Everyone at your firm knows that anti-money laundering (AML) compliance matters. But not everyone understands what it actually involves.

While the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 are second nature to compliance teams, they’re less familiar to others in the firm. And when things aren’t clear, they get delayed, missed, or done inconsistently.

This article helps close that gap. It offers a clear, practical way to talk about AML – so your colleagues know what’s required, and why it matters.

P.S. If you work in compliance, we’d love your input. We’re running a short survey on the state of compliance in 2025 – your insights will help us build a clearer picture of the challenges firms face this year.

How to explain AML requirements to your colleagues

Colleagues often raise similar concerns about AML checks. Here’s how you can answer their questions and get everybody to play their part in keeping your firm compliant.

“Why are we asking clients for bank statements?”

To meet AML requirements, we must understand not only who the money belongs to but where it comes from. Bank statements are one way to evidence source of funds – a key part of our legal duty to prevent money laundering.

“Why do we have to do this for every client?”

The Money Laundering Regulations require customer due diligence before starting any new business relationship or carrying out an occasional transaction. That means confirming identity, understanding the purpose of the matter, and identifying beneficial owners, regardless of whether the client appears high or low risk.

“Can’t the compliance team just handle this?”

No. The MLRO oversees policy and reporting, but every employee has a role in AML compliance. Fee-earners are often best placed to spot unusual activity – such as unexpected payment terms or transactions linked to higher risk jurisdictions – and must raise concerns promptly.

“We’re in a rush. Can we complete the checks later?”

No. AML checks must be completed before work starts or funds are handled. Skipping or delaying them exposes the firm to serious regulatory and legal risks.

“The client is well-known – do we still need checks?”

Yes. Familiarity doesn’t remove the need for a thorough risk assessment. Even longstanding or high-profile clients can be exposed to sanctions or financial crime. Every client requires due diligence, and higher risk matters may need enhanced checks and ongoing monitoring.

“We already did the ID checks, so we need to keep monitoring the client?”

Yes. Ongoing monitoring is a key part of AML compliance. If a client’s behaviour changes or new risks emerge, we need to re-assess. This includes changes in ownership, new jurisdictions, or unusual transactions.

“Do we really need to ask for source of wealth as well as source of funds?”

Yes. In some cases, we must show evidence for both. Source of funds shows where the money for this specific matter comes from, while source of wealth explains how the client acquired their overall assets. This helps us assess whether the transaction is consistent with the client’s profile and manage higher risk matters appropriately.

“How do I know if something is ‘suspicious’?”

If something feels off (like a client giving vague answers, refusing to provide documents, or using unusual payment routes), raise it. You don’t need to confirm suspicion, just report it to the MLRO. They’ll assess and decide what action to take.

5 tips for communicating AML requirements to colleagues

When talking about AML requirements to your colleagues, follow these five best practices to ensure the message lands. Effective communication plays a key role in creating a genuine compliance culture.

1. Link it to the bigger picture: Remind teams that AML rules protect the profession from being exploited. Breaches can lead to fines, criminal liability for the firm and senior managers, and lasting reputational harm.
   
   
2. Clarify roles: Spell out who is responsible for what, from collecting documents to completing the firm-wide risk assessment. Make clear that the MLRO can only act on risks reported to them.
   
   
3. Share red flags: Share practical red flags colleagues may encounter, such as unusual payment routes or reluctance to provide ID. Explain what steps to take if these arise.
   
   
4. Explain the ‘why’: Colleagues are more likely to cooperate when they understand the purpose behind requests. For example, if they question the need for ongoing monitoring, explain that it allows your firm to spot changes in a client’s profile or transactions that could signal new AML risks
   
   
5. Make escalation simple: Provide a clear, confidential way to raise concerns or submit a suspicious activity report, and reassure colleagues they’ll be supported.

Final thoughts

AML compliance doesn’t have to be a roadblock, but it does rely on everyone understanding their role. Clear internal communication helps teams work together, spot risks early, and stay on the right side of regulation.

That being said, even the best processes need the right tools.

Legl’s KYC and AML platform simplifies checks, automates document collection, and creates a clear audit trail – helping your firm stay compliant without slowing down the pace of work.

Want to see how it fits into your workflow? Book a demo to learn more.

‍