GDPR is still very much at the forefront of everyone’s minds.
Are you panicking about GDPR compliance? You are not alone. Most small and medium firms are not there yet. It’s a daunting and time consuming project for many firms, but you’ve still got time to be GDPR-ready by the 25th May. (Let’s not forget that GDPR compliance is “a journey, not an event”).
For our non-COLP Help clients, we have put together a standalone GDPR compliance package, which includes:
- Desk based review of existing data protection documents
- Meeting to identify issues for the firm and go through the ICO’s 12-point roadmap
- Report and recommendations for compliance
- Follow up telephone meeting
Don’t put it off any longer – contact us for a quote!
It’s also been a big week for financial crime news, with the SRA issuing a new AML warning notice and the Law Society finalising its new AML practice note. The National Crime Agency has issued the first “Unexplained Wealth Orders” and the CPS brought a successful prosecution against a small company under the Bribery Act.
Have a great weekend,
Jon and the team.
SRA gets tough on AML
On the 2nd March, the SRA released details of its review into how law firms are complying with money laundering rules, and in particular the new regulations which were introduced last June.
The regulator visited 50 firms as part of a targeted thematic review, resulting in six firms being referred for disciplinary action.
As a result of the findings, the SRA has issued an updated warning notice on money laundering and terrorist financing. We suggest making this compulsory reading for everyone in your firm.
Areas of concern include:
- Failure to keep AML-related records
- Failure to conduct firm-wide risk assessments (only 11 of the 50 visited firms had done this – something we highlighted last Summer)
- Only 69% of files reviewed had written evidence that the level of risk was assessed
- Only 34 out of the 50 firms said they would renew CDD for life events such as change of name or address.
Why it matters
Despite the wonky methodology of the review*, and whatever the feelings are about over-regulation in this area, the fact remains that the Money Laundering Regulations 2017 apply to most solicitors. The Regulations impose a legal obligation to comply, and failure to do so is both a criminal and regulatory offence.
Our advice: make sure you revisit these key areas:
- Update your firm-wide AML training
- Make the SRA warning notice and Law Society guidance (see below) compulsory reading
- Ensure your AML policy is consistent with the new Regulations
- Document your firm-wide risk assessment
- Review your client inception procedures and matter-level risk assessment
- Review your CDD process – consider electronic CDD to save time
*The 50 firms visited were not picked at random – all were chosen because they did work in high risk practice areas (mainly property-related) and half of them had black marks against their records from previous visits.
Law Society AML guidance finalised
The Law Society’s guidance to the profession on the new AML regime (Money Laundering Regulations 2017) has been formally approved by HM Treasury and published.
Why it matters
The guidance, which replaces the old Money Laundering practice note, is the go-to AML resource for solicitors. It should be required reading for all practitioners (and don’t forget to include it as part of your Continuing Competence).
Howard Kennedy guilty of using client account as a banking facility
It is long established that solicitors must not offer banking facilities through their client account. All money passing through must be related to an “underlying legal transaction” – see the SRA’s 2014 warning notice for more information.
The rationale is that client accounts are attractive to money launderers and those seeking to hide their assets. Plonking cash with a solicitor can be a handy way to keep prying eyes away from pesky liquidators, for example.
Partners at well known London firm Howard Kennedy recently were hauled in front of the SDT for this very issue, resulting in a £35k fine for the firm and £15k for the guilty partner.
Why it matters
According to the Gazette, the “tribunal dismissed an allegation that Howard Kennedy had committed a serious breach of account rules by not reporting the matter promptly”. In effect, suggesting that use of a client account as a banking facility is not in itself a reportable breach (“material”, as defined in the Authorisation Rules).
This is interesting because we often receive questions from solicitors about whether X breach is reportable by the COLP or COFA. Compliance Officers have a personal responsibility to report material breaches without delay.
Whether or not there was actually anything dodgy going on, bearing in mind the amount of money that had passed through Howard Kennedy’s accounts unrelated to legal transactions (millions, over several years), surely this would have met the definition of “material”? It would be a brave COFA who thought otherwise!
In other financial crime news…
The National Crime Agency has started to flex its muscles. The Criminal Finances Act 2017 gave the NCA additional powers, including to make “Unexplained Wealth Orders” where there is a suspicion of a person’s involvement in financial crime. The NCA recently issued two UWOs for property worth £22m.
When coupled with freezing orders, these are powerful regulatory tools. According to the NCA, they “enable the UK to more effectively target the problem of money laundering through prime real estate in London and elsewhere”.
In another notable development, the CPS recently won a landmark Bribery Act ruling against an office refurbishment firm. A full overview of the case by the CMS Law-Now team can be read here.
- the company was small, and had informal ethical standards in place
- it did not operate in a particularly high risk business or jurisdiction
- it had accounts safeguards in place to scrutinise the legitimacy of invoices
The jury had little sympathy, finding that the company had failed to put in place adequate processes to guard against bribery and corruption.
In other words, a specific bribery policy and staff training is required.
New and updated Law Society Practice Notes
New and updated SRA Warning Notices and Guidance
- Robert Sedgwick had reached a settlement agreement with the SRA to be struck off the roll. The SDT decided not to approve this, and instead decided to suspend him for 12 months. Mr Sedgwick had involved himself and his firm in dubious investment schemes and had allowed the firm’s bank account to be used as a banking facility. However, the SDT had regard to his unblemished career of 44 years and that there had been no underlying fraud alleged in the case. The SRA was criticised for making the application to consider the agreed outcome late in the day, and that this was part of an increasing number of applications that was ‘disruptive to the tribunal’s timetable’.
- In November 2018 Stephen Pickard was convicted and jailed for his role in a Ponzi scheme, where he used his status a solicitor to convince people that it was a genuine investment, when he knew it was not. Unsurprisingly, he was struck off the roll by the SDT.
- London law firm Howard Kennedy were ordered to pay a fine of £35,000, and one of its partners, Christopher Langford, was fined £15,000 by the SDT. Over a period of nearly 6 years Christopher Langford, made payments in an out of the client account where there was no underlying transaction.
- Lisa Wilson, a former paralegal in the conveyancing department at Shoosmiths was given a section 43 order by the SRA. She was found to have ‘intercepted a cheque, amended the payee details to her name, drafted a letter in the IT system to give the impression the cheque had been sent to her and went to a cheque cashing shop to cash the cheque‘.
- ICO – A former local authority education worker, Samira Bouzkraoui, was fined £850 and ordered to pay costs of £713. She was found to have shared personal information about school children, the school admissions records, and parents by snapchat whilst working for Southwark Council.