Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

2 The UK AML regime

DOI: 10.4324/9780429019906-2

2.1 Background

The AML provisions applicable in the UK flow from the overarching framework recommended by FATF and legislated for via a series of EU Directives culminating in the transposition of 4MLD (with its amending directive, 5MLD, yet to be transposed at the time of writing).¹ These overarching provisions form the cornerstone of UK AML measures and both inform and shape the UK legislative framework. The AML regime in the UK is underpinned by a trinity of statute, regulations and sector-specific guidance, which can be conceived of conceptually as forming two pillars: those of prevention and enforcement.²

1 FATF, International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation (2012, updated June 2019) (FATF Recommendations 2012 (updated June 2019)). Council Directive 2015/849 EC of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending regulation (EU) no 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC [2015] OJ L141/73 (4MLD); Council Regulation (EC) 2015/847 of 20 May 2015 on information accompanying transfers of funds and repealing Regulation (EC) No 1781/2006 [2015] OJ L141/1; Council Directive 2018/843 of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU [2018] OJ L156/43 (5MLD). Due to the pre-existing scope of its national legislation, the UK has opted out of 6MLD, Council Directive 2018/1673 of 23 October 2018 on combating money laundering by criminal law [2018] OJ L284/22. For other AML measures see Ch 1 (n 9).

Key elements are set out in POCA 2002 and MLR 2017.³ These provisions are supplemented by HM Treasury approved sector-specific guidance produced by the Legal Sector Affinity Group.⁴ At the time of writing, the Law Commission also recommended that statutory guidance be issued on key concepts within POCA 2002, assisted by an Advisory Board of stakeholders with relevant expertise.⁵

As the interviews were all conducted prior to the transposition of 4MLD, the relevant money laundering regulations in place at the time were MLR 2007. Therefore both the issues present under the previous Regulations, and subsequent developments under MLR 2017 are drawn out in the data chapters.

This chapter will examine each element of the AML trinity and identify the obligations imposed upon the legal profession in England and Wales. Thereafter the data chapters will identify the issues that such obligations give rise to for the profession. The following material does not purport to be an exhaustive account of the statutory and regulatory provisions affecting the profession – rather it presents those key areas of particular relevance to law firms operating in the ‘regulated sector’.⁶ In order to fully contextualise the book, the chapter will conclude by providing a brief summary of AML supervision by the SRA.

2.2 POCA 2002 overview

POCA 2002 sets out a ‘complete legislative framework’ in contrast to the ‘intricate patchwork’ of AML legislation that had preceded it.⁷ Part 7 of POCA 2002 creates three broad categories of offences, comprising: (i) the substantive or principal money laundering offences (ss 327–9) complemented by, (ii) offences relating to the failure to disclose knowledge or suspicion of money laundering (ss 330–2), and (iii) ‘tipping off’ another, such as a money laundering suspect, as to a disclosure or investigation (s 333A–E).⁸ As indicated above, each of these offences is explored below insofar as they relate to legal professionals operating within the ‘regulated sector’. Consideration of offences under the Terrorism Act 2000 is outside the scope of this book.⁹

POCA 2002 criminalises money laundering in respect of all crimes as opposed to only serious crimes, and therefore goes further than the FATF Recommendations and 4MLD.¹⁰ Part of the logic behind the ‘all crimes’ approach in POCA 2002 is to ‘“leave no stone unturned”’ in the quest for useful intelligence.¹¹ Furthermore, it does not require any assessment to be made as to the seriousness or otherwise of any underlying criminal offence prior to making a disclosure to the NCA.¹²

2.3 Substantive money laundering offences – ss 327–9 POCA 2002

The substantive money laundering offences criminalise dealings with criminal property. The concept of ‘criminal property’ is broadly conceived under the Act, referring to property which ‘constitutes a person’s benefit from criminal conduct or it represents such a benefit (in whole or part and whether directly or indirectly)’, where the alleged launderer knows or suspects that this is the case.¹³ The definition of ‘criminal conduct’ embodies the ‘all crimes’ approach of the Act, encompassing conduct which constitutes any offence in the UK, or would do if it occurred there, as underlying or predicate crimes.¹⁴ Case law confirms that property must in fact be the proceeds of crime for a prosecution to succeed.¹⁵

Laundering may take the form of ‘own proceeds’ or ‘self laundering’, where the launderer is the ‘author of the predicate crime’, or may be carried out by another person.¹⁶ Whilst a lawyer may be complicit in laundering, the sheer breadth of POCA 2002 means that legal professionals are also at risk of inadvertent laundering when effecting transactions on behalf of their clients.

2.3.1 Sections 327–9 POCA 2002 offences

Section 327 POCA 2002 provides that a person commits an offence if he conceals, disguises, converts, transfers or removes criminal property from the UK.¹⁷ This may arise, for example, where a lawyer transfers funds out of the client account, either to the client themselves or to a third party, where those funds constitute or represent a benefit from criminal conduct and the lawyer knows or suspects this is the case.¹⁸

Of far more relevance to the legal profession is the ‘arrangement’ offence set out in s 328 of the Act. This section is applicable to those, such as lawyers, ‘who in the course of their work facilitate money laundering by or on behalf of other persons.’¹⁹ An offence is committed if a person ‘enters into or becomes concerned in an arrangement which he knows or suspects facilitates … the acquisition, retention, use or control of criminal property by or on behalf of another person.’²⁰ Under this section, a lawyer may become embroiled in laundering when effecting transactions on behalf of their clients.

Whilst the term ‘arrangement’ is not defined under the Act, the LSAG Guidance 2018 states that the arrangement ‘must exist and have practical effects relating to the acquisition, retention, use or control of property’.²¹ Of particular relevance to lawyers is the Court of Appeal decision in Bowman v Fels, which confirmed that the ‘ordinary conduct of litigation by legal professionals’ is excluded from the scope of s 328.²² With regard to transactional work (in the absence of express judicial dicta but considering the Court’s approach in Bowman) the LSAG Guidance 2018 states that arrangements should be construed in a restricted manner.²³ Thus the entry into or becoming concerned in an arrangement involves an act which occurs at a ‘particular time’, the arrangement must be ‘actually made’ and will exclude ‘preparatory or intermediate steps’ which do not involve the acquisition, etc, of criminal property.²⁴

The final substantive offence is found in s 329, which stipulates that a person commits an offence if he acquires, uses or has possession of criminal property.²⁵ This may apply where a lawyer, with the requisite mens rea, holds funds on behalf of a client, should those funds constitute criminal property.²⁶

2.3.2 Exemptions under ss 327–9 POCA 2002

A number of exemptions (commonly referred to as defences) to the substantive money laundering offences are available, with those relevant to the legal profession considered below.²⁷ The defence of most significance to the legal profession is that provided by way of ‘authorised disclosure’.²⁸ Where a legal professional deals or proposes to deal in some way with criminal property, a suspicious activity report (SAR) may be made by way of voluntary ‘authorised disclosure’ under s 338 POCA 2002.²⁹ Within regulated sector law firms, the initial disclosure will be made to the firm’s ‘nominated officer’, synonymously referred to in practice as the money laundering reporting officer (MLRO), although the Act also provides for direct disclosures to the NCA.³⁰ External SARs are made to the NCA, which acts as the UK Financial Intelligence Unit (UKFIU) for such purposes.³¹ Disclosures may be made before, during or after any ‘prohibited act’ dealing with criminal property under ss 327–9 of the Act.³²

27 Carrying out a law enforcement function is a defence under POCA 2002, s 327(2)(c), s 328(2)(c) and s 329(2)(d). Deposit-taking institutions may avail themselves of an exemption under POCA 2002, s 327(2C), s 328(5) and s 329(2C) when operating accounts under a certain threshold (currently £250 although this threshold may be varied under the provisions of s 339A). The Law Commission has recommended the creation of a new exemption to the substantive money laundering offences in ss 327–9 permitting credit or financial institutions to ring-fence suspected criminal property which has been mixed with legitimate funds rather than freeze entire bank accounts. Law Commission, Anti-money laundering: the SARs regime (Law Com No 384, 2019) para 8.57, Recommendations 16 and 17. Under POCA 2002, s 334(1) the penalty under ss 327–9 on summary conviction is a maximum prison term of six months and /or a fine not exceeding the statutory maximum. On conviction on indictment the maximum prison term is 14 years and/or a fine.

