Compliance Update April 2026

Apr 8, 2026 | Compliance Update

rule changes, tribunal trends, new guidance, deadlines – tick

With spring underway, it’s a timely moment to take stock of the SRA’s new and evolving regulatory changes. In this edition of our compliance update, we explore industry developments and practical guidance to support you in navigating an increasingly complex compliance environment.

New/ updated rules and guidance from SRA

Joint SRA & FCA warning to bulk claims firms

The joint warning was issued to firms representing motor finance commission claims in early February (back in the legal press following the announcement of the FCA’s final rules for the Official Redress Scheme), but it is a recommended read for law firms (and Claims Management Companies) dealing with any claims management activity work given the reference to the updated SRA Claims Management Activity Guidance (see below).

The main focus is on how firms should deal with consumers who find themselves having instructed multiple representatives in relation to the same claim, and the termination fees firms charge when whittle their representation down to one. Firms are expected to proactively help clients ensure they do not have duplicate representation and fully advise them at the outset of any termination fees if they change their mind.  The message is clear: termination fees are very much frowned upon.  If you insist on charging them, make sure the fee is reasonable, relates to the (justifiable) work that has actually been carried out, and is within the fee cap set out in the SRA’s Claims Management Fee Rules.

For a summary of what the SRA (and FCA) expect to see, see our blog.

Updated SRA Claims Management Activity guidance

If you work in this space, do read the updated guidance note and ensure you are aware of the SRA’s expectations.  It now includes:

  • new section on ‘claims being progressed by multiple representatives’.
  • reminder to advise clients about referral arrangements.
  • reference to the latest SRA Warning Notice on no win, no fee arrangements – you must be able to justify pricing structures, particularly success fees. (See below.)
  • requirement to notify clients of available statutory redress schemes.
  • reminder about the Warning Notice on marketing services to the public.

The SRA (and the FCA) are on the warpath when it comes to claims firms – they currently have 89 open investigations into 71 law firms – ignore the latest warnings at your peril!

No win, no fee Warning Notice

The SRA published a new Warning Notice at the end of January in relation to their concerns regarding the use of ‘no win, no fee’ arrangements in high-volume consumer claims. Failure to comply with Warning Notices can lead to disciplinary action, so if you work in this area, do read it in full, but for our summary, please see our blog here.

Hot topics

Companies House Security issue

A recent announcement from Companies House has confirmed a significant security vulnerability in its WebFiling service, potentially exposing sensitive company and director data, including dates of birth and home addresses, and the possibility of unauthorised filings and detail changes by bad actors, since October 2025. The system has now been fixed but only after a member of the public raised the alarm – the issue was not discovered by Companies House security checks during the 5 months they now realise it was an issue.

The key question remains: Has Companies House data already been compromised or relied upon incorrectly? If so, this raises serious AML/KYC implications. Many firms and electronic verification providers rely (at least in part) on Companies House data. If that data was inaccurate or tampered with, there is a real risk that onboarding checks carried out over the past five months may not meet regulatory requirements. Companies House are currently seeking to identify unauthorised changes and have published guidance on the current position.

For further information and our list of recommended action, please see our blog here.

Law Society Risk & Compliance Conference

Having attended the Law Society’s Risk & Compliance Conference on 11th March, we have produced a summary on our website of the main topics discussed throughout the day, focussing on:

  • Artificial Intelligence: A recurring theme throughout the day, with issues such as charging practices and how to safely adopt and responsibly use AI discussed. Look out for new SRA guidance on safe and compliance use of AI in the coming weeks.  In the meantime, it’s worth having a look at their Compliance tips for solicitors regarding the use of AI and technology.
  • FCA takeover of AML regulation: An inevitably popular topic with the key messages being don’t ignore it hoping it just won’t happen (because it very much looks like it will!), but also it is “not the closest crocodile to your canoe”, so don’t lose focus on current AML/ SRA obligations whilst worrying about the FCA.
  • Change in tone from the SRA? The new SRA CEO, Sarah Rapson’s, conversation with the Law Society CEO was interesting, signalling her desire to rebuild the profession’s trust in the SRA and shift the focus from enforcement to collaboration. Detail about the new approach was lacking, so we don’t yet know what it will mean in practice.
  • Dealing with mistakes: A specific session focused on why we make mistakes and why people don’t report them, how to reduce errors and tips for improving firm culture.
  • Key issues for SME law firms: Including cybersecurity risks, AML/ KYC controls, and practical steps, including stress-testing your policies and procedures – do they work? Are they being followed by staff? (Particularly important given the focus of the next SRA AML Thematic Review).
  • SRA Investigations: Key message: if you haven’t had an SRA AML inspection yet, it will be coming soon, so be prepared (and don’t forget they are also on the lookout for Accounts Rules and Code of Conduct breaches).

