Skip to main content

KYC/AML Compliance

For Qualified Solicitors

KYC, AML and Due Diligence Compliance

E-Solicitors Legal Services Marketplace

─────────────────────────────────────

Mandatory Aml Compliance Gateway

Know Your Customer | Anti-Money Laundering | Due Diligence

─────────────────────────────────────

Version 1.0 - January 2026

England and Wales

Important Notice to Solicitors

  • AML COMPLIANCE IS A LEGAL REQUIREMENT. FAILURE TO COMPLY IS A CRIMINAL OFFENCE. YOU MUST VALIDATE YOUR KYC, AML AND DUE DILIGENCE PROCEDURES BEFORE PROVIDING ANY LEGAL SERVICES THROUGH THE PLATFORM.

The Platform Does NOT Conduct AML Checks

You acknowledge and understand that:

  • The Platform does NOT conduct Customer Due Diligence on clients

  • The Platform does NOT verify client identity

  • The Platform does NOT screen clients against sanctions lists

  • The Platform does NOT assess money laundering risk

  • The Platform is NOT your AML supervisor

  • REQUIRED: YOU are solely responsible for all AML/KYC compliance for your clients

Mandatory Pre-Registration Requirements

  • REQUIRED: Written practice-wide risk assessment in place

  • REQUIRED: AML policies, controls and procedures documented

  • REQUIRED: CDD procedures established and operational

  • REQUIRED: Sanctions screening procedures in place

  • REQUIRED: MLRO designated (or sole practitioner responsibility understood)

  • REQUIRED: SAR reporting procedures established

  • REQUIRED: Staff training completed and documented

  • REQUIRED: 5-year record keeping systems operational

Criminal Offences

Failure to comply with AML requirements can result in:

Criminal prosecution under MLR 2017 - up to 2 years imprisonment

Criminal prosecution under POCA 2002 - up to 14 years imprisonment

Criminal prosecution under Terrorism Act 2000 - up to 14 years imprisonment

Criminal prosecution under SAMLA 2018 - up to 7 years imprisonment

Unlimited fines

SRA regulatory action including striking off

Contents

Part A: General Terms and Regulatory Framework

  1. Definitions

  2. Regulatory Framework

  3. Platform Status - No AML Role

  4. Your AML Responsibilities

Part B: Aml Supervision and Governance

  1. SRA as AML Supervisor

  2. MLRO Requirements

  3. Senior Management Responsibility

  4. Governance and Oversight

Part C: Risk Assessment

  1. Practice-Wide Risk Assessment

  2. Matter Risk Assessment

  3. Client Risk Assessment

  4. Geographic Risk Factors

  5. High-Risk Indicators

Part D: Customer Due Diligence (cdd)

  1. When CDD is Required

  2. Standard CDD Requirements

  3. Identification and Verification

  4. Beneficial Ownership

  5. Purpose and Nature of Relationship

  6. Ongoing Monitoring

Part E: Enhanced Due Diligence (edd)

  1. When EDD is Required

  2. Politically Exposed Persons (PEPs)

  3. High-Risk Third Countries

  4. Complex or Unusual Transactions

  5. Additional EDD Measures

Part F: Simplified Due Diligence

  1. When SDD May Apply

  2. SDD Requirements

Part G: Source of Funds and Wealth

  1. Source of Funds Verification

  2. Source of Wealth Verification

  3. Third Party Payments

Part H: Sanctions Screening

  1. UK Sanctions Regime

  2. Sanctions Lists

  3. Screening Requirements

  4. Match Handling

Part I: Suspicious Activity Reporting

  1. Recognising Suspicious Activity

  2. Internal Reporting

  3. SARs to NCA

  4. Tipping Off

  5. Consent Regime

Part J: Record Keeping

  1. CDD Records

  2. Transaction Records

  3. Retention Periods

Part K: Training

  1. Training Requirements

  2. Training Records

Part L: Sra and Law Society Requirements

  1. SRA Code Compliance

  2. Law Society Guidance

Part M: Fca Requirements

  1. FCA Regulated Activities

  2. Consumer Duty

Part N: General Provisions

  1. Warranties

  2. Suspension and Termination

  3. Governing Law

Schedules

Schedule 1: AML Compliance Declaration

Schedule 2: Risk Assessment Checklist

Schedule 3: CDD Checklist - Individuals

Schedule 4: CDD Checklist - Corporate Clients

Schedule 5: EDD Checklist

Schedule 6: PEP Screening Checklist

Schedule 7: Sanctions Screening Checklist

Schedule 8: Red Flags and Warning Signs

Part A: General Terms and Regulatory Framework

  1. Definitions

1.1 In these Terms:

'Beneficial Owner' means an individual who ultimately owns or controls more than 25% of a legal entity, or otherwise exercises control (per LSAG 2025: MORE THAN 25%).

