AML FOR LEGAL 2021 Download What are the UK AML requirements for law firms? The UK’s Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR2017) transposed the requirements under the EU 4th AML Directive (4AMLD), which brought law firms into scope for the respective AML requirements as of 26 June 2017. In recent years, these requirements have been amended and guidance has been published to aid compliance with the evolving regulatory landscape. The Solicitors Regulation Authority (SRA) have been very active in performing regulatory visits as well as reviews and thematic assessments to ensure the circa 7,000 law firms regulated by the SRA have adopted and maintained these AML requirements. SRA reviews have demonstrated that many firms have not fully adopted or maintained all requirements, and may be missing key components of requirements, such as having appropriate policies and procedures in protect the firm from being used to facilitate money laundering (ML) or terrorist financing (TF) and having an independent audit of the AML programme and controls conducted. Download Topics Board Matters Internal Audit and Corporate Governance Risk Management and Regulatory Compliance Business Performance Digital Transformation Key Information 26 June 2017 - Date the UK MLR2017 main AML requirements went into force for law firms 74 firms visited in 2019-2020 by the SRA with twothirds requiring update and/or enhancement of current practices. 2019 - 2021 – Amendments to key AML regulation go into effect (Brexit, trusts, tax, etc.) 2021 – Updated guidance on AML for the legal sector issued Key AML Requirements 1. Conducting a ML/TF risk assessment Implementing systems, policies, controls and procedures to address ML/ TF risks and meet the requirements under the regulations 2. AML Training to Staff Adopting appropriate internal controls (including appointment of senior management responsible for compliance, screening of employees and independent review of the AML programme and associated controls) 3. Data Protection (policies, procedures, and systems) Comply with due diligence requirements (including simplified, customer and enhanced due diligence), 4. Record keeping (policies, procedures, and systems) DDD Comply with Politically Exposed Persons (PEP) requirements High Level AML Journey 1. Risk Assessment Risk based approach Risk factors to consider customers, geography, products/services, transaction and delivery channels 2. Policies and Procedures Manage and mitigate ML/TF risks Aligned to risk assessment results Proportionate to size and nature of your business 3. Independent review of AML Programme Review adequacy of policies, control and procedures Monitor compliance and make recommendations 4. AML Programme as BAU MLR 2017 compliant Revisiting these three (3) key drivers of the AML programme to ensure ML/TF risk posed are accurately identified and mitigated on an ongoing basis AML Programme Considerations and Lifecycle Has your organisation completed a ML/TF risk assessment within the last year? Has your organisation's AML control environment been subject to an independent review? Are your staff aware of their AML responsibilities and do they understand the importance of AML compliance and the laws driving the requirements? Would your staff be able to identify and scrutinise complex and unusually large and unusual patterns of transactions to understand when disclosures would be required? Protiviti’s AML Solutions Helping our clients embed and navigate through regulatory change is core to what we do. Protiviti’s AML expertise, pragmatic approach to risk-based AML programmes and experience with change and implementation allows us to understand and appreciate the AML journey your firm faces. Our AML Solution Offerings Subject Matter Expertise Independent Review Risk Assessment AML Programme design and implementation Staff Training Policy and Procedures Loan staff support Change Management & Innovation