Mazur – Conduct of litigation – Court of Appeal overturns ruling

Pretty much everyone in the legal profession breathed a sigh of relief on 31/3/26 following the decision of the Court of Appeal in the Mazur case which overturned the High Court decision from September last year. Gone is the distinction between supporting or assisting an authorised solicitor in conducting litigation and doing so under supervision (a distinction which caused much soul-searching and head-scratching, with the latter being forbidden since September).

Lord Justice Birss stated, “It is not unlawful for an unauthorised person to act for and on behalf of an authorised individual so as to conduct litigation under their supervision, provided the authorised individual puts in place appropriate arrangements for the supervision of and delegation to the unauthorised person.”  

So, whilst this is a huge relief for legal executives (without practising rights), paralegals and trainee solicitors, it is important to note the final part of that sentence. Effective supervision systems remain key and ensuring there are sufficient authorised people to supervise the conduct of litigation, and effective processes and controls in place to manage that work, remains vital. Beware of thinking it’s just back to pre-September ‘business as usual’ if your supervision systems left a little to be desired!

Please see our blog here for our full thoughts on the judgment and watch this space for the much-anticipated updated guidance from the SRA and The Law Society. So far, all we have heard from the SRA is this, and this from the Law Society.

HMRC Tax Adviser Registration

There is still much confusion about the new obligation for “tax advisers” to register with HMRC before they can continue interacting with them about someone else’s tax affairs and get paid for it. Conveyancers, in particular, had hoped this would not apply to them when dealing with SDLT returns, but the government appears to be holding its ground. The new rules are due to come into force in May 2026.  Although there was a suggestion in the Gazette that the scheme could be deferred for conveyancers like it apparently has been in the financial services sector, until March 2027, no more appears to have been said about this.  On 26/3/26, HMRC updated its guidance originally published in February but the amendments don’t take us much further forward and we are still awaiting their promised further guidance about how to register.

In the meantime, there have been rumblings that the issue could be avoided by firms outsourcing SDLT work. However, The Society of Licensed Conveyancers, has warned against taking this route as they do not believe this will be a viable solution, and have also warned about the implications for those acting for mortgage lenders and those firms accredited with the CQS scheme.

Our posts from January and February set out where the new rules have come from, what they mean, who they apply to and the registration requirements, as well as the importance of distinguishing between these new HMRC requirements and the existing ‘tax adviser’ definition and requirements in the Money Laundering Regulations.

Interest on Lawyers’ Client Accounts Scheme (ILCA)

The Government consultation we referenced in our January blog on introducing an ILCA scheme, “as a way for the legal sector to contribute more to the justice system it relies on”, closed in March. The proposals would allow the MoJ to take at least 75% of interest earned on client account funds to support the justice system, with no ring‑fencing for access‑to‑justice projects (unlike other schemes around the world).   The profession pushed back strongly. The Law Society called the scheme “fundamentally flawed” and warned it would hit small firms hardest, driving up costs or risking closures amid increasing regulatory pressures. The SRA also raised concerns about the cost of any role it might play in running the scheme and noted that Accounts Rule 2.3(c) (which allows firms to hold client money outside the client account with agreement) might need to be removed to prevent firms avoiding the ILCA requirements. We now await the Government’s response.

Post Office Horizon IT scandal – SRA investigation

The SRA issued an update in March on its largest ever investigation, centred on the Post Office scandal, noting that they are making ‘significant progress’ but still won’t really do anything until the Public Inquiry and any criminal investigations are concluded. The important point for all firms is that although the issues under review are complex, the SRA has reiterated that the fundamentals are simple: “Solicitors must meet high professional standards. This includes acting independently, with integrity, and upholding the rule of law and proper administration of justice.” As officers of the court, solicitors should never allow client interests, or any other external pressures, to undermine the public’s trust in the profession. This is one to watch irrespective of your connection (or otherwise) with the Post Office scandal. (See below for more ‘ethics’ talk).