'CDD' means Customer Due Diligence as required by MLR 2017.

'Consent' means consent from the NCA to proceed with a transaction following a SAR.

'Criminal Property' means property constituting or representing benefit from criminal conduct.

'EDD' means Enhanced Due Diligence.

'ECCTA 2023' means the Economic Crime and Corporate Transparency Act 2023.

'FATF' means the Financial Action Task Force.

'High-Risk Third Country' means a country identified by FATF or HMT as having strategic AML deficiencies.

'KYC' means Know Your Customer.

'LSAG 2025' means the Legal Sector Affinity Group Anti-Money Laundering Guidance 2025.

'MLR 2017' means the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (as amended).

'MLRO' means Money Laundering Reporting Officer.

'NCA' means the National Crime Agency.

'OFSI' means the Office of Financial Sanctions Implementation.

'PEP' means a Politically Exposed Person.

'Platform' means [Platform Name], operated by [Company Name].

'POCA' means the Proceeds of Crime Act 2002.

'RCA' means a Relative or Close Associate of a PEP.

'SAMLA 2018' means the Sanctions and Anti-Money Laundering Act 2018.

'SAR' means a Suspicious Activity Report.

'SDD' means Simplified Due Diligence.

'SRA' means the Solicitors Regulation Authority.

'TA 2000' means the Terrorism Act 2000.

  1. Regulatory Framework

2.1 This Agreement incorporates compliance with:

Legislation/Guidance

Key Requirements

Penalties

MLR 2017

CDD, risk assessment, policies

2 years / unlimited fine

POCA 2002

Reporting, no dealing with criminal property

14 years / unlimited fine

TA 2000

Reporting terrorist property

14 years / unlimited fine

SAMLA 2018

Sanctions compliance

7 years / unlimited fine

ECCTA 2023

Failure to prevent fraud, beneficial ownership

Unlimited fine

LSAG 2025

Sector-specific guidance

Regulatory action

SRA Standards

Professional conduct

Striking off

  1. Platform Status - No AML Role

3.1 You acknowledge that the Platform:

(a) Is NOT a 'relevant person' under MLR 2017;

(b) Does NOT have AML obligations;

(c) Does NOT conduct CDD on clients;

(d) Does NOT verify client identity;

(e) Does NOT screen clients against sanctions lists;

(f) Is NOT supervised by the SRA for AML purposes;

(g) Is NOT your AML supervisor.

3.2 Introduction of a client through the Platform does NOT:

(a) Constitute CDD;

(b) Reduce your CDD obligations;

(c) Transfer any AML responsibility to the Platform;

(d) Provide any reliance for MLR 2017 purposes.

  1. Your AML Responsibilities

4.1 You are SOLELY responsible for:

(a) Conducting CDD on all clients;

(b) Identifying and verifying client identity;

(c) Identifying beneficial owners;

(d) Verifying source of funds and wealth;

(e) Conducting risk assessments;

(f) Sanctions screening;

(g) Ongoing monitoring;

(h) Suspicious activity reporting;

(

i

) Record keeping;

(j) Staff training.

Part B: Aml Supervision and Governance

  1. SRA as AML Supervisor

5.1 You warrant that:

(a) The SRA is your professional body AML supervisor;

(b) You are registered with the SRA for AML supervision;

(c) You comply with SRA AML requirements;

(d) You will cooperate with SRA AML inspections;

(e) You will report material AML breaches to the SRA.

5.2 SRA supervisory activities include:

(a) Review of risk assessments;

(b) Inspection of policies and procedures;

(c) Assessment of CDD practices;

(d) Review of training records;

(e) Enforcement action where necessary.

  1. MLRO Requirements

6.1 You warrant that:

For Firms

(a) An MLRO has been appointed at appropriate seniority;

(b) The MLRO has authority to act independently;

(c) The MLRO has access to all relevant information;

(d) The MLRO has sufficient resources and time;

(e) The MLRO's identity is registered with the SRA.

For Sole Practitioners / Freelance Solicitors

(a) You understand you personally bear MLRO responsibilities;

(b) You are competent to fulfil these responsibilities;

(c) You have systems in place to identify and report suspicious activity.

