Posted by Jess Irwin, senior consultant, and Jen Dunlop, managing director of Compliance Office, on behalf of Legal Futures Associate VinciWorks
Jessica Irwin
The Court of Appeal handed down its judgment in Dentons v SRA on 27 April, and the profession is right to welcome it. Coming weeks after the Mazur judgment, this is the second time in short succession that the Court of Appeal has corrected the Solicitors Regulation Authority’s (SRA) legal position. That pattern deserves scrutiny, not just relief.
At the heart of this case was a question with genuinely high stakes for the profession: does any breach of the Money Laundering Regulations (MLRs), regardless of severity, automatically amount to professional misconduct?
The SRA said yes. Its position had a certain internal logic – the codes of conduct require solicitors to comply with laws and regulations, so a breach of those laws could reasonably be argued to amount to a breach of the codes. The High Court agreed.
The Court of Appeal has now firmly said no, and in doing so has restored what most practitioners would regard as a basic principle of regulatory proportionality.
The SRA overreached
The SRA prosecuted Dentons for breaches of the MLR 2007 that occurred between 2013 and 2017, principally failures to conduct adequate source of wealth and funds enquiries in relation to a high-risk politically exposed person.
The Solicitors Disciplinary Tribunal (SDT) found those breaches were inadvertent and insufficiently serious to warrant misconduct findings. The SRA appealed. The High Court sided with the SRA, finding that breaches of the MLRs effectively amounted to strict liability conduct offences, with no seriousness threshold required.
The implications of that position, had it stood, would have been significant and chilling. Under the High Court’s logic, a firm that failed to complete a client and matter risk assessment on a single in-scope matter, or whose fire extinguisher maintenance fell behind schedule in breach of health and safety regulations, could have faced SDT proceedings and a professional misconduct finding.
The Court of Appeal was not impressed by that analysis, and it was right not to be.
The strict liability approach was at odds with the common law position on professional misconduct, which has long required an element of seriousness before professional censure follows.
It sat uneasily with section 28(3) of the Legal Services Act 2007, which requires regulators to act in a way that is proportionate, transparent and targeted.
And it contradicted the SRA’s own enforcement strategy, which sets seriousness thresholds before investigation begins. The SRA was arguing for a standard in court that its own internal procedures did not apply.
Jen Dunlop
What the Court of Appeal decided
The Court of Appeal has established that the test for whether conduct amounts to professional misconduct is one of ‘sufficient seriousness’.
The question for the SDT is whether the conduct in question would be considered sufficiently serious by competent and reputable solicitors to constitute professional misconduct. That is a judgment call that requires context, proportionality and professional assessment. It is not a mechanical tick-box exercise.
This is the correct approach. A regulatory system that treats every inadvertent procedural failure as a conduct issue is not well-functioning. It is one that generates disproportionate fear, discourages self-reporting and ultimately undermines the culture of compliance it is supposed to support.
What the profession should not conclude from this
The judgment is not a green light to let AML standards slip and any firm that reads it that way is making a serious mistake.
The Court of Appeal upheld the High Court’s decision to remit the Dentons case back to the SDT, where the question of whether the firm’s failures were sufficiently serious to amount to misconduct will be reconsidered.
The original SDT found the breaches inadvertent. The Court of Appeal said it had difficulty understanding how sustained failures across the lifetime of a retainer, including inherited client relationships where no one had checked whether AML obligations had been met, could be characterised as entirely inadvertent. That is a significant observation.
The practical message is clear. Firms need to understand the MLR requirements and ensure policies and procedures are current and followed. PEP screening must be ongoing, not just at onboarding. Source-of-funds and wealth enquiries must be proportionate to risk, and where risk is elevated, the scrutiny must be too.
Mergers and acquisitions must include proper due diligence on the acquired firm’s AML standards. Do not assume their standards are your standards. The fact that the clients have been inherited is not a defence.
The road ahead
This judgment is particularly timely given the Financial Conduct Authority’s (FCA) expected role in AML oversight of the legal sector.
One significant concern about that transition has been the prospect of dual enforcement, where an AML breach triggers both FCA action and SRA misconduct proceedings simultaneously.
The Court of Appeal’s ‘sufficiently serious’ threshold should provide some relief on that front. Not every regulatory shortcoming will automatically generate a conduct referral.
What will generate debate is what ‘sufficiently serious’ actually means in practice. The SRA will need to update its guidance, and COLPs should watch closely as that standard is articulated.
Firms should also be clear that the threshold applies to the SRA and SDT’s decision-making, not to firms’ own reporting obligations. The duty under paragraph 3.10 of the Code of Conduct for Firms to report matters the firm reasonably believes the SRA should be aware of remains unchanged.
The SRA has now lost two significant appellate battles in rapid succession (albeit the SRA may disagree that they have ‘lost’ this one and will no doubt be awaiting the SDT’s further conclusions about Dentons’ AML behaviour with bated breath).
At some point, the regulator needs to reflect on whether its enforcement posture has been calibrated correctly.
The profession, for its part, should take the right lesson from these judgments: not that compliance obligations are diminishing, but that a proportionate and credible regulatory framework is in everyone’s interests.
A compliance culture built on genuine risk management, not fear of strict liability, is more durable, more effective, and ultimately more defensible. These judgments point the profession in that direction.
Leave a Comment