5 onboarding, compliance and AML tips for law firms

We recently held a session about digital onboarding, compliance, and AML at The Onboarding Summit. Presented by Amy Bell, Director of TEAL Compliance, we explored the key things law firms should be aware of to ensure their digital onboarding and AML processes are compliant. If you missed it, catch up on-demand now. 

Compliance is always a top priority for law firms. With new technology available and the ever-increasing threat of fraud and cybercrime, ensuring your processes are up to date and supporting your compliance requirements is a must. 

Amy focussed on two key points during her session at The Onboarding Summit; the importance of completing a risk assessment, and following up with client ID verification and source of funds checks. We’ve already covered the technology behind digital ID checks with GBG and using Open Banking in your source of funds verification process with technology from Truelayer. Once you understand how this tech can enhance your onboarding process, it’s time to dig into how to manage compliance within your process. 

So, what are Amy’s top tips for supporting your firm’s compliance requirements when onboarding? We’ll cover off 5 things your firm should be aware of to have a robust system in place. 

1. Stay up to date with regulatory changes 

The Solicitors Regulation Authority provides a wealth of insight and information for law firms to ensure they can be as up-to-date as possible with their client onboarding compliance. The SRA periodically publishes the findings from their research, which takes into account the do’s and don’t’s when it comes to AML for law firms. You can read the latest document here. 

The SRA focus on the policies, controls, and procedures that law firms have documented within the AML process and advise firms to check in regularly and ensure there are no gaps. Setting up a regular review of the entire process, rather than parts in isolation can help you to identify if there’s anything missing, or whether you need to update your policies, controls, and procedures. 

2. Ensure you have an accurate risk assessment in place 

The report by the SRA identified that 29% of firms they visited didn’t have a risk assessment in place. Additionally, many of those that did have a risk assessment in place didn’t have them completed accurately.  

So, what should firms be doing to accurately complete their risk assessment? Ensure your risk assessment is at the appropriate level – the SRA has conveyancing as a high-risk area of law, and so should firms. The matter risk assessment should be completed by the person is who conducting the file.  

Assess each individual matter and the circumstances around that file. Is the person a cash buyer? If so, you’re going to want to dig deeper and ensure you know where the money has come from. It’s key this is managed by the fee earner and that they have the full picture of their client. 

3. Check your due diligence is robust 

Amy shared a statistic that 53% of firms assessed have insufficient client due diligence in place. Some of the most common areas of concern? 11% of firms relied on the client declaring whether they were a politically exposed person instead of completing the checks themselves. 

Results revealed 8% of firms relied on someone else’s CDD. But in more positive news, 91% of firms turned away someone because of AML concerns – which means processes and risk assessments have helped to eliminate risk to the firm. So, if you’ve never turned someone away for AML, you need to ask whether your process is robust enough. 

How can you improve your client due diligence process? Ensure you have a clear process for storing ID information and results from your third-party providers, and that the process is followed. If information and results aren’t stored where they are meant to be, this can be problematic during an audit. Have a process, ensure your storage of results and data are secure, and make sure they are kept where the process outlines. Using a CMS to keep your files well-managed can support these efforts. 

4. Stay on top of PEPs 

Following on from the previous point, having a robust system in place for managing ID checks for politically exposed persons (PEPs) is essential. Regulators will be looking at how your firm identifies them, and how you assess the level of risk associated with them.  

The two key areas of risk with PEPs are; could they be involved in funding terrorism because of their position, or have they got access to funds that could be layered for the purposes of terrorist financing? Secondly, because of their position, could they be bribed or corrupted? 

If you have clients who you may have a longstanding client certificate with so you don’t have to ID them for every transaction, it’s important to know these are no longer accepted under the LSA guidance. You need to complete regular and thorough ID checks, particularly for PEPs. 

5. Ensure you understand how the AML and onboarding technology works 

Having effective technology in place to ensure you’re compliant when onboarding and completing your client due diligence is great, but it doesn’t end there. Your team, including the head of risk of money laundering officers, need to understand how that technology works to ensure they are completing the process correctly and effectively.  

Organise training with your provider, make sure you know what the results mean including the criteria for a pass or fail result, and understand what data has been matched during the verification process. This has also been outlined in the LSA guidance – that staff must be trained to use the systems correctly.  

Whether you already have the technology in place or are implementing a new system, make sure current and new staff are comfortable with it. Assess the impact of that technology and ask yourself whether it makes it easier or harder for criminals to try to defraud a transaction.  

There’s a lot to consider when it comes to compliance with your AML, client due diligence and onboarding. However, by understanding the expectations of your firm, what you need to be aware of, and the guidance from bodies including the LSA and SRA, you can place yourself in a good position. 

Discover more about onboarding, AML and compliance with Amy Bell of TEAL Compliance 

We recently caught up with Amy Bell, Founder and CEO at TEAL Compliance as well as the Author of Solicitors and Money Laundering and Compliance That Works. Her presentation at The Onboarding Summit delved deeper into what firms need to be aware of with onboarding, AML and compliance. Watch the session now from The Onboarding Summit now.