Depending on the timing of the disclosure, NCA consent (with such ‘appropriate consent’ channelled via the MLRO to the internal reporter) may be obtained to carry out such prohibited acts, and such consent may be provided by way of actual consent from the NCA.³³ Alternatively, consent may be provided by way of the ‘deemed’ consent provisions applicable, either if no refusal has been received from the NCA before the expiry of the notice period of seven working days or, if a refusal has been received, on the expiry of the applicable moratorium period.³⁴ The initial moratorium period is 31 days commencing on the date refusal is given – however, the Criminal Finances Act 2017 inserted provisions whereby a court may order an extended moratorium period of up to a further 186 days. These periods provide a transactional hiatus within which the NCA/law enforcement may determine what course of action they wish to pursue, whilst at the same time preventing assets from being dissipated.

It is an offence for an MLRO to provide ‘consent’ to a lawyer reporting to them in respect of an act which the MLRO knows or suspects is a prohibited act unless they themselves have made a disclosure to the NCA and received actual consent from the NCA, or the deemed consent provisions apply.³⁵

Such disclosure (and receipt of any ‘appropriate consent’ under s 335) then acts as a complete defence to the offences set out in ss 327–9 of the Act.³⁶ Given that POCA 2002 adopts an all crimes approach, this means that SARs are required in respect of minor offences and regulatory breaches in order to avoid potential money laundering offences being committed. This is an aspect of practice which has caused particular concern amongst, and imposes a burden upon, participants in this research. The rationale for the consent regime is outlined by the Home Office as serving a twofold purpose, namely: (i) assisting in the gathering of intelligence or enabling timely intervention, and (ii) protecting disclosers from liability under the substantive money laundering offences.³⁷ The Law Commission observes that the consent regime balances the all crimes approach, which is combined with a criminality threshold set at suspicion, and ‘mitigates the effect of such wide offences’.³⁸ For its part, the SRA notes that legal sector consent requests have played a ‘key role’ in a range of criminal investigations.³⁹

Concerned that the term ‘consent’ was being viewed as confirmation that property was ‘clean’, in 2016 the NCA took the unilateral decision to refer to such consent SARs as ‘defence to a money laundering offence’ or ‘defence against money laundering’ (DAML) SARs.⁴⁰ As the dominant industry term at the time of the interviews was the ‘consent regime’, however, reflecting the language of the Act, the term is retained throughout this book.

It is also a defence to the substantive money laundering offences if a person ‘intended’ to make a disclosure but had a ‘reasonable excuse’ for not doing so.⁴¹ What constitutes a reasonable excuse remains undefined by the courts, and is interpreted differently across sectors; however, the LSAG is of the view that this exception will apply where the legal professional’s knowledge or suspicion stems from ‘privileged information’ and the operation of legal professional privilege (LPP) ‘is not excluded by the crime/fraud exception.’⁴² The operation of LLP is explored later in this chapter. The LSAG also provides illustrative examples, subject to a court’s ultimate decision, of scenarios which may constitute a ‘reasonable excuse’, such as where: (i) a regulator or enforcement authority is aware of the suspected criminality and the reporter has no further information to offer, (ii) the information is entirely in the public domain, and (iii) the suspected predicate and laundering criminality is outside the UK with no UK nexus.⁴³

The ‘overseas conduct’ defence may also be of relevance to those legal professionals dealing with clients on a multi-jurisdictional basis. No offence is committed where a person knows, or believes on reasonable grounds, that the relevant criminal conduct occurred outside the UK, was lawful in that jurisdiction at the time it occurred, and is not an offence which would carry a maximum prison sentence in excess of 12 months in the UK if it occurred there (subject to certain exceptions).⁴⁴

There is one further defence to a s 329 offence: where a person has acquired, used or had possession of criminal property for adequate consideration.⁴⁵ This would apply to those who are paid for goods or services using criminal proceeds, or who receive payment of a legitimate debt from criminal funds.⁴⁶ What constitutes adequate consideration is determined by reference to what constitutes ‘inadequate’ consideration, namely where the value of the consideration is significantly less than the value of the property acquired, the use or possession.⁴⁷ In addition, s 329(3)(c) provides that ‘the provision by a person of goods or services which he knows or suspects may help another to carry out criminal conduct is not consideration’. In the context of the provision of legal services, CPS guidance confirms that payment of a legal professional’s costs will be covered by this defence, provided that the value of the work undertaken is not significantly less than the fees received.⁴⁸

In 2018, the Law Commission reviewed the operation of Part 7 POCA 2002 (with a particular focus on the consent regime), publishing its final Report in June 2019.⁴⁹ To foster greater consistency across the reporting sectors, the Commission recommended that statutory guidance be issued on key concepts within Part 7 of the Act, namely: (i) suspicion, (ii) appropriate consent, and (iii) the reasonable excuse exemption, with the assistance of an Advisory Board made up of stakeholders with relevant expertise.⁵⁰ At the time of writing such Recommendations are yet to be implemented.

2.4 Failure to disclose: regulated sector – ss 330/331 POCA 2002

Flowing from the provisions of the FATF Recommendations 2012 (updated June 2019) and 4MLD, AML reporting requirements are imposed upon businesses operating in the ‘regulated sector’.⁵¹ Regulated sector businesses are those deemed to present ‘the most significant opportunities for money laundering’ and encompass a predictable list of institutions including, inter alia, banks, casinos, estate agents, tax advisers, trust and company service providers, accountants and lawyers offering specified services.⁵²

2.4.1 Section 330 POCA 2002 offence – ‘required’ disclosures

The separate and distinct ‘failure to disclose’ offence set out in s 330 POCA 2002 requires legal professionals in the regulated sector to report their knowledge or suspicions of money laundering activity by another to their MLRO (or the NCA). Money laundering is defined widely within the Act and includes not only the substantive offences set out in ss 327–9, but also any attempt, conspiracy or incitement to commit, and aiding, abetting, counselling or procuring the commission of such offences.⁵³ Furthermore, on the limited authority available in Ahmad v HM Advocate (a Scottish case), it does not appear that money laundering must actually be taking place for this offence to be committed.⁵⁴ Such mandatory disclosures are known as ‘required disclosures’, where no ‘appropriate consent’ is required, and their purpose is to furnish law enforcement authorities with ‘intelligence opportunities to disrupt criminality’.⁵⁵ The information triggering the knowledge or suspicion must come to the legal professional in the course of business in the regulated sector, and disclosure must be made to the MLRO or NCA ‘as soon as is practicable’.⁵⁶ In addition, reporters must be able to identify the potential launderer or the location of the laundered property (or they believe, or it is reasonable to expect them to believe, that the information will or may assist in this regard).⁵⁷

An objective standard is also introduced in this section imposing a requirement to report where a person has ‘reasonable grounds for knowing or suspecting’ someone else is money laundering.⁵⁸ In R v Lane the purely objective nature of such wording was confirmed by the Supreme Court with regard to the similarly constructed failure to disclose provisions in s 21A Terrorism Act 2000.⁵⁹

The LSAG Guidance 2018 articulates this standard in the following terms:

Were there factual circumstances from which an honest and reasonable person, engaged in a business in the regulated sector should have inferred knowledge or formed the suspicion that another was engaged in money laundering?⁶⁰

60 LSAG Guidance 2018 para 6.3.3.

The objective negligence-based standard imposed by s 330 has been justified on the basis that a ‘higher level of diligence’ is expected from the regulated sector.⁶¹ As Goldby observes, such a test is in essence ‘a stick to threaten those who may be inclined not to take their legal obligation to report sufficiently seriously’.⁶² Nevertheless, it is a cause for concern amongst the regulated sector, and whilst in Swan it was stated that culpability in failing to make a SAR would be reflected in sentencing, a custodial sentence, even where liability rested on the objective limb as it did in Griffiths, was considered ‘inevitable’.⁶³ In Griffiths, which concerned a solicitor who had undertaken the conveyance of a property in suspicious circumstances, it was stressed that ‘society demands a high degree of professionalism from solicitors.’⁶⁴ The judgment concluded by underlining to professionals ‘the absolute obligation to observe scrupulously the terms of this legislation’.⁶⁵

There have also been recent developments in this area. The Criminal Finances Act 2017 inserted voluntary information sharing provisions into POCA 2002 which, when fully implemented across the regulated sector, will permit joint disclosure reports or ‘Super-SARs’ in certain circumstances.⁶⁶

The cocktail of an ‘all crimes’ approach in POCA 2002, mixed with a suspicion-based reporting threshold and a negligence-based limb to ss 330–1, all backed with criminal sanctions, means that defensive reporting has become an enduring issue casting a shadow over the regime.⁶⁷

2.4.2 Exemptions under s 330 POCA 2002

No offence will be committed where a person has a reasonable excuse for not making the required disclosure.⁶⁸ As yet, this exception remains unchartered in terms of judicial guidance; however, it is the LSAG’s view that failure to disclose in circumstances where LPP applies will constitute a reasonable excuse, as may the other ‘reasonable excuse’ scenarios set out earlier in the chapter.⁶⁹

Of particular relevance to the legal sector is s 330(6)(b), which provides that no offence is committed where ‘privileged circumstances’ apply. The concept of ‘privileged circumstances’ is a statutory from of privilege within POCA 2002 and is separate and distinct from common law LPP. Privileged circumstances extend beyond solicitor–client communications to include communications made by representatives of clients.

