The Solicitors Regulation Authority (SRA) has launched its 2024 Anti-Money Laundering (AML) and Sanctions Data Collection exercise, a critical initiative aimed at evaluating law firms’ compliance with AML regulations and ensuring that risks related to money laundering and financial sanctions are effectively managed. This week’s Compliance Collective session delves into the key components of the questionnaire, highlights best practices for completing it, and offers strategies for using this exercise as a tool to strengthen your firm’s compliance framework.
Understanding the SRA’s 2024 AML & Sanctions Request
The SRA’s 2024 AML Data Collection Questionnaire is a detailed document designed to collect comprehensive information from law firms on their AML practices, policies, and procedures. The SRA’s goal is to assess the level of risk associated with individual firms and to determine which firms may require closer scrutiny through audits or further inquiries.
The questionnaire is divided into several key sections, each focusing on different aspects of AML compliance:
1. Initial Firm Details and AML Scope:
- Firm Information: Basic details about the firm, including SRA ID and contact information.
- AML Scope: Firms must declare whether they engage in regulated activities under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. This includes services like conveyancing, estate administration, and corporate transactions. The SRA uses this information to determine the firm’s exposure to AML risks.
2. Policies, Procedures, and Controls:
- Firm-Wide Risk Assessment: Firms are asked whether they have an AML firm-wide risk assessment in place, a requirement since 2017. The questionnaire inquires about the last review date and the outcomes of that review.
- AML Policies and Procedures: The SRA requires firms to detail their AML policies, including when they were last reviewed. A review conducted more than a year ago could place a firm in a higher risk category, suggesting a need for more frequent updates to align with current regulations.
3. Trust and Company Service Provision (TCSP):
- TCSP Activities: Firms that provide trust and company services must report on the types of services they offer, such as acting as a director or trustee, and the volume of such work relative to their overall operations. This section is critical for firms engaged in high-risk activities, as it helps the SRA assess the firm’s risk profile in these areas.
4. Financial Sanctions Compliance:
- Sanctions Risk Assessment: All firms, regardless of their involvement in AML-regulated activities, must report on their compliance with financial sanctions. The questionnaire asks whether the firm has assessed the risk of sanctions breaches and how these risks are managed.
- Sanctions Screening: The SRA is interested in how firms screen their clients against sanctions lists, including the frequency of these checks and the methods used (e.g., electronic verification tools or manual checks).
5. Suspicious Activity Reports (SARs):
- SAR Submission: Firms are required to disclose how many Suspicious Activity Reports (SARs) they have submitted in the past year, broken down by the type of work involved (e.g., conveyancing, corporate transactions). The number of SARs can indicate the firm’s vigilance in identifying and reporting suspicious activities.
Key Insights from the SRA’s AML Questionnaire
The SRA’s questionnaire is not just a data collection tool; it’s a mechanism to encourage firms to critically evaluate their own AML procedures. Here are some insights based on the detailed content of the questionnaire:
- Firm-Wide Risk Assessments and Policy Reviews: The SRA emphasises the importance of keeping AML risk assessments and policies up to date. Firms that haven’t reviewed their policies in the past year should do so before submitting their questionnaire responses. Regular reviews ensure that firms remain compliant with evolving AML regulations and can respond effectively to new risks.
- Detailed Record-Keeping: The questionnaire prompts firms to consider how they document compliance decisions, particularly regarding AML risk assessments, client due diligence, and SARs. Firms should maintain comprehensive records that justify their responses, especially for areas that may attract SRA scrutiny, such as high-risk client engagements or large volumes of SARs.
- Risk of SRA Audits: The SRA may use the information gathered through the questionnaire to prioritise firms for audits. Firms that report high levels of activity in high-risk areas, such as TCSPs or frequent SAR submissions, should be prepared for potential follow-up from the SRA. This could include on-site inspections or more detailed requests for information.
- Electronic Verification and Monitoring Tools: The questionnaire encourages firms to leverage technology in their compliance efforts. This includes using electronic verification tools for client due diligence and implementing ongoing monitoring systems that automatically alert the firm to changes in a client’s risk profile. These tools can enhance the firm’s ability to manage AML risks proactively.
- Beyond Mere Compliance: Firms that approach the SRA’s AML Data Collection exercise as more than a regulatory requirement can turn it into a competitive advantage. By demonstrating robust AML practices and a proactive approach to compliance, firms can enhance their reputation with clients, regulators, and industry peers.
Practical Steps for Completing the SRA’s AML Questionnaire
Here are some practical steps to ensure your firm completes the SRA’s questionnaire effectively:
- Start Early: Don’t wait until the deadline approaches. Begin gathering the required information and complete sections as soon as possible to avoid last-minute technical issues with the SRA’s submission portal.
- Involve Key Stakeholders: Engage your firm’s MLRO, compliance team, and relevant department heads early in the process. Their input will be crucial in accurately answering the questionnaire.
- Use a Spreadsheet for Responses: Consider using a spreadsheet to track your answers, along with notes and justifications for each response. This will be invaluable if you need to revisit your submission later.
- Review and Update Policies: Take this opportunity to review and update your AML policies, procedures, and risk assessments. Ensure that any gaps identified during this process are addressed before submission.
- Consult External Experts if Needed: If your firm is unsure about any part of the questionnaire or your AML practices, consider consulting with external compliance experts. Their guidance can help ensure that your submission is accurate and your AML framework is robust.
In Conclusion
The SRA’s 2024 AML and Sanctions Data Collection exercise is a critical component of the regulator’s strategy to combat money laundering and financial crime within the legal sector. By approaching the questionnaire as both a compliance requirement and an opportunity for internal review, law firms can not only satisfy the SRA’s demands but also strengthen their overall compliance posture.
Maximise your compliance!
Discover how our innovative courses can transform your firm’s skills and knowledge. Ensure your team always stays compliant, knowledgeable, and motivated to drive your organization forward.