grade. Not all points need to be covered at each grade category to achieve the grade. 349

Part 6  Continuous Professional Development

Question 1 A basic answer (passing mark), could say: •

Identify the company Camisa (based in Portugal), understand the beneficial ownership and the control structure of the client (including Woven, the parent company in England), and understand the nature of the instructions.

•

Confirm that the person providing instructions from Camisa has authority to do so.

•

You should also identify the source of funds for use in the transaction.

For additional marks and a pass with praise mark, some or all of the following would be noted: •

In practice this means; evidence of incorporation for the corporate body in Portugal (or equivalent) and confirmation they are also registered there; their name; address (and where they conduct business); company number; names of the Directors (or equivalent); the law to which Camisa is subject; legal ownership; organogram; and suitable identity documents for the beneficial owner / and or management giving instructions.

•

Woven as the beneficial owner may be on the register in Portugal (assuming Camisa are registered there). You may also find information about Woven from UK Companies House, including registration and the PSC register, but this should be confirmed, and cannot be relied upon alone.

For a merit answer, some or all of the above, and some of the following: •

You may also consider the Register of overseas entities in the UK and whether Camisa will need to go on the register as a result of the transaction. If so, they may need separate legal advice about the position from Portugal to cover their position. Woven may also require independent legal advice as they may also have to go on the register as a result. You may want to observe the outcome of this discussion and possible registration as it may impact your assessment of the beneficial ownership of Camisa.

•

We should also take account the risk assessment for the transaction and any particular risks you have identified as a practice, when forming our risk assessment for this client. Commercial acquisitions can in some circumstances be high risk for money laundering, as are remote clients, so you will need to understand the transaction, and parties, well. This might mean asking a good amount of questions about the companies, the identities of those involved, what is involved in the transaction, and their motivations.

•

This risk assessment may lead you to enhanced due diligence. This may mean also establishing source of wealth for the beneficial owner, and monitoring the transaction throughout its lifetime, with additional controls being added during that period.

•

You might also have mentioned reviewing the company register in Portugal (or equivalent). 350

Exercises to be used as exams or discussions

For a distinction answer, all or most of the above, and some of the following: •

The relevant regulation for CDD is regulation 28 of the Money Laundering Regulations.

•

The other relevant regulation is regulation 33, enhanced due diligence, which requires you to take additional measures to verify identity and the transaction whenever there is a higher risk of money laundering, and regulation 33 also specifies what those are. An answer may cover those specific requirements.

•

To take additional measures to identify the control structure of the client (regulation 28), you could discuss this with the client, obtain corporate evidence of the relationship and control, including their company accounts, job descriptions of relevant individuals, and organisation charts. Their website may also assist.

•

If discussing beneficial ownership (regulations 28, 33, and 43), you can say that you can ask a third party to confirm beneficial ownership, such as another lawyer registered in an equivalent jurisdiction for money laundering, and discuss reliance. This option is usually sufficient for most organisations and beneficial owners; those of any size will likely have legal representation.

•

There is also an exemption within regulation 28 for those struggling to identify the beneficial owner, where the law firm can treat the person giving instructions as the beneficial owner, provided the client is a corporate body and all methods of tracing the beneficial owner have been attempted. You must keep records if that is the case.

•

Simplified due diligence (regulation 37) – simplified due diligence can be undertaken where a company is listed on a regulated market, and this would mean an exemption from obtaining beneficial ownership information. However, you would need to consider a full risk assessment, and the risk factors noted in the regulation. The problem does not say either company is listed on a regulated market.

•

As an additional control measure, you can also consider the financial position of the Camisa and Woven in light of the information provided and whether this appears consistent. This might include profitability, liquidity, debt and utilisation. The same measures may also apply to Seeds and Sewing. Additional financial controls you could use as the matter progressed include checking the bank accounts monies are received from and sent to, checking currency amounts and the bona fides of Portuguese or other financial institutions which appear on the firm’s bank statements. The manner and frequency with which payments are made might also be relevant.

Question 2 Correct answers to this question increase the overall grade boundary by one place. To do this, some of the following should be covered: We might wonder where the jurisdiction was that was a high risk jurisdiction for money laundering. These change reasonably frequently and there are a number of risk factors. You may also consider sanctions. The United Kingdom 351

Part 6  Continuous Professional Development

follow the Financial Action Task Force’s list for high risk jurisdictions and this has been confirmed. There are individual reports available for each country and this can help us decide whether the matter we are presented with falls within the area of concern and, if so, to what extent. Regardless, due to the presence of the higher risk we will have to take enhanced due diligence measures in respect of the transaction. This would definitely include confirming the source of funds and wealth for the transaction from both Camisa and Woven, as well as taking the other steps in regulation 33(3A) of the Money Laundering Regulations 2017, which cover the requirements for enhanced due diligence. There are also steps outlined in the sample answer to question 1 which cover the actions available to us for obtaining disclosure of the parent company’s beneficial ownership. We could also choose to rely (within the meaning of the regulations at regulation 39) on their legal representative to conduct this due diligence for us. However, we may need to ask some questions here about why they are unavailable and consider whether it is suspicious. It is interesting to note that if the parent company (Woven) was headquartered in an EEA state, and the company (Camisa) complied with all relevant policies and procedures, enhanced due diligence would not apply by virtue of any involvement in a high risk country (regulation 33). Therefore the placement or headquartering of the business is highly relevant to whether enhanced due diligence measures apply to its transaction by virtue of involvement with a high risk country. If we did think the transaction was suspicious, we should make a report to the MLRO under section 330, and they will need to consider whether to report under section 331, both of the Proceeds of Crime Act 2002.

Exercise 2: The Luxury Client You are suspicious that a client is laundering money. Their small income is inconsistent with their luxurious lifestyle. You can see they have an expensive car, property, and clothes. However, their income is limited and you are not aware that they are independently wealthy. The client is well known to the firm for various matters. You receive instructions to purchase a second home for the client. You are just at initial instructions stage and have not yet asked for identity documents or source of funds. You decide to make a report to your Money Laundering Reporting Officer. Question 1: Consider the role of the MLRO in this situation. What do they need to do? Question 2: Map the process of reporting, and identify key issues for the firm and individual fee earners to consider. 352

Exercises to be used as exams or discussions

In answering these two questions, focus on the process of reporting for AML and the roles involved, rather than considering the additional information that could be requested from the client.

Exercise 2: The Luxury Client – possible answers FACILITATION The team are likely to start discussing the role of the MLRO and the decision to report or not report. The team may also identify that the MLRO would then possibly report to the National Crime Agency and you would need to wait for consent. Despite the direction not to discuss information that could be asked for, discussion may also centre on the information you could obtain from the client at this stage. Some team members may feel it is inappropriate to ask for anything more as you had already formed a suspicion. They may question, if a report is to be made, whether in asking for the information, there would be an issue of tipping off. Where the line lies in making the report, and the possible issue of tipping off, can be a useful facilitation point. You can use this exercise to discuss with the team where in the legal process the report would be made and the definition of suspicion from R  v Da Silva (2006). The answer about whether a report would be made, may depend on whether there was enough evidence to form a suspicion about the client’s wealth. This might be from the other matters the firm had acted in, or from their overall knowledge, and may take account of whether the firm was aware of the reason for the apparent wealth of the client. You can also, in facilitating this session, discuss the reasonableness of the report. If there are alternative explanations that the fee earner is otherwise unaware of, or the MLRO felt the fee earner had otherwise jumped to conclusions, does that change the view of the team about whether the situation falls within the definition of suspicion in R v Da Silva (2006)? The role of the MLRO in balancing these decisions and providing the considered answer of the firm can be another discussion point for you to have with your team. You can centre in this discussion on the role of the MLRO as being different to the role of the individual in reporting, and that the MLRO has to make up their own mind as to whether there is a requirement to report – this being a separate decision to that of the individual. Each person has to make their own mind up. Other issues that may be identified for discussion include: •

Reporting to the NCA.

•

MLRO as a management position and involvement of the overall management of the firm in making important decisions about the firm.

•

External legal advice required by the MLRO. 353

Part 6  Continuous Professional Development

•

Getting all the information and codes right in reporting to the NCA, and for the fee earner to give the correct information to the MLRO.

•

Tipping off – and the direction to be given to the individual fee earner.

•

Storage of the client file or separate file with AML information on it.

•

Receipt of any client monies and what to do next.

•

Obtaining consent, drafting consent, and the boundaries of consent.

•

Advice on proceeding with the transaction.

•

Ongoing monitoring.

•

Good faith and liability.

POSSIBLE EXAM ANSWERS Possible grades: Fail Pass Pass with praise Merit Distinction Distinction with praise Question 1 is the pass / fail exam. Question 2 should only be attempted by those expected to pass, and a correct answer to question 2 leads to a higher overall grade. When looking for an answer, any wording which means the same or similar will achieve the grade. Not all points need to be covered at each grade category to achieve the grade. Question 1 For a pass, most of the following should be covered: The MLRO would consider whether they were suspicious and their obligation to report. The MLRO may then make a report to the NCA, or consider whether to monitor the relationship, or decline the report (and perhaps provide feedback to the individual). For a pass with praise, most of the pass should be covered, and some of the following: 354

Exercises to be used as exams or discussions

They could consider the file, speaking to the persons involved, and the whole situation including previous matters and what is known about the client, bearing in mind also the red flags or warning signs of money laundering, and the firm’s risk assessments. The MLRO is a difficult role and needs to balance the obligations of the firm with the obligations of individuals and the duties to the client. The policies and procedures of the firm should be followed. For a merit, most of the previous answers should be covered, and some of the following: An awareness that there is a judgement in making the decision (either staff member or MLRO) beyond simply indicating the need to consider reporting. The possibility of the MLRO taking independent legal advice, and even that the fee earner may need legal advice. Advice for the staff member may come from the MLRO and may also cover tipping off. The role of the management team in governance of the firm and how they might consider the management position. This may also cover good faith and liability, and storage of information. Within storage you may cover destruction as a possible tipping off issue. This answer may also cover the internal procedures of the firm and any particular forms you require to be completed. Candidates may also cover the possibility of a report needing to be made previously, and whether or not this has happened. The MLRO may review this position and previous files. Distinction answers should cover most of the previous answers, and some of the following: The relevant sections of the Proceeds of Crime Act for reporting; that being section 330 for individuals and section 331 for the MLRO. The amount of information required by the MLRO to make a report to the NCA, and drafting consent. You could also cover proceeding within the boundaries of consent. The timescales in making a report – ie conducting due diligence as soon as possible, reporting to the NCA within a good amount of time within the transaction, and awaiting consent or eight working days. Receipt of any client monies and holding those monies on the ledger in this situation. The relevant sections of the Proceeds of Crime Act (section 327) concealing, (section 328) arrangements, and (section 329) acquisition. The answer may also cover potential client exit strategies. 355

Part 6  Continuous Professional Development

The MLRO may need to give advice on proceeding with the transaction after any report is made and the ongoing monitoring. The following may also be included: •

Privilege (within section 330 as a defence to not reporting) – no requirement to disclose if the retainer is subject to privilege and the matter is not in furtherance of a criminal purpose.

•

Asking for consent; there are two types of disclosure – one asking for consent to proceed with the transaction, and one not; consider which to make.

•

Drafting a consent from the NCA can be a complex process and the MLRO needs a lot of information to make the report.

•

The importance of providing all information up front to the NCA.

•

In this case there may be a delay for the file during the wait for consent and consideration should be given on how to manage that position with the client.

•

The firm will need consider how to manage the position regarding any failure to provide consent from the NCA and whether they would need a contingency plan to enable them to stop working with the client. This would need to include a plan for any client monies.

•

There is no civil liability for disclosures made in good faith (Proceeds of Crime Act 2002, section 338).

•

Tipping off (Proceeds of Crime Act 2002, section 333A) – the MLRO may give advice to staff on tipping off.

•

The MLRO may give advice or feedback to staff following a report, but there can be a complication – whether the advice being sought by the individual employee is in itself privileged. In some cases it can be useful to have access to external legal advice for employees and the MLRO, and also have a deputy MLRO.

•

In some cases you can inform the client (if to dissuade from criminal conduct), or the other side, (Proceeds of Crime Act 2002, section 333D).

•

A disclosure may be made to the other side in some circumstances where you do not suspect their involvement (Proceeds of Crime Act 2002, section 333C).

•

Any discussion of the available defences to the main criminal offences in the Proceeds of Crime Act 2002.

•

The firm and the MLRO may consider keeping the data of those subject to disclosures separately. Requirements under the GDPR and Data Protection Act 2018 may need discussion.

•

As well as considering a report to the NCA, the firm may also consider whether any other law enforcement agencies should be informed.

•

Whether the other side in this transaction should be considered. For example, whether they have undertaken due diligence. 356

Exercises to be used as exams or discussions

Question 2 A  correct answer to this question increases the overall mark by one grade boundary. The map of the reporting process can follow the map as indicated by the Proceeds of Crime Act 2002, which sets out the process as being: Individual (or firm) forms suspicion > Internal report to MLRO > MLRO decides whether to report to NCA based on own suspicion > Report to NCA if firm are suspicious. Acceptable answers include a written representation of the process, or a drawn one; there is no difference between the two. Candidates may also have added additional steps in accordance with the answers at question 1 and these answers are also valid. Candidates may also add the relevant sections of the Proceeds of Crime Act 2002, or any discussion of its terms within the process map.

Exercise 3: Overseas Risk This exercise is an advanced exercise. You have completed due diligence on your client, which has gone well. Your client then informs you that they will be receiving part of the funding for their transaction from a third party, who is based overseas. Answer the following questions: (1)

What risk does this transaction pose?

(2)

What implications does it have for the transaction that the third party is based overseas?

Exercise 3: Overseas Risk – possible answer QUESTION 1 In answer to question 1, we would need to consider the following in respect of the risk of the transaction: a.

Who the client is; they require due diligence, which has been completed. The issue might be whether we need to consider the situation further. We should also confirm whether there is any aspect of them which would warrant enhanced due diligence or additional questions in any event. This may include, for example, whether they are a PEP or related to a PEP. Of course, we could also consider whether they were a local authority with investments from overseas – and then whether they would qualify for simplified due diligence. 357

Part 6  Continuous Professional Development

b.

Who the third party is. They would require due diligence. We also need to consider whether there is any aspect of them that presents a higher risk of money laundering with reference to all of the risk factors we are aware of. This could also lead to enhanced due diligence. However in considering the third party, we have to consider whether they are separate to our transaction with our client and whether they need independent legal advice. If they do, we might also think about whether or not their solicitor would become involved in our due diligence.

c.

What the transaction is for and whether the transaction presents a higher risk of money laundering. In this consideration we might also look at the firm, regulator, and national risk assessments for money laundering. We may also consider whether we would meet the client or third party in person.

d.

The sum of money involved and whether it is out of the profile of the firm. A very large sum of money might automatically warrant enhanced due diligence.

e.

The source of funds (transaction finance), and the source of wealth (financial health), of the client and the third party, bearing in mind the third party may need independent legal advice.

f.

The location of the client, the third party, and the money – whether or not the client, the third party, or the money, were in a jurisdiction which was high risk for money laundering. This would take into account the FATF assessments, guidance from HM Treasury, and sanctions.

g.

Whether there was any other factor which by its nature meant the transaction or client presented a higher risk for money laundering, and this also may include whether the currency involved was high risk (for example, due to instability), or even whether the money involved was cryptocurrency. It would also cover the firm’s risk assessments for money laundering.

h.

The policy of the firm – we have discussed in this book the need to provide a perimeter around the firm and firms may take their own position on where they will accept funds from, and how they should be declared at the outset of the transaction.

i.

Whether or not there have been any similar transactions within the firm, or whether there are other concerns at the firm at the time. We have seen the possible internal assessment available to firms which looks at how to assess the risk posed at any one time and how this might respond to what happens within the firm.

The outcome of this assessment would then lead us to consider how much information should be asked for from the third party. We might be able to assume they would need to provide identification and an explanation of their source of funds (transaction finance), and possibly their source of wealth (client financial health), but this may be a role for their legal adviser. The extent of the proof of that position and the level of questions the firm could ask, along with the checking the firm might be able to undertake themselves are questions which rest with the detail of the individual transaction. 358

Exercises to be used as exams or discussions

Any red flag at any stage, or inconsistency, may lead to further questions being asked, including of the third party (or their solicitor). The transaction has progressed already and what has happened so far is relevant and decisions will already have been made about the risk presented at the outset. We may need to re-assess the risk again from the beginning to see whether any additional due diligence needs to be undertaken on the client as well, as the risk profile of the transaction may have changed due to this additional information. The risk should be assessed according to the client, transaction, and all of the circumstances, including third parties, overseas jurisdictions, and the source of any financing. Unfortunately, sometimes when we have made a decision about a transaction, it is easy to stick to that decision or be influenced by it. We must instead take the time to reassess the overall position according to the new information. We might ask ourselves why the client did not say anything before, or why this did not come up on initial enquiries the firm would usually make regarding due diligence. These factors may also mean the transaction becomes higher risk for due diligence, and more information is required from the client to confirm the position. It is important to re-iterate that in dealing with the transaction, we would need to understand whether the third party would require separate representation, and what their interest in the transaction would be. We may need to consider whether there was a conflict of interest between the individual and the third party. QUESTION 2 The position of the third party overseas means that the transaction needs to be evaluated in a new light; one which considers whether the jurisdiction is high risk (and even the extent of the risk, rather than just the ‘high risk’ categorisation), as well as the complexity of contacting the third party and verifying who they are. We have discussed high risk jurisdictions earlier, but of course all jurisdictions are evaluated and there can be some aspects which are higher risk than others, even if the jurisdiction itself is not high risk and we can determine this from FATF reports. We might look at a variety of sources of information reports, both about the country, and from within the country to determine whether or not the international element of the transaction would be high risk and whether or not that country would class it as high risk. Any suggestion of high risk would lead to enhanced due diligence, and a report to the MLRO if we were suspicious. If the third party does require independent legal advice for the reasons discussed in question 1, how likely is it that this could be provided to an equivalent standard when they are abroad? We might also ask questions about how they would transfer money in a practical sense. We therefore sometimes discuss the practicalities when dealing with international transactions. The international dimension adds an additional 359

Part 6  Continuous Professional Development

difficulty in communication and potentially understanding the transaction. We might say that in this type of scenario (one where there was an international element), the person abroad should be specifically and independently represented – possibly by someone in the United Kingdom, and by a person from overseas. This would safeguard their position; ensure they understood the transaction correctly; and were appropriately considered.

Short scenarios The following short scenarios are for you to work through and consider yourself. You can have reference to the Money Laundering Regulations 2017, Proceeds of Crime Act 2002, and this book. You may also find other reference materials of assistance.

You receive a new instruction from legal representatives of an offshore company. Through some diligent google searching, you find the person stated to be the director of the company is a director of several hundred companies, probably as a nominee. You receive appropriate identifying documents for the company, and for the director, which are certified by a UK registered solicitor. What else are you required to ask for and consider?

You are instructed by a private UK company in their purchase of commercial offices. They intend to use part of the space for their head office, and let the other part of the offices out, but they may use it all in the long term as they expand. The representative informs you the money is coming from the main business interests of hiring luxury cars and represents diversification of assets for the business. What options do you have for CDD and other AML checks?

You receive instructions from a client based overseas who is selling a property in England and Wales. They do not have a bank account in the UK and have asked you to hold on to the proceeds of sale and they will give directions as to where it should be sent. What can you do in this scenario?

Your colleague comes to you in a panic because her client has provided bank statements, but they show higher amounts coming in than she thinks her client should be paid. What steps can you take next? 360

Short quizzes

You are conducting file reviews when you notice photocopies of ID on a file which is certified by a teacher. What steps would you take next?

Your colleague comes to you upset because he can’t remember what ID he is expected to get for a company. He has obtained a Certificate of Incorporation and letter from an independent accountant showing the name, address and nature of business of the company. However, he is concerned one of the people instructing him might not be a director. What evidence can he obtain next and what further enquiries can he make?

You have just been appointed as the new MLRO in a very small two partner firm. You are fairly happy with the policies and procedures as they cover everything you have been trained about. There is a concern about a previous fee earner’s ID checking, but it is a limited issue. There are just a few files where the ID is not quite right. All of the files are still live. What could you do next?

Short quizzes Use the following short quizzes yourself or with your staff to test your knowledge of the current AML regulations, associated legislation, and standards. Also featuring are short quizzes concerning the standards related to the Accounts Rules. You can try to complete these quizzes against the clock – for example you could try to complete them in ten or twenty minutes. How quickly can you answer the questions? You are permitted to look up the answers online.

AML Quiz What are the current high risk countries? Where can you find this information? When should you conduct enhanced due diligence? Which regulation within the Money Laundering Regulations covers this? What is a designated person? Name two Acts or sets of Regulations that relate to AML. 361

Part 6  Continuous Professional Development

Money Laundering Regulations Quiz Name five things the Money Laundering Regulations require? Name two things (which could be concepts covered by the Regulations) that have stayed broadly the same since the Money Laundering Regulations in 2007? Name two things that were changed by the most recent set of Money Laundering Regulations? Which parts of the United Kingdom do the Money Laundering Regulations apply to? What is a PEP? Which Regulations require you to conduct a risk assessment? What do the Regulations say your firm wide risk assessment should cover? What is reliance? What is simplified due diligence?

Money Laundering Regulator Quiz What is the name of the AML oversight regulator? Which other risk assessments should you potentially take into account when dealing with your firm AML risk assessment? Name one area of law which is currently highlighted by any regulatory body as particularly high risk for money laundering?

AML Risk Quiz Name two risks highlighted by the Money Laundering Regulations directly? Name one external body (not your regulator) who are involved in developing risk assessments for money laundering? True or false, you must keep a written record of your firm’s risk assessment? Find two risks currently highlighted on the National Risk Assessment as risks for money laundering? 362

Short quizzes

The Money Laundering Regulations provide for the appointment of a nominated officer (the MLRO). What is the other possible appointment under regulation 21?

Corporate Entity Quiz What is the PSC Register? Why might you find it useful from an AML perspective? What categories of people appear on the PSC Register? Aside from maintaining the information on the PSC  Register, what other information does Companies House keep that is useful for AML? When conducting due diligence, what identity documents might you ask for from an incorporated company? Explain your understanding of beneficial ownership in no more than two sentences. Name two changes or possible changes occurring at Companies House?

Multiple Choice Quiz Select the correct answer: Which of the following should usually be included in your procedures for standard client due diligence? (Tick all that apply) a.

Proof of identity

b.

WiFi passwords

c.

Client instructions

Which of the following should usually be included in your policies and procedures for PEPs? a.

Not to acquire their money into the client account

b.

Enhanced due diligence

c.

Conflict of interest

Which of the following is often highlighted as high risk for money laundering? a.

Will writing

b.

CPD training

c. Conveyancing 363

Part 6  Continuous Professional Development

Which set of Regulations contains information about high risk jurisdictions for money laundering? a.

The Bribery Act 2010

b.

Money Laundering and Terrorist Financing (Amendment) (High Risk Countries) Regulations 2021

c.

Professional Standards of Conduct

Which of the following are useful resources for identifying high risk countries? a.

Financial Action Task Force website and reports

b.

Financial Ombudsman website

c.

Money Advice website

Which of the following has come under the Money Laundering Regulations since they were published in 2017? a.

Legal advice in the conveyancing sector

b. Cryptocurrency c.

Oil and gas sector

Accounts Quiz 1 Do practices only conducting legal aid require an Accountant’s Report? A legal aid practice’s regular payment is known as what? Name two changes in the Accounts Rules since 2019? Client money should be kept separately to what? Name two requirements for record keeping in the Accounts Rules?