6.2 MLRO responsibilities include:

(a) Receiving internal suspicious activity reports;

(b) Evaluating whether to submit SAR to NCA;

(c) Submitting SARs to NCA where appropriate;

(d) Responding to consent requests;

(e) Maintaining SAR records;

(f) Providing AML advice and guidance;

(g) Overseeing AML compliance.

  1. Senior Management Responsibility

7.1 Under MLR 2017 Regulation 21, senior management must:

(a) Approve AML policies, controls and procedures;

(b) Appoint the MLRO (where applicable);

(c) Ensure adequate resources for AML compliance;

(d) Receive regular AML reports;

(e) Take responsibility for AML compliance.

  1. Governance and Oversight

8.1 You warrant appropriate governance including:

(a) Clear allocation of AML responsibilities;

(b) Regular review of AML effectiveness;

(c) Escalation procedures for AML issues;

(d) Board/management oversight of AML matters;

(e) Independent testing of AML systems (where appropriate).

Part C: Risk Assessment

⚖ LEGAL REQUIREMENT: MLR 2017 Regulation 18 requires a written risk assessment. Failure to have one is a criminal offence.

  1. Practice-Wide Risk Assessment

9.1 You warrant that you have a written practice-wide risk assessment that:

(a) Identifies and assesses ML/TF risks to your practice;

(b) Considers client risk factors;

(c) Considers geographic risk factors;

(d) Considers service/transaction risk factors;

(e) Considers delivery channel risk factors;

(f) Is proportionate to the size and nature of your practice;

(g) Is reviewed and updated regularly (at least annually);

(h) Is approved by senior management;

(

i

) Informs your policies, controls and procedures.

9.2 The risk assessment must be:

(a) In writing;

(b) Kept up to date;

(c) Available to the SRA on request;

(d) Reviewed when circumstances change.

  1. Matter Risk Assessment

10.1 For each matter, you must assess:

(a) The type of legal work involved;

(b) Whether it involves relevant legal activities under MLR 2017;

(c) The complexity and value of the transaction;

(d) Any unusual features;

(e) The overall risk level.

10.2 Higher risk legal work includes:

Work Type

Risk Level

Key Concerns

Conveyancing

High

Property used to launder funds

Company/trust formation

High

Shell companies, nominee structures

Client account transactions

High

Layering of funds

Large cash transactions

High

Placement of criminal cash

Complex corporate structures

High

Concealment of ownership

Cross-border transactions

Elevated

Jurisdictional arbitrage

High-value transactions

Elevated

Proportionality to client profile

  1. Client Risk Assessment

11.1 For each client, assess risk factors including:

(a) Client type (individual, corporate, trust, etc.);

(b) Ownership and control structure;

(c) PEP status;

(d) Geographic location;

(e) Nature of business/occupation;

(f) Source of funds and wealth;

(g) Expected transaction patterns;

(h) Any adverse information.

  1. Geographic Risk Factors

12.1 Higher risk jurisdictions include:

(a) FATF high-risk jurisdictions (grey/black list);

(b) HMT high-risk third countries;

(c) Countries subject to UK/EU/UN sanctions;

(d) Countries with high corruption indices;

(e) Tax havens and secrecy jurisdictions.

  1. High-Risk Indicators

13.1 Red flags requiring enhanced scrutiny:

(a) Complex ownership structures with no clear rationale;

(b) Use of nominees or bearer shares;

(c) Involvement of PEPs or their associates;

(d) Source of funds unclear or inconsistent;

(e) Client reluctant to provide information;

(f) Unusual urgency without commercial reason;

(g) Transactions that make no economic sense;

(h) Client has adverse media coverage.

Part D: Customer Due Diligence (cdd)

  • CDD IS MANDATORY. You must NOT establish a business relationship or proceed with a transaction if you cannot complete CDD.
  1. When CDD is Required

14.1 CDD must be conducted:

(a) Before establishing a business relationship;

(b) Before carrying out an occasional transaction of €15,000 or more;

(c) When there is suspicion of ML/TF regardless of value;

(d) When there are doubts about previously obtained information;

(e) When it is appropriate given the risk.

14.2 CDD comprises:

(a) Identifying the client;

(b) Verifying the client's identity;

(c) Identifying beneficial owners;

(d) Taking reasonable measures to verify beneficial owners;

(e) Assessing the purpose and nature of the relationship;

(f) Conducting ongoing monitoring.

  1. Standard CDD Requirements

15.1 For INDIVIDUALS, obtain and verify:

(a) Full name;

(b) Date of birth;

(c) Residential address;

(d) Verification from reliable, independent source.