Privileged circumstances apply where information is communicated or given to a professional legal adviser in three situations: ‘(a) by (or by a representative of) a client of his in connection with the giving by the adviser of legal advice to the client, (b) by (or by a representative of) a person seeking legal advice from the adviser, or (c) by a person in connection with legal proceedings or contemplated legal proceedings.’⁷⁰ This exemption will not apply, however, ‘to information or other matter which is communicated or given with the intention of furthering a criminal purpose.’⁷¹ Previous CPS guidance has stated that a legal professional forming the mistaken but genuine belief that privileged circumstances exist would be able to rely on the reasonable excuse defence set out in s 330(6)(a).⁷²

No offence will be committed under s 330 where a person has no knowledge or suspicion of money laundering and has not been provided with the AML training required of his employer.⁷³ Should an employee successfully mount this defence, a law firm will then be vulnerable to prosecution or regulatory censure for inadequate training.⁷⁴ As with the money laundering offences under ss 327–9, a tailored overseas conduct defence also applies under s 330.⁷⁵

2.4.3 Section 331 POCA 2002 – failure to disclose: nominated officers in the regulated sector

An MLRO may commit an offence under s 331 POCA 2002 (with the preconditions in s 330 appropriately tailored) if, as a consequence of the information received under a s 330 disclosure, they know or suspect, or have reasonable grounds for knowing or suspecting another is money laundering and do not make a required disclosure to the NCA as soon as is practicable.⁷⁶ The MLRO must know the identity of the potential launderer or the location of the laundered property in consequence of the internal SAR, which can be identified from that disclosure (or the MLRO believes, or it is reasonable to expect them to believe, that the information will or may assist in this regard).⁷⁷ Under Regulation 21(5) MLR 2017, the MLRO must consider any internal disclosure in the context of any ‘relevant information’ available to the regulated entity and make a determination as to whether the disclosure provisions are triggered. As with the s 330 offence, no offence will be committed where the MLRO has a reasonable excuse for not making a required disclosure or makes use of the overseas conduct defence.⁷⁸ Section 332 goes on to create a failure to disclose offence in respect of disclosures made to a nominated officer outside of the regulated sector.

2.5 The role of suspicion in the UK AML regime

The substantive money laundering offences under ss 327–9 require that a person knows or ‘suspects’ that property is criminal property. In addition, the duty to report under ss 330–1 is triggered in part by knowledge or suspicion of money laundering activity. Surprisingly, given its ubiquity in this arena, the term is not defined either by FATF, within the EU AML directives or within POCA 2002. Unsurprisingly then, prior to any clear guidance by the courts, the ‘pivotal concept’ of suspicion was one that resulted in an unresolved tension as to whether the ordinary dictionary definition be used, or whether supplementary provisions were required.⁷⁹ Brown, for example, commented, ‘it cannot be the case that Parliament intended persons to be at risk of prosecution merely because they speculated that something was the case’.⁸⁰

The position was clarified in a line of authority emerging from Longmore LJ in the Court of Appeal case R v Da Silva. ⁸¹ The appellant had appealed against conviction under previous AML legislation on the basis that the trial judge had misdirected the jury as to the meaning of ‘suspicion’.⁸² The judge had directed the jury to the dictionary definition of the word and in addition introduced the concept of suspicion as a ‘fleeting thought’, thereby adding a gloss to its meaning.⁸³ The Court of Appeal considered the Privy Council decision in Hussien v Chong Fook Kam, where suspicion was deemed to be a ‘state of conjecture or surmise’.⁸⁴ The Court went on to conclude that an appropriate, adequate and accurate direction as to suspicion was that:

the defendant must think that there is a possibility, which is more than fanciful, that the relevant facts exist. A vague feeling of unease would not suffice.⁸⁵

85 R v Da Silva [2006] EWCA Crim 1654, [2006] 4 All ER 900 [16].

In addition, Longmore LJ noted the lack of any requirement within the statute under consideration for suspicion to be ‘clear’, ‘firmly grounded and targeted on specific facts’ or based upon ‘reasonable grounds’.⁸⁶ Where appropriate, the jury should also be directed that the suspicion must be of a ‘settled nature’.⁸⁷ This direction would only be applicable in circumstances where a person had entertained a suspicion and then honestly dismissed it (and even then there would need to be some reason to suppose a person had gone through this process).⁸⁸

In K Ltd it was confirmed that the Da Silva interpretation of suspicion was equally applicable to civil matters, with Longmore LJ noting that suspicion is a ‘subjective fact’ and that there ‘is no legal requirement that there should be reasonable grounds for the suspicion’.⁸⁹ The Court of Appeal in Da Silva (which delayed giving its judgment until the arguments in K Ltd had been heard) vigorously rejected implying any ‘reasonable’ grounds concept to ‘suspicion’ when invited to do so by the appellant’s counsel, commenting that to ‘do so would be to make a material change in the statutory provision for which there is no warrant’.⁹⁰

A suspicion-based AML reporting regime is set at a low threshold and the issues this gives rise to are considered further in Chapter 6. Yet the lack of any current requirement to have ‘reasonable grounds’ for suspicion, whilst fuelling debate amongst academics and counsel, may have less of an impact on the practitioner, who is unlikely to debate the semantic parameters of the term suspicion, but rather transfer any money laundering concerns directly to the MLRO via an internal SAR.

There are developments on the horizon in this area, however. The Law Commission review of Part 7 POCA 2002 highlighted the various differing interpretations of ‘suspicion’ within guidance across industry sectors, and noted that the concept was being ‘inconsistently applied’, with an attendant impact on intelligence quality.⁹¹ The Commission recommended therefore that statutory guidance on the concept be produced.⁹²

The Commission also consulted on raising the reporting thresholds for both authorised and required disclosures to one of ‘reasonable grounds to suspect’ with the aim of improving the quality and intelligence value of SARs.⁹³ The Commission envisaged that a cumulative test would be deployed in this regard, requiring both subjective suspicion on the part of a reporter, and objective grounds for that suspicion.⁹⁴ Noting the need for further evidence to support this change, however, the Commission recommended that a newly created Advisory Board should review whether to elevate the thresholds following further empirical research.⁹⁵

The Court of Appeal case of Shah, whilst confirming the Da Silva guidance on the term ‘suspicion’, also raised a very practical issue: that of banks, and by extension law firms, being required to prove that suspicion at trial, a position confirmed in the subsequent Lonsdale case.⁹⁶

2.6 Legal professional privilege (LPP)

Lawyers owe a duty of confidentiality to their clients in respect of their affairs.⁹⁷ Information to which this duty applies may only be disclosed as permitted or required by law, or with client consent.⁹⁸ As has been explored earlier in this chapter, POCA 2002 imposes a number of disclosure obligations upon the legal profession which may override the duty of confidentiality.⁹⁹

Yet the operation of common law LPP (known as professional secrecy in civil law jurisdictions) may act as an absolute bar on any such disclosure of certain information emanating from the lawyer–client relationship.¹⁰⁰ LPP reflects fundamental concepts such as access to justice and the confidentiality of lawyer–client relations.¹⁰¹ In recognition of these fundamental rights, the FATF Recommendations 2012 (updated June 2019) specifically provide that no SAR is required in respect of information subject to LPP.¹⁰² Yet it is this very right that makes ‘surveillance and seizure of documents more difficult than they are for other enforcement targets.’¹⁰³

The extent of material covered by LPP varies across jurisdictions.¹⁰⁴ Consequently, FATF recommends that national bodies such as the Law Society should clarify the parameters of LPP in each jurisdiction.¹⁰⁵ The aims of such clarification are fourfold: (i) to reduce any mutual distrust between lawyers and investigators during investigations, (ii) to deconstruct the myth that LPP is there to shield criminals, (iii) to streamline AML investigations surrounding the legal profession, and (iv) to ameliorate the ethical concerns of legal professionals when making disclosures.¹⁰⁶ The EU’s Supranational Risk Assessment in 2017 also advocated for improvements in the application and interpretation of LPP to avoid any over-extension of its proper scope.¹⁰⁷

For the legal profession in England and Wales, LPP attaches to two distinct categories of legal services, that is advice privilege and litigation privilege.¹⁰⁸ Advice privilege applies to communications between a legal professional acting in their professional capacity and a client if two elements are satisfied. Communications must be: (i) confidential, and (ii) directly for the purpose of seeking or providing legal advice between a legal professional (using their legal skills) and their client.¹⁰⁹ LPP also covers legal professional-client communications relating to a transaction:

notwithstanding that they do not contain advice on matters of law and construction, provided that they are directly related to the performance by the legal professional of his professional duty as legal adviser of his or her client.¹¹⁰

110 ibid.