Accounts Quiz 2: reconciliations Name two requirements for client money in the Accounts Rules? What information do you need to conduct a client account reconciliation? How frequently should a client account reconciliation be conducted? What should you do if you find a mistake in your client account reconciliation? 364

Short quizzes

Accounts Quiz 3: record keeping The practice record showing the individual client and office money held and spent in each transaction is known as the what? The practice record showing the overall transactions in and out of the practice is known as the what? What does TPMA stand for? Most practices require an Accountants’ Report. a.

How frequently is it required?

b.

Who does not require one?

Accounts Quiz 4: payments and transfers In what circumstances can you transfer money from client account to office account? In what circumstances can you transfer money from one client ledger to another client ledger? In what circumstances do you need to pay interest to the client?

Proceeds of Crime Act Quiz Name three offences in the Proceeds of Crime Act which could relate to the handling of suspicious client money. Name the offence committed if a staff member fails to report suspicions to their MLRO. Name the offence committed if the MLRO fails to report suspicions to the relevant law enforcement agency. Name the offence if you destroy information connected to a money laundering investigation. How else could you commit the offence in the question above? Name the legislative provisions for all of the above questions in this Proceeds of Crime Act Quiz. 365

Part 6  Continuous Professional Development

Defences to the Offences in the Proceeds of Crime Act Quiz Name three defences to one or more of the offences in the Proceeds of Crime Act Quiz. Which defence relates to the giving of legal advice? Name a defence that involves another person or organisation? Which defence has been noted as difficult to define? Name the legislative provisions for all of the above defences (in your answers) in this Defences Quiz.

Future Developments Quiz Name two possible future changes that may impact AML in legal services. Name one drawback to the greater use of personal data in identity checking. The introduction of the PSC register was aimed at greater transparency in corporate ownership. Can you name any further developments intended to drive the transparency agenda further forward? Name an international stakeholder that influences the UK’s position in AML? Quick fire personal consideration: What one change would you personally like to see to the law in AML?

Learning and Development Quiz Name one regulation in the Money Laundering Regulations which deals with training for staff members. An additional mark is available for an additional regulation. Describe two regulatory requirements for training and learning which apply to solicitors, licensed conveyancers or other legal professionals. Where can you find the requirement to maintain solicitor competence in the Standards and Regulations? Name the regulation. What is the question asked on the solicitor or licensed conveyancer annual renewal which relates to the maintenance of competence? 366

Quick fire AML situations

TPMA Quiz What are the requirements for using a TPMA, as specified in the Accounts Rules? Name the rule. Who would the TPMA provider be regulated by? Name one set of regulations the TPMA provider would need to abide by.

Regulation Quiz This quiz can be undertaken by either SRA or CLC regulated practices. Ensure you answer with the relevant provisions for you and your firm. In some cases, this might mean you need to consider two possible regulatory outcomes – for example if you are regulated by the CLC individually but work in an SRA regulated firm you might want to consider both. Name a possible regulatory outcome for a minor breach of the Money Laundering Regulations. Name a possible regulatory outcome for a minor breach of the Accounts Rules. Name a possible regulatory outcome for a major or ‘serious’ breach of the Accounts Rules.

Managing AML Quiz Name three things you can do to manage AML within a firm? Which person or persons are responsible for managing AML within a firm? Which policies and procedures are usually expected by the regulators as part of AML provision?

Quick fire AML situations These situations all raise AML questions. Try to complete them promptly, with a brief idea of what you would do next. Some of the scenarios follow on from each other. 367

Part 6  Continuous Professional Development

Dispute situation You are approached by a new client you have not heard of before in a dispute which may become litigious. Your client informs you she has asked for a fixed sum of £20,000 to settle the dispute, which she is hoping will resolve the issue as the problem in question is worth much more. You write to the other side, asking if they have instructed a solicitor, and you receive a letter back informing you they have paid the money to your client directly. Are you happy with this scenario? What about if your client subsequently asked you to confirm to a conveyancing solicitor that the money was received as part of a dispute? Travel situation You are asked to negotiate a contract for your client to travel overseas to a high risk jurisdiction for work. What factors should you consider? Identity situation A client is very secretive about their identity. They prefer to go by another name at all times. Do you need to obtain their ID documents? Identity situation 2 You receive a passport and driving licence in the post from a client. The photo on the passport looks sellotaped on and different to the driving licence. The electronic search shows the client is an Ambassador and a PEP. The transaction is very large – in the millions. The client is keen to progress quickly. What do you think you should do next? File situation Following on from Identity situation 2, the situation causes you to make a report to the MLRO. The file stops anyway as the client drops out of the transaction. Your firm suspect it was not a real transaction. What can you do next with the file?

368

Practice scenarios

Practice scenarios This section comprises first a set of risk assessment scenarios for you to complete, and secondly a set of anti money laundering scenarios. In the second set of scenarios you can consider whether you would like further information, and turn to the Annex at end of this Part of the book for that information (Annex A). Complete these scenarios on your own or with your teams.

Risk assessments This exercise allows you to practise your risk assessment skills. Write a very brief risk assessment for each of the fictional practices below. You can use any of the templates in Part 3 or 5, or in your own risk assessment style – whatever you prefer. Newlyn & Co are a small two partner wills and probate practice with no other fee earners. They only take clients from within a 25 mile radius and have known most of the families for many years. They did have a couple of cases where suspected fraudsters contacted them claiming to be beneficiaries in probate cases, but the firm managed to field these sufficiently. Coral Powell Patel and Sar Ltd are a large conveyancing firm with four directors. They do most of their work with clients who come from all over the country who they do not see face to face. They have just opened an international department who are servicing the needs of foreign investors in the property market. Some of these clients come from a range of diverse overseas countries. Burr & Co are a large 50 partner commercial and family law practice serving the needs of wealthy and highly important clients from a range of overseas jurisdictions. Their client list includes many members of overseas parliaments and other high profile individuals who they do not always meet in person.

Next steps AML scenarios These scenarios have been designed to allow the participant to think about the decision making process in anti money laundering. They do not have a right or a wrong answer. They were designed to be part of the Practice Skills Course for solicitors, and were to allow those just starting their careers the opportunity to develop their thinking and questioning processes around the receipt of information. The end result of these scenarios does not have to be a report to the authorities; it might simply be considering whether you would make an internal report to the MLRO, and what information you would ask for from the client or other source. The examination of the information you are presented with, and the decision to ask for more information, are important steps in their own right. The skills in analysing the information and the confidence to make those decisions should not be taken for granted, and should be practised. 369

Part 6  Continuous Professional Development

Law firms may find that those just starting their careers are not sure about how to approach initial decision making and whether some scenarios would require additional information or not. You can also find them useful for additional practise with those that are further along in their careers and simply want a refresh of the types of issues that come up and a reminder of the challenges their staff might be facing. You can complete these scenarios on your own or facilitate them with your team. There is further information to support each exercise, which the participant should not look at until they have considered the scenario. If you facilitate them with your team, you might want to withhold the further information and give it to them when they ask the right questions (or a number of questions). Remember, these are AML scenarios, and there is supposed to be something wrong. Consider the situation and what you would do next. You should: •

Read the scenario and information.

•

Decide what you would do next, including whether to ask for more information.

•

Write down your decision about what to do next.

•

Turn to page 387 to find out whether any additional information is available, if you ask the right questions.

•

Once you have obtained any additional information, decide what you would do next and write down your final decision. Remember your final decision does not need to be the end step in this process, you can imagine the law firm would go on to take other steps beyond this point. Also, to re-iterate, there might be something wrong.

Scenario 1 ID: You have obtained an original passport and a driving licence which shows that your client is Mr Ban Ivan, born 1 June 1975 in an EU country. You have made copies. The client is purchasing a property in Swindon for £140,000. He tells you he is working as a translator in London. You are satisfied with the ID. Bank Statement: ABC Bank Mr Ban Ivan Account number 00000111111 1 May 2022 – 31 August 2022 370

Practice scenarios

In 30 August 2022 Receipt ABC Kings Cross

Out

1,000.00

28 August 2022 Council tax

143.00

15 August 2022 Broadband Direct

18.00

10 August 2022 Suits Warehouse

115.00

31 July 2022 Receipt ABC Luton

4,000.00

10 July 2022 Receipt ABC Twickenham

2,000.00

1 July 2022 Bob’s Cafe

14.50

25 June 2022 Receipt ABC Colchester

3,000.00

13 June 2022 Pay at Pump Colchester 3 June 2022 Receipt ABC Reading

27.50 4,000.00

28 May 2022 Rent to Estate Agent

649.00

26 May 2022 Energy bill

120.00

12 May 2022 Receipt ABC St Albans

1,000.00

5 May 2022 Receipt ABC Crawley

2,000.00

Scenario 2 ID: You are acting for Mrs Bev Turner, a private client, in purchasing a company, the price is £250,000. You have a passport and driving licence for Mrs Turner which she posted, but you have not yet done an e-verification. Bank statement: ABC Bank Mrs Bev Turner Account number: 0000022222 1 May 2022 – 31 August 2022 In 1 June 2022 – Receipt RTYX Ltd

220,000.00

23 May 2022 – Receipt TCD Ltd

30,0000.00

Out

Scenario 3 ID: You have a new client, Mr Arran Barley, a British national, who is purchasing a property for £200,000 in London. You are based in London and Mr Barley is based in Scotland. 371

Part 6  Continuous Professional Development

You have no ID and he does not want to send sensitive documents so far to you. You know Mr Barley received £200,000 in a divorce settlement via another UK law firm recently and they will send the money directly to you, so you are satisfied with the source of funds. Scenario 4 ID: You get a new instruction to act for a client in a negotiation of a lease. You cannot make out the client’s name from the handwritten memo from your secretary. You have not yet obtained ID.

Next steps Accounts Rules scenarios The premise of these scenarios is the same as the ‘Next steps AML scenarios’. You do not have to solve them in their entirety, but we do have to consider the ‘next steps’ – what would we do next, and would we ask for more information? In the same way, we are saying that there is a set of skills that can be developed which relate to decision making and preparedness. You can complete these scenarios on your own or facilitate them with your team. There is further information to support each exercise, which the participant should not look at until they have considered the scenario. If you facilitate them with your team, you might want to withhold the further information and give it to them when they ask the right questions (or a number of questions). In these scenarios, you have to consider the information presented and what your next steps might be. In some cases, there will be something wrong. You should: •

Read the scenario and information.

•

Decide what you would do next, including whether to ask for more information.

•

Write down your decision about what to do next.

•

Turn to page 388 to find out whether any additional information is available, if you ask the right questions.

•

Once you have obtained any additional information, decide what you would do next and write down your final decision. Remember your final decision does not need to be the end step in this process, you can imagine the law firm would go on to take other steps beyond this point.

Scenario 1 You receive a re-allocated probate file from a colleague, and your law firm are the executors. Your colleague has been on sick leave for some time, and you 372

Practice scenarios

are not sure who has been running her files in her absence, however some work has been done in gathering in the assets on this file. The deceased is Mrs Brenda Brown who died in February 2022. She has a fairly straightforward will, leaving almost everything to her two sons, with a couple of small monetary gifts for her grandchildren. The value of the estate is less than the inheritance tax threshold. You have the ledger: Description Client in Client out

Client Total

VAT

Office Office In Out

Probate fee 1 Mar 2022

Office Total

-273.00

ABC Bank 2,500.00 14 May 2022

2,500.00

-273.00

Post Office 4,000.00 savings 26 May 2022

6,500.00

-273.00

Household 120.00 Utilities refund 10 June 2022

6,620.00

-273.00

Meals on 150.00 wheels refund 17 June 2022

6,770.00

-273.00

Bill raised 20 June 2022 Bill to office 20 June 2022

1,473.00 5,297.00

-200.00

-1,000

-1,473.00

200.00

1,273.00 0.00

XYZ Bank 6,556.00 21 June 2022

11,853.00

0.00

EG Pensions 6 July 2022

32,309.00

0.00

32,309.00

0.00

Total:

20,456.00

When you read through the file, you cannot find the bill. Scenario 2 You have just joined a law firm and you are asked to help out with the reconciliation. You receive a copy of the completed reconciliation form from the accounts assistant. It has not been signed by the COFA yet. You have seen the cashbook, bank statement, and client matter listing and the sums are correct. 373

Part 6  Continuous Professional Development

Date: 5 July 2022 Time period reconciliation relates to: June 2022 Client funds held at bank: £1,200,656.67 Client funds on cashbook: £1,200,156.67 Uncleared: £500.00 Cash: £0.00 Client own account: £0.00 Reconciling sum: £1,200,656.67 Signed:  Date: Scenario 3 You are reviewing a group of files from a colleague. You have files for Mr Calder, Mr Jones, and Mrs MacFadden. All of them are probate files. The ledger on the file from Mr Calder shows a transfer of £2,000 to Mr Jones’ file. Scenario 4 You are acting for your client Mr Casper in a number of his business matters. He has a number of companies and they have contracts with a variety of different organisations; you assist in negotiations and contractual terms. You receive some money from Mr Casper for a recent bill. However you find he has overpaid you. Scenario 5 You are reviewing a file for your colleague. The file is a commercial conveyancing matter for Mr Douglas. When considering the ledger, you notice that it has outgoing entries which appear to be work on another clients’ file.

Tasks The following section covers tasks for you to undertake as exercises to embed your knowledge of AML, client money, and / or regulation. They might be research for you to undertake, or activities for you to run with your firm.

Lateral AML debate The following questions are all prompts for you to discuss with your team. The focus is on whether or not the Money Laundering Regulations adequately cover risks to business. Be prepared for a range of views. What is the focus of the Money Laundering Regulations? Consider what they cover and draw a diagram with your team of the areas of the business they relate to. 374

Tasks

Do you think we need a wider look at money laundering in the business? Can you draw the ‘perimeter’ of your firm? What is included within the perimeter?

Firm wide focus The point of this exercise is to consider AML in your firm and where you can expand consideration of your business operations to include attempts at countering fraud and scams. Undertake either or both of these tasks: a.

Map your firm and risks arising from fraud, scams and AML

b.

Map your supply chains and general processes both internally and externally. What areas can you find to tackle with AML and counter fraud procedures?

You can work with your colleagues to undertake these tasks, including in the areas highlighted. You may be able to update or expand your AML firm wide risk assessment as a result of this exercise.

Regulator coverage This exercise covers the extent and coverage of regulators, both generally, and in terms of AML. You may need to do some research into the roles, regulatory responsibilities and requirements of each body. If you work in a firm, your compliance team (or the people responsible for compliance), might be a good source of information. Your colleagues may also be able to assist you if you are considering who they might be regulated by. Answer the following questions: Aside from regulation for legal services (for example, by the SRA), which other regulatory bodies regulate your firm’s work? In answering this question also consider which other regulatory bodies your staff are regulated by. Do these other bodies also regulate for AML? Who covers your regulation for AML? Are there any regulatory overlaps between any bodies that you, your firm, or your colleagues are regulated by? What are the different requirements and how can we learn from what each regulatory body says? 375

Part 6  Continuous Professional Development

Have a think about those in your supply chain. Are they regulated either professionally or for AML? Can you see differences in requirements between them? Have you seen any scenarios that have resulted in different outcomes between you and them? How does regulation for AML differ from reporting other regulatory concerns?

Regulator focus This activity concerns the regulator and their perspective on money laundering. We can learn and remember information about a subject by interacting with that subject in different ways. The regulator may have a different perspective to you about money laundering – their concern is about ensuring the market as a whole is compliant and criminal activity is minimised. Your concern may be about your firm or the impact on you. You can do this exercise alone or with your team. For this exercise, try to imagine you working for the regulator and you have to ensure compliance across your sector. If you are working with your team, discuss this brief with them and ask them to imagine they all work at the regulator. Review the AML news of your legal regulator – this might be on the AML section of their website, or any AML topic they have recently published information about in their news feed. What AML matters is the regulator concerned about at the moment? Do you agree with the focus or do you think it should be elsewhere? Can you debate this with your team? What do they think the AML priority should be for the regulator, right now, and what regulatory policy or enforcement steps would they advocate? (If you are completing this task alone you can also answer this question yourself). You might want to think about the news more generally, including crime news, international developments, or coverage of the latest political debates. If you are facilitating this exercise with your team, prepare for and accept a range of views, and remember – you have to do it as if you work for the regulator.

Hawala This exercise is designed to aid your and your team’s understanding of a Hawala system. You will need to run this exercise with your team. You may need to practice it a couple of times first. You will need two pieces of paper, each with £15,000 written on them – to represent that sum of money. You will also need a representation of a house. This might be a picture of a property. 376

Tasks

Arrange your team around tables as follows. The places marked with letters are the key seats:

Other people can also be sat around the marked people. On the table in front of Person A place one piece of paper with the £15,000 written on it. The other piece of paper with £15,000 written on it should go in front of Person C. Person B has the representation of the house placed in front of them. Now tell your team a story. They are to imagine that Person B and Person C have worked together for many years and know each other well. They are hawala dealers, meaning they use an informal system of money lending and transfer to move money around the world. Person B and Person C know each other so well and trust each other so much, they move money together across countries. The team are asked to imagine Persons B and C are in different countries (you can make up your own countries, and they do not have to be high risk ones). Meanwhile, Person A  needs to transfer £15,000 across the world to Person D. Person A does not want this transfer to be traceable. So, Person A goes to Person B and asks Person B to arrange the transfer in the country Person C is in, and Person D will come and pick it up. In your team Person A should give the £15,000 to Person B. Person B picks up the telephone and asks Person C to give Person D £15,000. You can ask your team members to act this out and show Person B picking up the telephone to Person C and asking Person C to give the money to Person D. Person C gives £15,000 to Person D without any questions asked. Now we can see that Person A  has managed to transfer £15,000 to Person D without any banking transfer at all. This may also have been done in another currency. Person C has made the transfer from their own resources. Person B and Person C have to sort out the money between themselves, but without a bank transfer. We can imagine, Person C  may take a charge over Person B’s house. 377

Part 6  Continuous Professional Development

At this point, a law firm may be involved, but would not see the underlying transaction that has resulted in the charge being placed against the house. Of course, it does not need to be a charge being placed against a house; there could be another mechanism for the money to be given by Person B to Person C. This might be easy if they were also in business together. The following are key points for discussion with your team: •

Monies can be transferred between people worldwide without using the banking system.

•

This can also occur within the United Kingdom.

•

Any law firm would not necessarily see the full transaction; they may only see part of it.

•

Person A and Person D would not be known to the law firm at all.

•

Ensure your staff ask questions about all aspects of a transaction and the relationship between the parties.

Phishing and the risk of loss of personal data We have covered the importance of creating a perimeter or safety net around the firm during the course of this book. We must all recognise the value not only of client money, but also of client information, including their personal data. Attempts on personal data are commonplace and firms can be deceived into giving out information that may lead to comprises of the firm’s or client’s security in other areas. A phisher is a person who calls asking for confidential information with malicious intentions. This task is one to do with your team. The task says that your firm value the importance of confidentiality and need to ensure that the firm is neither phished, nor gives out personal data to third parties accidently. Exercise 1 Work with your team to agree a group wide agreed definition of confidentiality, and who information can be given to. What is acceptable to disclose to whom, and when? Exercise 2 Work with your team to develop a protocol for within the firm. This should map out your responses to requests for confidential information in writing, by email, or on the phone, and how they should be actioned. You might decide to always call a manager over to listen in to a conversation if you are concerned, or to place the caller on hold while you stop and think about the situation. Exercise 3 Work with your team to develop some standard responses to requests for personal data or information, when the person asking is not the client. 378

Tasks

You might try the following: •

‘I am sorry, we do not give out personal information’.

•

‘As you are not a client of this firm, I cannot provide any information’.

•

‘Our rules of professional conduct prevent us providing information to people who are not clients’.

You could also try the following, if you are concerned the caller is a phisher: •

‘I am going to end this conversation as I cannot assist further’;

•

‘I cannot help you with your enquiry, so I will have to end this call’.

Exercise 4 Use the role play below with your staff. Ask them to work in pairs or groups of three. One person is to call and try to obtain information about a client (this can be fictional), and the other person pretends to be the staff member and takes the call. If you have three people in your group, the third can role play being the manager. Provide each person with the script for their part (shown below), but do not show it to the others. Role play 1 Instructions for the caller to the firm You are a phisher and you are calling the firm. You have let the telephone ring and it is just about to be answered. You are trying to obtain the firm’s client account bank details, and also the bank details of someone who has paid into the firm today. You have not paid any money to the firm, but you are to pretend you have. You start by saying you would like to confirm a bank transfer has been made into the client account. You have transferred £500. Next, ask the staff member to confirm the firm’s client account details. After that ask the staff member to confirm the payment of £500 has been received, where it has come from, and confirm the bank details that have made the payment. You are to see how far you can get before the staff member terminates the call. Instructions for the staff member taking the call You are to pretend you are a member of staff in the Finance team. You have just picked up the telephone to a new caller, and you are to start by saying hello. On your screen in front of you, you have the firm’s bank details which are Account number 123 at LH Bank, Sort Code 456. There have been three payments in recently, one from Mr Terry Smith for £250.00, one from Mrs Edith James for £400, and one from Mr Ben Hordle for £496.50. You do not have their bank details on your screen, but you might be able to get them. You have been trained in call termination by your manager. If you are concerned about a call you can place the caller on hold while you fetch a manager, and they will listen while you terminate the call. They can step in and terminate the call if you both agree. 379

Part 6  Continuous Professional Development

You can also place the caller on hold if you need to. Instructions for the manager You are to work at your desk while the call begins. Wait for the staff member to call you over to listen to the call. You have trained your staff member to terminate any calls that are concerning, but you must not terminate the call of a genuine client. Listen and support the staff member if they call you over. Step in to terminate the call if you and the staff member agree. The staff member is able to place the call on hold. Exercise 5 Reflect on the role plays with your team. Did they find it difficult to terminate the call? With practice this becomes easier, although it is acknowledged that practice might take some time if you do not regularly receive such calls. Support your staff in dealing with the calls and acknowledge the human aspect of politeness that is necessary and appropriate in all business situations but sometimes may be taken advantage of. During this debrief with your staff also consider what else you would do if you received such a call. Would you report the matter to the police, for example? Exercise 6 Write your own role plays for staff with non phishing exercises, for example if a family member or friend of a client calls up to ask for information. Alternatively, practice this one again in a few months’ time with different staff in different roles within the role play. Repeating a role play exercise with your staff in different positions can re-emphasise the message and help them gain confidence in dealing with this type of scenario.

Geographic risk This exercise is to consider the reports and inspection regimes of the FATF so you can first understand where high risk countries are, and secondly what the concerns are when you read their reports. The task is separated into beginner, intermediate, and advanced; complete the task matching your level, or set it for your team accordingly. Beginner: Find countries rated as high risk by the FATF. Intermediate: Have a look at the reports of a few countries rated high risk by FATF – can you find out what was missing in the mutual evaluation? 380

Reconciliation (and general Accounts Rules) exercises

Advanced: Have a look at the FATF requirements. See what you can match to legislation / requirements / agency work you know about in the UK. If you were in charge of the UK FATF inspection response, how would you demonstrate we had met the requirements?

Accounts operations This task is to deepen your understanding of the way your accounts are managed internally in your firm. It will also help you understand the capability of your accounts package. You might want to do this exercise with your accounts team as it will likely involve some work from them. Step 1 Consider all the different reports available from your accounts package and what level of analysis it provides. Step 2 Choose between one and four files. You might just want to start with one. Now see if you can find aspects of those transactions in the different reports you can run – as identified in Step 1. Can you find the transactions that are on the ledgers and evident from the files appearing in different places? Step 3 Compare this to the bank account where the transaction also involves the movement of money at the bank. Can you find the corresponding movement? Now from this exercise, you should have a broader idea of how the accounts run in your firm. You should also have learned about the level of analysis your accounts package provides and what reports it can issue.

