- Publication Date
- 2022-01-05
The Solicitors Regulation Authority (SRA) conducted an investigation into a law firm in relation to its compliance with anti-money laundering regulations and professional standards.
Between September 2015 and April 2017, the law firm carried out work for two individual clients and corporate vehicles connected with the same two individual clients. This work related to a non-SRA regulatory investigation, asset planning for one of the individuals, and the initial stages of the proposed acquisition of two separate entities and the onward sale of one of them.
While the law firm believes that Customer Due Diligence (CDD) was obtained in relation to the two individual clients, the firm did not retain the hard copy file of such documents, which appears to have been misplaced, and no electronic copy of the records was retained either. Some documents, but not a full set of CDD documents were obtained in relation to one of the corporate vehicles involved in one of the proposed acquisitions. Both proposed acquisitions presented a higher risk of money laundering or terrorist financing under the relevant money laundering legislation in force at the time, because they involved companies in high-risk jurisdictions, therefore requiring enhanced customer due diligence (EDD), and ongoing monitoring which was not adequately applied. One payment was made into and three payments were made out of the law firm’s client account between July and July 2016, which did not relate to an underlying legal transaction in relation to which the firm was instructed. Funds belonging to one corporate vehicle were transferred to the client ledger for another corporate vehicle and used to discharge the firm’s fees and disbursements on the matter relating to the latter entity. The firm also did not send a bill of costs, or other written notification of the costs incurred, to the relevant entities before two invoices were raised and paid out of monies held in the client account.
During an external investigation commissioned by the firm into these matters, it was identified that the former partner at the firm responsible for the relationship with the above clients and instructed in relation to most of the above matters had not received mandatory training as required by anti-money laundering regulations. The firm has stated, and the SRA accepts, that such training would usually be provided but was not, owing to a personnel absence. However, there was no contingency plan at the firm for AML training to be implemented if such a personnel absence occurred.
Separately, between September 2017 and October 2018, the law firm acted in relation to three property transactions that were related to one another, but unrelated to the matters outlined above. For each transaction, the firm’s client was a separate special purpose vehicle with the same ultimate beneficial owner. The firm secured CDD in relation to the ultimate beneficial owner but, because it opened each matter file in the name of a different entity in the corporate structure, the firm did not secure full CDD for each special purpose vehicle before each relevant transaction took place. The firm also did not retain copies of some of the CDD information obtained in relation to the ultimate beneficial owner and another individual who instructed the firm on a fourth, related, matter.
In September 2018, the SRA requested a copy of the firm’s practice-wide risk assessment, as required by Regulation 18 of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs 2017). The firm did not at that time have in place such a risk assessment. A risk assessment was prepared by an external provider and supplied by that provider to the firm in March 2019, and to the SRA in May 2019.
The law firm has cooperated with the SRA’s investigation and has shown genuine insight into its management of risk and actions during the relevant periods, including by commissioning an external investigation into the matters outlined above. In relation to the matters, transactions were requested by the former partner and the firm had placed reliance on that former partner for completion of the relevant procedures under its own policies – albeit the firm acknowledges that the former partner was not adequately trained and admits the procedures did not adequately mitigate against the risk of non-compliance. Retrospective relevant CDD documents in relation to the three related property transactions were later obtained and provided to the SRA. The firm has amended its policies and procedures, including introducing and investing in new, more sophisticated IT systems which involve increasingly centralised record-keeping and are, in part, specifically designed to prevent future breaches of the type addressed by this agreement. The firm has divested itself of the fees earned once the breaches were identified in relation to the matters outlined above.
The firm admits the following breaches: - Failing to have a written, practice-wide risk assessment in place until March 2019, and failing to provide the same to the SRA until May 2019, pursuant to Regulation 18 of the MLRs 2017. - Failing to secure adequate CDD at the material times in relation to four matters and put adequate systems and controls in place to ensure that the correct client was named on three of those matters and throughout the lifespan of those matters, pursuant to Regulation 7 of the MLRs 2007 and Regulations 27 and 28 of the MLRs 2017. - Failing to retain full CDD on four clients for a minimum period of five years, or have adequate systems and controls in place to retain and/or record the results of CDD checks at the relevant time, pursuant to Regulation 19(3) of the MLRs 2007 and Regulation 40(3) of the MLRs 2017. - Failing to conduct adequate EDD, or adequately apply enhanced ongoing monitoring in respect of one client and two matters related to that client, including failing to put a notice or control in place at file or accounts level to show that EDD was required, or inform accounts staff that permission needed to be obtained before further transfers could be made, pursuant to Regulations 8 and 14(1)(b) of the MLRs 2007. - Permitting four payments in the sums £965,000 (into) and $1,099,015, $10,000 and £10,000 (out of) the firm’s client account, permitting the client account to be used as a banking facility, pursuant to Rule 14.5 of the SRA Accounts Rules 2011. - Failing to provide adequate training to a partner on whom they relied, where there is a duty to train all relevant employees in relation to anti-money laundering regulations, pursuant to Regulation 21 of the MLRs 2007. - Improperly transferring funds belonging to one entity to the client ledger for another entity, which was then used to discharge the firm’s fees and disbursements in relation to the latter entity, pursuant to Rules 1.2(c), 6.1, 20.1(a), 20.1(c), 20.1(d), and 29.2(b) of the SRA Accounts Rules 2011. - Failing to send a bill of costs, or other written notification of the costs incurred, to relevant entities before two invoices were raised and paid out of monies held in the client account.
The firm has agreed to pay a financial penalty in the sum of £232,500.