In the wake of the Covid-19 pandemic, Legal Sector Affinity Group (LSAG) issued guidance saying that the anti-money laundering (AML) risk to law firms is now higher as criminals look to take advantage of firms not being able to meet face-to-face to complete customer due diligence (CDD). The SRA is getting tougher and it is critical that firms understand their obligations and put in place strong systems and proper controls. Digital solutions are giving firms more options to take control of their compliance processes and meet regulatory requirements.
But where are firms without these solutions falling short?
CDD is completed inconsistently.
All law firms have to carry out CDD on all new clients, but if the firm does not have consistent processes in place, it’s very easy for CDD to slip through the cracks. Similarly, compliance teams at law firms do not have a simple or easy way to determine if the correct CDD steps have been carried out. If there is no ‘compliance culture’ at the firm then lawyers may seek to operate outside of the rules so that there is less friction with the client – which can be disastrous.
If proper and consistent CDD is not carried out on all clients, law firms run the risk of being issued fines, losing insurance, suffering reputational damage, or even being shut down. The risks extend to individual lawyers as well; following an SRA audit, lawyers themselves can find themselves disbarred.
There is no single source of truth for CDD information.
Law firms collect client ID documents in a variety of ways, whether it be via post, via email, or via in-person drop offs. Proof of address information could be recorded separately, or PEPs/Sanctions checks may be carried out in a completely separate system from other ID information.
For a lot of law firms, there is simply no single document or place where all information about a client can be found, and reconciling all of this information can prove challenging; it’s easy for things to fall through the cracks. This leads to greater risk for the firm, as it makes it far more difficult to maintain a clear audit history or database of records for audit purposes.
There is a lack of staff buy-in to processes.
The SRA guidance and the LSAG guidance can be difficult to understand and doesn’t set out clear requirements. As a result, compliance teams have to devise their own risk-based assessments and processes. However, there is often friction between compliance teams and the lawyers who see that new processes can cause delays. Processes are often not followed correctly if there is opportunity to work around the rules and if there is no oversight to ensure that processes are being followed correctly. Breaches in regulation can exposure a firm to fines and sanctions.
How Legl can help
Legl has been at the forefront of helping law firms to adopt a client-centric and compliant mindset over the last 18 months and to leverage technology to support those priorities. With our cloud-based platform, we make it easy and simple for law firms to meet regulatory requirements, and gives both management teams and compliance teams visibility and oversight over what is happening across the law firm. Our award-winning technology has enabled law firms to harness better data insights into their businesses and clients, to leverage that data to improve business outcomes, and to define strategy.