Law Society Economic Crime Conference – update

Oct 6, 2025 | Article

For those who missed the conference in September, we have summarised the main sessions and a couple of the workshops for you.

 

The evolving landscape of economic crime

2025’s been a whirlwind — faster changes, bigger consequences. “Main character” energy needed!

Key Highlights from 2025:

  • LSAG guidance updated in April — think UBOs, HRTCs, Source of Funds. (See our July update for further detail).
  • Ultimate Beneficial Owners (UBOs): Reg 28(3A) says ‘reasonable measures’ to verify identity. LSAG clarifies: aim is to take steps to mitigate money laundering risks. If steps you take won’t do this, don’t bother. Passport for a UBO? Only if it makes sense.
  • National Risk Assessment & SRA Sectoral Risk Assessment: Legal sector = still high risk. Reference these in your FWRA.
  • SRA Guidance updated: Know what’s in scope of Money Laundering Regulations. Don’t guess.
  • SRA Data Collection: Definitely annual now! Think now about what could help you for next year.
  • Source of Funds/Wealth: SRA thematic review – expect outcome this month.
  • National Crime Agency (NCA) resources: SARs Reporter Booklet and SARs in Action as well as recent ‘System Priorities’ report which covers main threat areas, including professional enablers, PEPs, crypto, money mules, and dodgy cash flows. Use in training.
  • MLR Consultation: Ended 30/9/25. Particular concerns about changes to pooled client accounts – likely to result in significant headaches for law firms with increased CDD requests from banks.
  • ECCTA: Authorised Corporate Service Providers (ACSPs) – if you’re thinking of registering as one, beware that ID&V duties are far more onerous than under the MLRs. And Failure to Prevent Fraud offence – now in force! Even those firms out of scope should be thinking about carrying out risk assessment.
  • PEPs & Sanctions: New FCA guidance narrows scope of who counts as a PEP (see elsewhere in this bulletin for further details). And new Government guidance, “Starter guide to UK Sanctions” is worth a read.

Pro Tips:

  • Get AML-savvy on LinkedIn — it’s where the updates land first!
  • Find your AML tribe. Share scripts, sanity, and tips.

 

Holding the line (latest developments in economic crime space)

Economic crime experts looking at latest developments in the economic crime space.

Failure to Prevent Fraud

  • Offence now in force!  Only applies to large firms BUT…SRA now has a regulatory objective to actively prevent economic crime, so smaller firms can’t ignore fraud.
  • Sensible to carry out a risk assessment re fraud issues you might encounter…think overbilling, time-dumping to achieve bonuses, misallocating client funds, billing wrong entities. Instil a speak-up culture now and dust off your Whistle-blowing policy!
  • For large firms in scope, remember that the offence is about intention to benefit you, firm, clients etc, even if no fraud actually takes place.

Enforcement Trends

  • No actual money laundering found
  • Lots of early admissions and (the SRA’s go-to) Regulatory Settlement Agreements (RSAs), with fines concentrated in Bands B and C.
  • Received a WP letter from the SRA? Check:
    • Accuracy of breaches
    • Correct version of MLRs and LSAG guidance
    • Issues of professional judgement – this is subjective – is there anything else you knew at the time which the SRA is not aware of?
    • Firm’s turnover & fees (fines are based on these figures)
    • Remediate fast!

Client & Matter Risk Assessments (CMRAs)

  • Everything flows from these. Get them right! Review SRA 2023 Thematic Review, templates and worked examples.
  • Document why you reached your conclusions.

Ongoing Monitoring

  • Scrutinise transactions, including source of funds – does it still make sense?
  • Refresh CDD – are existing records still in date/ has anything changed?
  • Pay particular attention to PEPs, clients with high risk third country (HRTC) connections and sanctions.
  • Google is your friend! Be curious – not just compliant

Source of Funds/Wealth

  • SRA Thematic review outcome expected in October…helpful guidance?
  • Document expectations of staff clearly and ensure staff document thought process/ conclusions carefully to provide protection if ever challenged about decisions.

AML Training

  • Currently, enforcement is rare unless there is no training at all.
  • Annual e-learning? Unlikely to be enough.
  • Design a solid programme. Keep records. Build culture.

 

Updates from the Regulator

SRA findings from last year

  • Of the 237 inspections and 258 desk-based reviews, only 110 firms were fully compliant, with 284 partially compliant, and 118 not compliant (and referred for investigation).
  • Most common issues? Firm Wide Risk Assessments (FWRAs) not tailored to firm, especially around geographical reach and services. Ask yourself: Would you recognise your firm from your FWRA?  And Client and Matter Risk Assessments (CMRAs) – staff not following firm’s procedures, insufficient focus on AML risks (too much focus on general business risks).

Audits & Reviews

  • Reg 21 audits are not just about reviewing policies – need file reviews and staff interviews.
  • SRA will always pick in-scope files to review during audits – open, and closed in last 12 months – motivating factor to close files!
  • SRA may ask to see historic policies and procedures (generally where they have concerns about files) – make sure you keep these safe.
  • If SRA audit goes well, don’t expect to see them again for AML purposes for 3 years (but beware separate Sanctions inspections/ Thematic Reviews).