Litigation privilege attaches to confidential communications at every stage of litigation from its commencement or contemplation. It protects communications passing between a lawyer and their client, an agent or third party, provided they are for the ‘sole or dominant’ purpose of litigation, namely for the seeking or provision of advice, obtaining evidence, or acquiring information leading to obtaining evidence.¹¹¹

LPP will encompass advice given to a client either to avoid or alert them to the potential commission of a crime.¹¹² There are limits to LPP, however. Hence it will not extend to ‘documents which themselves form part of a criminal or fraudulent act’, or to ‘communications which take place in order to obtain advice with the intention of carrying out an offence’.¹¹³ That exclusion will apply not only to the client’s intention but also to any third party’s intention.¹¹⁴

2.7 Tipping off in the regulated sector – s 333A POCA 2002

2.7.1 The tipping off offences under s 333A POCA 2002

A legal professional may also commit a ‘tipping off’ offence. A person commits this offence if they reveal the fact that a SAR has been made (using information obtained in the course of a business in the regulated sector), and such action is ‘likely to prejudice any investigation that might be conducted’ following the SAR.¹¹⁵ The underlying SAR must also be of information that came to the reporter in the course of business in the regulated sector. An offence is also committed if a person reveals (again, using information on which the revelation is based obtained in the course of a business in the regulated sector) that an investigation into allegations that a money laundering offence has been committed is being ‘contemplated or is being carried out’ if that revelation is ‘likely to prejudice that investigation’.¹¹⁶ Such prohibited disclosures may not only ‘affect the outcome of any investigation’ but also potentially ‘place the reporter in jeopardy’.¹¹⁷ No offence is committed, however, if the person does not know or suspect that such disclosure is likely to prejudice any AML investigation.¹¹⁸ The ‘tipping off’ provisions do not mean that a lawyer must cease all communication with their client once a SAR is made, however. The LSAG offers some guidance in this respect, stating that normal enquiries made of a client in respect of instructions or a proposed retainer to allay any concerns and decide whether to act or not will not constitute tipping off.¹¹⁹

2.7.2 Exemptions from the tipping off offences under s 333A POCA 2002

A number of permitted disclosures are provided for under the Act. Hence under s 333B, a legal professional may make a disclosure to another employee, officer or partner within the same undertaking.¹²⁰ Similarly, professional legal advisers and other relevant professional advisers may make disclosures to their counterparts in different undertakings sharing common ownership, management or control (provided both carry on business in an EEA state or equivalent AML provisions are in place).¹²¹ This may therefore apply to law firms with international offices but does not apply as between separate law firms.

Section 333C permits disclosure between credit institutions, financial institutions, professional legal advisers or relevant professional advisers of the same kind where the disclosure relates to a client or former client of each, a transaction involving them both or a service involving them both.¹²² The disclosure must be solely for the purpose of preventing a money laundering offence.¹²³ Two further preconditions apply: (i) the recipient of the disclosure must be situated in an EEA state (or equivalent AML provisions must be in place), and (ii) both must be subject to equivalent duties with regard to professional confidentiality and the protection of personal data.¹²⁴

A number of further disclosures are permitted under s 333D. Under this section a legal professional will be able to make disclosures to their supervisory authority and will also be able to disclose for the purpose of the detection, investigation or prosecution of criminality, or any investigation or enforcement of a court order under POCA 2002.¹²⁵A lawyer may also make a disclosure to their own client for the purpose of dissuading them from ‘engaging in conduct amounting to an offence’.¹²⁶ Since the enactment of the Criminal Finances Act 2017, a lawyer may make a disclosure for the purposes of proceedings to extend the moratorium period, and (when fully implemented) may also make certain disclosures in good faith within the regulated sector (in accordance with the provisions of s 339ZB POCA 2002).¹²⁷

2.8 Section 342 POCA 2002 – offences of prejudicing investigation

2.8.1 Offences of prejudicing investigation under s 342 POCA 2002

The offences under this section are not restricted to the regulated sector. It is an offence if a person who knows or suspects that an appropriate officer (such as an NCA officer, for example) is acting or proposing to act in connection with, inter alia, a current or proposed money laundering investigation and: (i) makes a disclosure likely to prejudice that investigation, or (ii) falsifies, conceals, destroys or otherwise disposes of documents relevant to that investigation (or causes or permits this).¹²⁸

2.8.2 Exemptions under s 342 POCA 2002

A number of exemptions in respect of a prejudicial disclosure are relevant to a legal professional, such as where the lawyer does not know or suspect the disclosure is likely to be prejudicial.¹²⁹ It is also important to note that disclosures caught within the tipping off provisions of s 333A (which relate to the regulated sector) will not also be caught under s 342. There is also a bespoke exemption with regard to a professional legal adviser in respect of a disclosure to their client or the client’s representative in connection with giving legal advice to the client, or to any person in connection with legal proceedings (or contemplated proceedings).¹³⁰ This exemption is lost if the disclosure is made with the intention of furthering a criminal purpose.¹³¹

With regard to the falsification, etc, of documents, it is a defence that the person does not know or suspect that the documents are relevant to the money laundering investigation, or does not intend to ‘conceal any facts disclosed by the documents from any appropriate officer’.¹³²

2.9 Civil action for breach of contract

The cases below, whilst dealing with breach of mandate under the banker–customer relationship, are of relevance to law firms in relation to breach of the terms of the client retainer. Such a situation may arise where a law firm is unable to comply with their client’s instructions on the basis that they have a competing duty to comply with their obligations under POCA 2002 – that is, they are unable to carry out a ‘prohibited act’ under the statute in the absence of any ‘appropriate consent’. An obvious example would be transferring funds from the client account without NCA consent.¹³³

K Ltd concerned the prospect of potential civil claims against banks for breach of the customer mandate.¹³⁴ In this case, the bank customer had originally sought injunctive relief in relation to the bank’s refusal to make a payment from the customer’s bank account once it had become suspicious that the funds in the account were criminal property and had made an authorised disclosure (consent was subsequently granted). The Court of Appeal stated that there was no breach of contract in such circumstances and it would be ‘entirely inappropriate’ to ‘require the performance of an act which would render the performer of the act criminally liable’, in this instance under the ‘arrangement’ offence in s 328 POCA 2002.¹³⁵ The Court of Appeal highlighted Parliament’s view that the temporary hiatus imposed by the disclosure and consent process constituted a limited interference in the banker–customer relationship which was preferable to allowing money laundering to ‘run rife’.¹³⁶ The Court concluded that ‘Parliament has struck a precise and workable balance of conflicting interests’.¹³⁷ One such conflicting interest of course is that of the customer or client who is the subject of a disclosure, and it was acknowledged by Laddie J in Squirrel v National Westminster Bank plc that the effect of the consent regime may be such that where a customer ‘is entirely innocent it may suffer severe damage for which it will not be compensated.’¹³⁸

In Shah v HSBC Private Bank (UK) Ltd the Court dismissed the bank customers’ claims made in respect of delayed payments from their account whilst the bank sought appropriate consent under POCA 2002, and in respect of the bank’s refusal to proffer an explanation.¹³⁹ The Court considered the conundrum posed by the argument that it is not an offence to process transactions which are merely suspected of involving criminal property – only those which actually do involve criminal property – and in Shah it was acknowledged that the claimants’ accounts did not constitute criminal property, thus defeating any illegality defence on the part of the bank.¹⁴⁰ The Court of Appeal dealt with this particular tension in the banker–customer relationship by implying a term into the banking contract that permitted a bank to refuse to execute payment instructions in the absence of s 335 consent where it suspected a transaction constitutes money laundering.¹⁴¹ Supperstone J noted that the intervention in private contracts via the reporting regime under POCA 2002 has been recognised by the courts as a ‘price Parliament has deemed worth paying in the fight against money laundering’.¹⁴² The Court also held that the bank was obliged to refuse to disclose any information which may contravene its duties under s 333 POCA 2002 (the predecessor to s 333A) and/or s 342.¹⁴³