Reconciliation (and general Accounts Rules) exercises The exercises on the following pages are reconciliation exercises which also contain elements of the Accounts Rules. They follow on from a reconciliation exercise which features in Serious Breaches called ‘Property People’. The background from Serious Breaches is that two of your friends started a conveyancing firm and had to work out how to do their first reconciliation. 381

Part 6  Continuous Professional Development Start with the new reconciliation problem ‘Property People Revisited – the March Reconciliation’. There are some questions to answer at the end, and there is a sample answer at page 389. After you have completed ‘the March Reconciliation’, you can move on to ‘the April Reconciliation’.

Property People Revisited – The March Reconciliation Your friends Simone and Ricardo started their SRA regulated conveyancing firm Property People a little while ago. It is still a very small firm with a small turnover and just the two of them work there. They asked you before to help with their reconciliation, and this time there’s another problem. See if you can help them work out what’s wrong and how to complete the reconciliation for another month. Bank Statement 1 March 2022 to 31 March 2022 AAAA Bank 31 March 2022 Property People Client account number 0000022222 Date

Description

Amount in

Amount out

Opening balance

Total 30,322.80

5 March 2022

Mr G and Mrs C Scott money on account

500.00

30,822.80

12 March 2022

Mr Y Roa Deposit

21,247.00

52,069.80

13 March 2022

2 Mildin to House Doctors Legal LLP

20,000.00

32,069.80

15 March 2022

Searches Go!

90.00

31,979.80

15 March 2022

Searches Go!

90.00

31,889.80

24 March 2022

BBBB Bank 2 Mildin Road

25 March 2022

Transfer to House Doctors Legal LLP

200,000.00

31,889.80

25 March 2022

Transfer to Property People Office acc

1,246.00

31,643.80

200,000.00

Closing balance

231,889.80

30,643.80

382

Reconciliation (and general Accounts Rules) exercises

Cashbook – 1 March–31 March Date

Description

Client Received

Office Paid

Received Paid

Client Account Total

1 March 2022

Opening balance

30,322.80

5 March 2022

Mr and Mrs 500.00 Scott 4 Bat Lane money on account

30,822.80

5 March 2022

Mr and Mrs Deeley search 26 Roman Close

90.00

30,732.80

5 March 2022

Miss E Guy 87 Tower Avenue searches

92.00

30,640.80

12 March 2022

Mr Roa Deposit 2 Mildin Road

13 March 2022

2 Mildin Deposit to House Doctors

24 March 2022

BBB Bank 2 200,000.00 Mildin Road Purchase monies

25 March 2022

Transfer to House Doctors Legal LLP 2 Mildin Road

25 March 2022

Bill for 2 Mildin Road

25 March 2022

Transfer to Office bill 2 Mildin Road

1,246.00

1,246.00

25 March 2022

Bill payment 0.00 2 Mildin Road

0.00

0.00

21,247.00

51,887.80

20,000.00

31,887.80

231,887.80

202,000.00

29,887.80

-1,246.00 29,887.80

Uncleared: 0.00 Closing balance: 28,641.80

383

28,641.80

0.00

28,641.80

Part 6  Continuous Professional Development

Client matter listing – Matters with balances – 31 March 2022 Client name and description

Balance on client account

Date of last movement

Mr J Wayland – 2 Roman Close Sale

£29,230.00

26 February 2022

Mr H Deeley and Mrs P Deeley – 26 Roman Close Purchase

£404.00

5 March 2022

Mr L Scott and Mrs M Scott – 4 Bat Lane Purchase

£500.00

5 March 2022

Mr E Guy – 87 Tower Avenue Purchase

£402.00

5 March 2022

Mrs V Urwin – 89 Vale Road Purchase

£102.00

16 December 2021

Mr C Johnson – 15 Toll Avenue Purchase

£2.80

2 November 2021

Mr Y Roa – 2 Mildin Road Purchase

£-1,999.00

25 March 2022

Closing total balance on client account ledgers: £28,641.80

Questions: (1)

Can you find the problems in the reconciliation and correct them?

(2) What should a firm do if the initial reconciliation is incorrect and they then correct it? (3)

Can you produce a reconciliation statement which is correct for either of the partners (Simone or Ricardo) to sign?

(4) Once you have completed the reconciliation itself have a look for any additional issues you can find that you might want Property People to address.

Property People Revisited – The April Reconciliation Instructions: Further to the March Reconciliation, there is another reconciliation problem to complete for the following month. Read the reconciliation scenario, the reconciliation itself, and answer the questions at the end. Possible answers are provided at pages 393–395. Scenario: Simone and Ricardo are grateful for your help with the reconciliation and ask for your advice about general improvements. They do not have time to double check each cashbook entry as they do it; sometimes things move very fast and they need to be able to react quickly. Also it is a very small firm and sometimes there is only one of them in the office. They decide to do more regular reconciliations as they agree this will help them if they have a busy month. The partners take your points regarding the aged balances and these are to be returned to the rightful owners in line with the requirements in the Accounts Rules. 384

Reconciliation (and general Accounts Rules) exercises

The balance for Mr Wayland for Roman Close is the proceeds of sale, but has been held to order. The partners decide to do another reconciliation for the period 1 April 2022 to 7 April 2022 to ensure they keep up with their bookkeeping. Bank Statement 1 April 2022 to 7 April 2022 AAAA Bank 7 April 2022 Property People Client account number 0000022222 Date

Description

Amount in

Amount out

Opening balance

Total 30,643.80

3 April 2022

Mr Wayland Proceeds

27,000.00

3,643.80

6 April 2022

Transfer to Property People Office acc

570.00

3,073.00

7 April 2022

Cheque no 456789

102.00

2,971.80

Closing balance

2,971.80

Cashbook – 1 April – 7 April Date

Description

Client Received

Office Paid

Received

Paid

Client Account Total

1 April 2022

Opening balance

30,643.80

2 April 2022

Cheque to Mrs V Unwin – 89 Vale Road (456789)

102.00

30,541.80

2 April 2022

Cheque to Mr C Johnson – 15 Toll Avenue (456790)

2.80

30,539.00

3 April 2022

Mr Wayland 2 Roman Close – Proceeds

27,000.00

3,539.00

3 April 2022

Mr Wayland 2 Roman Close – bill

-570.00

385

3,539.00

Part 6  Continuous Professional Development

6 April 2022

Mr Wayland 2 Roman Close

6 April 2022

Mr Wayland – 2 Roman Close bill paid

0.00

570.00

570.00

0.00

0.00

2,969.00 0.00

2,969.00

Uncleared: 2.80 Closing balance: 2,971.80

Client matter listing – Matters with balances – 7 April 2022 Client name and description

Balance on client account

Date of last movement

Mr J Wayland – 2 Roman Close Sale

£1,660.00

6 April 2022

Mr H Deeley and Mrs P Deeley – 26 Roman Close Purchase

£404.00

5 March 2022

Mr L Scott and Mrs M Scott – 4 Bat Lane Purchase

£500.00

5 March 2022

Miss E Guy – 87 Tower Avenue Purchase

£404.00

31 March 2022

Mr Y Roa – 2 Mildin Road Purchase

£1.00

31 March 2022

Reconciling balance Mr C Johnson – 15 Toll Avenue Purchase

£2.80

2 April 2022

Closing total balance on client account ledgers before reconciling balance: £2,969.00 Questions

(1) Complete the reconciliation up to and including 7 April 2022. Use the form that is available in Part 1. (2) What would have been different if you had reconciled the account on 3 April 2022? To answer this question you do not need to re-produce the reconciliation, or total up the accounts, just find a few items that would be different. (3) The cashbook should be produced contemporaneously and items may be dated differently to that of the bank statement, necessitating the reconciliation. Where can you see this in action here? (4)

What other observations can you make to help Simone and Ricardo?

Sample answers are provided at pages 389–395.

386

Annex A: Further information and some answers

Next steps scenarios – Further information Over the following pages you will find the further information for each of the scenarios posed in this Part of the book. In each case, there is no further information than that stated here. At the end of this section, on page 389, you will also find the answers to the reconciliation problems posed on page 381.

AML scenarios – further information Scenario 1 Further information You ask Mr Ivan about the source of the deposits in his bank account. He tells you he got the money from a friend.

Scenario 2 Further information Your electronic search reveals Mrs Turner is listed as a PEP. Your google search shows she was formerly employed in EU as a high ranking public official, but has left that position recently due to Brexit. There does not appear to be a case of mistaken identity – you believe Mrs Turner is the PEP. You ask Mrs Turner about the source of funds on the bank statement. She becomes very upset and threatens to withdraw from the transaction.

Scenario 3 Further information A solicitor in Scotland agrees to conduct due diligence for you. 387

Part 6  Annex A: Further information and some answers

Scenario 4 Further information Your secretary informs you that your client has withdrawn from the transaction. The secretary says there was an amount of money left on client account and this has been sent on to the client’s ex-husband in line with the client’s instructions.

Accounts Rules scenarios – further information Scenario 1 Further information You ask internally about the bill and how it was calculated. No-one at the firm has any further information for you.

Scenario 2 Further information You ask about the amount that is uncleared. You are told they are all aged balances on closed files that tally up to £500 and have recently been sent back to clients by cheque in the post. You are given a spreadsheet showing the following sums: Client and date file closed

Sum on ledger

Date returned

Mrs E Mansfield – 13 June 2019

£199.00

25 June 2022

Mrs J Johns – 14 September 2018

£150.00

25 June 2022

Mr L Virk – 18 November 2017

£50.00

25 June 2022

Mr and Mrs T Hurst – 30 January 2020

£50.00

25 June 2022

Mr and Mrs N Box – 25 May 2019

£50.00

25 June 2022

Mr D Sheena – 1 August 2018

£1.00

25 June 2022

Scenario 3 Further information You look into the files for Mr Jones and Mr Calder and you cannot find any connection between them. There is no noted connection on the file. 388

Annex A: Further information and some answers

Scenario 4 Further information You look at the bill and the payment from Mr Casper. He has overpaid you by £7,000.

Scenario 5 Further information You make enquiries at your firm and find that the other clients’ matter is not connected.

Reconciliation and general accounts exercises – answers The following pages cover the possible answers to the reconciliation problems posed on pages 381–386.

Property People Revisited – The March Reconciliation There were the following problems with the reconciliation: •

The cashbook is incorrect in two places: o

Miss Guy’s search for 87 Tower Avenue is listed as costing £92.00 when it cost £90.00;

o

Property People are shown as transferring £202,000 to House Doctors Legal LLP when they only transferred £200,000. This is on the matter for 2 Mildin Road.

This has caused knock on errors in other places – leading to the client matter listing (and presumably the client ledger) for 2 Mildin Road showing as overdrawn (in possible breach of Accounts Rule 5.3), due to a simple bookkeeping error. When you have a reconciliation with errors, it is good practice to: 1.

Complete the reconciliation.

2.

Show the errors, and then correct them.

3.

Finally, re-complete the reconciliation again showing the correct answer.

This should be done immediately and on the same day if at all possible. 389

Part 6  Annex A: Further information and some answers

This necessitates making the corrections on the accounts system and reprinting or re-producing the required documents with the corrections shown. You could use the template from Part 1 to show the reconciliation when completed, for Simone or Ricardo to check and sign. It might look like this: RECONCILIATION STATEMENT Reconciliation 1 Date: 31 March 2022 Client account bank statement: £30,643.80 Client matter listing: £28,641.80 Comprising: Client account ledgers: £28,641.80 Office account ledgers: £0.00 Client cashbook: £28,641.80 Uncleared: £0.00 Cash: £0.00 Reconciliation before client own bank account: £28,641.80 Client own bank account: £0.00 Reconciliation total: £28,641.80 Issues identified and corrected: This is the incorrect reconciliation total. The following issues have been identified: o

87 Tower Avenue search is listed in the cashbook and client ledger as costing £92.00 when it cost £90.00.

o

We are shown on the cashbook and client ledger as transferring £202,000 to House Doctors Legal LLP in respect of 2 Mildin Road when we only transferred £200,000.

These issues are typing errors and have been corrected on the cashbook and ledgers with new entries. The bank statements and client files have been checked for the correct totals. A further reconciliation is shown below. Reconciliation 2 Date: 31 March 2022 Client account bank statement: £30,643.80 390

Annex A: Further information and some answers

Client matter listing: £30,643.80 Comprising: Client account ledgers: £30,643.80 Office account ledgers: £0.00 Client cashbook: £30,643.80 Uncleared: £0.00 Cash: £0.00 Reconciliation before client own bank account: £30,643.80 Client own bank account: £0.00 Reconciliation total: £30,643.80 Issues identified: This is the corrected reconciliation. Signed:        Print Name:          Date: The reconciliation should be signed by the COFA / HOFA / accounts manager / responsible partner. You can then pass this reconciliation showing the corrections to the correct person, whether that would be Simone or Ricardo. The reconciliation should be signed off by the COFA or person responsible for the accounts. OTHER MATTERS The other matters of note you could have found are: •

The person working with the ledger for 2 Mildin Road should have realised when they transferred the money for the bill that there was a problem with the ledger and corrected the typing error at the time. They should not have gone ahead with the bill transfer without realising and correcting the error. The relevant accounts rule is 5.3. This may require some re-training. Of course, that sum had not actually been transferred at the bank.

•

In light of this conclusion, it would also have been helpful to see the ledgers and the sums on office account, however these are not provided by this problem.

•

It appears that Property People take £500 up front on account of costs and pay £90.00 for searches to Searches Go! They may also be paying £6.00 for Land Registry entries, leaving £404 on account. If we correct the incorrect cashbook entry for Miss Guy (87 Tower Avenue) identified previously, we should end up with apparently the correct amount of £404 left on client account.

•

The sum of money held on client account for Mr Wayland. It is unclear why it has been held for this long, and whether it should be paid to Mr 391

Part 6  Annex A: Further information and some answers

Wayland. The relevant Accounts Rule is 2.5. It might be that this money is being held to order or for an undertaking. •

There are aged balances for Mrs Unwin and Mr Johnson and these should be dealt with under in accordance with Accounts Rule 2.5. They should be returned to the client as soon as possible, so we might ask what efforts were being made to trace the clients and return the monies. We may also refer to the Aged Balances Guidance and Statement of Prescribed Circumstances.

•

There is £1.00 still remaining on client account that belongs to Mr Roa and this should be returned to him if it is his. The file should be consulted to find out the correct answer. The practice cannot bill Mr Roa £1.00 without justification, or transfer the money without a valid bill.

•

As there is £1.00 left on the client account for Mr Roa, we might be able to assume he is a first time buyer. This is because there is no money incoming or outgoing for SDLT. However this should be checked on the file. At the time shown, tax relief for SDLT meant that property purchases for first time buyers were exempt up to £300,000.

•

The bill for Mr Roa might be £1039.00 plus VAT, with the VAT at £207.80, and the practice have failed to charge the additional 80p when taking the bill, perhaps only leaving 20p left. However as some items might not attract VAT we cannot be certain. This 80p is different to that continuously shown in the accounts, but if the firm have failed to charge it before they could be paying more in tax than they need to.

•

We can see that the money held on client account for Mr Wayland relates to the same road as Mr and Mrs Deeley. If there is a problem it could impact properties on the same street.

•

There is a balance showing which features a continuous 80p (which may not relate to Mr Roa, and appears to relate to Mr Johnson). Some firms get annoyed by the presence of a small sum which is always outstanding and continues to show within their accounts. Ensure this is returned as an aged balance, and not billed incorrectly.

•

The problems with the reconciliation show that there are some incorrect entries in the bookkeeping. To keep on top of these issues, you might suggest the firm take their time and double check their entries on their ledgers and in their cashbook. This can sometimes be done by a second person checking each transaction. Alternatively the firm could undertake more regular reconciliations. This might help if there was a particularly busy month and correcting the entries would be a lot of work.

•

Some of the sums on client account are quite similar and sometimes it can be tempting for firms to try to match the bookkeeping to the client bank account during the month, but at different dates. A client cashbook and reconciliation is run in the correct way for a reason. Reconciliations are fairly precise and should always be performed to the same date with the correct entries in place.

•

We would expect Property People to have strong anti money laundering procedures in place to consider source of funds and wealth from clients, as well as considering the position of the other side. It appears that Property People are mostly dealing in purchases, or mostly have purchase 392

Annex A: Further information and some answers

instructions at the moment. If they are dealing mostly in purchases, their risk in receiving the proceeds of crime through the client account from the other side would be lower than a firm dealing in a lot of sales, however they would need to check the monies from clients carefully.

Property People Revisited – The April Reconciliation Question 1 The first problem asked you to complete a reconciliation up to and including 7 April 2022. This could look like this: RECONCILIATION STATEMENT Reconciliation 1 Date: 7 April 2022 Client account bank statement: £2,971.80 Client matter listing: £2,969.00 Comprising: Client account ledgers: £2,969.00 Office account ledgers: £0.00 Client cashbook: £2,969.00 Uncleared: £2.80 Cash: £0.00 Reconciliation before client own bank account: £2,971.80 Client own bank account: £0.00 Reconciliation total: £2,971.80 Issues identified and corrected: None, this reconciliation is correct. Signed:          Print Name:         Date: The reconciliation should be signed by the COFA / HOFA / accounts manager / responsible partner. The reconciliation should still be signed off by the partner, even if there are no changes or corrections, so you should ask Simone or Ricardo to sign it off. In real life, the COFA would usually sign the reconciliation. 393

Part 6  Annex A: Further information and some answers

It was important on this statement to see the uncleared cheque, the difference it made to the client account listing total, and how to show it on the statement. An unpresented cheque will always debit the cashbook and show differently to on a bank statement. Sometimes, accounts packages have a facility for unpresented / uncleared cheques which allows them to be marked as unpresented /uncleared until they are cleared, meaning the package can sometimes produce a report showing you those items. It is important to check the uncleared cheques on a regular basis and present them back to the ledger if they remain outstanding. Question 2 The second problem asked you what would have been different if we had reconciled up until 3  April 2022. The first thing to note is although the question asks this, a backwards step into the accounts is generally quite difficult particularly in a large firm. We didn’t complete a reconciliation up to this point. In some firms to do so would require some reconstruction of the accounts to complete it. Therefore, this is not generally recommended unless there is a major problem that needs resolving and you have the full authority of the management of the firm. There is no difficulty with doing the reconciliations this frequently, and some firms reconcile daily. However we can say the following: •

The cheque to Mrs Unwin would also be on the uncleared.

•

The bill to Mr Wayland would show in the office account ledger balance on the reconciliation form as -£570.00, but would not impact the client account reconciliation total. This box simply shows us what the total owing to the office is at that point in time. The bill to Mr Wayland has apparently been raised and required his permission before it was paid (see question 4 for further comment).

•

The question has not asked you to re-reconcile the accounts, but the totals would be different.

Question 3 This question asked you to identify transactions which were a different date on the cashbook to that of the bank statement. Both of the raised cheques show as different dates, and make a difference to the reconciling totals. In a small firm, cashbooks and bank statements will be quite close to each other as banking now allows immediate transactions. However the two should still be reconciled. In large firms the number and different types of transactions means that the two will be different and the accounts will likely require reconciling more frequently.

394

Annex A: Further information and some answers

Question 4 The final question asks about further observations for Simone and Ricardo. The following points might be observed: •

Whether there was a breach of Accounts Rule 2.5 in retaining the balance belonging to Mr Wayland for so long (also noting 3.3 in the Accounts Rules related to acting as a bank). We would need to review the client file to establish the reason for the ongoing delay. However we should note the firm’s explanation of holding the money to order. If this explanation was correct, and the matter is a proper part of a legal transaction, it would not be a breach. Holding money to order can take place in different ways (bespoke to the transaction).

•

There is still a balance left on the client account which (presumably) belongs to Mr Wayland and this should be returned to him if it is his, or billed if it is retained for the firm’s fees. The firm have apparently charged Mr Wayland £475.00 plus VAT, which is low for a sale and there is still money remaining. Again, this will need consideration. Simone and Ricardo may need some advice about the promptness in dealing with this particular matter and serious breaches of the Accounts Rules are covered in Serious Breaches. However, if the previous sum had been held to order, the firm’s billing could be agreed at the conclusion of that period. Again, the file would need to be reviewed.

•

Holding money to order can be an indicator of an issue on a file, as can be a low bill, or negotiation on billing. Do ensure you review the file in such cases, and issues such as those in the aforementioned cases of Dreamvar (2018) and Purrunsing (2016) are noted here.

•

It may be difficult to get Mr Johnson to bank £2.80, and some firms return small sums to clients in cash or in stamps. Do ensure you follow the most up to date Aged Balances guidance.

•

We might also observe that there has been no movement on the accounts of Mr and Mrs Scott, Mr and Mrs Deeley, and Miss Guy. This would be something for the firm to address very promptly, although we may be at the stage of contract enquiries in all three files.

•

We might also observe that the firm do not appear very busy. Obviously a normal client account is much busier than this and the firm have to maintain their records effectively. We can also note that firms conduct some of these types of transactions to set ways of working and with set charges to make them easier to administer and to reduce errors (it’s easy to spot the mistake if a transaction is standardised and is always charged the same). These could be ideas to give Property People the opportunity to take on more clients with confidence.

395

Part 7

Current and Future Developments

Contents Introduction397 Anti money laundering 398 International changes 398 Pushes and pulls 400 Identification401 Technological developments 402 Biometric data 402 Accounts solutions 404 Cryptoassets and digital currency 404 Companies House and transparency 406 Public functions – PEPs and simplified due diligence 408 Systems of regulation 409 Money laundering registration 412 Focus of the Money Laundering Regulations 413 Law Commission Review 414 Enforcement by the regulator 415 Accounts Rules developments 416 Technological development and Third Party Managed Accounts 418 Proposed new Accounts Rules – openness in the ledger 420 Conclusion422

Introduction This part of the book is a consideration of the policy developments, primarily in anti money laundering (AML) but also in the Accounts Rules and the financial position of law firms. These might be issues which are currently under debate, in development, or which the writer can see as additional areas for future focus which are not already covered elsewhere within this book. Within that there is also a discussion of the position of the European Union, the Financial Action Task Force (FATF), and other international structures and organisations that play a part in shaping and informing national law in respect of anti money laundering, and this discussion is where we start, in the context of Brexit.