15.2 Acceptable ID verification documents:

Document Type

What It Verifies

Notes

Passport (current)

Name, DOB, photo

Government-issued, primary ID

Driving licence (photocard)

Name, DOB, address, photo

UK/EU preferred

National ID card

Name, DOB, photo

EU/EEA countries

Utility bill (recent)

Address

Within 3 months

Bank statement

Name, address

Within 3 months

Council tax bill

Name, address

Current year

15.3 For CORPORATE CLIENTS, obtain and verify:

(a) Full legal name;

(b) Company registration number;

(c) Registered office address;

(d) Principal place of business;

(e) Directors and officers;

(f) Beneficial owners;

(g) Legal form and constitution.

  1. Identification and Verification

16.1 Identification means obtaining information about who the client is.

16.2 Verification means confirming that information from reliable, independent source.

16.3 Verification methods:

(a) Original documents seen in person;

(b) Certified copies from appropriate sources;

(c) Electronic verification (with appropriate safeguards);

(d) Confirmation from regulated financial institution;

(e) Companies House records (for corporates).

  1. Beneficial Ownership

17.1 You must identify ALL beneficial owners.

  • LSAG 2025 CHANGE: Beneficial ownership threshold is now MORE THAN 25% (not '25% or more'). Update your procedures accordingly.

17.2 A beneficial owner is an individual who:

(a) Owns MORE THAN 25% of shares or voting rights;

(b) Has the right to appoint/remove majority of directors;

(c) Otherwise exercises control over the entity;

(d) Is a beneficiary of more than 25% of a trust;

(e) Has control over a trust.

17.3 Verification sources:

(a) Companies House PSC Register;

(b) Company's register of members;

(c) Trust deeds;

(d) Partnership agreements;

(e) ID verification of beneficial owners themselves.

17.4 If no beneficial owner is identified:

(a) Document your attempts to identify beneficial owners;

(b) Consider identifying senior managing officials;

(c) Assess whether this increases risk.

  1. Purpose and Nature of Relationship

18.1 You must understand:

(a) Why the client needs legal services;

(b) The nature of the work required;

(c) The expected transaction patterns;

(d) Whether the engagement makes commercial sense;

(e) Any unusual features of the retainer.

  1. Ongoing Monitoring

19.1 Throughout the relationship, you must:

(a) Keep CDD information up to date;

(b) Monitor transactions for consistency with client profile;

(c) Identify unusual or suspicious activity;

(d) Review and update risk assessment;

(e) Conduct periodic reviews for higher-risk clients.

Part E: Enhanced Due Diligence (edd)

⚖ LEGAL REQUIREMENT: EDD is MANDATORY in certain circumstances. It is not optional.

  1. When EDD is Required

20.1 EDD is MANDATORY for:

(a) Politically Exposed Persons (PEPs) - foreign AND domestic;

(b) Family members and known close associates of PEPs;

(c) Clients from high-risk third countries;

(d) Complex or unusually large transactions;

(e) Unusual patterns of transactions with no apparent purpose;

(f) Any other situation presenting higher ML/TF risk.

20.2 EDD measures include:

(a) Obtaining additional identification information;

(b) Additional verification measures;

(c) Enhanced source of funds/wealth verification;

(d) More frequent ongoing monitoring;

(e) Senior management approval for the relationship;

(f) First transaction through verified bank account.

  1. Politically Exposed Persons (PEPs)

21.1 A PEP is an individual who holds or has held a prominent public function:

Category

Examples

Duration

Heads of state/government

Presidents, Prime Ministers

Role + 12 months

Senior politicians

Ministers, MPs, MEPs

Role + 12 months

Senior judiciary

Supreme Court justices

Role + 12 months

Senior military

General officers

Role + 12 months

Senior executives of SOEs

CEOs of state enterprises

Role + 12 months

Central bank governors

BoE Governor

Role + 12 months

Ambassadors

Senior diplomats

Role + 12 months

Directors of international orgs

UN, IMF, World Bank

Role + 12 months

21.2 For domestic PEPs (UK):

(a) EDD is required but may be proportionate;

(b) Senior management approval is required;

(c) Source of wealth and funds must be established;

(d) Enhanced ongoing monitoring applies.

21.3 For foreign PEPs:

(a) Higher risk presumed;

(b) Full EDD measures apply;

(c) Enhanced scrutiny of source of wealth;

(d) Consider jurisdiction risk.

21.4 Family Members and Known Close Associates (RCAs):

(a) Spouse or civil partner;

(b) Children and their spouses/partners;

(c) Parents;

(d) Known close business associates;

(e) Beneficial owners of entities known to be for PEP's benefit.

