Cutting through the complexities of compliance
The SRA published its annual AML report revealing the challenges encountered by law firms to remain compliant. Despite the main requirements of the 2017 money laundering regulations being in place for six years, over half of the firms inspected were deemed non-compliant or partially compliant by the SRA. Are lawyers too busy to perform client due diligence or is the regulation too complex? Further reading of the SRA report leads one to believe that the best approach is to keep it simple (KIS).
Why it matters.
Notwithstanding the hundreds of billions spent each year on compliance to combat financial crime, money laundering, fraud and other crimes still cost the global economy trillions each year. Now, the cost directly to law firms for non-compliance is likely to increase as the SRA CEO Paul Philip indicated they will consult next year on fixed financial penalties for inadequate AML controls. These will be steeper than the current fixed penalties issued for minor compliance failures, according to Philip.
The SRA further indicated one of the key areas to address is the client / matter risk assessment (CMRA) performed (or not) on matters within scope. Philip acknowledged that fee earners and support staff are simply inundated with compliance issues and when it came to CMRAs, they were either being completed incorrectly, or not at all. Although most of the firms reviewed had appropriate policies in place, for whatever reason these were not being followed, exposing the firm and its clients to payment fraud risk.
Between the Lines.
Looking deeper into the issue, assuming the policies are in place and the stakeholders are trained, the underlying issue in the majority of cases is complexity.
Much of this complexity can be avoided with good practice. In a thematic report, the SRA observed what were considered poor practices in firms where AML compliance was inadequate as well as good practices from firms scoring high in the compliance audits. General themes began to emerge. A few of them as follows:
Poor practice:
The client risk was considered in isolation and the risks relating to the matter were not assessed. Or vice versa.
The firm used a template with standard text for all transactions, which discouraged analysis of risk by the fee earner.
The firm relied on e-verification system ratings instead of fee-earners forming their own assessment of the risk. Or fee-earners provided little or no input into the risk assessment.
Good practice:
Where risk ratings were used, the firm recorded how it arrived at that rating and the thinking behind it.
The form used required fee-earners to make an active decision on the level of due diligence required based on the level of risk.
The fee-earner was required to make an active assessment of the risk posed, not rely on a tick-box form. The CMRA automatically flags high-risk matters to the money laundering compliance officer for approval.
The way forward.
Findings from the SRA annual AML report suggest that complexity is one of the biggest obstacles to compliance. Like it or not, payment fraud isn’t going away and the penalties for non-compliance are increasing.
While there is no substitute for adhering to carefully defined policies, law firms can alleviate much of the complexity by turning to automation where possible. Automated solutions can help firms complete robust CMRAs in a fraction of the time.
One such solution is Lucra. With just a few clicks, firms are able to verify client and third-party bank accounts using the most advanced, secure technology available. No time-consuming phone calls. No risk of email scams. Firms can produce instant validation reports to reduce the workload and improve CMRAs.
Speak to us today or visit our website to learn how we can help you keep it simple for AML compliance.