397

Part 7  Current and Future Developments

Anti money laundering International changes To some degree, our national position, which includes our legislation, but also our policy positions and even our law enforcement and regulatory actions, are informed by international requirements in anti money laundering. There are certain standards which as a nation we have to meet. The United Kingdom does not operate in isolation from the rest of the world, and we trade and work with international partners worldwide. That trade is in part built on trust and in reciprocation; we want partners in trade that work peacefully and co-operatively with other nations. We have seen in other Parts of this book that the requirements for anti money laundering relate to wider criminal purposes, as well as to counter terrorism legislation. Our international partners rely on us as a country, trading partner, and ally, to ensure criminals in our country are detected and brought to justice, and that crime and terrorism (which might impact their nation negatively), is not supported or even tolerated. We expect the same of them. The result of this action is to provide a starting point for structures such as the European Union. They have started to make it a legal requirement to meet certain standards in anti money laundering legislation and enforcement, and a less favourable trading position for those outside the bloc, who do not meet the same standards. Those within the EU have to meet strict requirements, and the intent is for those requirements to progress further in the coming years. The European Union has a short, medium, and long term plan for legislation and enforcement development in anti money laundering, with the intent to lead with some of the strictest laws against money laundering and corruption in the world. In order to continue to trade with the EU, and be recognised by other countries and international businesses as a country of equivalence, the United Kingdom, including all home nations, will need to meet those requirements either directly or by having equivalent systems in place. A failure to take those steps will mean that the UK will not benefit from those same preferred partner statuses, and work and finance coming into the country from the EU may slow down or stop, as other similar offerings from other countries become more attractive by being more secure. From a political and economic perspective, continuing to meet the requirements of wider international partners, provides benefits beyond an established legislative structure to work to, and into a discussion of safety, security, and economic certainty. The Financial Action Task Force is in a similar position. Established to understand and combat the threat of economic and financial crime, the organisation assesses countries worldwide to consider their standards in anti money laundering and counter-terrorist financing. They consider the role of national legislation and whether that legislation meets the required and expected international standards. That may also include how the legislation is developed and the policy of implementation that sits around it. The FATF also consider how that legislation is enforced by the police or other enforcement agencies, and the effectiveness of that enforcement in combatting financial crime. Finally, the FATF also consider international cooperation and whether the country and its institutions are co-operating with other countries internationally to implement and achieve common goals in the desired areas. 398

Anti money laundering Of course, the European Union is a supra-national democratic structure. The FATF is not, and the FATF focuses on international co-operation and common goals and standards to achieve the ends of peaceful co-existence between national states throughout the world. Those countries subject to ‘high risk’ status from the FATF mean their citizens, and the finances flowing through their countries, can be subject to further checks when doing business worldwide. We have seen the impact of this in the checks for high risk jurisdictions discussed in Part 2. The host country or country where legal services takes place, is effectively asking their businesses and residents to undertake additional anti money laundering checks, to make up for those not being undertaken in the country of origin. The end result is multi-fold. It places economic and social pressure on those transactions and the citizens of those countries to force their governments to take more action. It also highlights the standards that are expected worldwide and where they are most likely to find support, which in turn leads to more social and economic pressure from those who may also use the lists the FATF produce. However without a democratic mandate, and with direct access by citizens and corporate entities worldwide, we have to ask what their role is as a decision making entity and whether the issue of ‘equivalence’ can be a political one, which should be decided either by the state, or through a range of information sources. Another source of information about the position of states are pressure groups such as Transparency International. However, their method of collecting information is based on perception, which can be influenced by political agenda. Whether we will see a departure in the future from: •

using information provided by organisations with a political agenda, or

•

where the mandate could be a challenge to the sovereign decision making of the state,

remains to be seen. At the moment, following The Money Laundering and Terrorist Financing (Amendment) (High Risk Countries) Regulations 2021 and the Sanctions and Anti Money Laundering Act 2018 (section 49), the UK will follow the recommendations of the FATF. We could of course see those decisions reviewed and adopted, as the European Union have been, or with some other form of qualifier. Of course, the United Kingdom does not have the resources alone to inspect and monitor all of the countries around the world. It seems likely that this type of supra-national or international pressure and cooperation amongst similarly minded countries will continue, and increase in future. The end result has been effective pressure on some states to adopt internationally consistent approaches to anti money laundering and has raised the profile of the work in place to do so. It has brought into greater focus those states and countries which do not have such systems in place. We might take for granted that we have an effective and operational government, and that our government and parliamentary system stays up to date with the latest thinking and international requirements. We also have a police force that is responsive to social needs and requests for assistance. Our state functions within its 399

Part 7  Current and Future Developments boundaries and to its boundaries. Not all states have such operational governance in place and we as citizens of our state, and businesses within it, benefit from that governance. Other international citizens may not be so fortunate. Of course, there are programmes of international aid, assistance, and peacekeeping which take place around the world, to assist other nations. However, if we as businesses and law firms implementing the requirements can be both clear about the application of our compliance requirements, as well as sensitive to the needs of citizens and businesses from jurisdictions who require that support; we may be able to find a new solution beyond demands for greater due diligence. Individual businesses may operate beyond the bounds of their state capability, particularly if run by those with experience in other countries. Perhaps a greater and more nuanced categorisation of high risk jurisdictions, beyond a state categorisation, would go further to recognise that the capacity of some individuals and businesses goes beyond their state boundary.

Pushes and pulls We can see the international dimension and the need to meet international standards in our legislation, enforcement, and co-operation, as one of the pushes and pulls on our anti money laundering program of work, and even into the constitutional operation of the role of the solicitor or other lawyer. However the political will is there for change. The United Kingdom has left the European Union and stands outside that supra-national structure for the first time in nearly thirty years. The continued requirement to meet their exact standards, may not be within the political desire of the people of the United Kingdom, and there could be a move for alternative standards or approaches to equivalence to be developed, which do not necessitate the direct use of their requirements. The intent in leaving the European Union is to adopt a new path, away from some of the overarching European requirements. Adopting more clearly British owned approaches to solving problems, with more clearly British values and language is likely to be popular and well received. In emphasising the importance of the positions of equivalence, we might be forgetting the extent of the change open to the UK in defining that equivalence, as well as focusing too heavily on individual pieces of legislation, ideas, or areas of law. In re-defining the way in which we consider areas of law or pieces of legislation or regulations, there can be an opportunity to develop new links between different areas of law or policy responses, find new parallels, and solutions in order to meet the requirements of equivalence as well as developing a response that feels more uniquely British. For example, we have in this book touched on the legislation which underpins the professional regulation of solicitors and law firms, which is discussed in more detail in Serious Breaches. There are two key pieces of legislation featured in this book which are the Money Laundering Regulations and the Proceeds of Crime Act. The former is derived from the European Union. We could see a different means of developing the British legislative response in the future as to link together professional regulation with anti money laundering, and pull requirements through as part of those Acts or oversitting them, but with more direct links. In many cases, they have suitable professional enforcement solutions which could take us into equivalence. 400

Anti money laundering Another pull in the pressure for change is the breadth of the current legislation. We have discussed in this book how it applies to law firms, with some very detailed examples. The Money Laundering Regulations, however, apply to a range of businesses operating in different areas and across different industries. The results create some consistency in areas of clarity (such as in checking identity, where documents are fairly standard and understood), but can also create major variations in other areas, where individual sector applications of the law can differ. We can see this at the moment in the guidance offered to legal services, through the Legal Services Affinity Group, and that offered to accountants through the CCAB (and their Anti-Money Laundering and Counter-Terrorist Financing Guidance for the Accountancy Sector). The two sets of guidance take different approaches to the same legal requirements, and place the emphasis in different ways. We might say the accountancy guidance is a more traditional interpretation of the law, whereas the legal services guidance has more detail, more new ideas in law firm governance, and goes beyond the law in some areas. The status of the guidance requires law firms to implement or justify why not, which means law firms are subject to more stringent requirements than their counterparts in other industries, but the law is the same. A more direct and British owned legislative response may see the law in anti money laundering considered consistently but applied to sectors through more direct links to the legislation underpinning professional standards in the sectors regulated for money laundering.

Identification There are always complaints within the legal services sector about the amount of identification and documentation that clients have to provide to start their transaction, with the feeling that the upfront demands and the tone of or reason for the requests cost law firms business at the outset. There can be particular complaints from those who build external relationships with clients about having to ask for this documentation; those law firms that are more transactional or remote are anecdotally more adept at breaking this process down into component parts and obtaining the information. In the book Serious Breaches, we explored the idea that the individual in society should have more information about the law and their interaction with it. The idea that some legal work is reserved to those who are regulated by the approved regulators, and this is supported by criminal offences, may be outdated. Society is now more educated than at any time in history and the suggestion that individuals are unable to understand legal requirements or articulate themselves is outmoded. There is, however, a lack of legal education in schools and further legal education and qualification comes at a steep price. Individuals are faced with cost, information, and in some cases, fairness barriers when attempting to access legal services and attempting to understand their requirements. Although the level of identification can appear as a barrier to accessing legal services, and the complaints about the level of state intervention in individuals’ lives are political ones, the idea of the standard of information asked for lowering, appears very unlikely. We are on an increasing march towards greater requirements 401

Part 7  Current and Future Developments in anti money laundering, rather than lower ones. The solution to client complaints or concerns about this barrier is likely to be: •

Greater information for clients about the requirements in anti money laundering, including the identification and source of funds documents they have to provide. This will help to manage client expectations.

•

Greater use of technological solutions to support client onboarding, to make this a more straightforward processing.

Of course, the complaints about client onboarding and information provision can simply be a result of the nature of reserved work, which creates the barrier to choice of provision. A future may even be clients choosing to do the work themselves. There was also a previous prohibition on law firm advertising in The Law Society’s Guides to the Professional Conduct of Solicitors, and there are still restrictions or regulations – see rules 8.6–8.11 of the Code of Conduct for Individuals, for example. Law firms are not always used to effectively marketing or explaining their services. Whether we will see a greater openness in legal services post-Brexit is debateable, but the position of society as increasingly informed, educated, and able to make appropriate choices for themselves, leaves some forms of legal services redundant. Many people now make their own choices about tax, family lives, and financial provision for the future. Society has moved forward in all of these areas over the last fifty years, but some of our ideas about the structure of legal services, and the legislation and cases which underpin those ideas, are from a different time. The increasing use of technology provides new opportunities in freedom of information and knowledge for society, including in law. With the use of technology, including in identification, comes greater responsibility. We have to remember that the use of an individual’s personal or biometric data on a mass scale may not be justified to access legal services, when they could understand and solve those legal problems themselves. In the use of technology in this way, we are putting the cart before the horse. In fact, we need to break down the barriers to the interaction with the state within society, and resolve what individuals in the modern world need legal advice for, and what they can reasonably complete themselves. We can also ask whether current legal institutions and modes of working are fit for purpose in a modern era. Once these design questions are understood and answered, we can decide whether or not individual personal data can and should be used, when, and how.

Technological developments Biometric data The use of greater technology in law firms has been supported by the regulators, with regular sessions on innovation and monetary awards for technological solutions. We do see some technological advances which may support law firms in anti money laundering, and across into the Accounts Rules, however at the moment those new solutions appear focused on client identification, with the increasing use of the biometric data (such as facial recognition), to provide greater certainty when onboarding a client. 402

Technological developments However, there are ethical considerations to work through when using such a system. These include considering the impact on the clients’ sensitive personal data under the GDPR, and further, considering whether the use of such personal data is either overly intrusive or potentially dangerous, given what is necessary when, for example, buying a house. To consider that an individual has to provide that level of personal information in order to undertake a transaction could be a step too far. They have to be able to identify themselves, which is possible by other (nonbiometric) means. If we take the starting point of the data protection principles – one of which is ‘data minimisation’, the discussion becomes more pointed. Do we think that additional (very sensitive) client data should be gathered by law firms because they find the client onboarding process either a bit burdensome, or because they have political objections to it themselves? This is also the wrong way round. Our sensitive personal biometric data is generally subject to greater safeguards, because it is incredibly sensitive and strikes at us as individual sentient beings. Using it when there are other means available to identify clients, appears ethically objectionable. Of course, we have seen the cases of Dreamvar (2018) and Purrunsing (2016), but in those cases, more could have been done to verify the client identity, and ensure the overall genuine nature of the transaction. These are simple steps to take, but they appear to have been lost in the drive for speed, and something of a fashionable disregard for regulation and regulatory standards. There can also be an element of danger about using this very personal data. This data is part of our physical being. To defraud another person when using this data may be to attack or threaten them physically. Use of personal biometric data does happen in some other states worldwide, and in promoting the use of biometrics as a solution, we may be taking for granted the stability and personal security offered in the United Kingdom. Requiring the same solutions for those in other countries may be more problematic and could place individual citizens in less secure locations in physical danger. If a client in a very poor country has to provide fingerprint evidence to demonstrate their identity, we can imagine the horrors that could occur to their fingers. Very strong ethical questions need to be asked about what evidence we as individuals have to provide, and when. We also need to understand how those requirements translate worldwide and the comparative standards of living elsewhere. Of course, solicitors want to receive business, and there are a large number of them, but this is not a justification for demands which impact individual safety. The Land Registry have been moving forward with accepting electronic verification of identity, and have started to accept biometric identity checks in some circumstances. These biometric checks are conducted by third parties and those using them should be satisfied that they are genuine services before introducing them to clients. Whether the security, personal, or societal consequences of the adoption of this technology are being considered sufficiently is questionable. It does seem that more stringent controls by solicitors and others in the conveyancing process, and a willingness to undertake anti money laundering work, may answer many of the problems these types of solutions are also designed to solve, but with less intrusion. 403

Part 7  Current and Future Developments

Accounts solutions The requirements in the Accounts Rules have changed infrequently over the years, leading to a fairly stable set of accounts packages which offer solutions to law firms. Increasingly we see cloud providers offering to secure data sets, which could be vulnerable to cybercrime. At the time of writing, cybercrime and attacks on law firms were on the rise, with the intent to steal client data or client money behind them. These attacks can destabilise accounts packages and are even now targeting cloud providers and storage. Several large law firms and law firm groups have been impacted by the threat. Maintaining data online is an increasing challenge, and one that small law firms have to manage despite their comparative lack of resources. Accounts packages have come under some scrutiny following the Horizon cases. Whether or not the accounts package software is reliable enough to assist with the management of client money will be a major question for new entrants into this market. In contrast to the post and delivery sector, if enough of a problem was caused by an accounts package operating in the legal market, the regulator(s) or representative bodies may step in to set standards about the delivery of the Accounts Rules and the software reliability and maintenance standards they expect. We also have intervention by the regulator in cases of breaches of the rules, and a compensation fund to assist clients. It is unlikely we would have seen the prosecutions in legal services that have been seen in those cases. Nonetheless, standards should be set and maintained. This may become more important if an accounts package provider was challenged over the outcome of the records, which is possible. Looking to the long term we may also wonder about the compensation funds, and whether or not they will still exist. Accounts packages may have slightly different uses in future as a result of innovations such as Third Party Managed Accounts (TPMAs) and will need to be aware of the potential for their use in a variety of ways as legal services change. We cover TPMAs further later in this Part of the book.

Cryptoassets and digital currency A  new form of currency and electronic money exchange has been taking hold worldwide. Cryptocurrency is becoming established as a form of financial ownership and monetary transfer; albeit the asset is not physical, but electronic. VASPs (or Virtual Asset Service Providers), were identified as a priority for regulation by the Financial Action Task Force in 2018/2019. Since then, we have seen crypto asset service providers become regulated by amendments to the Money Laundering Regulations in 2019. Let’s start with some of the terms: (1)

Cryptocurrency – this is an electronic form of currency, such as Bitcoin, which can move between parties in transactions. Bitcoin can be exchanged into national currency in some countries, but not all.

(2)

Blockchain – this is the ledger to record the Bitcoin transaction (imagine the ledger as a set of blocks, recording each step of the transaction – that is how it has been named). It is the same as a normal ledger only it is computerised. 404

Technological developments It is an ‘open’ ledger, so anyone can see it. To utilise the ledger you must have a ‘key’ (a PIN code), so only the parties to the transaction can actually use it or make changes to it. The key is mathematically generated. (3) Bitcoin mining – this is the process of maintaining and reviewing the open ledgers. Just the same as accountancy or cashiering. Bitcoin miners can earn Bitcoins from participants by reviewing the open ledgers and correcting them. (4) Non fungible token – this is a form of virtual asset. These are often bought and sold via cryptocurrency. The idea is this is a non-tangible ‘asset’ which gives you ‘rights’ over the aspects of an asset which you cannot otherwise possess. It appears some non fungible tokens could be a fraud, because in some instances one of or more applies: •

their creation and sale may have no connection to the owner of the real underlying asset;

•

they may not be possessable;

•

the asset may later appear to be unsellable or to have no real world value.

We might look at points (1)–(3) above, and ask – is this not the same as internet banking? Certainly, the facilities the bank has are very similar, and we have ledgers and cashiering or accountancy, just the same. It may be similar to a TPMA provider. One key difference is the transparency and openness of the ledgers. Some of these types of services may be covered by the Electronic Money Regulations 2011. Arguably, all that has happened is a version based in technology, with different (more complex) names. We may question whether some of cryptocurrency could be or involve frauds. As we can see, there are already existing facilities for the above types of transactions, and the more complex terms can be used to confuse or con people. Law enforcement have been heavily involved in frauds related to crypto assets and non fungible tokens over the last few years. Until recently, you did not need identification to open a cryptocurrency account and you can exchange some national currencies for crypto assets (and vice versa), meaning it has also been a relatively simple way to pass monies worldwide without detection. Regulation 14A of the Money Laundering Regulations 2017 (as amended) brings crypto asset providers within the Money Laundering Regulations in the United Kingdom, meaning they are now obliged to undertake risk assessments and identify customers, in the same way as other regulated businesses. Most recently, the government announced a travel rule for crypto assets, which is intended to require crypto asset providers to check identification on the transfer of the assets between countries. This will go some way to removing a layer of the secrecy involved in crypto assets. Crypto providers so far appear to have attempted openness by being completely open about the ledger and movement of the transaction, rather than the overall ownership of the monies in that ledger. This openness about the detail, but opaqueness in the ownership, movement or 405

Part 7  Current and Future Developments intent, has not generated the same level of confidence as a top-down transparent structure, or as an auditing of the accounts. The introduction of regulation for crypto assets is not necessarily a recognition of the legitimacy of these providers, but instead could be seen as attempt to regulate and bring enforcement action against what is a ‘wild west’ marketplace. Firms might regard this area of work as very high risk for money laundering and other criminal activity.

Companies House and transparency We have seen an increasing focus on Companies House, and on the role of corporate identity, over the last five to ten years. The Small Business, Enterprise and Employment Act 2015 provided a deeper focus on the role of the management and governance of a firm with the introduction of the PSC register. The role of the company director, or even the ‘named company director’, and the role of nominee directors and outside influence are brought more closely under scrutiny. The establishment of corporate entities with hidden persons (in all senses) exercising control, has been found as a key means to launder money and support corruption, worldwide. The Act introduced the requirement to register ‘Persons of Significant Control’, on a register, meaning that if you were someone who had an influence over a company and the way in which it was run or its future direction, you would need to register. Previously it was just the named director. The requirement to register applies not only to those with beneficial ownership, but also potentially to management, or to those who can change the intent and direction of the firm. The width of the guidance means even those with a small but important interest can be required to register, and it appears the categorisation has been deliberately designed to capture hidden people or hidden strings. When introduced, the law in this area was intended to apply within the United Kingdom, however, there was also an intention to look forward to implementation in British Overseas Territories as well. The concern was the use of tax havens in combination with secrecy laws, to hide the beneficial ownership of assets. Closing this loophole of influence, control, management, and ‘discrete ownership’, appears to have been successful to some degree. Anecdotally, the writer finds since the introduction of the PSC Register, the position of ownership of corporate entities is now much clearer to solicitors and others who attend training courses. There are now moves to implement a similar register for overseas corporate owners of land and real property through the Register of Overseas Entities. The increasing drive for openness and what is termed as ‘transparency’ provides little scope to hide assets, and those areas where assets might have been hidden in the past are coming under scrutiny. It appears as if some countries (including the United Kingdom), are moving towards preventing hidden asset ownership or operation within its territory, and that there will be a distinction between jurisdictions who accept such hidden ownership and those that do not. As with the use of personal data, it can sometimes be poor countries who will permit such secrecy; perhaps that do not have the means to enforce such a register or would seek to benefit from financing by those who want to hide assets. Whether in future the use of such jurisdictions who allow secrecy in beneficial ownership and control will become a 406

Companies House and transparency byword for corruption and criminal transactions remains to be seen, but we also have to ask about the ethics of categorising jurisdictions this way without assistance and support to prevent harm occurring to those countries and their citizens. Any move to increase transparency in ownership and beneficial ownership has to look at the registration of trusts. As we have seen, the Money Laundering Regulations are European Union derived, and in amendments to the Money Laundering Regulations 2017 they extended the position related to trusts. Although we have express trusts, the Trustee Investment Act 1961, and the Trustee Acts generally, this is an area of law very strongly influenced by a common law tradition and interpretation. The establishment and function of a trust is a solution founded also in equity. This is not a book about trusts, or a discussion of what might constitute a trust – which is a very complex area in its own right However, this might be a step towards a codification of a branch of English and Welsh (and Scots) law, which has a footing in the civil legal traditions of countries of the European Union, and the supranational state of the EU itself. We might say the requirement was to register those trusts and trustees where there was an element of certainty and clarity with the parties involved about the existence of the trust, and the role itself. Where those things could be called into question, registration might seem counterintuitive. Importantly, non-registration does not seem to prevent the existence of a trust in equity, and nor does the registration process appear designed to do so. Whether in the future this may happen is unclear, and the drive for transparency and clarity in ownership, management, and beneficial ownership may make inroads into trusts law. Solicitors and others regulated for AML are also now required to notify Companies House of any discrepancies in the information they hold, meaning a further regular check was taking place in respect of the identity of the entity and the persons behind it. It is possible to fill out a form with incorrect information, and to find a way around the declarations needed at Companies House, however it becomes more difficult to manage when each professional or regulated interaction checks and verifies these details, and that may happen on a regular basis. Another future change is to clarify the extent of discrepancy that should be reported to Companies House. Perhaps it should be a person missing, or perhaps it should be the mis-spelling of their name. If either could have an impact, it might be reportable. As argued in Serious Breaches, the measure might be an assessment of impact, or potential impact, on the overall position of the company, which does not circumvent earlier and other reporting requirements. Most recently, there has been the introduction of the Register of Overseas Entities, by the Economic Crime (Transparency and Enforcement) Act 2022. This requires those operating corporate entities who own land or real property within the United Kingdom, but which are registered overseas, to also register with Companies House. This is preventing a further loophole; the operation of the companies registered overseas, but operating solidly in the UK. We might wonder whether those who do not own land will need to register in future. We are also seeing more change in this area, with moves to control the operation and establishment of corporate or other business entities and to ensure transparency is given a stronger footing. Companies House was originally established to register and work with companies. Their remit has and is changing, with trusts, the PSC register, and now overseas entities. They also have more responsibility in maintaining 407

Part 7  Current and Future Developments correct information than previously. The organisation has therefore changed in the immediate past, with a greater role being developed in the identification of beneficial owners, of management and influence, as well as foreign ownership. In the future the intention is to restructure the body, to allow it to take a wider view and reflect the breadth of the role it has been given. Another intended change may be a requirement to recognise and register all forms of business relationship. We have yet to see the requirement for this to take shape; but it may be that sole traders, business partners, and other similar, non-company structures, could be considered. We explored in Serious Breaches, the variety of different informal business structures that can be developed and used for project working in different areas of business. We can see situations where companies can come together as an informal group to collaborate on projects, develop and design new solutions, or work on contracts. More common in some sectors than others, we may see this type of joint project working and delivery become a recognisable and definable structure (albeit an informal one) within corporate or commercial law. This is likely to dramatically increase the work of Companies House, which is another reason for the restructure. However, it will also mean that those in business in the United Kingdom will be more clearly defined, and there will be a degree more transparency over their tax and income, perhaps making it easier to check and support their future legal transactions. At the same time, we have to ask whether individuals are losing some rights and freedoms in the quest for certainty over who organisations do business with, and in the fight against crime. We might be seeing the effects of a policy to ensure that crime does not pay, and to tackle the problem at its source, but the price of society’s confidence and peacefulness might mean the loss of independence and self direction in some respects. It has been a pillar of participation in society that individuals can start and run businesses with a degree of autonomy. Arguably, society and the economy needs the investment and knowledge growth. These rights are not being impacted on the face of the reforms, but the requirements in disclosure can seem like an administrative burden and intrusion into established forms of societal participation. The new checks and balances will need to be in place to ensure the fair use of power by the regulatory and oversight bodies that exist. On the other hand, the redefining of Companies House has the potential to reshape the debate in anti money laundering, as it may close a gap in ‘rogue trading’ and redefine tax and identity for thousands of individuals and business partnerships across the country. This could increase the workload for some agencies. However, the increase in technology, and even Brexit, may place British society’s emphasis differently in future, due to the scope for retrieving and analysing personal data, which may go way beyond identifying who is working with or owns which companies or businesses.

