Posted by Mev Dzihic, director and co-founder of Legal Futures Associate Lawtech 365
We have recently seen the Solicitors Regulation Authority (SRA) fining law firms across England and Wales over a lack of proper anti-money laundering (AML) policies and procedures.
Some do not see these as evidence of a system-wide shake-up by the SRA. They claim that AML and ID verification compliance for opening and running a legal matter is only a small, albeit important, part and simply a tick-box exercise.
Some legal compliance experts agree that change in our AML system is well overdue because it is clearly lagging behind other industries, such as financial services. However, they then caveat this assertion by predicting that any change in AML compliance will take time, possibly years, because there is very little appetite in the legal sector to do things differently.
But I believe differently. I think there is now a systemic trend towards raising the bar on AML and ID verification quality.
It is being pushed by two forces. The first is legal institutions, including the SRA, HM Land Registry and the Law Society, and the second, which I think is even more important, is legal technology providers realising that there is a business opportunity for innovation in digital compliance and AML/ID verification technology.
Lawyers are naturally at the forefront of AML as for most activities where money is laundered, a lawyer will be required at some point.
So this is why there is a clamp-down on law firms which do not have AML and ID verification policies and procedures in place. In 2019 (which seems like an age ago), the SRA invested in a dedicated team to oversee and support firms who either fall short of proper AML governance or need extra support to understand what they can do to enhance their policies.
Since then and a commitment to a higher quality of AML and ID verification, the SRA has been fining law firms left, right and centre to prove that it is very much out with the old and in with the new.
Let’s go back to 2017 and the release of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. This regulation added a new dimension to legal practices requiring them to introduce “practice-wide risk assessments” forcing a more risk-based approach to clients, both individuals and corporations.
The aim was to encourage solicitors’ firms to identify potential risk upfront and to understand the true nature of their source of funds, so ensuring that any ill-gotten money is identified right away.
This was only four (soon to be five) years ago, but if you ask any practice whether it has a firm-wide risk assessment, most will say they do. Why? Because the authorities (the SRA included) were not willing to allow law firms to set their own minimum standard for reviewing risk.
This was only the first step in the clamp-down. Fast forward to 2021 and another well-known body, HM Land Registry, released its own digital standard on AML and ID verification compliance. Its Digital ID Standard introduced a safe harbour status for all property lawyers who followed the steps laid out in the guidance.
The goal is to ensure proper checks on the identity of a client and the sources of funds. This policy highlights how the legal sector should expect AML regulations and compliance to transform over the coming years.
What’s interesting is that this ‘institutional pressure’ is leading to market forces also playing their bit in raising the standards in AML technology.
Of course, there have been several electronic ID verification systems in the market for many years. But these dinosaurs are no better than eye-balling a client in person and taking their word on where their money has come from.
No, what we’re seeing is the development innovative systems which truly verify individuals using biometrics and connect directly to their finances, offering lawyers levels of financial detail and compliance they have never had before.
There are some who highlight the dangers to data security and sensitivity, but when you ask how they verify clients, it will be scanned documents emailed by clients. This is not AML compliant. And it doesn’t take an IT-whizz to hack such insecure emails and obtain client information.
So surely a system which has rigorous security measures and where the data never leaves it during the whole verification process is the way forward.
These new AML platforms see opportunity in law firms not yet caught up with the new AML regulations or those finding it hard to make sense of them.
The tech providers are adding pressure and help to implement the new standards set out. So currently we have an almost symbiotic relationship between institutions like the SRA, Law Society and Land Registry with private legal technology enterprises like Lawtech 365 in pushing this clamp down on poor AML practices in law firms.
So, what’s next? No money laundering activity at all in legal? Ideally, but as our technology systems and regulation procedures get more robust and smarter, so do the fraudsters.
The end result is to combine technology, training and procedures to make it harder to launder money. Only through tougher sanctions and tighter systems will law firms move to a place where the SRA will not have to fine them for lax policies and procedures but instead applaud them for being at the forefront of AML compliance.