  1. High-Risk Third Countries

22.1 EDD is mandatory for clients connected to:

(a) Countries on FATF grey or black lists;

(b) Countries identified by HMT as high-risk;

(c) Countries under comprehensive UK/EU/UN sanctions.

22.2 Additional measures for high-risk countries:

(a) Obtain additional information on client and beneficial owners;

(b) Obtain additional information on nature of business relationship;

(c) Obtain information on source of funds and wealth;

(d) Obtain information on reasons for transactions;

(e) Obtain senior management approval;

(f) Conduct enhanced ongoing monitoring.

  1. Complex or Unusual Transactions

23.1 EDD required for transactions that:

(a) Are unusually large or complex;

(b) Have unusual patterns;

(c) Have no apparent economic or lawful purpose;

(d) Involve unusual payment methods;

(e) Involve multiple jurisdictions without clear reason.

  1. Additional EDD Measures

24.1 Depending on risk, additional measures may include:

(a) Independent verification of information provided;

(b) Physical meeting with the client;

(c) Obtaining references from other professionals;

(d) Enhanced adverse media searches;

(e) Regular senior management review;

(f) More frequent CDD updates.

Part F: Simplified Due Diligence

  1. When SDD May Apply

25.1 SDD may be applied ONLY when:

(a) The relationship or transaction presents LOW risk of ML/TF;

(b) This is evidenced by your risk assessment;

(c) No high-risk factors are present;

(d) It is appropriate in all circumstances.

25.2 Lower risk factors may include:

(a) Client is a UK public authority;

(b) Client is a company listed on regulated market;

(c) Client is a UK-regulated financial institution;

(d) Beneficial owner is readily identifiable;

(e) Relationship is well understood.

  • SDD does NOT mean no due diligence. You must still identify the client and monitor the relationship.
  1. SDD Requirements

26.1 Even with SDD, you must:

(a) Identify the client;

(b) Verify identity through appropriate means;

(c) Conduct ongoing monitoring;

(d) Be alert to suspicious activity;

(e) Escalate to standard or enhanced CDD if risk increases.

Part G: Source of Funds and Wealth

⚖ LEGAL REQUIREMENT: Verification of source of funds is critical. Handling proceeds of crime is a serious criminal offence under POCA 2002.

  1. Source of Funds Verification

27.1 Source of Funds means the origin of the specific funds for the transaction.

27.2 You must understand and verify:

(a) Where the money is coming from;

(b) How the client acquired the funds;

(c) The route the funds will take;

(d) Whether the explanation is consistent and credible.

27.3 Evidence may include:

(a) Bank statements showing accumulation of savings;

(b) Sale proceeds (e.g., property sale, business sale);

(c) Inheritance documentation;

(d) Gift documentation;

(e) Investment returns;

(f) Employment income/payslips;

(g) Loan documentation.

  1. Source of Wealth Verification

28.1 Source of Wealth means how the client accumulated their overall wealth.

28.2 This is particularly important for:

(a) PEPs and their associates;

(b) High-value transactions;

(c) Clients from high-risk jurisdictions;

(d) Clients with unexplained wealth.

28.3 Consider:

(a) Employment history and income levels;

(b) Business interests and profits;

(c) Investments and returns;

(d) Inheritances;

(e) Whether wealth is consistent with known profile.

  1. Third Party Payments

29.1 Where funds come from a third party:

(a) Identify the third party;

(b) Understand the relationship;

(c) Verify the third party's source of funds;

(d) Consider conducting CDD on the third party;

(e) Assess why a third party is involved;

(f) Be alert to potential structuring or layering.

  • Third party payments are a significant red flag. Consider carefully whether there is a legitimate reason.

Part H: Sanctions Screening

  • Providing services to sanctioned persons is a CRIMINAL OFFENCE. You must screen ALL clients against relevant sanctions lists.
  1. UK Sanctions Regime

30.1 Under SAMLA 2018 and related legislation:

(a) It is a criminal offence to deal with designated persons;

(b) It is a criminal offence to make funds available to designated persons;

(c) It is a criminal offence to circumvent sanctions;

(d) Maximum penalty: 7 years imprisonment and/or unlimited fine.