Public functions – PEPs and simplified due diligence In the most recent set of Money Laundering Regulations, simplified due diligence (SDD) was changed from supporting the transactions of some financial services activities and council bodies, to requiring an individual risk assessment based on the circumstances. 408

Systems of regulation We have seen a similar approach in developing the role of politically exposed persons (PEPs) over a period of time, with the development of the role and definitions since the late 2000s. The increased emphasis on simplified due diligence takes us a step closer to scrutinising the activities of public bodies and the use of public functions. This is a new angle in the fight against corruption in public office. We could analyse the two positions of: 1.

politically exposed persons; and

2.

public office as an entity, such as a council (which are traditionally covered by simplified due diligence);

in comparison with each other. The PEP at the individual level, with the potential for cross over between personal and private functions, currently has the more intensive scrutiny. The public office entity at a certain level (for example a council) usually has the benefit of the simplified due diligence. SDD now requires a risk assessment, increasing the level of control. However, at the moment SDD can still be applied to the body of the council and the instructions of its staff if acting for it. The PEP has to go through enhanced due diligence and prove not only source of funds, but also source of wealth, and their family members may be in the same position. The management structure of the law firm business also requires some oversight of the transaction, and the PEP status impacts the PEP’s family. That is a large leap between low level public function at entity level, and individual high level public function. It is intended to reflect the perceived high risk of the PEP who could be offered and/or accept large sums to take or influence political decisions. The much lower level simplified due diligence in place for local councils and other similar structures reflects the perceived lower risk of this type of activity. However, we might consider whether or not a local council could be involved in corrupt activity given their ability to make local decisions and, for example, award local contracts. We also have to remember the size of the budgets of some local public bodies, even ones that would not be deemed ‘high ranking’, and ask whether or not they should also be subject to greater scrutiny over the purpose and nature of their transactions. It appears there is scope within the Regulations to more evenly consider the risk posed by public function decision making and what oversight and anti-corruption requirements should be in place, perhaps as a minimum for all regulated transactions.

Systems of regulation We have seen a greater focus on the role of anti money laundering in law firms from the regulator since the introduction of the oversight regulator, the Legal Services Board, by the Legal Services Act 2007. Prior to the introduction of the Board, the SRA and previously the Law Society had a much narrower focus – being 409

Part 7  Current and Future Developments primarily concerned with the implementation of and compliance with their internal code of conduct. Compliance with the Proceeds of Crime Act 2002 and associated Money Laundering Regulations was a developing area, notably with more police involvement than regulatory in the early stages. Although the Legal Services Board does not have an anti money laundering focus (and for anti money laundering the oversight regulator is the comparatively newly established OPBAS), the changes to the structure of the legal regulators and the focus on their work in other areas has also improved their anti money laundering content. The Law Society have a long history of regulating according to their Handbooks and Codes of Conduct, which are extensive, and binding upon the solicitor and their firm. Their procedures were in place for many years, covering the operation and regulation of these areas – the introduction of the Proceeds of Crime Act in 2002 and the Money Laundering Regulations at approximately the same time, took some time to bed in with the regulator. There are discussions about whether to introduce a single legal regulator into the sector. The number of regulators within the legal services sector means the system is complex and difficult for consumers and non lawyers to understand. The competing regulatory systems also cause complexity for lawyers who transfer working environments and have to cope with new or different sets of rules on similar subjects. The position regarding the Solicitors Accounts Rules is a good example. For many years the SRA and CLC had similar sets of Accounts Rules. The SRA made changes in 2019, but the CLC have not followed suit. This has meant staff who transfer working environments have to get used to two different systems, and Reporting Accountants who work on the reports for the regulators, have to decipher two sets of rules between the different regulators. The writer’s experience is that sometimes some third parties such as Reporting Accountants do not always know the difference between a solicitor firm regulated by the SRA, and a licensed conveyancer firm regulated by the CLC, leading to even more confusion between which sets of rules apply. We discuss the changes to the Accounts Rules in more detail later in this Part of the book. The moves to introduce a single legal regulator may be some years away yet. Favoured by the most recent reviews into legal regulation (see the Independent Review of Legal Services Regulation), the single legal regulator is a means to level the playing field between different types of lawyer. It is a means to recognise those who work in the sector who have a variety of qualifications (often legal), but for whatever reason have not met the precise requirements that each status requires, or are faced with additional cost to cross qualify when many statuses are comparable. The time taken to implement a new regulatory system can be seen from the introduction of alternative business structures, which was first proposed by the Office of Fair Trading and the Clementi Review in 2001 and 2004, respectively. ABS became part of the Legal Services Act 2007 and was formally introduced by delayed implementation in 2011. The Legal Services Act also made other structural changes to the sector, introducing the Legal Services Board, and separating the regulatory functions of the professional bodies from their representative functions. The moves towards the single legal regulator are favoured for a variety of reasons, and would reduce complexity, level the playing field between professionally 410

Systems of regulation regulated and other providers of legal services, and allow more even competition in the market. Competition within the professions and within the legal services market as a whole was the intent of the focus of the previous Legal Services Act 2007 and the policy papers that preceded it. Even the introduction of the Council for Licensed Conveyancers in the 1980s was intended to introduce a new layer of competition into the market. At the moment, the current system of professional regulation places a large emphasis on the professional status of the individual as a means of directing the sector. Some work is reserved to certain professionals, at the exclusion of others, but the qualification pathways are very specifically defined and, in some cases, very expensive. At the time of writing, the Criminal Bar Association had voted in favour of strike action, citing the low pay for publicly funded criminal defence work in the face of the large cost of qualifying to undertake the work. At the moment, the majority of law firms are organised along the lines of professional qualification, rather than along the lines of the area of law the lawyer works within. We do have specialist groups of lawyers such as licensed conveyancers, costs lawyers, and trade mark attorneys, but the Solicitors Regulation Authority and the solicitor status accounts for the largest amount of lawyers within the professions. Their group and qualification covers an array of legal work which is reserved. Another alternative to grouping lawyers by professional title, is to consider the area in which they work, and offer specialist qualifications and statuses within those areas. We already see that happening with some groups of lawyers who specialise in one area of work (or seat of law). The professional status of the individual and firms, and exclusion of others, has come at a cost to those professions. We all need new ideas to keep pace with how business is conducted; how financial services work and are provided; and how employment and management expectations are defined. The consistency and continuity of the professions in their current form excludes learning in other areas and sets the breadth of knowledge for qualification high. The knowledge required is often not acquired at an earlier stage of education, and consequently is concentrated in the qualification pathways of the legal services professional. We discuss the potential broader role of legal education in society in Serious Breaches. But dealing with professionals whose knowledge is very closely linked to their practice areas, and which has and does exclude other parts of the labour market with alternative ideas and skills, means the responses of those within that market are limited to within their own subject area. We can see the outcome of that in the subject matter of this book; the focus of anti money laundering has been on the individual (which is the focus of the legal services provider), rather than on the financial aspects of the transaction, which is the focus of the support functions of a law firm. We might say that focus of AML is in common with other sectors, but legal services draft the regulations. We can contrast the position of the professional regulators with that of industry regulators. For example, the Financial Conduct Authority (FCA) regulate an industry as a whole, and we do not see the distinction between an FCA regulated firm and a legal services regulated firm; consumers might expect a similar standard from both. Other professional regulators, such as the Royal Society for Chartered Surveyors, have qualification standards, and codes of conduct in the same manner as the legal regulators, but require their regulated community to register with HMRC for anti 411

Part 7  Current and Future Developments money laundering regulation. Again, the average person would expect a similar service from a surveyor, and would expect them to be subject to similar rules to those in financial and legal services. These similarities of requirements lead to an argument for consistency in application of the rules, and therefore potentially in regulation, and there could be an argument for national systems of anti money laundering regulation to apply to all business functions. The question of whether there are particularities to the industry that require a specialist regulator might be relevant, but it might also be important to say that in the writer’s experience this specialism comes from the link to the professional and representative body. The focus of the discussions pre-Legal Services Act 2007 was in part on the professional bodies themselves and whether in ring fencing much of the reserved work, and controlling the regulation of their members, there was a conflict of interest and lack of independent oversight. Many of the professional bodies were separated from their regulatory arms by the Act, although some links do remain, including in some joint board working. The question as to whether the regulatory bodies are sufficiently removed from the representative arms of the professions and provide independent oversight has been called into question again more recently by the latest government review of anti money laundering supervision. The writer’s view and experience is that the additional oversight of OPBAS, along with the influence of Legal Services Board, has provided a much greater focus for the legal regulators in anti money laundering. However there is some inconsistency between the regulatory approaches and applications of the rules. We might anecdotally conclude that the strength of some representative bodies is impacting the independence of the roles and performance in the regulatory arena. The question might be whether the role of an anti money laundering regulator sits more closely with a quasi-law enforcement entity rather than a body responsible for regulating to a Code of Conduct. Of course, the Codes are taken extremely seriously, and form the basis for the conduct of a number of important consumer transactions. They also have (at the SRA), the enforcement vehicle of both the regulator’s own powers and the Solicitor’s Disciplinary Tribunal. It is not yet clear cut whether the single legal regulator will be implemented. However, there has been some movement in this direction within money laundering policy. In the summer of 2022, the government indicated the policy intention to centralise anti money laundering regulation and reduce the number of regulators responsible for the sectors. Their report followed a consultation on this and other changes to the structure of money laundering regulation (also detailed earlier in the discussions regarding Companies House). There were a number of options on the table, and while the government outright did not consider whether to introduce a single legal regulator, they did instead favour reducing the number of bodies with AML responsibility. This may be a first step towards removing some regulatory responsibility for some of the bodies within legal services and re-allocating that towards the larger legal regulators, with the ultimate and end position of a single legal regulator. At the time of writing, the final policy position had yet to be decided.

Money laundering registration The current system of money laundering regulation requires registration by those working in the following areas: 412

Focus of the Money Laundering Regulations •

Legal services, with a distinction made between high risk legal services (such as conveyancing, litigation, and trust law, and those in lower risk areas). High risk areas require registration and supervision.

•

All property law transactions, including conveyancing and estate agency.

•

Company formation professionals.

•

Accountancy providers at all levels, including registered accountants and bookkeepers.

•

Artists (with a particular focus on 2D art).

•

Crypo asset providers.

These areas have been identified as being the highest risk for money laundering. Generally speaking, solicitors work together in firms and offer a range of legal services as part of a general practice. This means that solicitor firms are usually taken to be covered by the Regulations as a whole, and the regulator does not usually make a distinction between the parts of the firm that are covered and the parts of the firm that would not be. Law firms are expected to consider the business as a whole as offering those services, and therefore the business as whole as being regulated. We may see the expansion of the scope of money laundering regulation to include other forms of legal services business, and this may form part of the move to introduce a single legal regulator, which has just been discussed. The writer may favour commercial and company law, debt management services, and probate services as areas to be covered by the Money Laundering Regulations. Both debt management and probate are areas of law which handle large sums of money incoming into the solicitor client account, and where laundered money could be hidden. Company and commercial law as well as employment law are also areas that sit naturally with some of the transparency requirements we have already seen implemented; they also allow solicitors to observe the contractual, structural, and financial (including employee payment) practices of different entities and how they operate. The Regulations themselves may be considered to be quite onerous, which is why they may not apply to businesses generally. An alternative to their expansion may be to require a less intensive version of the Regulations to be introduced across the board to all businesses and this might be a useful societal mechanism to prevent money laundering.

Focus of the Money Laundering Regulations This book has looked at the focus of the Money Laundering Regulations and the focus placed a narrow aspect of the transaction happening within a regulated sector. We can also see the breadth of policies and procedures required within regulated firms. As we see the Regulations develop, we may also see greater information for consumers, which in turn could support further requests by regulated firms for information from them. For now, however, a more immediate focus might be on how best to defend the regulated firm against what might be a malicious client instruction or internal attack. 413

Part 7  Current and Future Developments We have considered in this book the firm wide implications of the Money Laundering Regulations. We have considered how to create a perimeter around the firm which protects from the proceeds of crime. This also enables the firm to have confidence in its ability to respond to attacks on client money; client information; and other important assets it holds. Considering the firm wide position in a proactive way is a useful step to take to ensure regulatory compliance, but also to protect the firm more broadly from the reputational damage of being involved in laundering monies or being the victim of a serious incident. We may see regulatory action against those firms that do not take such steps to protect and secure the firm overall. Even though this is not an explicit regulatory requirement, the regulators have been known to take action where concern arises that breaches their overall outcomes. As there are regulatory outcomes (requirements) in management and client service, these can be impacted by incidents at the firm. At the moment, the SRA have the regulatory authority to pursue the firm, and individual solicitors or management, and as we have seen in Part 3, there are criminal offences for failures associated with the Regulations, as well as the offences within the Proceeds of Crime Act itself.

Law Commission Review Between 2017 and 2019, the Law Commission undertook a review of the current reporting system for anti money laundering, with the aim of understanding whether it was working. The outcomes and issues discussed are covered in some other parts of this book such as the scope of regulation and whether the regulators are correctly placed to regulate for AML. There were also discussions about whether the current test for reporting was clear enough for people to understand, and whether regulated firms and individuals needed more information about what constituted suspicion, which are much discussed subjects in any event, and are also covered in Part 4. The test for suspicion is, in the writer’s view, both defined and not defined. After many years of working for a regulator, then training law firms in anti money laundering, and in dealing with making decisions in related areas (as discussed in Serious Breaches), the writer might be fairly comfortable in understanding whether or not suspicion would arise and how to argue the position. Others in MLRO or MLCO positions might not be, as you can be appointed to the position after years in private practice doing a different legal job. The writer knows the subject and the indicators of money laundering very well due to years as a regulator and investigator, but those just starting in such positions of responsibility might have had limited exposure; ironically that might be the case particularly if they have worked in well run firms. The Law Commission also discussed ring fencing criminal property (for example within a bank account), which would prevent all assets being subject to investigation and concern. We have covered some aspects of that discussion in a different way in this book in Part 4, where we discuss the acquisition of criminal property. If client ledgers are maintained accurately it is possible to distinguish between monies held for one client and another. However, this type of discussion could impact other client or third party situations. 414

Enforcement by the regulator

Enforcement by the regulator We covered in Part 4 the current system of enforcement already in place and the various different tools available to the regulator when combatting infringements of the requirements in anti money laundering. As we discussed in Part 4, there are variations between the regulators in their enforcement powers, leading to different potential outcomes for failures in compliance or even criminal offences. This differentiation is the cause of some concern that leads to the possible establishment of the single legal regulator, or even the allocation of anti money laundering supervision elsewhere, in order to ensure consistency. At the time of writing, the SRA were consulting on new powers to fine individuals and non ABS firms up to £25,000. During 2022, there was a change in legislation. The Solicitors Act 1974 and Administration of Justice Act 1985 (Amendment) Order 2022 was introduced in the summer of 2022 and amends the Solicitors Act 1974 and the Administration of Justice Act 1985, removing the powers of the Authority to fine up to £2,000, and replacing it with a fine of up to £25,000. The powers in respect of alternative business structures arise under the Legal Services Act 2007 and provide the possibility of far greater fining for the Authority, with the maximum determined by the Legal Services Board. The idea with these greater fining powers applied to ABS, was to deter wrongdoing in legal services by larger corporate entities and those who invested in legal services. Legal services has been independent (or was) until the Legal Services Act 2007, which allowed alternative business structures. Advice to clients should be independent, and not compromised by external financial interests. The hefty fining powers are intended to preserve that position. The disparity between the fining powers does not recognise the extent of the current prosecutions against both ABS and non ABS alike. The majority of the more serious matters are referred to the Solicitors Disciplinary Tribunal, with new cases appearing before the Tribunal every week. These might sometimes be in anti money laundering related areas, but are most often for breaches of the Accounts Rules, or other conduct related breaches. At the moment, the SRA’s fining powers (and other general powers), mean that serious matters, or those where a large fine might be imposed, are referred to the Tribunal. In cases where ABS are involved, although the SRA has the power to directly impose the large fine, they also refer these matters on to the Tribunal as well, and this may continue despite the increase in ability to impose a large financial sanction. The new proposed fining powers are intended to allow prosecution of these breaches at a lower level (internally by the SRA), for a lower cost, and act as a deterrent to them occurring in the first place. Other regulators have very significant fining powers available, including the Information Commissioners’ Office, for example. There is no question that fining powers have assisted with implementation of compliance standards, and the writer’s experience as a compliance consultant is that they do focus firms into making strides with their policies, procedures, and training. Whether the regulator will require more in house capacity to impose fines up to £25,000 remains to be seen, as are the circumstances in which they would be imposed. Whether we will see the imposition of large fines for failing to comply with the Money Laundering Regulations 2017 and their offshoots is a good question. It may mean the need for the perimeter of the firm; to demonstrate compliance; and 415

Part 7  Current and Future Developments for the policies and procedures (such as the ones we have seen in the Annexes to this book), become more pronounced. As we have seen in Part 4, there are criminal offences for certain matters, including handling the proceeds of crime through client account (or office account), and for failing to report. These are just the main offences, and regulatory enforcement is sometimes seen instead of criminal prosecution where there is an issue of policy or procedure, or where the criminal action is not quite proved to the required standard. As a result of the increased fining powers, we may see more prosecutions by the regulator in the future for failing to adhere to the requirements in the Money Laundering Regulations, where the outcome is a fine imposed by the regulator directly, rather than by the SDT. It is fair to say that the perception is that money laundering is at the serious end of the matters the regulator investigates and that perception is matched by both regulator and regulated community. We must, however, guard against the suggestion that a prosecution for a failure to have policies and procedures in place is a code for ‘has been involved in money laundering, but we can’t prove it’. The outcomes from the regulators and ways in which they use their language to express their concerns about circumstances that have arisen, will be important in ensuring a proportionate approach is taken to the issues. Some firms may have near misses and the regulator may be concerned about management if a firm has not implemented controls, when such controls would have made a significant difference to a situation. Describing accurately what has happened in published outcomes, encouraging compliance, and demonstrating how compliance can help safeguard the firm and clients, can make a significant difference. We saw earlier in this Part of the book that there may be either a single legal regulator, or a separate regulator for anti money laundering in legal services. Or, there may be both. We have not seen similar proposals to increase fining powers from the other legal regulators, and consolidation into a sole regulator, or the removal of some powers from the regulators, may be the reason for this. Both solicitors and those in other regulated communities, may make comparisons between the requirements in each regulated area, and the outcomes for similar types of breaches. If the regulators stay as they are, they will need to be alert to firms ‘regulator shopping’ in anti money laundering and the Accounts Rules, in order to minimise the impact of their intended breaches.

Accounts Rules developments This subject has been covered more extensively in Serious Breaches, however contained here is a summary of the main and intended developments in the Accounts Rules both recently and in the future. The content of this small section has to be read in the context of the proposed changes to regulation outlined earlier – in particular the possibility of a single legal regulator, or the consolidation of legal regulators for anti money laundering. The first of these two points would have the greater impact on the Accounts Rules. At the moment, although the CLC and SRA Accounts Rules differ, they have 416

Accounts Rules developments been developed from a similar starting point, and although differently worded they previously achieved very similar outcomes. The possibility of the single legal regulator may see those two traditions of the Accounts Rules combined. At the moment, that may be possible with a transition period. However dramatic changes could make a combination of the systems more complex. The SRA have taken a different path to the CLC, and have attempted to streamline their entire system of rules and regulations (currently known as the Standards and Regulations), under a system known as outcomes focused regulation. Outcomes focused regulation puts rules and regulations into place which are openly worded, and requires the business to comply with the spirit of those rules in the application of its systems. In years gone by the rules had become overly prescriptive in their context, and previous Guides to the Professional Conduct of Solicitors have extensive pages of content for the solicitor and their staff to observe. In 2011, the then ‘Handbook’ was shortened, and became a much less detailed set of rules. Specific requirements were removed and practices were given more freedom about how they could interpret the rules of professional conduct. At this point, the Accounts Rules remained the same, and as we have seen in Part 1, they underpin the essential requirements of holding client money, creating a system with specific checks and balances. However, the 2011 Handbook did not go far enough, and further reform was felt necessary to remove more of the detail in the remaining rules and regulations. This was introduced in 2019, following two years of consultations and discussions with the legal profession. The Handbook was now called ‘The Standards and Regulations’. However, no distinction is made between any ‘Standards’ and any ‘Regulations’; and naming the Handbook in this way was not intended to create such a distinction. The Standards and Regulations brought in new Accounts Rules, with changes to the holding of some aspects of client money, to the classification of disbursements and other sums due as office money, and to the circumstances in which a client account needed to be maintained. The two years of consultation and development work preceding 2019 also brought in a new format and requirement for the Accountant’s Report, which impacts when the report should or has to be obtained. The changes are not without controversy and the new Accounts Rules have created several situations in which practices can hold client money, but not have an Accountant’s Report, or hold client money in a variety of places which are not within the client account – putting it potentially out of reach of oversight and regulation. The requirement for the accountant to report has also been altered; encompassing a variety of definitions, from serious breach, to material breach, and most recently a question as to whether client money had been placed at risk. However, without complete oversight of the position, the question might be asked whether the accountant could reasonably form a view. Whether the Accounts Rules are workable in the current format remains to be seen. There is evidently a problem with possible interpretations of the rules and the checks and balances previously in place have been significantly diluted. However, there are moves to improve oversight of the handling of client money and this includes in the use of greater technological advancement, or in the use of TPMA. 417

Part 7  Current and Future Developments We may see changes to close the gaps in the Accounts Rules in the future, and to clarify the role and reporting requirements of the Reporting Accountant. Towards the end of the time of writing this book, the SRA had launched a new consultation aimed at clarifying that costs should be incurred before being taken from client account, and disbursements should have been incurred on the client’s behalf.