Dentons’ appeal – Does an AML breach amount to a conduct issue?

The Court of Appeal reserved judgment at the end of March following the hearing of the appeal brought by law firm, Dentons, focussing on whether an AML breach, no matter how serious, would amount to an SRA conduct issue.

The potted history: the SRA prosecuted Dentons for allegedly failing to carry out appropriate CDD checks, which the SDT dismissed. The High Court allowed the SRA’s appeal, remitting the matter to a fresh SDT panel. In the meantime, Dentons obtained permission to appeal the High Court’s decision. According to the Gazette, the SRA argued in the Court of Appeal that, “Dentons’ argument that professional conduct rules requiring solicitors to comply with the law is only breached where the law is broken in a manner that is serious, culpable and reprehensible is…” not supported by the rules or the law, arguing that it would lead “to the surprising conclusion that a solicitor…is not under a general professional obligation to abide by the law of the land, but rather, only to refrain from serious criminality”.  Watch this space for another eagerly awaited Court of Appeal decision.

LSB censure of SRA for SSB failure

Following the independent review in 2025 into whether the SRA acted effectively and efficiently on reports it received about the law firm, SSB Law’s, conduct of cavity wall insulation claims and its financial management (and the impact on numerous consumers), the Legal Services Board (LSB) formally censured the SRA (an official public reprimand) in March, sending a clear public statement that the standard of regulation seen was not acceptable.

The review identified 6 key areas where the SRA fell short of expected standards:

  • repeated delays in responding to clear warning signs about SSB
  • SRA staff failed to identify patterns of risk across the firm
  • over-reliance on information provided by SSB itself, rather than others
  • underuse of statutory powers to investigate and gather evidence
  • inadequate protection for vulnerable clients
  • poor internal governance, documentation, and decision-making

The SRA has set out improvements they will make in the areas identified by the LSB as part of their enforcement action, building on the steps already in motion following the Axiom Ince scandal and subsequent LSB directions, including taking a more proactive oversight role, improving their use of data and market intelligence, improving their triaging process for reports received and better use of their investigatory powers.  Full details from the SRA can be found here.

The timing of the latest closure of another major law firm (PM Law) with multiple offices nationwide in February can’t have been welcomed by the SRA…perhaps their increased proactive intentions aren’t progressing as fast as hoped…

Anti-money laundering, sanctions & financial crime

High risk third countries (HRTC)

The list of High-Risk Jurisdictions for AML purposes was updated on 13 February following the latest Financial Action Task Force (FATF) plenary, with Kuwait & Papua New Guinea added to the ‘grey’ list. (Beware that the Law Society website has still not been updated).  No countries were removed this time around. As ever, remember to review your existing clients and matters and update/ carry out enhanced due diligence as required.

SRA AML Controls webinar

The SRA released another on-demand webinar on 17 March, looking at AML controls designed to manage firms’ money laundering risks and linking their findings and recommendations from the last year of inspections and reviews to a fictional case study focusing on a property purchase with various red flags to help firms understand how they work. It is worth keeping up to date with the SRA’s latest expectations to stand you in good stead for the inevitable visit, particularly if you haven’t had one yet.

One alarming statistic quoted was that 82% of the firms referred for investigation for lack of completed client and matter risk assessments (CMRAs) had a process in place which just wasn’t being followed by staff. Carrying out regular file reviews to check that what you say you do is actually being done (and being recorded on the file) is a must!

Digital Identities – Government guidance

The Government published new guidance (and a blog) in February on the use of digital ID verification for money laundering checks to help organisations understand what it is and which providers to trust. ‘Digital ID verification’ refers to the ability to prove who someone is without them presenting physical documents or being seen in person.  The guidance suggests that only certified providers on the DVS Register can be relied on for MLR‑compliant digital identity verification. This seems to be an important shift with little regulatory fanfare.  You can read our full thoughts on the guidance here but our key takeaways are as follows:

  • If you rely solely (or even partially to be honest) on e‑verification providers to verify the identity of your clients without seeing physical documents or the client in person, check your provider’s certification and assess and document the assurance level.
  • Understand that digital ID is only one part of broader CDD obligations.
  • Save your e-verification reports to your own system to comply with your obligations to retain AML data for a minimum period of 5 years.
  • Carry out a technology risk assessment before adopting e-verification tools.

