New technologies such as biometrics, machine learning and artificial intelligence can now form part of the anti-money laundering (AML) armoury, law firms have been told.
However, they need to wary of the risk of bias being built into the systems.
The Legal Sector Affinity Group, made up of all the UK’s legal regulatory and representative bodies, has published a 212-page draft of its updated AML guidance, which is subject to approval by HM Treasury.
In addition to various provisions being expanded, there is a new section on the use of technology as part of AML processes, looking at areas such as electronic ID verification, corporate registry and beneficial ownership checkers, and electronic tools to screen clients against sanctions, politically exposed persons and adverse media watchlists.
The guidance also considers new technology. “The use of biometric indicators such as facial recognition software as part of an overall identity verification process is now widely used across various industries, and may be considered proven technology, helpful in meeting a practice’s AML obligations, especially in non-face to face situations, remote client take-on situations,” it said.
“Where used, consideration must always be given to the use and storage of such data, where collected, stored and retained.”
The use of machine learning and artificial intelligence may be helpful in some high-volume businesses, it went on, particularly in reducing the number of false positive screening matches or discounting potential matches which have arisen.
“Where a practice considers the use of technology as useful and viable in the context of their business, careful consideration must be given to the timeliness, quality and accuracy of data used within the system, in order to ensure the validity of output – along with the filters/settings used by the system deployed to identify potential matches.
“Machine learning by its very nature learns from historic data and outcomes, and therefore may have limited use in predicting future outcomes.
“This is particularly important to consider where the outputs of automated systems may create a risk of discrimination against prospective clients based on protected characteristics or any other access to justice issues.
“You may consider it appropriate to undertake an equality impact assessment in order to examine any such issues in depth.”
The guidance also includes:
- Expanded guidance on understanding source of funds and source of wealth;
- An updated training section;
- Fully revised and expanded guidance on risk assessments – firm-wide, client and matter;
- A revised section on legal professional privilege;
- Revised, updated and expanded AML governance and internal controls sections;Clarifications on high-risk sectors, accepting cash into the client account, customer due diligence (CDD) on referrals from another legal practice, and timing of CDD/exceptions; and
- Discrepancy reporting to Companies House, and other relevant registries from new duty/obligations introduced from January 2020.
Trevor Hellawell of MPH Consulting, who provides the Legal Futures webinars on compliance, said the broad message of the guidance had not changed: “Always remain vigilant, make all the necessary enquiries, report where relevant – and that is all to the good. However, much greater attention will need to be paid in the future to the aspects of documenting everything, evidencing everything and making (possibly embarrassing) enquiries of old clients as to the sources of their wealth.”
Mr Hellawell said he was, however, “slightly disquieted” by the way in which the AML regulations were being “‘interpreted’ in a way which goes beyond what they actually say and feed into the regulators’ (arguably, ultimately pointless) requirement of gathering evidence of what the client has told us about the source of funds”.
He added: “When would we ever stop? The tone is one of ‘trust nothing, and nobody’, which goes against the commercial realities of most client interactions. But, if that is what is necessary, we will do it.