By Legal Futures’ Associates The Access Group
The SRA has recently sent out an email to 7,000 Compliance Officers for Legal Practice (COLPs) asking them to confirm the following:
“I confirm that the information I have given is correct, to the best of my knowledge and belief and that I will notify you if anything changes in respect of the information provided in the future”.
The declaration requires all firms who fall within the scope of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Regulations), to declare they have a compliant firm-wide risk assessment in place that takes account of information published by the SRA and includes references to the firms’ customers, countries or geographic areas in which it operates, products and services, transaction and delivery channels.
If you have not received this email, we recommend that you contact the SRA immediately to avoid missing the deadline to respond (31st January 2020).
Before completing the declaration, you as the COLP may want to ask yourself a number of questions:
- Why is the SRA sending the request to me and not the MLRO/MLCO?
- Have I read all relevant information published by the SRA and others on this topic, for example, guidance on preparing a firm-wide risk assessment, sectoral risk assessment, warning notices, legal sector guidance?
- Have I contacted the SRA Ethics Helpline for advice (if appropriate) on AML and complying with the regulations?
- Am I happy to take the word of the MLRO that everything is as it should be from an AML perspective or should I be investigating further and seeking evidence in support?
- If I will be requiring the MLRO or MLCO (or other person) to complete the declaration in my place, can I provide a reasonable explanation as to why I am unable to provide the response?
The SRA Code of Conduct for Firms (Requirement 9.1) states that:
“If you are a COLP you must take all reasonable steps to (a) ensure compliance with the terms and conditions of your firm’s authorisation, and (b) ensure that your firm’s managers and interest holders and those they employ or contract with do not cause or substantially contribute to a breach of the SRA’s regulatory requirements.”
This clearly shows that you are responsible for ensuring compliance with the Regulations and that this does not rest with the MLRO/MLCO. You and many other COLPs may not have appreciated this!
The SRA has a clear expectation that you will have read all relevant legal sector, AML related guidance in order to ensure compliance with the Regulations, and sought advice from its Ethics Helpline if in any doubt, but will you and other COLPs have done this if you thought AML matters were the responsibility of the MLRO/MLCO?
As you and other COLPs may have been thinking that MLROs were responsible for this area you will need to be completely happy that everything that is required under the Regulations has been put in place, or take the word of the MLRO with the risk that they may not have done all that is required. Whichever option you choose you will be responsible for justifying matters to the SRA should it decide to make further enquiries; this is not just a matter of providing the declaration and thinking the SRA won’t make further enquiries.
As outlined above, you as the COLP have regulatory obligations in relation to ensuring compliance, so by getting the MLRO to provide the declaration in your place it could indicate to the SRA that you do not have proper oversight of this area.
AML compliance is a serious matter and the SRA will take action where it finds cause for concern.
Some COLPs have already recognised that this declaration exercise may be more than just a case of the SRA asking a question; they believe it is the SRA lining up potential cases for enforcement action against firms and their COLPs for offences like failing to act with integrity and honesty by giving a declaration that may turn out not to be completely true once it has reviewed further evidence.
The deadline for responding is 31 January 2020, so time is of the essence for you to ensure everything is as it should be before putting your name to the declaration; don’t forget to be compliant with 5AMLD, which comes into force on 10 January.
Riliance, Socrates Training – as part of the Access Group – have provided significant assistance to firms with their AML compliance in terms of training, assisting with preparing AML risk assessments, undertaking AML risk-based file audits, providing a system to manage suspicious activity reports; to name but a few of the services we have on offer. Our brochure outlines our vast range of services that can support your AML obligations.
Download our brochure to discover more about how we can help.