Technology & Templates

  • Tech is great — but scrutinise the output.
  • SRA knows all the templates – make sure you tailor them and don’t fake the date!

Pro Tips:

  • Tailor everything.
  • Don’t just tick boxes – document your reasoning. Live your AML processes.
  • Train your team and monitor your PCPs.

 

Practical Q&A session

Adequate Consideration Defence – can still rely on it for fees, thanks to Bowman v Fels. Law Society guidance on Uighur case imminent.

Lawyers = High Risk? NRA still says yes (since 2020), but many disagree. It’s the services (like conveyancing) that are risky – not the lawyers themselves.

Professional EnablersWitting or negligent involvement, but still no evidence that lawyers should have done things differently.

Reg 21 Audit – SRA has no preference for internal or external but the position appeared a little more nuanced than previous SRA commentary…smaller firms doing regular file reviews may not need an audit (previous advice was every firm other than one-man band likely to need one) – is this a change or just a different emphasis? Our advice remains that independent audits have benefits for pretty much all firms.

AML is more than just ID Checks – criminals have passports too! AML means stopping the money, not just ticking boxes. Build processes that revisit risk after onboarding.

Privilege & SARs – if in doubt, better to risk breach of privilege claim than Proceeds of Crime Act offence!

UBOs – Go up the ownership tree until you hit a human. LSAG refers to “lower risk” clients, but this is not really defined…even listed companies have someone pulling strings – may need to consider this depending on the risks involved.

CDD on Estates – Dying isn’t a great money laundering tactic. Unless concerned about criminality of deceased, keep it simple.

Training Tips – Make it specific. Skip the jargon. Use real stories. Little & often (in addition to annual e-learning!). Want partners to listen? Show them what a 2% of turnover fine looks like!

Money from Other Parties – If they’re represented, their lawyer does CDD. If unrepresented, don’t take unfair advantage by pressuring them to provide you with information. HRTC? EDD only needed in “occasional transactions” – solicitors don’t ‘do’ these!

Sanctions – Things are getting increasingly complex, the more aggressive Russia becomes. Risk assess properly. If you don’t understand the client’s wealth, don’t act.

Miscellaneous issues

  • Centralised compliance teams? – SRA has no preference – just make sure fee earners & compliance talk.
  • Celebrity clients – No need to formally ID unless have concerns.
  • PSC Register – Don’t rely on it alone. Dig deeper.
  • Screening Employees – Use file reviews & appraisals to spot red flags.
  • In-Scope Work – Be careful carving out. Train at-risk departments. Monitor closely.

 

Source of funds for smaller firms

Manage client expectations:

  • Talk it out: Open chats with clients about what you need and why.
  • Use scripts: Consider creating scripts for staff to use to help with these chats.
  • Feeling rushed? Pause. Reassess. Call the MLRO if needed.
  • Client still pushing back? That’s a red flag.
  • Still not comfortable with client’s funds or wealth – cease transaction

Source of Funds vs Source of Wealth and myths:

  • Know the difference and document both.
  • Does the story make sense? E.g. 18-year-old buying a £2m house?
  • Don’t just file evidenceanalyse it! Bank statements need your brain, not just your scanner.
  • Risk-Based vs Overkill: 6 months of bank statements for £3k from grandma? Probably overkill.
  • UK bank account ≠ clean money. Banks get it wrong too.
  • Long-standing client ≠ low risk. Familiarity isn’t a defence.
  • Your AML duties are about your client — not the other side. Stay focused.

Final Nuggets:

  • Document everything, particularly your reasoning — your future self will thank you.
  • Respect your risk assessment. It’s not a tick-box. Include narrative.
  • Tech helps, but you do the thinking.

 

Suspicious Activity Reporting: What Law Firms Need to Know!

SARs aren’t just paperwork — they can save lives, track traffickers, and stop crime. But only if done right. Here’s your cheat sheet:

Important Reminders

  • SARs are not crime reports and will not be treated as such by NCA. If life is at risk, call police directly. ☎️
  • You’re not tipping off by asking questions (even if after formed suspicion). Only if you say you’re reporting.
  • Defence Against Money Laundering (DAML) is not giving ‘permission to act’. It’s a defence, not a green light. You decide commercially how to proceed.
  • Can’t seek retrospective DAML.

SAR Best Practice

  • Read the form carefully and complete with the information requested (sounds obvious)
  • Explain acronyms/ legal jargon – triage team don’t have legal background
  • 1 SAR per activity – don’t split across multiple forms (reference related SAR numbers if relevant)
  • Tell the ‘story’ in a clear, concise and chronological way, setting out your money laundering suspicions, what the criminal property is (including value), the predicate offence, and (if seeking DAML) what you want to do next (for which you need the defence).
  • Include identifiers of ‘suspicious party/parties’: DOB, address, car reg, account numbers.
  • Don’t name specific law enforcement officers
  • Include your direct contact details for further information requests

Resources

  • Check out SARs in Action magazine, UKFIU podcast, YouTube videos, and upcoming best practice guidance.