  1. Sanctions Lists

31.1 You must screen against:

List

Authority

Website/Source

UK Consolidated List

Ofsi

gov.uk/government/publications/financial-sanctions-consolidated-list-of-targets

UN Sanctions Lists

UN Security Council

scsanctions.un.org

EU Consolidated List

EU

eeas.europa.eu (relevant for EU connections)

OFAC SDN List

US Treasury

ofac.treasury.gov (relevant for US connections)

  1. Screening Requirements

32.1 Screen at minimum:

(a) At the start of the relationship (all clients);

(b) Before each significant transaction;

(c) When client information changes;

(d) When sanctions lists are updated;

(e) Periodically for ongoing relationships.

32.2 Screen the following:

(a) The client (individual or entity);

(b) All beneficial owners;

(c) Directors and officers (for corporates);

(d) Connected parties to the transaction;

(e) The other party to the transaction (where known).

  1. Match Handling

33.1 If a potential match is identified:

(a) DO NOT proceed with the transaction;

(b) DO NOT inform the client of the match (tipping off);

(c) Escalate to MLRO immediately;

(d) Conduct further checks to confirm/eliminate match;

(e) Report to OFSI if match is confirmed;

(f) Consider reporting to NCA as suspicious activity.

  • A confirmed sanctions match means you CANNOT act. Proceeding would be a criminal offence.

Part I: Suspicious Activity Reporting

⚖ LEGAL REQUIREMENT: Failure to report suspicions of money laundering is a criminal offence under POCA 2002 s.330.

  1. Recognising Suspicious Activity

34.1 You must be alert to indicators of money laundering including:

(a) Client reluctant to provide identification;

(b) Complex ownership structures with no apparent purpose;

(c) Transactions with no apparent commercial rationale;

(d) Source of funds inconsistent with client profile;

(e) Unusual urgency;

(f) Client has links to high-risk jurisdictions;

(g) Use of cash without explanation;

(h) Client unconcerned about transaction costs;

(

i

) Adverse media about client;

(j) Instructions change unexpectedly.

34.2 The test is whether you KNOW or SUSPECT or have REASONABLE GROUNDS to know or suspect.

  1. Internal Reporting

35.1 If you have suspicions:

(a) Report internally to the MLRO (or nominated deputy);

(b) Report as soon as practicable;

(c) Provide full details of concerns;

(d) Do not investigate further without MLRO guidance;

(e) Do not discuss with the client or colleagues not involved.

  1. SARs to NCA

36.1 The MLRO must submit a SAR to NCA where:

(a) There is knowledge or suspicion of ML/TF;

(b) There are reasonable grounds for such knowledge or suspicion;

(c) The information came in the course of business.

36.2 SARs must be submitted via:

(a) NCA SAR Online system (preferred);

(b) Post (SAR form).

36.3 The SAR must contain:

(a) Identity of the subject (if known);

(b) Information about the suspected ML/TF;

(c) Whereabouts of criminal property (if known);

(d) Your concerns and reasons for suspicion.

  1. Tipping Off
  • TIPPING OFF IS A CRIMINAL OFFENCE. Do NOT inform any person that a SAR has been made or that an investigation is underway.

37.1 You must not disclose:

(a) That you have made a SAR;

(b) That you have made an internal report;

(c) That an investigation is being or may be conducted;

(d) Any information that could prejudice an investigation.

37.2 Maximum penalty for tipping off: 5 years imprisonment and/or unlimited fine.

  1. Consent Regime

38.1 Where you need consent from NCA to proceed:

(a) Request consent in the SAR;

(b) You must NOT proceed until consent is given or deemed;

(c) NCA has 7 working days to refuse consent;

(d) If no response in 7 days, consent is deemed;

(e) If refused, NCA has further 31 calendar days moratorium;

(f) After moratorium expires without extension, you may proceed.

Part J: Record Keeping

⚖ LEGAL REQUIREMENT: Failure to keep adequate records is a criminal offence under MLR 2017.

  1. CDD Records

39.1 You must retain copies of:

(a) Documents used to verify identity;

(b) Evidence of verification process;

(c) Beneficial ownership information;

(d) Risk assessments;

(e) Source of funds/wealth documentation;

(f) Ongoing monitoring records.

  1. Transaction Records

40.1 You must retain:

(a) Records of all transactions;

(b) Supporting evidence and documentation;

(c) Sufficient detail to reconstruct transactions;

(d) Correspondence relating to matters.

  1. Retention Periods

41.1 Records must be retained for:

(a) CDD records: 5 years from end of business relationship;

(b) Transaction records: 5 years from completion of transaction;

(c) SAR records: As long as relevant for criminal proceedings;

(d) Training records: For duration of employment plus appropriate period.

41.2 Records must be:

(a) Easily retrievable;

(b) Available to SRA on request;

(c) Available to law enforcement where legally required;

(d) Stored securely.