Since cases such as K Ltd and Shah, protection from civil liability for those making authorised disclosures was placed on a statutory footing pursuant to s 37 of the Serious Crime Act 2015, which inserted a new s 338(4A) into POCA 2002. This section provides protection against civil liability in respect of those disclosures made ‘in good faith’.¹⁴⁴

The spectre of civil claims endures, however, as was highlighted by the Lonsdale case in 2018, although as the case subsequently settled, these issues will not be debated fully at trial. In Lonsdale, the claimant pursued a cornucopia of claims against National Westminster Bank plc, which had frozen a number of the customer’s accounts following its submission of several SARs.¹⁴⁵ The Court refused to grant strike out/summary judgment in respect of the ensuing breach of contract claim in connection with freezing the accounts and thus not executing the customer’s instructions. This was on the basis that the bank’s suspicion that transactions constituted money laundering, upon which the bank’s express (and implied post-Shah) contractual right to freeze those accounts and refuse to execute instructions effectively hinged, was a fact that needed to be proved at trial.¹⁴⁶ The Court also refused to strike out or dispatch summarily the claimant’s defamation claim in relation to statements made in the SARs and internal bank communications suggesting the funds in the accounts were the proceeds of crime.¹⁴⁷ It did, however, indicate that the defence of qualified privilege would apply to any SARs made to the NCA (and, potentially, ancillary communications), subject to any malice on the part of the defendant.¹⁴⁸ This is a defence which reflects the public interest need for ‘a particular recipient to receive frank and uninhibited communication of particular information from a particular source.’¹⁴⁹ Nor was the Court prepared to grant summary judgment or strike out the claim in respect of alleged breaches of the Data Protection Act 1998 in respect of a s 7 subject access request seeking disclosure of all documents connected with the decision to freeze or unblock the accounts (neither the SARs, nor information extracted from them, had been disclosed to the claimant).¹⁵⁰

The Court did, however, order the bank to permit inspection of the SARs (after 14 days to enable the NCA to seek to vary the order if it chose to do so).¹⁵¹ This was on the basis that ordinarily under the Civil Procedure Rules (r 31.14) a party has the right to inspect documents mentioned in a statement of case or witness statement, as was the position here, and that inspection was required for the fair disposal of the claim. Furthermore, there was no evidence before the Court that the inspection would require the bank to contravene s 333A or s 342 POCA 2002, or that the SARs were currently required to be kept confidential given they were made around sixteen and seven months previously. Further developments are awaited in this space, however, as the Economic Crime Plan 2019–22 announced that the Home Office, NCA and HM Treasury would work together to protect the disclosure of SARs material in civil proceedings.¹⁵²

Having explored the statutory provisions which form the UK’s AML framework, and some of the issues that flow from such provisions, this chapter will now examine the obligations imposed on law firms under MLR 2017.

2.10 Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017)

2.10.1 A risk-based approach to AML

The Fourth EU Money Laundering Directive (4MLD) was partly transposed into national law by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017) which replaced the Money Laundering Regulations 2007 (MLR 2007).¹⁵³ MLR 2017 embed further a risk-based approach to AML, whereby resources may be focused on those areas which present a higher risk.¹⁵⁴ This approach is intended to foster both flexibility and proportionality, and minimise compliance costs in that it enables businesses covered by the Regulations to differentiate between aspects of practice according to the relative money laundering risks posed.¹⁵⁵

The MLR 2017 require ‘relevant persons’ to implement an array of AML measures relating to, inter alia, risk assessment, customer due diligence (CDD), record keeping and training.¹⁵⁶ An ‘independent legal professional’ falls within the definition of ‘relevant persons’, and is defined as ‘a firm or sole practitioner who by way of business provides legal or notarial services to other persons’.¹⁵⁷ The definition is restricted to those legal professionals participating in specified financial or real property transactions ‘where there is a risk of money laundering occurring’.¹⁵⁸ A legal professional may also fall within the ‘relevant persons’ definition should they provide services as an insolvency practitioner, tax adviser, trust or company service provider, estate agent or financial institution.¹⁵⁹ Breach of the Regulations may result in civil penalties or criminal sanctions being imposed.¹⁶⁰

Further amendments to MLR 2017 are contemplated under 5MLD, but these were yet to be transposed at the time of writing and are not included in this chapter.¹⁶¹

2.10.2 MLR 2017 – risk assessments

MLR 2017 reflect an increased focus on risk assessment, which has developed in this area, using a tiered approach at a firm, supervisory, national and supranational level.¹⁶² The Regulations brought in a new requirement that each regulated law firm must take ‘appropriate steps’ (determined by reference to the size and nature of the practice) to identify and assess the money laundering risks affecting it by way of a written risk assessment.¹⁶³ The rationale behind the practice-level risk assessment is that it enables law firms to consider ‘mitigating factors or reasonable controls’ to manage those risks.¹⁶⁴

When preparing its risk assessment (which must also be maintained), a law firm must take into account those factors particular to its practice – that is the nature of its clients, its jurisdictional reach, the kind of services offered, transactions undertaken and delivery channels.¹⁶⁵ In addition to this firm-level assessment, law firms must also take into account information issued by their supervisory authority.¹⁶⁶ LSAG Guidance 2018 notes that law firms may also consider relevant FATF publications, press articles and issues evident from their firm’s own SARs.¹⁶⁷

Supervisory authorities, such as the SRA, are themselves required under MLR 2017 to conduct a sectoral risk assessment.¹⁶⁸ Supervisors must make available current information on money laundering to their own sector, which must in turn draw upon relevant aspects of the UK’s national risk assessment and, pre-Brexit, upon an array of reports, recommendations and guidelines issued by the European Commission and European Supervisory Authorities.¹⁶⁹

The first sectoral risk assessment issued by the SRA in 2018 sets out a range of risk factors to be taken into account by law firms when preparing their practice-level assessments, with ‘risk’ in this context meaning ‘the likelihood of money laundering … taking place through your firm’ pre-mitigation.¹⁷⁰ Hence the SRA highlights service area risks emanating from conveyancing, the misuse of the client account and from creating or managing companies and trusts.¹⁷¹ Politically exposed persons (detailed below), those clients with underlying cash-intensive businesses or from sectors associated with higher levels of corruption and laundering are listed as risk factors, as are clients who seek to attain anonymity or cannot prove their identity.¹⁷² In terms of underlying transaction risks, large, complex transactions, or transactions which are unusual for that law firm or client, use cash or foster anonymity may also be considered as risk factors, as may new business areas, delivery channels or technologies. Remote clients, clients combining certain services or third party payments are highlighted as delivery channel risks, whilst geographical risks arise in relation to those jurisdictions without equivalent UK AML standards, where there are ‘significant levels’ of corruption/criminality, or countries where there are sanctioned organisations.¹⁷³ It should be noted that there may be a legitimate commercial explanation behind many of the risk factors.

2.10.3 MLR 2017 – CDD

MLR 2017 impose extensive obligations upon law firms to conduct CDD. The AML policy behind CDD is that knowledge of a client, and the rationale behind their instructions, assists in the identification of suspicious transactions.¹⁷⁴

Law firms must conduct CDD in the following situations provided for under Regulation 27: (a) when establishing a business relationship, (b) when carrying out an occasional transaction, (c) where there is a suspicion of money laundering or terrorist financing, or (d) there are doubts as to the ‘veracity or adequacy of documents or information’ already obtained.¹⁷⁵

175 CDD must also be applied to existing clients at ‘other appropriate times’ using a risk-based approach, or when a law firm becomes aware that a client’s circumstances have changed MLR 2017, reg 27(8), (9); LSAG Guidance 2018 para 4.7. Under MLR 2017, reg 4(1) ‘business relationship’ means ‘a business, professional or commercial relationship between a relevant person and a customer, which (a) arises out of the business of the relevant person, and (b) is expected by the relevant person, at the time when contact is established, to have an element of duration’. Company formation is explicitly included under reg 4(2). Under MLR 2017, reg 3(1) an ‘occasional transaction’ is one ‘which is not carried out as part of a business relationship’. Reg 27(2) requires CDD in respect of an occasional transaction ‘that amounts to 15,000 euros or more, whether the transaction is executed in a single operation or in several operations which appear to be linked’. See also reg 27(1)(b).