Technological development and Third Party Managed Accounts We have seen in earlier Parts of this book that some practices are starting to use Third Party Managed Accounts, to provide their clients with assurance and a view of the transaction taking place. As we have already seen, the TPMA is managed and run as an electronic payment and banking provider who are regulated by the Financial Conduct Authority. The TPMA provides the client with access to and oversight of the financial elements of their transaction. The TPMA frees the solicitor and their practice from the burden of holding client money, and the Accounts Rules associated with it, and places that requirement on another party. However, the solicitor still has control of the legal transaction and manages money in the account with the client consent. Another benefit of the TPMA is that it allows a freelance solicitor the opportunity to manage client money, when otherwise they would be prevented. This allows a freelancer the flexibility to support the client project they are on, in ways that they may not otherwise be able to; both according to the rules (which prevent the holding of client money by some categories of solicitor), and practically, due to the cost of a maintaining the client account. We have seen in Part 1, that the TPMA has some potential pitfalls, such as cost, and that the oversight of the transaction is being passed to another party; not ideal if you are seeking confidentiality. Also, the advice given to the client may be apparent from the movement of money which might undermine legal professional privilege. In addition, although the TPMA may seem easy to use at first approach, it may not be. There are a large amount of additional rules and regulations as the existence of the account used to move and manage money for the client is subject to a sort of ‘dual regulation’, being under the oversight of the FCA and to a certain degree the SRA. Although it might seem quite clear that the account is regulated by the FCA and the solicitor by the SRA, in reality if the solicitor is managing the money in the account, then both the account provider and the solicitor owe duties to the client. These duties can become intermeshed with each other and the client may be confused about who is providing services and should take responsibility. Given the complaint and oversight requirements for both financial services providers and legal services providers, one problem could be split into several. We may therefore see a division of ‘ownership’ in resolving these problems develop, with one industry’s regulator and complaint handling ombudsman taking responsibility in future. Another potential issue as TPMAs grow is the division in the system for holding and managing money for clients. Some solicitors (and licensed conveyancers) will persist with the current traditional model, and some will move to TPMAs. TPMAs have different requirements, such as notifying clients of each transaction and seeking their consent. They also have to have arrangements for accessing and viewing accounts and preventing fraud and cybercrime. This is in contrast to 418

Technological development and Third Party Managed Accounts the current mode of operation of the solicitor client account which has not seen the same technological investment. We have not seen client accounts progress to the stage where solicitors offer that type of service and many solicitors still accept money at the outset of the transaction and account to the client at the end; the client trusting the solicitor to charge them correctly. Of course the client receives a bill, but the problem of information asymmetry means the client may not be in a position to effectively challenge the solicitor in the same way they would if they could see the transaction in real time through a TPMA. The Accounts Rules now allow for TPMAs and support their use; we may see them become more widespread in future. If we do, we may see TPMA rules come into existence alongside the current Accounts Rules, to govern their operation. At the moment, TPMAs do not need to comply with the Accounts Rules, but their use is more basic and of course is open; they are also regulated by the FCA. The current lack of SRA or CLC rules in operation might be to encourage their use. However, it is also worth noting that in using them, the solicitor or solicitor practice would be bound by the other Codes of Conduct in their general behaviour and practice. This means they would need to be honest, behave with integrity, and both keep the client updated and provide them with full information. They also need to inform the client if there are any external financial interests that impact their transaction and the use of the TPMA. An alternative to the TPMA is the development of technological solutions for lawyers which allow the client greater real time visibility of the financial aspects of their transaction. At the moment, the currently available accounts packages are solicitor facing only, and these mean the solicitor is responsible for accounting to their client at the close of the transaction (or during, dependent on the nature of the legal matter and the relationship with the client). Obviously with the advent of TPMA and the new forms of cryptocurrency, we start to see an openness in the keeping of ledgers, which have been hitherto hidden. While some ledgers are completely open (such as in crypto), in the TPMA model they remain confidential between the client, the law firm and the TPMA provider. In crypto, the ledger is completely open for the world to see and correct, but the beneficial ownership can be obscured. That is not proposed for the law firm ledger. Technological developments mean that potentially, new accounts packages could be developed which allow for the client to view their ledger alongside the activity of the law firm; potentially removing the need for the TPMA provider altogether. As clients become more attuned to seeing the client ledger through the TPMA, there may become a greater demand for this service in the legal marketplace. Financial openness from clients in AML may also lead to demands for the same from the law firm. Existing accounts packages may be able to be developed to deliver such services and there may be new entrants to the marketplace as well. Another alternative would be for the client to hold their own money within their bank account in a ring fenced area. This might then come with direction and advice about the movement of the money and when, to achieve the desired result within the legal transaction. Obviously these types of innovations would completely change the nature and scope of legal practice as we know them. Whichever one of these solutions we look for or choose, the current position of the solicitor holding client money without a real time overview for the client, may 419

Part 7  Current and Future Developments start to look dated following the introduction of the TPMA. We might see greater demand from clients for these types of services, with greater accountability from the solicitor over the financial elements of their practice. The consequences of client viewpoints over the operation of the accounts would also have significant effects on the Accounts Rules, and on the need and prescription for, the Accountant’s Report. In the long term, if change occurs to this extent, the Accounts Rules may become much more client focused in their delivery, including specific prescription about the information to be provided to the client before the transfer of money, and possibly even consent before that occurs. That is not to say the consumer is not aware of the movement of their money or what it is used for, but the solicitor or licensed conveyancer has a large degree of control. In a sense, the current rules and the hiding of the client ledger may seem quite antiquated and perhaps a major push is needed to bring the system into the modern day with modern consumer expectations of working. In developing these consumer based solutions, TPMAs may become cheaper to compete with the solicitor firm, and/or the solicitor firm may start to charge an additional fee for what is a transparent accountancy service alongside the legal work. In a third possible model, financial services and banks may enter the ledger or client money marketplace with alternative consumer focused solutions. Often, when speaking to ordinary consumers, the writer is asked about law firms holding client money and why no interest is payable on such a large sum. When we combine the modern consumer expectation with the problems currently associated with the systems such as ‘Friday afternoon fraud’, we start to see a gap between the consumer and the law firm that could be filled by the financial services sector and products they may be able to offer which, if combined with legal expertise from a law firm or qualified solicitor, may solve these issues and meet consumer demands. Law is often about history, and the practice of law can appear so, with thousands of small law firms across the country, serving local communities. It is an expression of local democracy and freedom. However, the operation of this law firm business model has not changed for perhaps a hundred years and although systems have been built and established over this time period, they were not built with the age of technology in mind. Client ledger systems and written reconciliations have been established to be used internally by the solicitor, and do not match the current availability of general information. The use of the client account can attract criminal prosecution, or regulatory enforcement if it is not conducted in the correct way. When we consider that it is client money, but currently often hidden from the client, we might understand why; greater openness and transparency in the client account would assist hugely with potentially ring fencing any client money, and it would still be possible for the solicitor to hold the client money on trust as well.

Proposed new Accounts Rules – openness in the ledger To that end, the writer proposes that new Accounts Rules be developed which start this process. Rather than waiting for the technology to ‘catch up’, let’s start to ask law firms to make available their ledgers to clients, or a version of information in real time which allows for the similar overview to TPMA. At the moment, the rules 420

Proposed new Accounts Rules – openness in the ledger are worded in such a way as to require the firms to account to the client, and to ensure that client money is always available to the client. In practice, law firms may account to the client at the close of the transaction, or part way through, and keep the client updated throughout as to the costs of the matter. In practice, some clients dispute the costs, and dispute how the money has been handled. The Legal Ombudsman receive thousands of complaints every year on these subjects, and the process of holding client money and accounting to the client can feel quite opaque. We have obviously seen that the Accounts Rules have been re-written in way which creates loopholes and greater transparency would help to restore trust in their correct and proper operation. Hundreds of solicitors are prosecuted every year for breaches of the Accounts Rules and this openness would provide the oversight that consumers expect to be apparent when dealing with their money. The proposed new rules might be supported by further rules to: •

Explain to the client the difference between client money and office money.

•

Specifically define the money given to the practice which is to be held in client account and held in office account, and to explain this to the client.

•

Seek client consent before the transfer of money between client account and office account.

•

Provide a specific contact point for any complaint about the handling of client and office money.

This new provision could also be supported by further policy provision from the regulators and from the Legal Ombudsman. Better informed consumers make better decisions and the complaint handling bodies would need to increase information for consumers about what they should be seeing from their ledger or records, and how the law firm should be accounting to them. If such a change went ahead, we could see the individual ledgers in large transactions overseen or double checked from an accountancy perspective, by an accountant employed by the client. The links between financial services, accountancy, and law are obviously there, and there could be overlaps between them. However, it would still appear necessary to have a set of rules which underpin the requirements for holding client money on trust, regardless of the involvement of other regulatory styles and bodies. The transparency in the proposed new rules might generate a wider and more dramatic change in both the provision of solicitor services to consumers and small businesses, but also in the rules of professional conduct themselves. As well as potentially transforming the Accounts Rules into a more client focused set of rules, the proposed new rule may also change the face of initial client information, meaning different information needs to be provided to the client at the outset or prior to the outset of the transaction. We have couched some of these potential changes in the context of technological developments. We also have to remember that we have an ageing society and 421

Part 7  Current and Future Developments older people are less likely to be engaged with technology than younger people. Any proposed new information should be available to clients in a variety of formats; financial information should not simply be available to those people who use online services and understand the provision of digital information.

Conclusion The future changes to anti money laundering are largely a consideration of constitutional and national movement in the form of Brexit, coupled with potential regulatory changes. Both of these factors are the most likely to generate changes that law firms will experience directly, both in the immediate and long term future. We are likely to see fairly strong and quick change as a result of the restructure and increase in breadth of responsibility of Companies House. In the medium term, the possible change and consolidation of AML regulators could see a different landscape or regulatory expectation for some law firms, with changes in possible enforcement outcomes for compliance failings. The long term international picture will continue to have a bearing on the operation of both law enforcement and regulatory enforcement, as well as the detail of our legislation and rules in respect of AML and counter terrorism. Cross border work with international agencies, and the British influence in offshore jurisdictions are all factors law firms may be working with. The relatively recent changes to the Accounts Rules introduced under the Standards and Regulations have yet to bed in, particularly following the coronavirus lockdown. Many law firm staff have been on furlough and the markets have yet to return to what they were. In the long term, some of the issues outlined in Serious Breaches may become more apparent, and there may need to be changes to the rules to close those gaps and avoid workarounds to previously prosecutable misuses of client money. The use of technology and its potential societal changes in the long term mean the current systems of client money management and oversight might be coming towards an end. The regulators are placing far greater emphasis on potential technological solutions to problems, and of course as we have seen, their reimagining of the position provides us with new information about how regulators and solicitors might offer to provide their services in future. Potential openness has the ability to revolutionise the set of current rules and break down some of the perceived barriers between solicitors and the rest of society. These barriers and the solicitor’s obligations are explored more fully in Serious Breaches, but it is the writer’s view that more information about legal services does not simply stop at the ledger. It goes beyond that point and into more general provision of information about the law and legal services, to be available to all citizens, in education, and at all stages of their lives. The provision of this basic information would bring greater equality into legal services and solve some of the concerns that citizens are not able to access the information, advice, and support they need, at a reasonable cost. Client money remains just that – money which belongs to the client. There are sets of rules which define how that client money should be considered and handled, and provide something of an oversight service in the Reporting Accountant. However, every year we see hundreds if not thousands of solicitors facing enforcement action 422

Conclusion for breaches of those rules. Taking client money and placing it into an account with thousands of pounds of other clients’ money can make it impossible to manage if the ledgers have not been scrupulously maintained. The latest set of Accounts Rules provide a means to justify non compliance or to remove money from client account in some circumstances. To take this position forward in a way suitable for a fair and modern society, we need to return to basics. It is perhaps no longer justifiable to hide the individual client ledger. Now might be the opportunity to disclose this to the client, and even make it available in real time. Although the solicitor holds the money on trust for the client and acts accordingly, the client should be able to see what happens and when; after all, it is their money. Finally, we have seen in recent times, debates about the use of online services and the extent to which personal data is used and monitored. Fairness, accessibility, and accountability are important words for regulators considering the greater use of technology.

423

Part 8

Conclusion

During the course of this book, we have covered a range of ideas associated with the management of client money in law firms. In particular, we have looked at the Accounts Rules, in the opening part of the book, and at the provisions of the Money Laundering Regulations 2017, in the later parts. We have examined the current system for receiving and holding client monies and understood the elements of the transaction that relate to the Money Laundering Regulations 2017 and the Proceeds of Crime Act 2002. It is apparent that there is a risk in receiving client money; we are not always aware where that money comes from, and the consequences of handling it. The examples we have seen in this book relate to the possibility of receiving the proceeds of crime, and how we can attempt to manage the situation. The production of this book is the production of a set of ideas which go further than the current Regulations, and develop new ideas for the management of finance and even law firms, to create a perimeter around the firm. By taking these additional steps we can go further than the bare minimum required by the legislation, and prevent ourselves ‘falling off the cliff’ into criminal offences which occur when the suspected or actual proceeds of crime are received into the client account – an event which can happen to an unwitting law firm, or even one that has followed the required steps. We have seen the continued direction of travel in Part 7 and that further regulations and legislation are intended to enhance the current Regulations in the future, in particular around greater transparency in ownership. However the position appears simply that – the intent to enhance the current Regulations, and develop them in a direction focused on individual or corporate proprietorship, rather than the intent to develop the Regulations in completely new directions. The focus of the Regulations as they stand is on identity, and we are going even further in our quest to establish that identity, losing some of the risk basis of the regulations as we do so. An alternative would be to consider the structural requirements of handling and receiving monies, which could add to the safety of the current focus. Additional formal steps around handling client monies and receiving instructions would be helpful to legal practitioners, and no doubt, to other professionals operating in these areas as well. By creating additional steps at the point of the reporting or receipt of client money, to allow that money or the transaction to be paused legitimately, would be of assistance to many legal professionals. Some transactions will be genuinely urgent, but in other cases the urgency is a product of mismanagement of expectations. For example, the expectation that a conveyance can routinely complete in six weeks is both misguided and becoming dangerous. Greater time spent considering the position, and the allowance or requirement for the lawyer to complete their work – including in anti money laundering, 425

Part 8  Conclusion would support this position. As would a further statutory or regulatory position that allowed any party (including the lawyer), to pause a legal transaction briefly (perhaps for up to one week), to allow for the lawyer to undertake the required legal work (which might include AML), or for other important administrative steps to be undertaken. This proposed statutory pause might work in other areas of law as well, for example, where a client required new representation through no fault of their own. This pause would also be enough to ensure the transaction could be approved by law enforcement, without invoking the suspicions of each party, if it was done frequently enough and on enough transactions by law firms. Some of the transactions where decisions about suspicions or how to handle client money, are apparently both very expensive (perhaps the largest purchases individuals will ever make), and sometimes apparently very urgent. If we take the time to pause, we may also benefit those involved with the most appropriate advice. Often the writer delivers training concerning scams and other criminal attempts on law firms; one key feature that all of these scams have in common is that they are attempting speed. We do not necessarily make considered decisions when we don’t have the chance to think about the transaction. Working at speed means we don’t double check or stop to think, and means we might go in a direction which we would not ordinarily. This allows someone to present us with a quick but malicious solution. The requirement for speed or the client expectation of the same is one that should be tempered in the meantime by law firms. Acknowledging how long transactions really take could be part of a law firm’s strategy to combat financial crime and to becoming unwittingly involved. Taking time to make sure things are done within a reasonable expectation means we are less likely to become involved in fraud or other criminal offences. We also have to note that a mistake on one transaction can have dramatic consequences for the hundreds and even thousands of other transactions the firm is invested in; be that ongoing or upcoming matters, or matters that have completed. Some client bank accounts and ledgers have thousands of transactions in them and the knock-on effects of problems can cause major headaches for Finance teams. We have seen in Part 1 that there are three layers of protection within the Accounts Rules which cover the initial systems and procedures, the types of movements of client money, and the checks and balances to cover those movements. Working backwards, we might find an issue on the reconciliation (part of the checks and balances), work back to the movement of funds, and find a number of issues. We can see those multiple connected mistakes at work in the examples in Part 6. We then have to consider our procedures to ensure this does not happen again. As well as taking our time, checks and balances should not be eroded, and we have seen in Part 1 that there have been some attempts to do so in the latest set of Accounts Rules. We need those rules and the procedural safeguard. As well as the potential for associated mistakes, issues with the accounts can cause reputational risks, and the involvement of law enforcement and possible intervention. There is also the risk that the receipt of criminal or suspicious funds could impact or disrupt other ongoing transactions. If we think about the potential impact of a suspicious or criminal transaction; it impacts the lawyers involved and may result in their departure from the law firm. It also impacts the COLP, COFA, and MLRO, and takes up their time when they have ongoing client matters as well. The diversion of resources in finance also poses an additional risk, as does the 426

Deliberate attempts impact of any publicity which might take place and divert or disrupt client and external provider relations – some of which may have been stable and in place for many years. The risk of disruption should not be underestimated and can, if the problems are serious, result in poor outcomes for a number of clients, and potential and former clients, in a number of areas. The departure of staff members means the loss of information about clients and technical knowledge the firm may have relied on. All types of clients may ask questions, including former ones, and the firm may no longer be able to answer them. The impacts, therefore, of the receipt of client money which is not what it seems can have far reaching consequences for the law firm. The inclusion of the provisions related to good faith of the Proceeds of Crime Act 2002 were intended to prevent civil liability for reporting, but for those of us who work outside litigation, we realise that the consequences of others’ actions often do not appear in Court due to the cost. A  business may be completely derailed or distracted, all due to the receipt of a sum of client money. This can have impacts such as the loss of working time, utilisation of fee earner time by non fee earning departments, and internal reputational damage. We have examined in Part 2 the numerous ways in which firms can work on investigating the money that is provided to the firm for the transactions, and the ways in which they can establish a perimeter around the firm. Taking such steps might be an important part of preventing regulatory, criminal and other concerns from arising, and involves all fee earning and non fee earning departments. It can also involve a much closer look at the clients the firm receives. While these actions go beyond the risk basis of the Money Laundering Regulations, they can prevent a crisis arising and assist the firm in managing one should it occur. In Part 3, we mapped out whole businesses, and explored the meanings of the headings in the risk management section of the Money Laundering Regulations – to achieve these aims. It is important for law firms to realise the seriousness of the potential threats with which they, as small businesses, can be targeted. The scale of the potential impact on firms of the receipt of the proceeds of crime was covered in Part 4, along with the mismatch between the risk based approach of the Money Laundering Regulations and the severe consequences of the Proceeds of Crime Act 2002. The reality is, that to avoid the latter, firms must have policies and procedures in place and ideally, a strong leadership commitment to maintaining the security of the firm.

Deliberate attempts We have seen a number of concerns arise in the last few years about attempts to disrupt law firm operations. These include malicious cybercrime, for example. In some cases, client data or money is not targeted, but actions can be malevolent, and simply intended to cause trouble. Given all the problems that can be caused, we could also see deliberate attempts on the firm by sending the proceeds of crime. If client funds were received which were tainted, and the law firm thought this action was deliberate on the part of the person sending them, in order to cause difficulty or distraction, this might be actionable by the law firm against the client. If we follow that train of logic, the law firm could start a retainer in a position of potential litigation against a client, and have to immediately stand down due 427

Part 8  Conclusion to conflict. The Solicitors’ Regulation Authority’s Codes of Conduct require that the solicitor acts in the best interests of their clients, acts with independence, and does not act in a situation where there is a conflict (including an own interest conflict). Law firms also have to provide a good standard of service and clients can complain to both the firm and the Legal Ombudsman where that service has not been provided. The law firm, if they thought the action was deliberate or malicious, to cause trouble, would not be able to continue with the retainer. While the Codes of Conduct provide the requirements to act in the best interests of the clients, many law firms do not ordinarily explain the reasons they are asking for source of funds and source of wealth information. The reason is a concern about tipping off, and also potentially upsetting the client and causing them to go to another law firm. However, the checks done by a firm can benefit the client: they can underline that the transaction is valid; they can protect the overall transaction from fraud and misuse on both sides; and if there were ever concerns raised about the transaction in future, the checks could be used to explain the requirements. This is particularly true of high net worth individuals and PEPs who may want their transactions underwriting in this way. Explaining this requirement may not cause difficulty for the client in terms of acting in their best interests as it may more easily lead to a discussion which is covered by legal professional privilege. For example, if a client asks for advice about the money they are using for the transaction. Law firms may therefore need to be prepared for such an eventuality, and able to give advice in such a situation, or refer to a law firm where the transaction can be handled by those who can give such advice. The question might be whether asking for such financial information, coupled with a delay or refusal to complete the transaction on the part of the law firm, would be tipping off. Historically, the writer has seen a reluctance to discuss anti money laundering requirements and provisions due to the tipping off provisions in the Proceeds of Crime Act 2002. To the writer’s mind this cannot be correct; hiding legal requirements and interpretations from a section of society (non-lawyers), in order that they be later penalised, is not within the bounds of our legal tradition. Openness about our own legal responsibilities should be part and parcel of a fair legal system.

Legal education In Serious Breaches, the conclusion is the provision of legal education for individuals and young people and advocacy of the position that this should be offered in schools. The reason being the need for solicitors to report themselves, and the duties they owe to the Court, which has placed them above other people in society. The same position is likely to be true in respect of the proceeds of crime, and the requirements to report another person. The Proceeds of Crime Act 2002 and Money Laundering Regulations 2017 are using the position of the solicitor or other professional, and their perceived expertise or seniority, to make decisions about the actions of other people in society. This places them in a position of power. The caveat to that is the requirement to report another person, with the threat of legal action if this is done in bad faith. Many people do not want to report another person, and the feeling of placing yourself above another person, and that it is inappropriate to do so, might be the reason why. 428

Reporting suspicions In a democratic and modern society there should be no reason why we should all not have access to the law in an open way; understand the manner in which it is applied, and how it relates to us as individuals. This goes beyond the basic sense of right and wrong and into the detail of what parliament and our other constitutional bodies transcribe and interpret as the law and how it functions. At the moment that legal education is primarily reserved to universities and beyond, and is an education which can cost a lot of money. Moving legal education to an earlier point in people’s lives (by teaching the subject at a lower level), has a number of societal benefits, including greater engagement with democracy and the constitutional functions of the state, but also in terms of this book, a greater understanding of the position of the law in respect of laundering money. It is fair to say that the law in respect of handling the proceeds of crime is complex even to the practitioner, and many law firm staff have a limited knowledge of the requirements. Developing our legal education would solve the problem of understanding amongst most people and would ensure that when approaching a law firm, the average consumer would be aware of the reasons why identity and financial information needs to be provided. Law firms may find, with greater education in the subject, they receive less approaches that need to be reported; placing the law firm and the individual consumer on a more equal footing. By providing education we are creating greater equality in society. This might change the dynamic in the process, as people become more willing to supply the information, which makes compliance easier and more supported in law firms. This level of transparency may also result in greater awareness of the legal transactions the average consumer is involved in; an increased knowledge would result in a greater ability to provide a check and balance themselves. The ability to challenge by the consumer would in turn lead to less need for regulation, and less need for agencies such as the Legal Ombudsman. Complaints about the burdens of regulation and the levels of compliance may be solved by breaking down legal barriers and taking more steps to an equal society involving legal education. We might then ask – where would the proceeds of crime go? They might go into a black market economy, which might require greater attention to black market buying and selling, high value purchases and tax, or it might go abroad. We have already examined the international pressures in anti money laundering worldwide in Part 7. A long range forecast for the international pressures we have seen, might see the same requirements needing to be implemented worldwide. Of course, some states fail, and legal education perhaps assumes that stable systems of government and justice exist. However support for that stability, coupled with more fair police and enforcement activity worldwide which is understood by people and supports law abiding citizens, may also see the world become a safer place. As societies continue to grow richer, and standards of living increase worldwide, we must realise that by achieving a greater balance between people, we increase the wellbeing of society as a whole.

Reporting suspicions We have throughout Parts 2–4 discussed the requirement to report suspicions of money laundering to the authorities. Law firms, and lawyers, who society have 429

Part 8  Conclusion historically trusted to represent them and to keep their matters confidential, have been asked to report their suspicions. If they do not report those suspicions there is a threat of investigation, and conviction. If they do not have policies, procedures and training in place to support this, there are further threats of regulatory sanctions such as fines and professional rebukes. The regulator can also investigate, publish decisions, and has a full range of sanctions and potential prosecution positions available. As we have noted, the test for reporting is very low and those in the position of responsibility are being asked not only to report another person, but also to do so without concrete evidence – they are asked to report suspicion. The effect of the provisions in some cases is to consider a detailed investigation of the individual and their circumstances by the law firm, followed by which a report may occur. If the circumstances are suspicious to the lawyer, the only way through to a confidential discussion without a report by the legal adviser is to ask questions which amount to asking for privileged legal advice. The vast majority of ordinary citizens would not know what privileged legal advice means and to be able to ask for it, would probably be by luck rather than by design. As a result, we might see some constitutional protections being undermined in the reporting of individuals by trusted actors of the state. While the right to remain silent without inference is no longer with us in the same form, the right of the innocent to maintain that innocence until proven guilty is. We have examined in detail in this book the position of the law firm and the consequences of making a report to the authorities. There are also consequences for the clients as well, and their transactions and lives can be impacted. In the Proceeds of Crime Act 2002’s provisions in requiring individuals to make a report about another person (natural or corporate), the right of individuals, and their position of whether they are regarded as innocent or guilty, is being eroded. There is a difficulty due to the status and position of those who are required to make a report; those same people have been given confidential information and are in a particularly trusted position. Often this is articulated as legal professional privilege, but the distinction is of course made in the furtherance of a crime. The argument is therefore clearly for clients to understand the limitations of their relationship with their legal adviser. Those aforementioned rights to silence without inference have in many instances gone. However, the previous existence of the right remains symbolic. As a country, we possibly also need to consider the rights of third parties (such as solicitors), to maintain their silence, and to what extent a third party should be compelled to speak. All of this is not to say that the law firm is supporting the laundering of the proceeds of crime; the vast majority of law firms are law abiding and would support the provisions of legislation which is intended to prevent and hinder criminal activity. However, lawyers (and particularly solicitors and barristers), are officers of the Court and their word or judgement might be taken quite seriously. They may also behave accordingly if they had to make a report, and may consider the further position, such as whether to report to the police, for example. Educating people about their rights, and allowing them the opportunity to exercise those rights when instructing a solicitor, as well as making decisions about the monies they are using for a transaction in an informed manner, takes us to a 430

The Accounts Rules different and more citizen led approach to the situation. It may allow many more citizens the opportunity to behave in a law abiding way and demonstrate this in their transactions. This alleviates the potential pressure on law firms and allows us the opportunity to engage with people in the fight against money laundering, which is surely the correct approach.