Part K: Training

  1. Training Requirements

42.1 Under MLR 2017 Regulation 24, you must ensure:

(a) All relevant employees receive AML training;

(b) Training is provided regularly;

(c) Training covers recognition of ML/TF;

(d) Training covers reporting procedures;

(e) Training covers your policies and procedures;

(f) Training is appropriate to role and risk exposure.

42.2 Training should cover:

(a) Legal and regulatory framework;

(b) ML/TF risks in legal sector;

(c) CDD requirements;

(d) Red flags and warning signs;

(e) Reporting procedures;

(f) Sanctions and consequences;

(g) Updates and changes in requirements.

  1. Training Records

43.1 Maintain records of:

(a) Training provided;

(b) Date of training;

(c) Attendees;

(d) Content covered;

(e) Assessment results (if any).

Part L: Sra and Law Society Requirements

  1. SRA Code Compliance

44.1 In addition to MLR 2017, you must comply with SRA requirements:

SRA Principle 1: Uphold the rule of law - do not facilitate crime;

SRA Principle 2: Uphold public trust - AML compliance essential;

SRA Principle 5: Act with integrity - proper due diligence;

SRA Code Rule 1.2: Not abuse your position by facilitating ML;

SRA Code Rule 7.5: Report to SRA if necessary.

44.2 SRA enforcement may include:

(a) Fines;

(b) Conditions on practice;

(c) Suspension;

(d) Striking off.

  1. Law Society Guidance

45.1 You should have regard to:

(a) Law Society AML Practice Note;

(b) Law Society Source of Funds Guidance;

(c) Sector-specific guidance where relevant;

(d) Law Society updates and alerts.

Part M: Fca Requirements

  1. FCA Regulated Activities

46.1 If you conduct FCA-regulated activities:

(a) FCA AML requirements may also apply;

(b) FCA is your supervisor for those activities;

(c) Dual supervision requirements must be met;

(d) Most stringent requirement applies where overlap.

  1. Consumer Duty

47.1 Where FCA Consumer Duty applies:

(a) Good customer outcomes include protection from financial crime;

(b) AML procedures protect customers;

(c) Appropriate due diligence supports Consumer Duty.

Part N: General Provisions

  1. Warranties

48.1 By accepting these Terms, you warrant that:

(a) You have a written practice-wide risk assessment;

(b) You have documented AML policies and procedures;

(c) You have CDD procedures in place;

(d) You have sanctions screening procedures;

(e) You have appointed an MLRO (or understand sole practitioner responsibilities);

(f) You have SAR reporting procedures;

(g) Staff have received appropriate training;

(h) You have record-keeping systems in place;

(

i

) You are registered with the SRA for AML supervision;

(j) You will conduct CDD on all clients before providing services.

48.2 These warranties are fundamental. Breach may result in immediate termination and regulatory reporting.

  1. Suspension and Termination

49.1 The Platform may suspend your registration immediately if:

(a) You fail to provide evidence of AML compliance;

(b) There are concerns about your AML procedures;

(c) You are subject to SRA AML enforcement;

(d) You are subject to criminal investigation for ML offences;

(e) You fail to respond to compliance requests.

49.2 Termination will occur if:

(a) You are convicted of ML offences;

(b) You are struck off for AML failures;

(c) Material AML breaches are identified;

(d) You provide false information about AML compliance.

  1. Governing Law

50.1 These Terms are governed by English law.

50.2 The courts of England and Wales have exclusive jurisdiction.

Schedule 1: Aml Compliance Declaration

I hereby declare and confirm that:

Declaration

Confirmed

I have a written practice-wide risk assessment

My risk assessment has been reviewed within the last 12 months

I have written AML policies, controls and procedures

I have documented CDD procedures

I have EDD procedures for high-risk situations

I have sanctions screening procedures

I have an MLRO designated (or understand sole practitioner responsibility)

I have SAR reporting procedures

Relevant staff have received AML training

I have 5-year record keeping systems

I am registered with the SRA for AML supervision

I will conduct CDD on all Platform clients

I understand the Platform does NOT conduct AML checks

Signed: _______________________________________________

Name: _______________________________________________

SRA ID: _______________________________________________

Date: _______________________________________________

Schedule 2: Risk Assessment Checklist

Risk Assessment Element

Completed

Client types and risk levels documented

Geographic risk factors identified

Service/transaction risk factors assessed

Delivery channel risks considered

High-risk indicators identified

Risk mitigation measures documented

Senior management approval obtained

Review date scheduled

Available to SRA on request

Schedule 3: Cdd Checklist - Individuals

CDD Element

Obtained

Verified

Full name

Date of birth

Residential address

Photo ID (passport/driving licence)