MLRO/ MLCO – special SRA alerts!

If you are a Money Laundering Reporting Officer (MLRO) or Money Laundering Compliance Officer (MLCO), you will be receiving non-public alerts from the SRA to your mySRA account, based on intelligence from the NCA. If you haven’t come across these yet, do check that your details are up to date in mySRA.  For a reminder how to do this, see the SRA’s news release from January here. As we do not hold these roles as consultants, we are not party to these alerts…so do let us know if they’re good!

Payment Diversion Fraud

Payment Diversion Fraud (PDF) is a big worry in the legal sector, particularly for conveyancers. Criminals redirect payments by impersonating clients or firms – often after hacking email accounts or researching staff to convincingly pose as them. With the rise of deepfake AI videos and calls, it can be very difficult to spot these scams.

Alongside strong cybersecurity, reinforce the basics with staff and clients:

  • Never trust unexpected changes to bank details – verify with the client using a known, trusted phone number.
  • Warn clients (e.g., in email footers and terms of business) to always confirm any change in payment details. Test payments can help reduce risk.
  • If fraud occurs, act fast: clients should contact their bank’s fraud team immediately, change email passwords, check for email forwarding rules, and report the incident at: https://www.reportfraud.police.uk/ (formerly Action Fraud).

The UK Financial Intelligence Unit (UKFIU)/ National Crime Agency (NCA) podcast (episode 27) is worth a listen for more insight on this topic.

Sanctions lessons from OFSI

An SRA news release in February raised awareness of The Office of Financial Sanctions Implementation (OFSI)’s blog setting out lessons to be learned from their £160,000 fine of Bank of Scotland for breaching the Russia financial sanctions regime in November 2025, to help firms better understand how to run sanctions controls in practice. OFSI want to see firms with sanctions controls in place and their effective operation.

Sanctions lessons:

  1. Screening data and configuration really matter – use all information available and ensure your screening tools can cope with spelling and transliteration variants (e.g. names converted from one script, such as Cyrillic, to another, such as Latin), otherwise you risk missing potential matches. And don’t forget: British citizens/ British passports holders can be sanctioned…don’t make assumptions based on stereotypes.
  2. Automation is not a safety net – ensure staff know when and who to escalate potential sanctions concerns to, particularly in firms at higher risk of sanctions and PEP exposure.
  3. Training must match today’s sanctions landscape – regularly review and update training materials as the sanctions space is very fast moving.
  4. Voluntary disclosure can shape the outcomereport suspected breaches to OFSI asap, even if you don’t yet have all the facts. Prompt voluntary disclosure and cooperation with OFSI can result in a discount of up to 30% of any penalty (see OFSI’s updated Financial Sanctions Enforcement & Monetary Penalties Guidance below). (It is worth noting that OFSI is seeking to double its maximum civil penalty cap to the greater of £2 million or 100% of the breach value, so these discounts are not to be sniffed at!).

Further guidance can be found on the SRA website but if you need any further help with your sanctions compliance, do get in touch.

Sanctions enforcement – OFSI has been busy…

In addition to the above blog, OFSI has published various papers over recent months, which are worth being aware of:

  • Financial sanctions enforcement and monetary penalties guidance – following a recent consultation, OFSI updated this guidance, aiming to reflect a stronger and more transparent enforcement framework and help firms better understand OFSI action in relation to sanctions breaches and enforcement action. Our sister company, VinciWorks, has published a helpful summary here.
  • The government published an overview of their approach to enforcing breaches of UK sanctions, focussing on a cross-government strategy and increased appetite to take enforcement action. If you haven’t already risk assessed your sanctions exposure and put in place procedures to mitigate those risks, now is definitely the time to do so.
  • How OFSI prioritises licence applications – if you work with sanctioned clients, this blog provides a useful summary of how OFSI assess licence applications.
  • The Current UK Sanctions Regime page now includes summaries of the prohibitions impacting each country/ theme (following the ‘guidance’ links) – worth knowing about, particularly if you work with clients in countries subject to UK sanctions.
  • ‘Ownership and control test’ – OFSI is seeking views on how easy (or otherwise) it is to assess the ability of a designated person to control an entity. Entities are deemed to be sanctioned if the person(s) who own or control them are themselves sanctioned, so it is essential to understand the structure of entities. If you want to participate, the deadline is 13th April 2026.

