Following the latest changes in the law, the Legal Sector Affinity Group re-wrote its ‘Anti-money Laundering Guidance for the Legal Sector’. At 212 pages long, it’s not an easy or quick read. Below, Justine our PSL, summarises what we must do, when and how, on each of our cases to comply with the law in this area.
Although the SRA have always included a requirement for all solicitors, regardless of the sector, to check the identify of their client (paragraph 8.1 of the Code of Conduct for Individuals), family solicitors are not directly regulated under the Money Laundering Regulations (‘the Regulations’).
However, following the implementation of the 5th European Directive in January 2020, the status of family solicitors and the extent to which they must comply with the Regulations has become less clear. This is due to a subtle change of the definition of a ‘tax adviser’ under regulation 11(d) which has been expanded to include those who provide “material aid, or assistance or advice, in connection with the tax affairs of other persons, whether provided directly or through a third party, when providing such services”.
The SRA has explained how it interprets this definition and that it’s likely to include situations where we refer a client to the HMRC website for something specific. As the breakdown of a relationship can have tax implications, it’s likely to also include circumstances where we refer a client to an accountant to obtain a forensic report or for advice on capital gains tax liabilities.
In line with the interpretations being applied by the SRA, it’s highly likely that we will fall within the definition of a tax adviser and consequently, under the scope of the Regulations. In light of this, there expectation is that we’ll be 100% compliant on all cases.
Customer Due Diligence (CDD) – What is it?
Very simply, it is a means of identifying the client and verifying they are who they say they are. The first step of any CDD is the risk assessment you carry out at the start of your case as this will determine the level and extent of the due diligence you need to undertake in order to mitigate those risks.
The risk assessment is a key part of the CDD process and enables you to consider the risk factors relevant to the client and the case, such as whether the client is in the public eye or a politically exposed person. Other risks include where the client is based abroad, especially in a country subject to UK, UN or EU sanctions.
In most cases, the risks identified will be low, meaning we can use standard due diligence measures to verify the client’s identity, rather than enhanced ones.
What do I need to do?
We use SmartSearch to help us electronically verify a client’s identity. To run a SmartSearch, you will need to see documents from an independent source as follows:·
The client’s passport or photo driving licence – This is not only to evidence what the client looks like, but also their name and date of birth.
Proof of Address – This should be a bank or utility statement dated within the last 3 months.
A driving licence should not be used as proof of address because the address is not verified by the DVLA. People often change their address on their driving licence to that of a friend or family member to create the impression they live somewhere when they do not. For example, to fall within a certain school catchment area. As such, it is not a reliable or independent proof of address.
Since the consent of Covid-19, the ability to meet clients face to face to verify their identify have been restricted and as such, we have had to take additional steps to ensure the person in the photographic ID is our client. The best practice is that this should be
done in one of two ways: ·By having a video call with the client at the outset; or· By asking the client to send in a ‘selfie’ holding their driving licence or passport up on the photograph page.
When should it be done?
The Regulations set out several occasions when CDD measures must be applied. However, for our purposes, it is at the outset of a case when establishing a business relationship with the client. Specifically, it must be carried out before we carry out any substantive work on behalf of the client and before any money has been paid into our client account (though a notional amount of money on account of costs or disbursements may be accepted on a risk sensitive basis providing these come from a UK bank account issued by a UK institution). If we can’t verify the client’s identity at the outset, we cannot continue to act and consider whether to make a disclosure to the NCA.
There are some limited exceptions to the timing requirements under the Regulations. Where there is a short delay completing the CDD, there are good reasons for that delay, and the reasons do not give rise to a suspicion which should be reported to the NCA, then the CDD may be carried out as soon as practicable after the start of the business relationship if it is necessary not to interrupt the normal conduct of business; and there is little risk of money laundering or terrorist financing.
In these circumstances, you must record on the file:
- Reasons for the delay in obtaining evidence of the client’s identity and why this is a justifiable reason.
- Your view on the risk of money laundering and why you are of that view.
- What steps you have taken to mitigate any risks.
Top Tips from Kay Ryatt, Compliance & Operations Administrator
- SmartSearches should not be carried out prior to receiving signed TOBs from the client.
- On occasion, clients often send pictures of a bank statement/utility bill only showing their name and address, but not the date. It must also show a date within the last 3 months. Similarly, ‘selfies’ of clients holding up passport photos should be clear as shown below.