The Accounts Rules Once the law firm has receipt of the client money, the Accounts Rules require certain steps to be taken. These steps might be regarded as regulations for bookkeepers – dictating how the accounts should be understood and each transaction recorded. Despite their apparent simplicity, the Rules have a lot riding on them, with millions (possibly billions) of pounds in transactions using the Rules to account to and work with client matters. The Rules have been in operation for many years and result from a time in which there were a number of client money scandals. The decision was taken that solicitors should be overseen in their holding of client money and how the transactions take place. As we have seen in Parts 1 and 7, there have been a number of changes to the Rules which have resulted in some potential undermining of them and their operation. We must not be lulled into a false sense of security by the existence of the Solicitors Disciplinary Tribunal, and the Compensation Fund. Solicitors are disciplined perhaps every week for their behaviour, and breaches of the Accounts Rules are a common theme. We have seen, in the most recent changes to the Solicitors Accounts Rules, a number of alterations which cause concern. These include solicitors being able to hold monies outside the client account with the client consent (and away from the view of the Reporting Accountant), and a number of changes to the tests for self reporting and for submitting an annual Accountant’s Report, if there has been a breach of the rules. The situation has a parallel, in that the ordinary person on the street would not know if a solicitor was behaving incorrectly if they were asked to place money outside of a client account. Greater understanding and public education about the role of the solicitor in holding money inside the client account, and their requirements in so doing, would benefit society. At the moment, the rules require clients to understand and know where their money is going when dealing with a TPMA, and clients are advised of the protections in respect of the Compensation Fund. However, if monies are being sent elsewhere, those protections may not be available. If you are a solicitor on the other side of the transaction, the same may be true if your clients’ money is being held to order, and you may legitimately ask where it is being held, to ensure the protections in place. Solicitors have to meet certain requirements in order to maintain their exemption from the relevant requirements in the Financial Services and Markets Act 2000, and the changes to the Accounts Rules (including the potential lack of information 431

Part 8  Conclusion about where the money will be held, and detail of payments which have been made or are due to be made1), may fall below those expected standards. Whether the exemption would continue to apply or not, or whether solicitors will also have to be regulated by the FCA in the future remains to be seen. We have of course examined the potential use of the open ledger in Part 7 of this book, and the implications for client transparency and the check and balance on the work of the solicitor. If client money was held elsewhere, there is a question as to what the jurisdiction of the regulator might be and whether the solicitor would be disciplined if there was a problem. It is only the money in the client account that comes under the oversight of the Reporting Accountant and the requirement on the solicitor is to ‘account to the client’. Therefore as long as the solicitor has sent a bill to the client and it is correct, the regulator may not get involved. The lack of restrictions in holding client money in different places means the potential to mix those monies with others which have been unethically obtained, is there. For example, an unethical solicitor or firm, could keep the monies in an account mixed with the proceeds of crime, without any oversight, or any overall requirements on bookkeeping. In time, that solicitor (or firm) would likely be struck off (or intervened) once law enforcement or the regulator caught up with them, but in the meantime the check and balance of the Reporting Accountant has been removed. The regulatory rules have been fundamentally shifted away from holding money in one central account which has specific requirements and moved to a position where the client money is given in confidence, but apparently now without regulatory protections underlying it. Although the client has to consent to money being held elsewhere, they may not know what this means, and the protections remaining in place may not be adequate. It appears in the changes made, solicitors have taken advantage of the assumption, built over many years in trusted interactions, that the money will be kept in the firm’s own client account. The writer would like to see the Accounts Rules requirements return to their previous drafted version, or for the gaps in the Accounts Rules to be dealt with as soon as possible.

Solutions in this book As well as the issues dealt with above, this book proposes and offers various solutions to the problems posed by the current situation. We have critically explored and dealt with the following issues: (1) The Accounts Rules and their operation – offering an explanation of how the rules work and their importance for client money, as well as some of the changes we have seen in recent years, and where we may see them go in future.

Payment Services Regulations (2017).

1

432

Solutions in this book (2) The practical operation of the law in anti money laundering – how this works in practice and how law firms commonly interpret the regulatory and legislative requirements. (3) The actual legislation and Regulations in anti money laundering, with a particular emphasis on complying with those requirements for law firms, as well as discussing the offences, and how those offences operate alongside the disciplinary position for solicitors. (4)

How to implement the requirements in your own law firm – and in the book we have provided a large amount of template solutions for implementation in your own firm or to demonstrate how the Regulations and legislation might be followed.

(5) Training, learning and development – the rules require regular training to take place in law firms. Solicitors and licensed conveyancers are also required to undertake regular continuous professional development in both anti money laundering and the Accounts Rules. We have in this book provided solutions which you can use in your law firm or to further your understanding of the operation of regulation. As well as these solutions, we have also explored the regulatory mechanisms in place for solicitors, licensed conveyancers, and other lawyers. This regulation covers two different styles – that of the professional conduct of the individual and their regulated firm, and – separately – the anti money laundering concerns that the individual or the firm might face as distinct criminal offences. There are currently parallels and overlaps in these two systems of regulation, in that we can see the use of the Solicitors Disciplinary Tribunal (as well as the internal systems of the SRA), being used for the regulation of solicitors including in anti money laundering breaches. The Tribunal, and the SRA, deal primarily in breaches of the rules of professional conduct, meaning any procedural failings in anti money laundering have to be couched in these terms rather than purely in the terms set out in the Money Laundering Regulations 2017 or the Proceeds of Crime Act 2002. If we were looking for a non-professional prosecution under the Money Laundering Regulations 2017 or the Proceeds of Crime Act 2002, we would be looking for a criminal prosecution. This raises the question whether the solicitor and other lawyers are being treated more favourably by the law due to the system of regulation, and whether any concern would be referred to the regulator rather than to the police. If an ordinary (non-professionally regulated) member of the public was involved in the same or similar situation, would they be treated in the same way? We can see the argument for the regulatory response where the regulated community are subjected to additional requirements beyond that of a member of the public, but the question goes beyond that and asks about whether it operates as a downgrading of the law in areas where there are parallels, allowing the regulated professional greater leeway. Although the regulated professional must use their judgement, we have covered the position of placing the lawyer above others earlier in this conclusion. There is a strong likelihood that regulation will continue to be reformed. This reform started with policy developments and papers that led to the Legal Services Act 2007, but the challenges of ensuring a legal system fit for the modern day persist. We need to recognise unregulated and unrepresented communities within 433

Part 8  Conclusion legal services, and develop our legal system so it can be understood by and serve the whole of society. The writer hopes to see a single legal regulator in the future, and a greater equality between both citizens and lawyers and between lawyers themselves. In the immediate future, we may see a step forward in this approach with the consolidation of legal services regulators towards one or just a few regulators for anti money laundering. Developing a consistent approach with law enforcement, and between legal services and other sectors, will be a challenge to be tackled in time.

434

Bibliography

This bibliography contains a variety of statutes, regulations and regulatory provisions. In all cases, where specific sections or regulations are noted, it should be read to cover both the whole statute, set of regulations, or Code, as well as the listed provisions.

Statutes Trustee Act 1925, ss 61 Trustee Investment Act 1961 Trustee Act 2000 Solicitors Act 1933 Solicitors Act 1974, Parts 1 and 2, ss 10, 13A, 32–34, 33A, 35, 36, 36A, 44A–44D, 85, Sch 1, Part 1, para 1(1)(d), Part 2, para 6 Administration of Justice Act 1985, ss 20, 22(3), 24, 25, 26, 27, 27, 28, 29, 30, 31, Part 1 and Schs 2, 3, 5 Courts and Legal Services Act 1990, Part 4, s 66, Sch 14 The Money Laundering Regulations 1993 Criminal Justice and Public Order Act 1994 Financial Services and Markets Act 2000, Part XX Terrorism Act 2000, ss 15–18, 21ZA–21ZD The Money Laundering Regulations 2001 Proceeds of Crime Act 2002, Parts 2–4, Part 7, ss 243–245ZA, 327, 327(2A), 328, 328 (1), 328(3), 329, 329(2)(c), 329(2A), 330, 330(3), 330(6), 330 (6) (a), 330(6) (b), 330(7)(b), 330(7B), 330(10), 330(11), 331, 331(6), 333, 333B, 333C(2), 333D, 333 A–E, 334, 335 (2)–(5), 335(4), 336, 338, 339ZB, 339ZD, 342, Sch 9, para 9(1)(b) Companies Act 2006 The Money Laundering Regulations 2007 The Terrorism Act 2000 and Proceeds of Crime Act 2002 (Amendment) Regulations 2007 435

Bibliography Legal Services Act 2007, Part 1, Part 2, Part 4, Part 5, ss 4, 29, 30, 91, 92, 95, Schs 1, 4, 14 Bribery Act 2010 The Electronic Money Regulations 2011 Deregulation Act 2015 Small Business Enterprise and Employment Act 2015 Serious Crime Act 2015 The Money Laundering Regulations 2017 (as amended), Part 2, Part 4, Part 5, Part 8, regs 5, 7, 8, 8(2)(d), 8-15, 12, 18(2)(a), 18A, 19, (2)(b), (4)(d), 19A, 20, 21(1) (a)(i), (b), (c), (3), (5), (6), 24(1)(a), (1)(b), 26, 27, (1)(a), (8), (9), 28(2)(a) (b), (2) (c), (8), (11)(a), (12)(a)(i), 30A, 33, (3)(c)(i), (ii), (3A), 35(5)(b), 37, 39, 40, 43, 51, 86, 88, 86–92, Sch 1, Sch 5, Chapter 2, Chapter 3. The Oversight of Professional Body Anti-Money Laundering and Counter Terrorist Financing Supervision Regulations 2017 The Payment Services Regulations 2017 General Data Protection Regulation (EU) 2016/679 Data Protection Act 2018 The UK GDPR, Art 5(1)(c) Sanctions and Anti Money Laundering Act 2018, s 49 The Money Laundering and Terrorist Financing (Miscellaneous Amendments) Regulations 2018 The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 The Money Laundering and Terrorist Financing (Amendment) Regulations 2019 The Money Laundering and Transfer of Funds (Information) (Amendment) (EU Exit) Regulations 2019 The Money Laundering and Terrorist Financing (Amendment) (EU Exit) Regulations 2020 The Money Laundering and Terrorist Financing (Amendment) (High-Risk Countries) Regulations 2021, explanatory note The Money Laundering and Terrorist Financing (Amendment) (No  2) (High-Risk Countries) Regulations 2021 436

Cases 2021/0241 (COD) Regulation of the European Parliament and of the Council on information accompanying transfers of funds and certain crypto-assets (2021), European Commission The Money Laundering and Terrorist Financing (High-Risk Countries) (Amendment) Regulations 2022 The Solicitors Act 1974 and Administration of Justice Act 1985 (Amendment) Order 2022 Economic Crime (Transparency and Enforcement) Act 2022 The Solicitors Act 1974 and Administration of Justice Act 1985 (Amendment Order) 2022 Economic and Corporate Transparency Bill 2022

European Union Directives European Union Third Money Laundering Directive (2005/60) European Union Fourth Money Laundering Directive (2015/849) European Union Fifth Money Laundering Directive (2018/843)

Hansard Hansard: Written Answers: Solicitors Prosecutions for Fraud – Volume 336, 18 May 1938 Hansard: Debate for the Serious Crime Bill 2015 – Volume 760, 2 March 2015

Cases Quistclose Investments Limited v Barclays Bank [1968] UKHL 4 R v Ghosh [1982] QB 1053 R v Caldwell [1982] AC 341 Bolton v Law Society [1994] 1 WLR 512 Twinsectra v Yardley [2002] UKHL 12 Wood and Burdett (8669/2002) Solicitors Disciplinary Tribunal R v G (and Another) [2003] UKHL 50 Bowman v Fels [2005] EWCA Civ 226 437

Bibliography R v Da Silva [2006] EWCA Crim 1654 Shah & Another v HSBC Private Bank [2012] EWCH 1283 Parvizi v Barclays Bank [2014] EWCH B2 (QB) Purrunsing v A’Court & Co and Another [2016] EWHC 789 (Ch) Brabners v HMRC [2017] UKFTT 666 Ivey v Genting Casinos (UK) (trading as Cockfords Club) [2017] UKSC 67 [2018] P&P Property Ltd v Owen White & Catlin LLP and Another and Dreamvar (UK) Ltd v Mishcon de Reya and another [2018] EWCA Civ 1082 Bates and Others v Post Office [2019] EWHC 3408 (QB) Wingate & Evans v The Solicitors Regulation Authority [2018] and Solicitors Regulation Authority v Malins [2018] EWCA Civ 366

Solicitors Regulation Authority or Law Society Material General material and previous codes or rules Solicitors Accounts Rules 1998 The Guide to the Professional Conduct of Solicitors 1999 (8th Edition) Solicitors Accounts Rules 2011 SRA Handbook 2011 Law Society Anti Money Laundering Practice note 2016 Money Laundering Warning Signs 2016 SRA Transparency Rules 2018 SRA Risk Assessment for AML (2016–2022) SRA Annual Renewal Questionnaire (2015–2022) SRA AML Web Pages SRA Innovate Web Pages SRA Website Law Society Code for Completion by Post Law Society Practice Note on VAT and Disbursements (2021) 438

Council for Licensed Conveyancer’s Handbook SRA Looking to the Future Handbook Reform Consultation Webpage (2016–2019) SRA Standards and Regulations Pending Webpage (2019) SRA Competence Statement SRA Continuing Competence (webpage) SRA Standards and Regulations (minor amendments) Consultation (2022)

Solicitors Regulation Authority Standards and Regulations 2019 SRA Principles 2019, 2, 4, 5, 7 SRA Code of Conduct for Individuals 2019, 3.3, 4.3, 6.1, 6.2, 6.3, 8.1, 8.7 SRA Code of Conduct for Firms 2019, 2.1(d), 4.2, 4.3, 6.1, 6.2, 6.3, 7.1(c), 9, 9.1, 9.2 Solicitors Accounts Rules 2019, rr 2, 2.1(d), 2.2, 2.3(b), 2.3(c), 2.4, 2.5, 3, 3.3, 4, 4.3(a), (b), 5, 5.1(a), (b), (c), 5.3, 6.1, 8.1(a), (b), (c), 6.1, 7, 8, 8.2, 8.3, 8.4, 11.1(a), 12, 12.2(a), 13.1 Authorisation of Individuals Regulations 2019, 10.2, 10.2(b)(vii) Authorisation of Firms Rules 2019, rule 9 SRA Regulatory and Disciplinary Procedure Rules 2019 SRA Compensation Fund Rules 2021

SRA Guidance Statement of Prescribed Circumstances 2019 Withdrawal of Residual Client Balances Guidance 2019 SRA Warning Card for Holiday Sickness Claims (2017 and 2019)

Council for Licensed Conveyancer’s Handbook All codes referenced below are references to the CLC Handbook 2011 as amended, as appearing on the CLC website during 2022. The 2020 update to the CLC accounts Code is noted accordingly. CLC Handbook (2011) as amended CLC Principles CLC Estimates and Terms of Engagement Code, 8.2 439

Bibliography CLC Conflict of Interest Code CLC Anti Money Laundering and Combatting Terrorist Financing Code 9(e) CLC Accounts Code (2020), 4, 4.1a, b, 3.5, 3.6, 3.8, 5.1, 5.4a, b, c, d and f; 5.5, 5.6, 5.7, 5.9, 6, 7.3 CLC Code of Conduct, 3.6 CLC Aged Balances Guidance CLC Continuing Professional Development Code CLC Compensation Fund Operating Framework CLC Compensation Fund Policy Statement CLC Risk assessment for Anti Money Laundering 2016–2022 CLC Informed Choice Rules 2018

Other CLC Publications CLC Compensation Fund Operating Framework Example AML Policy and AML Guidance Webpage CLC Informed Choice Guidance CLC Website

Legal Aid Agency Material Legal Aid Contract (Civil) (2004–2022) Legal Aid Contract (Criminal) (2004–2022) Legal Aid Agency Website

Author’s own publications or previous works Standard and Advanced AML  Training (years 2014–2022) Honne Limited/Katie Jackson SRA  Renewal: Practising Certificate Conditions and Serious Breach: years 2019– 2022 (Training course and notes), MBL Seminars, Honne Limited/Katie Jackson Solicitors Accounts Rules: Qualified Reports and Serious Breach years 2016–2019 (Training course and notes), MBL Seminars, Honne Limited/Katie Jackson 440

Author’s own publications or previous works Risk Management – (2014), Datalaw, Honne Limited/Katie Jackson SRA Entry, Exit & Renewal – (2014), Datalaw, Honne Limited/Katie Jackson CLC Regulation – (2015), Datalaw, Honne Limited/Katie Jackson Everyday COLP and COFA – (2015), Datalaw, Honne Limited/Katie Jackson Training for tomorrow / Confident Competence – (2015), Datalaw, Honne Limited/ Katie Jackson AML Policy and Practice – (2016), Datalaw, Honne Limited/Katie Jackson AML: The Crucial Points – (2016), Datalaw, Honne Limited/Katie Jackson Everyday COLP and COFA – (2016), Datalaw, Honne Limited/Katie Jackson SRA Accounts Rules – (2016), Datalaw, Honne Limited/Katie Jackson Anti-Money Laundering – (2016), Datalaw, Honne Limited/Katie Jackson Professional Skills Course – Anti Money Laundering – (2016), Datalaw, Honne Limited/Katie Jackson Handbook Changes: A  Discussion with the SRA – Presentation (2016), Honne Limited/Katie Jackson Handbook Changes: A Discussion with the SRA ‘Questions’ (2016), Honne Limited/ Katie Jackson SRA Policy and Practice (2017/18), Datalaw, Honne Limited/Katie Jackson Reporting to the NCA – (2017), Datalaw, Honne Limited/Katie Jackson SRA Handbook Training (Accounts) (2017), Brethertons LLP, Honne Limited/Katie Jackson Professional Skills Course– Solicitor Client Care, Strategy, SRA Policy and Practice – (2017), Datalaw, Honne Limited/Katie Jackson Anti Money Laundering at the SRA and CLC – (2018), Datalaw, Honne Limited/ Katie Jackson Introduction to Anti Money Laundering – (2018), Datalaw, Honne Limited/Katie Jackson Anti Money Laundering (2018), Legal Eye / Your Conveyancer, Honne Limited/ Katie Jackson New SRA Handbook – (2018), Datalaw, Honne Limited/Katie Jackson Complaint Handling (2018 and updated 2019), Datalaw, Honne Limited/Katie Jackson 441

Bibliography AML Policy & Practice (2019), Datalaw, Honne Limited/Katie Jackson SRA  Standards and Regulations Training (2019), Legal Eye, Honne Limited/Katie Jackson Risk Management (2019), (covering anti-money laundering risk assessments), Datalaw, Honne Limited/Katie Jackson Legal Ethics (2019), Datalaw, Honne Limited/Katie Jackson SRA Authorisations (2019), Datalaw, Honne Limited/Katie Jackson Legal Eye Academy AML  Training (2018–2022), Legal Eye, Honne Limited/Katie Jackson Your Conveyancer Academy (2019–2022), Legal Eye / Your Conveyancer, Honne Limited/Katie Jackson Advanced Anti-Money Laundering – (2019), Datalaw, Honne Limited/Katie Jackson How to develop a Culture of Compliance (AML) (2020–2022), MBL  Seminars, Honne Limited/Katie Jackson How to develop a Culture of Compliance for Accountants (AML) (2020–2022), MBL Seminars, Honne Limited/Katie Jackson SRA Investigation and Enforcement – (2020), Datalaw, Honne Limited/Katie Jackson Multone Law – AML Training (2020), Legal Eye, Honne Limited/Katie Jackson Firm Academy AML Training – Recognising Money Laundering (2020–2022), Firm Academy, Honne Limited/Katie Jackson CLC Regulation (2021–2022), MBL Seminars, Honne Limited/Katie Jackson Law Firm Audits (2021), MBL Seminars, Honne Limited/Katie Jackson AML in Scotland – Risk Factors and International Instructions (2021), MBL Seminars, Honne Limited/Katie Jackson SRA Investigations (2021), MBL Seminars, Honne Limited/Katie Jackson A Year in Review (2021), MBL Seminars, Honne Limited/Katie Jackson Lateral AML (2022), MBL Seminars, Honne Limited/Katie Jackson Regulatory Compensation Funds (2022), Datalaw, Honne Limited/Katie Jackson Third Party Managed Accounts (2022), Datalaw, Honne Limited/Katie Jackson AML Update (2022), Datalaw, Honne Limited/Katie Jackson Client Account Trust (2022), Datalaw, Honne Limited/Katie Jackson 442

Other publications The Law and Regulation of Solicitors: Serious Breaches and Practising Certificate Conditions, Katie Jackson (2022) Bloomsbury Professional

Other publications Competition in Professions, Director General of Office of Fair Trading (2001) Review of the Regulatory Framework for Legal Services in England and Wales, Clementi, D (2004) The Terrorism Act 2000 and Proceeds of Crime Act 2002 (Amendment) Regulations 2007 Explanatory Note MSc Management Consultancy and Organisational Change (2011/2012), University of London FATF Guidance: National Money Laundering and Terrorist Financing Risk Assessment (2013) Financial Action Task Force FATF  Guidance: Methodology for assessing technical compliance with the FATF Recommendations and the Effectiveness of AML/CFT systems (2013) Financial Action Task Force Charging (The Director’s Guidance) fifth and sixth editions (2013 and 2020), Crown Prosecution Service PSC requirements for companies and limited liability partnerships (2016–2018) Companies House and the Department for Business, Energy and Industrial Strategy Regulation of Virtual Assets (webpage) (2018) Financial Action Task Force Supranational Risk Assessment for Money Laundering (2017 and 2019) European Commission Public Consultation on the Draft Risk-Based Approach Guidance for Legal Professionals, Accountants and Trust and Company Service Providers (2019) Financial Action Task Force Public Statement – Mitigating Risks from Virtual Assets (2019), Financial Action Task Force National risk assessment of money laundering and terrorist financing 2017 and 2020, HM Treasury Independent Review of Legal Services Regulation; The Focus of Legal Services Regulation (2018–2020), Working Paper LR3, Professor Stephen Mayson (2020) Anti Money Laundering: The SARs Regime, The Law Commission (2020) ML/TF risk trends and analysis in 2019-2020 (2019/2020) Tracfin / Ministere de l’Economie, des Finances, et de la Relance (France) 443

Bibliography Code of Practice issued under the Proceeds of Crime Act 2002: Investigations (2021) Home Office VAT Taxable Person Manual (2016–2021) HMRC Anti Money Laundering: Flag it Up Campaign (2018–2021) HM Government Activities et Analyse (2021–2022) Tracfin (France) Corruption Perceptions Index (2016–2021) Transparency International OPBAS – Sourcebook for Supervisory Members (2018–2021)  OPBAS / Financial Conduct Authority Payment Services and Electronic Money – Our approach (2021) Financial Conduct Authority Review of the UK’s AML/CFT regulatory and supervisory regime (2021 -2022) HM Treasury Legal Sector Affinity Group Guidance (2018–2022) Legal Sector Affinity Group Anti-Money Laundering and Counter-Terrorist Financing Guidance for the Accountancy Sector (2020– 2022) CCAB Sanctions Webpage (2016–2022) HM Treasury Guidance on Good Complaint Handling (webpage) (2022) Legal Ombudsman People with Significant Control (webpage) (2020–2022) Companies House High Risk and Other Monitored Jurisdictions (webpage) (2016–2022) Financial Action Task Force Jurisdictions under Increased Monitoring (webpage) (2016–2022) Financial Action Task Force Review process for High Risk Jurisdictions (webpage) (2019–2022) Financial Action Task Force NCA Online Portal (webpage) (2022) National Crime Agency Amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 Statutory Instrument 2022 (Consultation and Outcome) (2021–2022) HM Treasury Bar strike: What you need to know (2022) The Law Society Post-Implementation Review of the Money Laundering Regulations (2022), HM Treasury Post-Implementation Review of the OPBAS Regulations (2022), HM Treasury 444

Other publications UK Finance Mortgage Lenders Handbook (2022) Legal Services Board Website (2022) OPBAS website (2022) Information Commissioner’s Office (ICO) website (2022) Financial Conduct Authority website (2022) Financial Ombudsman website (2022) Legal Ombudsman website (2022) Making tax digital (web page) (2022) HMRC Risk Assessment for AML (2019–2022) The Law Society of Scotland Risk Assessment for AML (2020–2022) ICAEW Research Briefing: Economic Crime (Transparency and Enforcement) Act 2022, House of Commons Library Research Briefing: Economic Crime and Corporate Transparency Bill 2022-23: Progress of the Bill (2023), House of Commons Library

445

Index

[All references are to page numbers.]