People with significant control (PSCs): Statutory Guidance

PSCs of companies, LLPs etc are defined as those who satisfy one or more of the specified conditions of holding more than 25% of the shares or voting rights in the company, having the right to appoint or remove the majority of the board of directors, or exercise, or have the right to exercise, ‘significant influence or control’ over the company. On 4/3/26 the government published new statutory guidance on the interpretation of what constitutes ‘significant influence or control’.   For a summary of the guidance, please see our blog here.

OPBAS report – Effective AML supervision by PBSs?

The Office for Professional Body AML Supervision (OPBAS) – the body currently overseeing professional body supervisors (PBSs) (such as the SRA) in relation to their AML requirements – published its annual report for 2024/ 2025 on the Legal & Accountancy PBSs in March. Whilst OPBAS will disappear once the FCA takes over AML regulation in due course, it is still alive and kicking for now and will influence the direction of travel.

The headlines from the report (although it is worth noting that OPBAS reports tend to talk generically about PBSs without specifying which one they are criticising/ praising) are that standards at PBSs have improved but:

  • there are recurring common breaches by supervised firms (the usual suspects: inadequately documented Firm Wide Risk Assessments, policies and procedures and client & matter risk assessments), calling into question the effectiveness of PBS supervision; and
  • some PBSs are taking “an overly member-centric approach hindering robust supervision” – effectively, some PBSs are too nice to their regulated communities and insufficiently enforcement-focussed. This may come as a surprise to those regulated by the SRA, which is not necessarily known for being ‘touchy-feely’, particularly in light of the new CEO’s recent comments (see above) about shifting focus from enforcement to collaboration.

If this is the direction of travel of OPBAS and subsequently the FCA, at least with AML, we may not see as much of this promised ‘change in tone’ from the SRA as we may have hoped.  As we have said before, ensuring you are fully compliant with the Money Laundering Regulations and SRA expectations now is the best way to prepare for the new FCA regime, which is unlikely to be classed as ‘member-centric’. If the SRA’s current approach is indeed ‘member-centric’ we may be in for some stormy waters!  If we can help with a Regulation 21 AML Independent Audit, do get in touch.

Law firm management

SRA reporting form

In case you missed it, in February the SRA launched a new form for reporting solicitors or firms to them, be it self-reports, reports about other firms or solicitors, or reports from the public.  The SRA’s ‘Reporting a solicitor or firm to us’ web page sets out helpful guidance (including a video) about what the SRA does (and doesn’t) investigate, and who can make a report and how. The aim is to help ensure people are contacting the right organisation (and presumably to keep the number of complaints received to a minimum…3000 in December 2025 is clearly not a sustainable number!).

Professional Ethics – LSB ramps up the pressure

We will no doubt be seeing an even greater emphasis by the SRA on professional ethics over the coming months, following the Legal Services Board (LSB)’s Statement of Policy on upholding professional ethical duties published on 26/3/26 (together with their News Release) in response to their 2025 consultation, which states that “regulators must do more to strengthen lawyers’ ethical standards”.  This has been an ongoing concern for some years, particularly following issues such as the Post Office scandal, misuse of NDAs and use of so-called ‘SLAPPs’ litigation.

The LSB is concerned that ‘some professionals over-emphasise the duty to act in the client’s best interests’ and focus on the client’s subjective, rather than objective, best interests.  The LSB has provided a (not exactly ground-breaking!) definition of ‘professional ethical duties’: “Authorised persons have a duty to act with independence and integrity; maintain proper standards of work; keep the affairs of clients confidential; and comply with their duty to the court to act with independence in the interests of justice. Subject to the fact that they must place their duty to the court and their duty to act with independence and integrity above the duty to act in the best interests of their client where these may come into conflict, these duties are not presented in order of precedence.”  Those familiar with the SRA Principles will already recognise this wording and will be aware that these ethical duties apply to all employees of authorised firms, not just solicitors. The LSB’s statement expressly makes this point.

