Estimated reading time: 6 minutes
The Government has confirmed a major shift in the UK’s anti-money laundering (“AML”) supervisory landscape: the Financial Conduct Authority (“FCA”) will become the single professional services supervisor, taking over AML supervision currently undertaken by bodies such as the Solicitors Regulation Authority (“SRA”) and The Institute of Chartered Accountants in England and Wales (“ICAEW”).
The Government’s intention is to remove duplication and create a unified supervisory model and this move will mark one of the most significant changes to the anti-money laundering regime in recent years. While the transition will require legislation and further detail, firms should now start preparing for a more centralised, data-driven and outcomes-focused supervisory model.
What is the current landscape?
The AML regulations apply to a broad range of businesses, from banks, most law firms and accountants to estate agents and casinos. These businesses currently each have a “supervisory authority”, depending on the activities they carry out. An SRA-regulated law firm that carries out activities within scope of the AML regulations will be supervised by the SRA. Firms without a regulator, such as n unregulated law firm, are supervised by HMRC as the “default” supervisory authority if it wishes to carry out services in scope of the AML regulations.
Not all professional bodies are AML supervisors – for example IPReg, even though IP firms might carry out work which is within scope of the AML regulations.
What is changing?
The Government considers the current AML supervisory model, with multiple professional-body supervisors to be fragmented and inconsistent. Transferring AML supervision for legal and accountancy firms to the FCA is intended to create a single, more robust structure with clearer accountability and a stronger enforcement capability.
Once the new regime is implemented, firms should expect:
- a more data-intensive, financial-services-style approach
- greater emphasis on senior management responsibility
- increased scrutiny of whether controls are effective in practice, not simply well-documented
The SRA will continue to regulate solicitors in all other respects (professional standards, accounts rules, conduct), but AML supervision itself will transfer to the FCA.
What is staying the same
Although the supervisory model will change, underlying AML obligations remain fully in force under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) and Proceeds of Crime Act 2002. Firms must continue to maintain an up-to-date firm-wide risk assessment (FWRA), implement appropriate policies, controls and procedures (PCPs), (including client and matter-based risk assessments and due diligence (CDD)).
Enforcement risk will remain significant during the transition, and recent SRA reports continue to identify deficiencies in key areas such as FWRAs.
The obligation to report certain matters to the SRA will continue. Firms should also consider how FCA supervision interacts with existing reporting duties, particularly where issues may engage both regulators.
What’s not clear
The main area in which further detail is required, aside from timing, is what an enforcement action will look like in the new world.
The AML regulations contain various criminal offences as a penalty for non-compliance: for example, a person who becomes a beneficial owner, officer or manager (“BOOM”) of a law firm in scope of the AML regulations without the SRA’s (in future the FCA’s) prior approval commits a criminal offence and is liable on conviction to a fine or imprisonment for up to two years.
However, the SRA’s principal enforcement tool for law firms has been disciplinary action, either by way of an internal adjudication or prosecution via the Solicitors Disciplinary Tribunal (“SDT”). These are not based on a breach of the AML regulations directly, rather the basis for the action is the SRA Principles and Codes of Conduct. For example, in SRA v Dentons, the SRA alleged that the firm’s failure to comply with the 2007 AML regulations was a breach of Principle 7 and Outcome 7.5 in the 2011 SRA Code of Conduct.
Therefore, even when the FCA becomes the AML supervisor for law firms, it could still be open to the SRA to take disciplinary action based on breach of the SRA Code of Conduct for Firms, such as a failure to maintain effective systems and controls to ensure compliance with regulatory and legislative requirements that apply to the firm in breach of Rule 2.1. Because of this, firms may face “double exposure”: an FCA enforcement action for breach of the MLRs and SRA enforcement for breach of the Principles and/or Codes of Conduct. A CDD failure, for example, may engage both of these areas and also potential action from the Office for Sanctions Implementation in certain cases.
What should firms be doing now?
It is not yet clear how stringent the FCA will be in taking enforcement action against firms that are not in compliance. Firms should assume they will be subject to more robust supervision and act accordingly. Those actions might include the following:
- Conduct an AML health-check
Review the firm’s FWRA and client and matter risk assessments (particularly if these have not been reviewed recently), carry out CDD and source of funds/wealth spot checks, and monitor processes and escalation procedures to identify weaknesses.
- Perform a gap analysis
Evaluate current systems against expected FCA standards, focusing on quality, data capability, testing of effectiveness, record-keeping and higher-risk areas such as sanctions and politically exposed persons (PEPs).
- Strengthen governance
Ensure the MLRO/MLCO roles and reporting lines are robust and embed AML oversight into your governance processes and check that these gel with the responsibilities of the COLP and COFA to ensure nothing can fall between their remits.
- Refresh training and communication
Provide targeted, relevant AML training and ensure staff are aware of the implications of the supervisory shift.
- Tighten documentation
Review the firm’s PCPs alongside training logs, monitoring records, suspicious activity reports (and records of decisions whether or not to make them) and audit trails to ensure that policy documents are complete and accessible.
- Engage with regulatory developments
Monitor consultations and announcements from the Government, FCA and SRA.
- Plan for transition and consider independent review
Track timelines and consider commissioning an independent AML audit to provide assurance ahead of FCA supervision. Firms should also consider the practical differences between the FCA’s investigative powers, approach to interviews, evidential expectations and fine levels. The FCA’s penalty framework is significantly more severe than that of professional-body supervisors.
- Considerations for accountancy and multidisciplinary firms
Accountancy practices and firms offering both legal and financial advisory services should ensure their AML frameworks are consistent across service lines. The move to a single supervisor may expose gaps where historic approaches differ.
Conclusion
The transfer of AML supervision from the SRA to the FCA represents a major shift for professional services. Although the underlying AML requirements remain unchanged, expectations around governance, accountability and effectiveness seem likely to increase under a centralised FCA model.
The combination of FCA oversight and existing SRA Code and Principles duties may, where issues arise, create dual regulatory risk. Firms should plan for this dynamic now and ensure reporting lines, conduct frameworks and decision-making processes are robust. The issue of double regulation has been identified as a potential problem, but a solution has yet to be adopted.
This is a moment for firms to be proactive. By strengthening governance, updating risk assessments, improving monitoring and ensuring robust documentation, firms will be better placed to navigate the transition confidently and reduce regulatory risk.
Contact us
If you have any questions about these matters in relation to your own organisation, please contact a member of the professional services team or speak to your usual Fox Williams contact.
Authors
Related legal expertise
Connect with us