The nature and extent of CDD will be determined using a risk-based approach which, as indicated earlier, is a dominant theme within the Regulations. Hence law firms must apply measures which reflect their assessment of risk both at a practice level and on a case-by-case basis, the latter taking into account the purpose of a transaction or business relationship, the deal size and the ‘regularity and duration’ of the relationship.¹⁷⁶

2.10.3.1 CDD requirements

The CDD measures that are stipulated in Regulation 28 MLR 2017 require that a client must be identified, and for such identification to be verified.¹⁷⁷ Identification means ‘being told or coming to know’ relevant identifying details such as the client’s name and address for example.¹⁷⁸ Verification is the process whereby supporting evidence as to identity is obtained, and must be based on documents or information from a reliable and independent source.¹⁷⁹ Additional obligations are imposed where the client is a company, requiring law firms to obtain and verify the company’s name, number and registered office address.¹⁸⁰ Where that company is unlisted the law firm must also take ‘reasonable measures’ to ascertain and verify its governing law and constitution together with the names of its board of directors and senior persons responsible for its operations.¹⁸¹

Law firms must identify any ‘beneficial owner’ of a client, taking ‘reasonable measures’ to verify such identity so that they are satisfied they know who the beneficial owner is.¹⁸² Where the beneficial owner is a legal person, company, trust, foundation or similar entity, reasonable measures must be taken to understand their ‘ownership and control structure’.¹⁸³ Beneficial ownership requirements are a key AML weapon in that they seek to unravel those opaque ownership structures which are the hallmark of many money laundering transactions. As the client base of Top 50 law firms is predominantly made up of corporate vehicles in various forms, establishing beneficial ownership is a key issue for such firms.

The various permutations of beneficial ownership are set out in Regulations 5 and 6, which focus in each case on identifying the natural persons behind those entities. For unlisted companies and limited liability partnerships (LLP), a beneficial owner is defined as: (a) any individual who ‘exercises ultimate control’ over its management, (b) any individual who, directly or indirectly, ‘ultimately owns or controls … more than 25% of the shares or voting rights in the body corporate’, or (c) an individual who controls the entity.¹⁸⁴ Comparable aspects of influence are set out in respect of partnerships, whereby a beneficial owner is defined as any individual who is ultimately entitled to or controls, again directly or indirectly, more than 25% of the capital, profits or voting rights in the partnership, or ‘otherwise exercises ultimate control’ over its management.¹⁸⁵ In respect of trusts, the beneficial owner includes the settlor, trustees, beneficiaries (or class of beneficiaries) and any individual who controls the trust, with appropriately tailored provisions applicable to similar entities.¹⁸⁶

It should be noted that the CDD requirements differ in relation to beneficial owners, in that a law firm is required to take ‘reasonable measures’ to verify their identity such that it is satisfied as to who the beneficial owner is – a more stringent requirement to verify is imposed in respect of the client itself.¹⁸⁷ With regard to beneficial ownership, a law firm may not rely exclusively on the publicly available information on the ‘people with significant control’ register (PSC Register) maintained by the entity and submitted to Companies House for its corporate clients, however.¹⁸⁸

In addition to identification and verification requirements, a third aspect of CDD is imposed by the Regulations. Law firms are required to assess, and obtain information if appropriate, on ‘the purpose and intended nature’ of the client retainer.¹⁸⁹ This includes, for example, information as to the provenance of funds, obtaining copies of financial statements from the client, or requiring an explanation of the rationale behind complex structures.¹⁹⁰

An inability to apply CDD measures will trigger the requirement to cease acting for the client and consider whether a SAR should be made, except where an independent legal professional is ascertaining the legal position for a client or defending or representing that client in legal proceedings.¹⁹¹

2.10.3.2 Verification

In practical terms, the verification process will involve reviewing original documents, electronic verification, or obtaining information either from other relevant persons or within the public domain.¹⁹²

As the MLR 2017 do not prescribe what is acceptable evidence of identity, each law firm must make its own determination. The LSAG Guidance 2018 therefore sets out detailed verification procedures for a range of different client entities.¹⁹³ It notes that during the CDD process there is no obligation to ‘be an expert in forged documents’ aside from evident forgeries.¹⁹⁴ The Guidance highlights the fact that CDD may be more challenging in respect of private and unlisted overseas companies and trusts, which is an issue reflected in the data chapters of this book.¹⁹⁵ The LSAG also provides guidance in respect of identification and verification of any beneficial owner following an assessment of the risk each retainer poses.¹⁹⁶ The LSAG Guidance 2018 counsels that the ‘level of understanding required depends on the complexity of the structure and the risks associated with the transaction’.¹⁹⁷

2.10.3.3 Beneficial ownership information

CDD requirements are supported by the obligation to supply information contained elsewhere within the Regulations. Hence an unlisted UK body corporate must provide a law firm conducting CDD, upon request, with information as to its identity, constitution and board/management in addition to its legal and beneficial owners, with any changes it becomes aware of also to be notified to the law firm within 14 days.¹⁹⁸ Similarly, in respect of a ‘relevant trust’ (that is a UK or non-UK express taxable trust), a trustee must both disclose its trustee status and provide (on request) and update information identifying the beneficial owners of the trust.¹⁹⁹

2.10.4 Enhanced customer due diligence (EDD)

Regulation 33 identifies a number of scenarios deemed to present a higher risk of money laundering. In such scenarios, law firms must apply EDD and conduct enhanced ongoing monitoring.

The obligation to conduct EDD arises where: (i) a retainer has been identified as high risk, either by virtue of the law firm’s practice-wide risk assessment, or in information provided by the SRA, (ii) in any business relationship or transaction with a person established in a high-risk third country identified by the European Commission, (iii) where the client is a ‘politically exposed person’ (PEP), their family member or known close associate, (iv) where the client has provided false or stolen identification/information and the law firm intends to continue to act, and (v) where a transaction is ‘complex and unusually large’ or there are unusual transactional patterns, each with ‘no apparent economic or legal purpose’.²⁰⁰ There is also a ‘catch-all’ provision built into Regulation 33 requiring EDD whenever there is a potentially higher risk of money laundering.²⁰¹ Consonant with the focus on risk assessment which pervades the Regulations, when assessing whether a retainer is high risk, law firms must take into account an array of client, service, delivery channel and geographical risk factors.²⁰²

Although the form that EDD takes will be determined according to the fact pattern of each retainer, the Regulations do provide an indication of the range of measures that may be applied. Hence a law firm may seek further verification of the information provided to it or increase its monitoring of the client relationship. It may take additional action to enhance its understanding of the client’s and any counterparty’s ‘background, ownership and financial situation’ or to satisfy itself that a transaction is consistent with the ‘purpose and intended nature’ of the relationship.²⁰³ In respect of those complex and unusually large transactions or where there is an unusual pattern of transactions, each lacking an economic or legal purpose the EDD requirements are more prescriptive – here a law firm must consider the transaction’s background and purpose, and increase its monitoring such that it may make a determination as to suspicion.²⁰⁴

EDD applies where a client or its beneficial owner is a PEP on the basis that such individuals are deemed to be vulnerable to corruption, and also applies in respect of certain family members or known close associates of a PEP.²⁰⁵ A PEP is someone performing senior ‘prominent public functions’ such as a member of parliament or head of state, for example.²⁰⁶ In practical terms, whether someone is a PEP may be determined by reference to information that the law firm already has, information which is known to the public, or by way of a commercial service provider.²⁰⁷ Whilst a law firm must make a risk-based assessment of the extent of EDD to be applied, certain additional measures will apply automatically. Hence a law firm must: (i) obtain senior management approval to act, (ii) take ‘adequate measures’ to establish that person’s source of wealth and source of funds, and (iii) conduct enhanced ongoing monitoring.²⁰⁸ The LSAG Guidance 2018 states that clients should be questioned as to their source of wealth and source of funds and that enhanced ongoing monitoring will involve ensuring funds received into the client account from the client are paid from a nominated account and are proportionate to such client’s known wealth.²⁰⁹

2.10.5 Simplified customer due diligence (SDD)

Law firms may apply SDD where they determine there is a low risk of money laundering in respect of a retainer.²¹⁰ Hence the ‘extent, timing or type’ of CDD may be adjusted to reflect the lower risk, although ongoing monitoring is still required.²¹¹ When making its determination a law firm must take into account its practice-wide risk assessment, information disseminated to it by the SRA on money laundering, and a series of risk factors relating to the client, service or jurisdiction which may indicate a lower risk of money laundering.²¹²