The LSB has set out 5 outcomes regulators (including the SRA) must pursue to support the profession in upholding professional ethical duties:

  1. more consistent education and training in ethics – before and after qualification.
  2. clearer and more practical regulatory guidance.
  3. stronger workplace support for lawyers in upholding standards and challenging unethical behaviour.
  4. monitoring and supervising ethical behaviour and taking action where needed.
  5. regularly evaluate the above steps to ensure they remain fit for purpose.

Regulators will have 6 months to develop their plans to meet the above expectations. In the meantime, do get in touch if you would like to book in for our Ethics training.

Complaints – LeO’s Model Complaints Resolution Procedure

In our January update we referenced the joint SRA and Legal Ombudsman (LeO) concerns about how first-tier complaints are handled. The SRA had planned to introduce rule changes but withdrew them at the last minute. One of the things they were working on with LeO was a model complaints resolution procedure. This work has continued and LeO is now calling for final stage input on the draft procedure before its roll out.  If you have any thoughts on it which you wish to be considered, you have until 19/5/26 to contact LeO either by email: consultatations@legalombudsman.org.uk or their online survey: https://forms.office.com/e/mxDp2nk9NF.

This may be particularly relevant to conveyancers following LeO’s new ‘Spotlight’ article focusing on complaints in residential conveyancing.

 

Tribunal trends and cases of interest

When solicitors slip up… big and small-time

 

Cartoon image of a rule book

 

  • A law firm owner was struck off after falsifying bank statements to hide a £2.1m client account shortfall and misappropriating nearly £1m for personal use. The owner operated under an alias, acting dishonestly, misleading regulators and clients while abusing sole control over certain accounts. Investigators uncovered major discrepancies and improper transfers. The firm was shut down, he was found fully responsible and ordered to pay £65,000 in costs.
  • A solicitor struck off nearly 18 years ago after fraud has failed in his bid to return to practice. He’d misused client funds, sent misleading correspondence, and was later jailed for 5 years. The tribunal found him dishonest and not credible, noting large unresolved financial losses. Despite claims of rehabilitation and mentoring work in prison, he showed insufficient insight, training, or legal experience. Regulators opposed his return, and the tribunal ruled he’d not met the high threshold, dismissing his application and ordering £2,590 costs.
  • An experienced solicitor who admitted encouraging a client to lie has avoided being struck off and instead ordered to pay £37,568 in costs. He was found to have acted dishonestly during a recorded meeting about a property dispute. Although he argued his comments were taken out of context and intended to protect a vulnerable client under pressure, the tribunal ruled his actions were deliberate. However, given his previously unblemished 20-year career, lack of personal gain, and low risk of repetition, he was suspended rather than struck off.
  • A dual-qualified barrister has been disbarred for dishonestly misleading the High Court while acting as a solicitor. There was failure to disclose key evidence undermining a criminal conviction, resulting in an unsafe judgment and a freezing order affecting the defendant. Already struck off as a solicitor, he denied dishonesty but did not attend the hearing. The tribunal found his actions sustained and deliberate, rejecting claims of recklessness, and ruled disbarment the only appropriate sanction and ordered him to pay £24,600 in costs.
  • A High Court judge determined that a claimant was receiving answers via smart glasses linked to his mobile phone while giving evidence. Suspicious pauses, interference, and a live call exposed the misconduct. His explanations, including blaming ChatGPT, lacked credibility. The case highlights growing concerns about technology, including AI wearables, being used to improperly assist witnesses in court proceedings.
  • Solicitor has avoided being struck off after dishonestly witnessing a deed she had not seen signed. The Solicitors Disciplinary Tribunal found her actions “spontaneous and momentary,” influenced by pressure and personal difficulties. Although dishonest, her misconduct was isolated, quickly corrected, and caused minimal harm. Given her otherwise unblemished career and remorse, she received a six-month suspension and was ordered to pay £25,000 in costs, despite strike-off being the usual sanction in cases of dishonesty. Perhaps more concerningly was her position under cross-examination that she was not aware of the statutory requirement that a witness must be physically present when a deed was executed.
  • A recently qualified solicitor has been struck off for misleading clients, colleagues, and a bank over more than a year about the progress of a probate case. She falsely claimed applications had been submitted and chased, when they had not. Her misconduct, spanning eight cases, was deliberate and repeated. Despite citing mental health struggles and no personal gain, the tribunal approved her removal. She resigned, admitted dishonesty, and was ordered to pay £5,000 costs.