Proof of address (utility bill/bank statement)

PEP screening conducted

Sanctions screening conducted

Source of funds documented

Source of wealth (if EDD required)

Purpose of relationship understood

Risk assessment completed

Schedule 4: Cdd Checklist - Corporate Clients

CDD Element

Obtained

Verified

Full legal name

Company registration number

Registered office address

Principal place of business

Certificate of incorporation

Memorandum and articles

Directors and officers identified

Beneficial owners identified (>25%)

Beneficial owners verified

PSC Register checked

Sanctions screening (entity and BOs)

Source of funds documented

Purpose of relationship understood

Person authorised to give instructions verified

Schedule 5: Edd Checklist

EDD Element

Completed

Reason for EDD documented

Additional identification obtained

Additional verification conducted

Source of funds verified with evidence

Source of wealth verified

Senior management approval obtained

Enhanced ongoing monitoring scheduled

First transaction through verified account

Additional adverse media searches conducted

Risk documented and justified

Schedule 6: Pep Screening Checklist

PEP Check

Completed

Client screened against PEP database

Beneficial owners screened for PEP status

Family members considered

Known close associates considered

If PEP: Foreign or domestic identified

If PEP: Source of wealth verified

If PEP: Source of funds verified

If PEP: Senior management approval obtained

If PEP: Enhanced ongoing monitoring scheduled

If former PEP: Consider ongoing risk

Schedule 7: Sanctions Screening Checklist

Sanctions Check

Completed

Client name screened against UK Consolidated List

Client screened against UN Sanctions Lists

Client screened against EU Sanctions (if relevant)

Client screened against OFAC (if US connection)

All beneficial owners screened

Directors/officers screened (corporates)

Other parties to transaction screened

Results documented

Potential matches investigated

Rescreening scheduled for ongoing relationship

SCHEDULE 8: RED FLAGS AND WARNING SIGNS

Client Behaviour Red Flags

Client reluctant to provide identification documents

Client provides inconsistent or contradictory information

Client unconcerned about costs or price of transaction

Client unusually anxious to complete quickly without commercial reason

Client wishes to pay in cash without good reason

Client changes instructions unexpectedly

Client is evasive or uncooperative

Transaction Red Flags

Transaction has no apparent commercial purpose

Transaction is unusually complex without explanation

Multiple transactions just under reporting thresholds

Instructions change at late stage for no apparent reason

Funds come from unexpected third party

Funds routed through multiple accounts or jurisdictions

Property significantly under or over valued

Source of Funds Red Flags

Source of funds unclear or unexplained

Funds inconsistent with known profile of client

Client cannot explain source of wealth

Funds from high-risk jurisdiction without explanation

Large cash element without explanation

Funds from unknown third party

Corporate Red Flags

Complex ownership structure with no apparent purpose

Use of nominee shareholders or bearer shares

Company has no genuine business activity

Directors/shareholders are all in different jurisdictions

Beneficial owners are difficult to identify

Company recently incorporated for high-value transaction

Document Information

─────────────────────────────────────

Regulatory Framework

Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (as amended)

Legal Sector Affinity Group Anti-Money Laundering Guidance 2025

Proceeds of Crime Act 2002

Terrorism Act 2000

Sanctions and Anti-Money Laundering Act 2018

Economic Crime and Corporate Transparency Act 2023

Economic Crime (Transparency and Enforcement) Act 2022

SRA Standards and Regulations 2019 (as amended 2025)

SRA Code of Conduct

FCA Money Laundering Requirements

─────────────────────────────────────

Key Contacts

NCA SAR Reporting: www.nationalcrimeagency.gov.uk

OFSI (Sanctions): ofsi@hmtreasury.gov.uk

SRA AML Team: www.sra.org.uk

Law Society: www.lawsociety.org.uk

─────────────────────────────────────

Related Documents

Platform Terms - SRA Compliance Validation V1.0

Platform Terms - PII Verification V1.0

Solicitor Terms and Conditions V1.0

Privacy Policy V1.0

─────────────────────────────────────

Document Version: 2.0

Effective Date: January 2026

Last Updated: January 2026

Next Review: July 2026

─────────────────────────────────────

  • AML COMPLIANCE IS A LEGAL REQUIREMENT. The Platform does NOT conduct AML checks. YOU are solely responsible for all KYC, AML and Due Diligence on your clients. Failure to comply is a criminal offence.