Under MLR 2007, save where a suspicion of money laundering arose, SDD applied where a law firm had ‘reasonable grounds’ to believe that a particular ‘customer, transaction or product’ fell within a number of pre-defined categories.²¹³ Of particular relevance to law firms was the applicability of SDD to pooled client accounts (PCAs) operated by banks for independent legal professionals, provided client identity information could be provided on request in relation to monies held on their behalf in the PCA.²¹⁴ Under MLR 2017, SDD no longer automatically applies to PCAs, and banks providing such facilities may only apply SDD if they determine that their business relationship with the regulated law firm is low risk.²¹⁵

2.10.6 Ongoing monitoring

As the risk of money laundering is not extinguished at the point of successful client on boarding, ongoing monitoring of a business relationship is required under Regulation 28. One aspect of ongoing monitoring involves the administrative task of reviewing and maintaining up-to-date documentation or information on a client.²¹⁶ The other aspect of ongoing monitoring requires the ‘scrutiny of transactions … (including, where necessary, the source of funds)’ to ensure they are consistent with the law firm’s knowledge in relation to that client.²¹⁷ As with the initial CDD, the level of ongoing monitoring must satisfy the SRA that it is appropriate.²¹⁸ The LSAG Guidance 2018 envisages that ongoing monitoring will be conducted by fee earners and ‘involves staying alert to suspicious circumstances which may suggest money laundering’.²¹⁹

2.10.7 Reliance

Reliance provisions within MLR 2017 are intended to ease the CDD process somewhat by providing that a law firm may rely on specified third parties to conduct CDD, provided they consent to this.²²⁰ Consequently, under Regulation 39, reliance may be placed upon, inter alia, other ‘relevant persons’ under the Regulations such as credit or financial institutions, tax advisers or independent legal professionals.²²¹

This provision is rarely utilised by the legal profession, however, save where international law firms ‘passport’ their clients between their offices in different jurisdictions.²²² This is because responsibility for any failure to comply with CDD obligations resides with the law firm.²²³ It is for this reason that the LSAG Guidance 2018 invites law firms to consider that reliance may not always be appropriate and to ‘consider reliance as a risk in itself’.²²⁴ Nor is granting reliance without its challenges either, as law firms may be exposed to civil claims from entities relying upon them should they suffer any loss, as well as breach of contract claims from their own electronic verification provider. ²²⁵

2.10.8 Policies, controls, and procedures

2.10.8.1 AML policies and procedures

A law firm’s AML offering is underpinned by a number of policies, controls and procedures (PCPs) mandated by Regulation 19.²²⁶ These span the following key areas of: (i) risk management, (ii) internal controls, (iii) CDD, (iv) reliance and record keeping, and (v) monitoring compliance with, and communication of, PCPs – with such PCPs intended to ‘mitigate and manage’ the law firm’s money laundering risks.²²⁷ Policies must therefore provide for, inter alia, the scrutiny of inherently risky transactions, and require compliance with the reporting obligations under POCA 2002.²²⁸

Three specific internal controls are required in circumstances where it is appropriate ‘with regard to the size and nature’ of the law firm.²²⁹ First, a law firm is required to appoint someone at board/senior management level as the officer responsible for compliance with the Regulations (Money Laundering Compliance Officer or ‘MLCO’). Second, it must also carry out ongoing screening as to the skills, conduct and integrity of ‘relevant employees’, namely those relevant to the law firm’s compliance with the Regulations, or in roles ‘capable of contributing’ to the firm’s AML efforts. Third, the PCPs themselves must be independently audited. Furthermore, in every case, a law firm must operate systems enabling it to respond ‘fully and rapidly’ to law enforcement enquiries with regard to client retainers.²³⁰

2.10.8.2 MLROs

The MLRO is a key weapon in the UK’s AML armoury and their significance is drawn out within the data chapters of the book. Law firms must appoint a nominated officer (MLRO) whose role is to receive disclosures under Part 7 POCA 2002, determine whether they should be reported to the NCA and, if appropriate, make such reports.²³¹ The LSAG Guidance 2018 emphasises the need for any MLRO to have access to all information held by a firm with regard to a client, and that the MLRO should be of sufficient seniority to make reporting decisions which ‘must not be subject to the consent of anyone else’.²³² As is highlighted in Chapter 6, the potential impact of each MLRO’s decisions is highly significant both at a firm level and in a wider societal context given the sheer volume of deals transacted by Top 50 law firms alone.²³³ Across the sector as a whole, the SRA commented that those MLROs who were either inadequately trained or inexperienced were found to have a ‘detrimental effect’ on their firm’s AML adequacy.²³⁴

2.10.8.3 AML training

The FATF typology report issued in relation to the legal profession noted that those lawyers who were uneducated as to money laundering risks are more vulnerable to misuse.²³⁵ Its concluding section also highlights the potential for increased AML education of legal professionals both at law school and on a continuing education basis.²³⁶ The Government’s AML Action Plan published in 2016 also highlights the utility of education as an AML tool.²³⁷

The ongoing obligation imposed upon a law firm under Regulation 24 is to take ‘appropriate measures’ so that ‘relevant employees’ such as fee earners and finance or compliance staff are made aware of AML legislation and are regularly trained to recognise and handle potential AML scenarios. The importance of AML training is such that the LSAG deems staff members to be ‘the most effective defence against launderers’.²³⁸ It may also be recalled from earlier in this chapter that an employee who does not know or suspect another is engaged in money laundering, and has not been provided with AML training, may use this as a defence to the failure to disclose offence by virtue of s 330(7) POCA 2002.

Regulation 24 is not prescriptive in its requirements as to the form of AML training, although a law firm will need to take into account both the size and nature of its business and the money laundering risks to which it is exposed.²³⁹ In terms of frequency the LSAG Guidance 2018 states that, whilst a risk-based approach should be deployed in this respect, ‘Some type of training every two years is preferable.’²⁴⁰ The SRA also suggests that AML training should be considered as an integral part of a law firm’s continuing competence regime.²⁴¹

2.11 Solicitors Regulation Authority

2.11.1 SRA Handbook 2011

Whilst the Law Society has retained its representative role within the profession, it has delegated its regulatory role to the SRA. The SRA is the largest regulator within the sector and its requirements are set out in the SRA Handbook.²⁴² As the Handbook covers all aspects of practice, the material set out below does not present an exhaustive account of SRA regulation but focuses only upon those areas which may have some bearing on AML, either directly or indirectly. All participants were drawn from firms regulated, and supervised for AML purposes, by the SRA.

2.11.1.1 SRA authorisation and practising requirements

The SRA Practice Framework Rules 2011 stipulate the types of business through which solicitors and authorised bodies may practice, permit authorised bodies and solicitors to carry out certain legal services, and set out the requirements that must be in place as to eligibility for authorisation.²⁴³

The SRA may refuse an application for authorisation if it is not satisfied as to the suitability of the applicant’s managers and interest holders to operate or control the business.²⁴⁴ SRA regulatory compliance and compliance with any statutory obligations (such as those relating to money laundering) are also required as general conditions of such authorisation.²⁴⁵ To support such compliance, law firms must appoint an SRA-approved designated compliance officer for legal practice (COLP) who is tasked with taking all reasonable steps to ensure compliance both with SRA authorisation requirements and with its statutory obligations. Firms must also appoint an SRA-approved designated compliance officer for finance and administration (COFA) who is tasked with taking all reasonable steps to ensure compliance with the SRA Accounts Rules.²⁴⁶ Managers (such as a partner in or director of a law firm) or owners of authorised bodies also require SRA approval.²⁴⁷ When considering approval of a manger, owner, COLP or COFA (authorised role holders), the SRA will take into account, inter alia, the criteria in the SRA Suitability Test (a sectoral ‘Fit and Proper Test’).²⁴⁸

The Suitability Test (which also applies to trainee solicitors and those seeking admission as solicitors to the profession) is designed to uphold ‘the level of honesty, integrity and the professionalism expected by the public’.²⁴⁹ Hence applications will be refused, inter alia, where the applicant has been convicted of certain criminal offences, such as those relating to dishonesty, fraud, perjury or bribery.²⁵⁰ Ongoing regulatory control is exercised via the requirement for each solicitor to hold a current practising certificate which is renewed annually.²⁵¹ This will not be granted, inter alia, where the solicitor is suspended from practice.²⁵²