A Accountants’ Report annual 58–59 Accounting to the client Accounts Rules, and aged balances 45 generally 44–45 Accounts Rules accounting to the client aged balances 45 generally 44–45 annual Accountants’ Report 58–59 availability of client funds 130–131 cash 43–44 cashbook investigating accounts using system 60–66 reconciliations, and example 35–36 exercise 36 generally 34–40 changes 53–54 client bank accounts 129 Compliance Officer for Finance and Administration (COFA) 59–60 concepts 128–131 conclusion 71, 431–432 developments 416–418 disbursements generally 46 VAT, and 43 disciplinary action 66–68 holding client money 46–47, 128–129 holding monies for other persons 130 introduction 13–14 investigating accounts using ledger and cashbook system 60–66 legal aid accounts generally 54–58 payments diagram 57 ledgers abortive bill AML considerations 31–32 diagram 31–32 AML considerations

Accounts Rules – contd ledgers – contd abortive bill 31–32 blank client ledger 27 monies for costs 29 blank client ledger AML considerations 27 diagram 27–28 diagrams abortive bill 31–32 blank client ledger 27–28 monies for costs 29 returning balance to client 33 searches 30 generally 26–34 investigating accounts using system 60–66 monies for costs AML considerations 29 diagram 29 proposed new rules regarding openness 420–422 returning balance to client diagram 33 generally 33–34 searches diagram 30 generally 30 movement of monies by practice 129–130 office reconciliations 41 payment of interest 131 profits costs 45–46 proposed new rules regarding openness in the ledger 420–422 reconciliations AML considerations 40–41 cashbook example 35–36 exercise 36 generally 34–40 client account bank statement example 37 exercise 37 generally 37–39

447

Index Accounts Rules – contd reconciliations – contd client account reconciliation cashbook 35–37 client matter listing 35 diagram 34–35 exercise 36 client matter listing example 35 exercise 36 generally 34–40 example 38–39 exercises answers 389–395 generally 381–386 generally 34–40 Solicitors Accounts Rules categories generally 48 maintenance of systems to store and administer client money (Category A) 48–50 rules for receipt and movement of client money (Category B) 50–51 rules which require verification and checking of sums due to client and office (Category C) 51–52 generally 47–48 system of safety nets AML considerations 23, 25 generally 19–26 monies held on trust 20–21 ‘overarching summary’ diagram 25–26 Third Party Management Accounts (TPMAs) 68–70 use of oversight mechanisms 130 VAT disbursements and comments on inferring advice 43 example of VAT inclusive ledger system 42 generally 41–43 Accounts solutions technological developments, and 404 Annual Accountants’ Report Accounts Rules, and 58–59 Anti money laundering (AML) Accounts Rules considerations ledgers abortive bill 31–32 blank client ledger 27 monies for costs 29 reconciliations 40–41 system of safety nets 23, 25 identification 401–402

Anti money laundering (AML) – contd identity checking case studies commercial clients commentary 280 scenario 279–280 solution 281–283 natural persons commentary 278–279 part template AML policy for small firms 337–343 scenario 278 solution 279 international changes 398–400 legislation generally 218 Money Laundering Regulations 2017 generally 219–220 implementing 220–225 pushes and pulls 400–401 receipt of client money, and see Receipt of client money risk management, and see Risk assessments training see Training Anti money laundering (AML) regulation professional conduct regulation, and contrast 10–12 difference 4–5 Audits see also Independent audit function Money Laundering Regulations requirements (reg 21) 170 B Biometric data technological developments, and 402–403 C Case studies AML identity checking commercial clients commentary 280 scenario 279–280 solution 281–283 natural persons commentary 278–279 part template AML policy for small firms 337–343 scenario 278 solution 279 AML training commentary generally 323–325 proposed training plans assessing training needs 328 specific training 326–327 standard training 326

448

Index Case studies – contd training and learning needs assessments financial training and learning assessment 330 legal training and learning assessment 329–330 management training and learning assessment 331–332 standard training and learning assessment 329 generally 322 sample compliance learning and development plan 333–336 scenario 322–323 solution 332 finance policies commentary 273–274 generally 273 sample wording 275–278 scenario 273 solution 274–275 finance team information commentary 315–319 solution, client account form 319–322 introduction 15–16, 272 risk assessments commentary 284–286, 305–306 example 286–289 generally 284 matrix risk assessment 306–307 scenario 284 solution mitigated matrix risk assessment 307–308 tabular risk assessment 298–305 written risk assessment 290–297 transactional risk assessments commentary 309–310 example matter risk assessment company/partnership/group/other entity 311–312 individual 310–311 file reviews 313 solution 313–315 Cash Accounts Rules, and 43–44 source of funds 94 Cashbook investigating accounts using system 60–66 reconciliations, and example 35–36 exercise 36 generally 34–40

Client account bank statement reconciliations, and example 37 exercise 37 generally 37–39 Client bank accounts Accounts Rules, and 129 Client due diligence (CDD) receipt of client money, and conducting due diligence client financial health 98–99 generally 96 high risk jurisdictions 97–98 politically exposed persons (PEPs) 96–97 sanctions 97 transactions without receipt of client money 99–100 generally 83–84 identity checking corporate persons generally 88–91 your professional practice 91–92 individuals enhanced due diligence (EDD) 86–88 generally 84–85 information on your website 88 simplified due diligence 86 standard due diligence 85–86 when client is a client 84 when to report prospective client 84 Client financial health conducting due diligence, and 98–99 transaction finance, and 202–204 Client funds Accounts Rules and availability 130– 131 Client matter listings reconciliations, and example 35 exercise 36 generally 34–40 Companies House registration requirements 246 transparency, and 406–408 Compliance Officer for Finance and Administration (COFA) Accounts Rules, and 59–60 Conclusion Accounts Rules 431–432 deliberate attempts 427–428 generally 425–427 introduction 17 legal education 428–429 reporting suspicions 429–431 solutions in this book 432–434

449

Index Contents of this book Accounts Rules 13–14 case studies 15–16 conclusion 17 continuous professional development (CPD) 16 future developments 16–17 legislation 15 offences 15 receipt of client money 14 regulatory outcomes 15 risk assessment/risk management 14–15 Context of regulation generally 2–4 Context of this book generally 17–18 Continental risk assessments Money Laundering Regulations requirement 154–157 Continuous professional development (CPD) exercises to be used as exams or discussions 348–360 further information Accounts Rules scenarios 388–389 AML scenarios 387–388 next steps scenarios 387 introduction 16, 345–348 practice scenarios 369–374 quick fire AML situations 367–368 reconciliation and general accounts exercises answers 389–395 generally 381–386 short quizzes 361–367 short scenarios 360–361 tasks 374 Costs receiving client money, and 127–128 Criminal Finance Act 2017 generally 245 Crypto assets technological developments, and 404–406 D Deliberate attempts generally 427–428 Departmental risk assessments generally 151, 208–209 tabular risk assessment, and 305 Digital currency technological developments, and 404–406 Disbursements Accounts Rules, and generally 46 VAT 43

Disciplinary action Accounts Rules, and 66–68 Due diligence see Client due diligence (CDD) E Enforcement current system see Legislation regulator, by 415–416 Enhanced due diligence (EDD) identity checking for individuals 86–88 individual (client matter) risk assessment 208–209 F Finance and accounting lateral anti money laundering, and external client focus 167 identifying areas for consideration or action 172–173 key issues 175–177 Finance policies case study commentary 273–274 generally 273 sample wording 275–278 scenario 273 solution 274–275 Finance team information case study commentary 315–319 solution, client account form 319–322 Firm wide risk assessment Money Laundering Regulations requirement generally 142–151 risk profiles categories 143–149 examples in different areas of law 145 variations 143 suggested tips on completing 150 Future developments Accounts Rules developments 416–418 proposed new rules regarding openness in the ledger 420– 422 anti money laundering identification 401–402 international changes 398–400 pushes and pulls 400–401 Companies House and transparency 406–408 conclusion 422–423 enforcement by regulator 415–416

450

Index Future developments – contd focus of Money Laundering Regulations 413–414 introduction 16–17, 397 Law Commission Review 414 money laundering regulation 412–413 PEPs and simplified due diligence 408–409 systems of regulation 409–412 technological developments accounts solutions 404 biometric data 402–403 crypto assets and digital currency 404–406 Third Party Managed Accounts (TPMAs), and 418–420 G Governance MLROs and business governance AML Review Plan 252 compliance functions in AML 252–253 generally 247–252 theory of role 249 training 253–259 structure and identifying areas for consideration or action 172–173 H High risk jurisdictions conducting client due diligence, and 97–98 Holding client money Accounts Rules, and 46–47, 128–129 legislation 214–218 Holding monies for other persons Accounts Rules, and 130 Human Resources (HR) lateral anti money laundering, and external client focus 167 identifying areas for consideration or action 172–173 key issues 178–179 I Identity checking case studies commercial clients commentary 280 scenario 279–280 solution 281–283 natural persons commentary 278–279 part template AML policy for small firms 337–343 scenario 278 solution 279

Identity checking – contd receipt of client money, and corporate persons generally 88–91 your professional practice 91–92 individuals enhanced due diligence (EDD) 86–88 generally 84–85 information on your website 88 simplified due diligence 86 standard due diligence 85–86 Independent audit function lateral anti money laundering, and audit techniques 183–184 file reviews 182–183 generally 182 Individual (client matter) risk assessment enhanced due diligence (EDD) 208– 209 Money Laundering Regulations requirement 152–154 Information technology (IT) lateral anti money laundering, and external client focus 167 identifying areas for consideration or action 172–173 key issues 180 Interest see Payment of interest Introduction to book AML regulation and professional conduct regulation contrast 10–12 difference 4–5 contents of this book 13–17 context of regulation 2–4 context of this book 17–18 generally 1–2 law enforcement 12–13 Legal Sector Affinity Group Guidance 13 professional conduct regulation AML regulation, and contrast 10–12 difference 4–5 generally 5–6 legislation 6–10 Investigation receiving client money, and 121–122 L Lateral anti money laundering risk assessments, and external client focus 165–168 finance and accounting generally 167 key issues 175–177 financial considerations 186–188

451

Index Lateral anti money laundering – contd risk assessments, and – contd financial position and external data sources 186–189 generally 160–165 human resources generally 167 key issues 178–179 identifying patterns and trends 180–182 independent audit function audit techniques 183–184 file reviews 182–183 generally 182 information technology generally 167 key issues 180 key departmental issues exercise 180 finance and accounting 175–177 generally 175 human resources 178–179 information technology 180 legal business 168 mapping a business and identifying areas for consideration or action generally 171–175 horizontal supply chains example map 175 generally 173 table and map 174 legal departments 171 operational departments 172–173 vertical supply chains example map 174 generally 173 table and map 173–174 Money Laundering Regulations requirements appointment of nominated officer (reg 21) 171 audits (reg 21) 170 generally 169, 171 policies and procedures (reg 19) 170 staff training (reg 24) 170 operations 167 policies and procedures generally 184–185 Money Laundering Regulations requirements (reg 19) 170 process mapping areas of law 168–169 Law Commission Review current reporting system 414 Law enforcement introduction 12–13

Legal aid accounts Accounts Rules, and generally 54–58 payments diagram 57 Legal Aid Agency legal aid practices, and 54–58 Legal business lateral anti money laundering, and 168 Legal departments lateral anti money laundering, and 171 Legal education conclusion 428–429 identification, and 401 Legal professional privilege Proceeds of Crime Act 2002, and arrangements and litigation (Bowman v Fels (2005)) 236–237 generally 235–236 Legal Sector Affinity Group Guidance introduction 13 Ledgers Accounts Rules, and abortive bill AML considerations 31–32 diagram 31–32 AML considerations abortive bill 31–32 blank client ledger 27 monies for costs 29 blank client ledger AML considerations 27 diagram 27–28 diagrams abortive bill 31–32 blank client ledger 27–28 monies for costs 29 returning balance to client 33 searches 30 generally 26–34 investigating accounts using ledger system 60–66 monies for costs AML considerations 29 diagram 29 returning balance to client diagram 33 generally 33–34 searches diagram 30 generally 30 Legislation anti money laundering (AML) compliance functions 252–253 generally 218 Money Laundering Regulations 2017

452

Index Legislation – contd anti money laundering (AML) – contd generally 219–220 implementing 220–225 Companies House requirements 246 conclusion 270 Criminal Finance Act 2017 245 holding client money 214–218 introduction 15, 212–214 MLROs and business governance, and AML Review Plan 252 compliance functions in AML 252–253 generally 247–252 theory of role 249 training 253–259 Proceeds of Crime Act 2002 acquisition offences and defences 233–234 process maps 260–265 continuing with transaction 237– 239 generally 225–227 legal professional privilege arrangements and litigation (Bowman v Fels (2005)) 236– 237 generally 235–236 liability 244–245 offences main offences and defences acquisition 233–234 arranging 233 concealment 232 criminal conduct outside of UK 234 generally 232 summary of defences 234 two stage process 232 reporting consent 230–231 considering the whole transaction 265–266 requirement to report 227–230 tipping off 240–244 professional conduct regulation 6–10 sanctions 245 Terrorism Act 2000 245 Third Party Managed Accounts 246–247 training generally 253–256, 259 learning assessing 260 forms of 259–260 levels 256–259

M Money Laundering Compliance Officer (MLCO) business governance, and 248–252 compliance functions in AML 252–253 training, and 253–259 Money laundering regulation current system 412–413 Money Laundering Regulations conclusion 270 focus of 413–414 generally 219–220 implementing 220–225 risk assessments, and continental risk assessments 154–157 firm wide risk assessment generally 142–151 risk profiles categories 143–149 examples in different areas of law 145 variations 143 suggested tips on completing 150 generally 142 individual risk assessment 152–154 lateral anti money laundering, and appointment of nominated officer 171 audits 170 generally 169, 171 policies and procedures 170 staff training 170 national risk assessments generally 157, 160 key risk factors 158–159 new technology 160 worldwide risk assessments 154– 157 Third Party Managed Accounts (TPMAs) 246–247 Money Laundering Reporting Officers (MLROs) business governance, and AML Review Plan 252 generally 247–252 theory of role 249 compliance functions in AML 252–253 reporting to see Reporting training, and 253–259 Movement of monies by practice Accounts Rules, and 129–130 N National risk assessments Money Laundering Regulations requirement generally 157, 160 key risk factors 158–159

453

Index Proceeds of Crime Act 2002 – contd offences main offences and defences acquisition 233–234 arranging 233 concealment 232 criminal conduct outside of UK 234 generally 232 summary of defences 234 two stage process 232 reporting consent 230–231 considering the whole transaction 265–266 requirement to report 227–230 tipping off 240–244 Professional conduct regulation AML regulation, and contrast 10–12 difference 4–5 generally 5–6 legislation 6–10 Profits costs Accounts Rules, and 45–46

Nominated officer appointment under Money Laundering Regulations requirements (reg 21) 171 training, and 248 O Offences introduction 15 Proceeds of Crime Act 2002 acquisition generally 233–234 process maps 260–265 main offences and defences acquisition 233–234 arranging 233 concealment 232 criminal conduct outside of UK 234 generally 232 summary of defences 234 two stage process 232 Office reconciliations generally 41 Operational departments lateral anti money laundering, and 172–173 Operations lateral anti money laundering, and external client focus 167 identifying areas for consideration or action 172–173 P Payment of interest Accounts Rules, and 131 Payments out receiving client money, and 125–127 Policies and procedures lateral anti money laundering, and generally 184–185 Money Laundering Regulations requirements (reg 19) 170 Politically exposed persons (PEPs) conducting client due diligence, and 96–97 simplified due diligence, and 408–409 Proceeds of Crime Act 2002 acquisition offences and defences 233–234 process maps 260–265 continuing with transaction 237–239 generally 225–227 legal professional privilege arrangements and litigation (Bowman v Fels (2005)) 236– 237 generally 235–236 liability 244–245

R Receipt of client money concepts of Accounts Rules 128–131 conducting client due diligence client financial health 98–99 generally 96 high risk jurisdictions 97–98 politically exposed persons (PEPs) 96–97 sanctions 97 transactions without receipt of client money 99–100 introduction 14, 73–75 money laundering defining 76–79 stages of current regulatory/ legislative requirements before receipt of client money (stage 1) generally 80–82 high-risk areas of law 82–83 due diligence (stage 2) enhanced 86–88 generally 83–84 simplified 86 standard 85–86 when client is a client 84 when to report prospective client 84 generally 79

454

Index Receipt of client money – contd money laundering – contd identity checking corporate persons (stage 2B) generally 88–91 your professional practice 91–92 individuals (stage 2A) enhanced due diligence (EDD) 86–88 generally 84–85 information on your website 88 simplified due diligence 86 standard due diligence 85–86 ongoing monitoring (stage 4) 94–96 source of funds (stage 3) cash 94 checking 93 generally 92–94 receiving client money areas of investigation 121–122 costs 127–128 generally 113 initial receipt into firm 113–116 managing lifetime of transaction 116–120 monies from and to third parties 122–125 payments out 125–127 reporting Anti Money Laundering Advice Form 132–134 Anti Money Laundering Reporting Form 135–136 advice to MLROs 106 after reporting 109–112 exercises 109 five minute feedback 104 generally 100–109 kind of things an MLRO might consider 105 managing risks and issues 112–113 seeking consent 107–108 Reconciliations see also Office reconciliations Accounts Rules, and AML considerations 40–41 cashbook example 35–36 exercise 36 generally 34–40 client account bank statement example 37 exercise 37 generally 37–39 client account reconciliation

Reconciliations see also Office reconciliations – contd Accounts Rules, and – contd cashbook 35–37 client matter listing 35 diagram 34–35 exercise 36 client matter listing example 35 exercise 36 generally 34–40 example 38–39 exercises answers 389–395 generally 381–386 generally 34–40 Regulatory outcomes introduction 15 making a distinction between regulation and law enforcement 266–270 Regulatory systems enforcement by regulator, and 415– 416 generally 409–412 Reporting conclusion 429–431 Proceeds of Crime Act 2002, and consent 230–231 considering the whole transaction 265–266 requirement to report 227–230 receipt of client money, and advice to MLROs 106 after reporting 109–112 Anti Money Laundering Advice Form 132–134 Anti Money Laundering Reporting Form 135–136 exercises 109 five minute feedback 104 generally 100–109 kind of things an MLRO might consider 105 managing risks and issues 112–113 seeking consent 107–108 Risk assessments business continuity plan 191–193 case study commentary 284–286, 305–306 example risk assessments 286–289 generally 284 matrix risk assessment 306–307 scenario 284 solution mitigated matrix risk assessment 307–308 tabular risk assessment 298–305

455

Index Risk assessments – contd case study – contd written risk assessment 290–297 transactional risk assessments commentary 309–310 example matter risk assessment company/partnership/group/ other entity 311–312 individual 310–311 file reviews 313 solution 313–315 client money file review 200–201 conclusion 190 introduction 14–15, 137–142 lateral anti money laundering external client focus 165–168 finance and accounting generally 167 key issues 175–177 financial considerations 186–188 financial position and external data sources 186–189 generally 160–165 human resources generally 167 key issues 178–179 identifying patterns and trends 180–182 independent audit function audit techniques 183–184 file reviews 182–183 generally 182 information technology generally 167 key issues 180 key departmental issues exercise 180 finance and accounting 175–177 generally 175 human resources 178–179 information technology 180 legal business 168 mapping a business and identifying areas for consideration or action generally 171–175 horizontal supply chains example map 175 generally 173 table and map 174 legal departments 171 operational departments 172–173 vertical supply chains example map 174 generally 173 table and map 173–174 operations 167 policies and procedures

Risk assessments – contd lateral anti money laundering – contd generally 184–185 Money Laundering Regulations requirements (reg 19) 170 process mapping areas of law 168–169 re-considering Money Laundering Regulations requirements appointment of nominated officer (reg 21) 171 audits (reg 21) 170 generally 169, 171 policies and procedures (reg 19) 170 staff training (reg 24) 170 Money Laundering Regulations requirements continental risk assessments 154– 157 firm wide risk assessment generally 142–151 risk profiles categories 143–149 examples in different areas of law 145 variations 143 suggested tips on completing 150 generally 142 individual (client matter) risk assessment 152–154, 208–209 national risk assessments generally 157, 160 key risk factors 158–159 new technology 160 re-considering for purposes of lateral anti money laundering 169–171 worldwide risk assessments 154– 157 reflective 205 sample wording for file storage and file review policies 206–207 templates 194–199 transaction finance and client financial health risk assessment 202–205 Risk management see Risk assessments S Sales and marketing lateral anti money laundering, and external client focus 167 identifying areas for consideration or action 172–173 Sanctions conducting client due diligence, and 97 legislation 245

456

Index Simplified due diligence identity checking for individuals 86 politically exposed persons (PEPs) 408–409 Solicitors Accounts Rules see Accounts Rules Solutions in this book generally 432–434 Source of funds client financial health risk assessment, and 202–205 receipt of client money, and cash 94 checking transaction finance 93 generally 92–94 Staff training see Training Standard due diligence identity checking for individuals 85–86 T Technological developments accounts solutions 404 biometric data 402–403 crypto assets and digital currency 404–406 Third Party Managed Accounts (TPMAs), and 418–420 Terrorism Act 2000 generally 245 Third parties monies from and to 125–127 Third Party Managed Accounts (TPMAs) Accounts Rules, and 68–70 generally 246–247 Money Laundering Regulations, and 246–247 technological developments, and 418–420 Tipping off Proceeds of Crime Act 2002, and 240–244 Training case study commentary generally 323–325 proposed training plans assessing training needs 328 specific training 326–327 standard training 326 training and learning needs assessments

Training – contd case study – contd financial training and learning assessment 330 legal training and learning assessment 329–330 management training and learning assessment 331–332 standard training and learning assessment 329 generally 322 sample compliance learning and development plan 333–336 scenario 322–323 solution 332 identifying areas for consideration or action 172–173 legislation, and generally 253–256, 259 learning assessing 260 forms of 259–260 levels of training 256–259 Money Laundering Compliance Officer, and 248 Money Laundering Regulations requirements (reg 24) 170 ‘nominated officer’, and 248 Transaction finance see Source of funds Transactional risk assessments case study commentary 309–310 example matter risk assessment company/partnership/group/other entity 311–312 individual 310–311 file reviews 313 solution 313–315 V VAT Accounts Rules, and disbursements and comments on inferring advice 43 example of VAT inclusive ledger system 42 generally 41–43 W Worldwide risk assessments Money Laundering Regulations requirement 154–157

457