The enforcement of AML compliance: Five takeaways from our webinar


In May 2022, the Solicitors Regulation Authority (SRA) increased its maximum fine for non-compliant firms from £2,000 to £25,000. As a result, it’s more important than ever for compliance professionals to be clued up on ever-changing regulations.

In our webinar ‘The Enforcement of AML Compliance: The Risks and How Firms Can Prepare’, we asked an expert panel to give us their take on the latest anti-money laundering (AML) guidance. As well as what to expect from (and how to prepare for) an SRA audit.

Led by Thirdfort’s Co-founder and MD, Jack Bidgood, our panel also included:

  • Simon Harbord, Head of Consulting & Audit, Teal Compliance 

  • Rick Kent, AML and Economic Crime Manager, The Law Society

Below we’ve picked out five key takeaways from the panel’s discussion.

1. Make AML regulations ‘part of your firm’s DNA’

The recent increase in the maximum fines the SRA can issue has put the spotlight back on the importance of AML practices. But according to Rick, it’s not just the SRA that should be taking AML seriously. 

Responsibility falls on firms and compliance professionals due to the nature of their work: “AML should be treated as business as usual, and be a part of your business’ DNA. If you can get that right, it’s good for your business and good for your clients.”

He added, “For those in the legal profession - who essentially have the role of gatekeeper - it’s all about making sure that you understand the risks. Such as those associated with trade-based money laundering and how organised crime can use it, and that you’re not being exploited.”

2. Beware becoming a ‘professional enabler’

As the number of AML regulations continue to ramp up, the emphasis is on firms to make sure they are compliant. Simon advises taking extra care, even if you think your firm isn’t at risk of money laundering.

3. Don’t be afraid to challenge familiar clients

When it comes to compliance, firms should, “assume nothing, believe nothing and challenge everything,” suggested Rick. “Whether you’re dealing with a client of 30 years or of five minutes, you have to treat them both the same. They should be given the same degree of due diligence and the same understanding [had you] never met them before.”

“That is the way that business needs to be done, as people change and circumstances change. They may not have been involved in organised crime ten or twenty years ago, but they could be now.”

Simon added that, “Some firms have dedicated AML teams to onboard their clients. And others work on trust. There are still a lot of firms that have documented policies and procedures, but believe that because they have told people what they need to do, then they’ll do it.”

But this is where these firms are falling short, he noted. “People aren’t following procedures. No one is checking up on them. And that’s what the SRA is picking up. So those are the firms that are likely to get the more difficult questions and go through investigations or enforcements.”

4. The SRA need proof of you putting guidance into action

We’ve established the importance of proving that you and your firm are taking AML regulations seriously. What constitutes best practice for putting this into practice?

According to Rick, it’s about being completely ‘AML-aware’. This means not just knowing recent regulatory changes, and having the policies in place to meet them. It’s consistently following through on these processes and making sure that you are committed to doing so with every transaction.

“Every firm is different, so how does your firm interpret the guidance? Simply repeating the guidance and saying you’ll follow it in order to comply with the regulations isn’t enough.”
Simon recommends noting what your firm does, who carries out certain actions, when those are done, and how they are checked. Read our blog on what to expect from an AML audit for more tips.

5. Technology has a place within client due diligence

With the need for heightened security against fraud, technology’s place within the client due diligence process has been a hot topic for a while, said Simon. And recently he has seen more firms choosing to using digital ID verification for their clients:

“I am finding that more and more firms are taking on sophisticated products. They make life easier for everybody… They help you to speed up onboarding, to keep tabs on clients more closely, and to check source of funds, which tends to be a big weak spot for clients.”

As for the SRA, Simon has found that they are on board with the idea of digital ID verification and that they believe technology can be a useful tool for client due diligence when used in the right way. However, Rick confirmed that making sure you’re using products that meet current regulations is crucial, and that the SRA will want to see that you understand exactly how these products work.


Want to find out more about what our experts had to say? Watch the webinar to hear the full conversation.

Subscribe to our newsletter

Subscribe to our monthly newsletter for recaps and recordings of our webinars, invitations for upcoming events and curated industry news. We’ll also send our guide to Digital ID Verification as a welcome gift.

Our Privacy Policy sets out how the personal data collected from you will be processed by us.