The SRA adopted a ‘continuing competence’ regime, outlining the ongoing competencies required from solicitors in the SRA Statement of solicitor competence.²⁵³ This is underpinned by the Statement of legal knowledge requiring knowledge of, inter alia, ethical concepts pertinent to the role of solicitor, professional conduct rules, solicitors’ accounts, and money laundering.²⁵⁴

2.11.1.2 The SRA Principles 2011 and the SRA Code of Conduct 2011

All SRA regulation is underpinned by ten mandatory principles (the Principles) which ‘define the fundamental ethical and professional standards’ the SRA expect from the profession, subject to any overriding legal obligations.²⁵⁵ Those Principles require legal professionals to, inter alia, uphold the rule of law and the proper administration of justice, act with integrity, and comply with their legal and regulatory obligations, including AML obligations.²⁵⁶

256 The Principles are that ‘You must: 1. uphold the rule of law and the proper administration of justice; 2. act with integrity; 3. not allow your independence to be compromised; 4. act in the best interests of each client; 5. provide a proper standard of service to your clients; 6. behave in a way that maintains the trust the public places in you and in the provision of legal services;7.comply with your legal and regulatory obligations and deal with your regulators and ombudsmen in an open, timely and co-operative manner; 8. run your business or carry out your role in the business effectively and in accordance with proper governance and sound financial and risk management principles; 9. run your business or carry out your role in the business in a way that encourages equality of opportunity and respect for diversity; and 10.protect client money and assets.’ SRA, SRA Handbook (Version 21, 2018) SRA Principles 2011. Principles 1, 2 and 6 extend to a solicitor’s activities outside of their practice, including in any ‘private capacity’ (ibid, note 5.1).

The SRA Code of Conduct 2011 (Code of Conduct) contextualises the Principles within practice, exemplifying them via a series of mandatory ‘Outcomes’ and expanding on them via a series of non-mandatory illustrative ‘Indicative Behaviours’ (IB).²⁵⁷ Within the Code of Conduct, there is an explicit, overarching requirement for solicitors to comply with anti-money laundering legislation.²⁵⁸ In addition, many provisions of the Code of Conduct support AML in that they either promote ethical conduct towards clients and third parties, or promote the orderly management of a law firm.

A number of obligations govern the relationship between a solicitor and their client. For example, solicitors must comply with the law and the Code of Conduct when deciding whether to accept or terminate a retainer, and may not act for a client where a conflict of interest exists or there is a significant risk of conflict.²⁵⁹ Solicitors also owe a duty of confidentiality to every client (separate and distinct from LPP) which, whilst surviving both the termination of the retainer and the death of the client, is overridden if disclosure is required or permitted by law or the client consents under Outcome (4.1).²⁶⁰

The Code of Conduct also governs the relationship between a solicitor and third parties. Hence, a solicitor must not ‘attempt to deceive or knowingly or recklessly mislead the court’, or be complicit in a third party doing so.²⁶¹ They must comply with any notification and reporting requirements in the SRA Handbook and co-operate fully with the SRA.²⁶² Solicitors are required to self-report ‘serious failure’ to comply with the SRA Handbook, any action taken by another regulator, any ‘material changes to relevant information’ about them, and also ‘serious misconduct by any person or firm authorised by the SRA’.²⁶³

The Code of Conduct sets out provisions intended to promote the orderly management of law firms.²⁶⁴ A ‘clear and effective governance structure and reporting lines’ are required, coupled with systems to achieve compliance (and identify, monitor and manage risks to compliance) with the provisions of the SRA Handbook.²⁶⁵ As stated earlier, compliance with AML legislation is expressly required of law firms.²⁶⁶

2.11.1.3 SRA Accounts Rules 2011

Solicitors, unlike many other professionals in the regulated sector, operate a client account, the misuse of which has been identified as a key money laundering risk.²⁶⁷ Detailed rules on solicitors’ accounts are set out in the SRA Accounts Rules 2011 (Accounts Rules 2011), the paramount objective of which is to keep client money safe.²⁶⁸ Client money must be held separately, either in a designated separate account or in a pooled client account, with each client’s funds being used exclusively in relation to their retainer with the law firm.²⁶⁹ The circumstances in which payments may be made to and from any client account are strictly regulated.²⁷⁰

Of key relevance in terms of AML provision is the operation of Rule 14.5, which prohibits the use of the client account to provide banking facilities, thus offering what the SRA call ‘an important “first line of defence” against clients or others who seek to use your client account to launder money’.²⁷¹ Any movement of funds to or from the client account must be linked to an ‘underlying transaction’ or a service which is part of the solicitor’s ‘normal regulated activities’.²⁷² Guidance note (v) to Rule 14.5 expands on the significance of the provision in an AML context, highlighting the criminal sanctions against those providing any assistance to money launderers. Note (v) also comments that Rule 14.5 mirrors the stance of the Solicitors Disciplinary Tribunal (SDT): that offering banking facilities is not a ‘proper part of a solicitor’s everyday business’.²⁷³ Non-compliance with Rule 14.5 has been repeatedly raised as an issue by the SRA in its Risk Outlook publications (which draw out key risks to the sector) and form the subject matter of a number of SRA Warning Notices to the profession.²⁷⁴

The ‘obvious risk’ of money laundering associated with breaches of Rule 14.5 was noted in the high profile case of Fuglers. ²⁷⁵ The earlier Solicitors Disciplinary Tribunal decision of Wood & Burdett had also acknowledged the underlying risk that offering banking facilities (in that case cashing third party cheques through the client account) could be misused as a vehicle for money laundering, an action which Moore-Bick LJ would later refer to as ‘an obvious invitation to money laundering’.²⁷⁶ The essence of Rule 14.5 will be retained in Rule 3.3 of the revised Accounts Rules to be implemented in November 2019.²⁷⁷

Given the money laundering risks that client accounts present, it is unsurprising that such accounts have been the subject of much debate in recent years, both as to their very existence, and as to how they should be treated in terms of CDD.²⁷⁸ Client accounts are therefore considered extensively in the data chapters of this book.

2.11.2 AML supervision by the SRA

The Law Society is listed as one of the AML supervisory authorities in POCA 2002 and MLR 2017 for the sector in England and Wales and, as stated earlier, whilst it has retained its representative role on behalf of the profession, it has delegated AML supervision to the SRA.²⁷⁹ The SRA must therefore ‘effectively monitor’ and take ‘necessary measures’ for ‘securing compliance’ with the MLR 2017.²⁸⁰ SRA AML supervision is itself overseen by the Office for Professional Body Anti-Money Laundering Supervision (OPBAS), created to strengthen AML supervision and promote consistency across professional body AML supervisors from the accountancy and legal sectors, where there are twenty two such supervisors (nine from the legal sector).²⁸¹ The SRA is the largest AML supervisor for the legal profession, supervising over 80% of the sector.²⁸²

In its capacity as AML supervisor the SRA has produced a number of Warning Notices, its own supervisory risk assessment, AML guidance and a number of reports outlining the money laundering risks faced by the sector.²⁸³ Whilst the SRA’s Risk Outlook publications highlight an evolving range of risks affecting the legal sector as a whole, spanning issues such as cyber security and access to legal services, there is a consistent focus on money laundering as a priority risk to be managed accordingly.²⁸⁴ The SRA has also conducted a number of AML reviews of the sector.²⁸⁵

2.12 Enforcement

Whilst a detailed consideration of enforcement of the UK AML regime is outside the scope of this book, participants’ perceptions of AML enforcement are considered in Chapter 7. In terms of regulatory action, the SRA have an extensive disciplinary arsenal at their disposal, both at an individual and firm level, with serious cases escalated to the Solicitors Disciplinary Tribunal.²⁸⁶ In addition, legal professionals may attract civil liability as constructive trustees, or be subject to criminal prosecution under POCA 2002 and MLR 2017.²⁸⁷

2.13 Concluding comments

The AML obligations explored in this chapter stem from those imposed upon the legal profession in response to FATF’s ‘gate-keeper initiative’ – obligations which, despite opposition and a number of global challenges, have been tailored and deployed across multiple jurisdictions.²⁸⁸ In the UK, the combined features of the ‘all crimes’ approach in POCA 2002, together with a reporting threshold based on suspicion, a negligence-based limb to the failure to disclose offences in ss 330–1 of the Act, and the criminal sanctions surrounding these features, impose wide-ranging obligations upon the profession, as do the provisions of the accompanying regulations.

This chapter has contextualised the book by examining the AML legislative and regulatory provisions with which the UK legal profession must comply, and the penalties that may be applied for non-compliance. Chapter 3 will outline the methodological approach of the study before turning to a consideration of the research findings in the subsequent data chapters.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.