Skip to main content
Man and a woman analyzing data

AML (Anti-Money Laundering) Audit Services for Law Firms

PDA Legal's team of SRA & AML compliance specialists conduct expert, independent anti-money laundering audits for law firms & solicitors.

Book a free AML auditing consultation

The Importance of Independent AML Audits

To comply with Regulation 21 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017” (MLR 2017), the Solicitors Regulation Authority (SRA) requires firms to implement robust systems to prevent money laundering. However, staying on top of evolving requirements can be both time consuming and challenging. Non-compliance risks severe penalties, from financial fines to reputational damage, and can disrupt your firm’s operations.

Our experienced AML auditors help UK law firms understand the complex money laundering regulations, assess your firm’s current AML policies, controls and procedures (PCPs), and support you in achieving compliance.

Common Failings Identified During AML Audits For Law Firms

Firms are managing ever-tightening controls on sanctions and Proliferation Financing, and all this against the backdrop of the ongoing programme of SRA thematic reviews.

Ensuring you have a clear view and understanding of your organisation's compliance with the latest AML requirements has never been more important.

SRA thematic reviews have highlighted not just gaps in rudimentary controls, such as conducting ID checks, but also other critical elements, including:

  • Ineffective conduct of audits and reviews (or no reviews/audits at all!)

  • Absence of or incomplete matter-level AML risk assessments

  • Lacklustre internal reporting structures and content

  • Inadequate knowledge for making Suspicious Activity Reports (SARs)

  • Gaps in training, knowledge or updates

  • Out of date controls or procedures

  • Over-reliance on EID/V (Electronic ID / Verification) in isolation

  • Insufficient reviewing of the efficacy/appropriateness of EID/V

The Challenge with “Independent” In-House Audits

Under Regulation 21 legislation it is theoretically possible for solicitors or law firms to conduct their own “independent” anti-money laundering audits. However, there are a few challenges.

Independence

MLROs and MLCOs cannot conduct a valid Independent AML Audits (IAAs). Nor can Compliance Managers, AML managers and others, if they are effectively ‘marking their own homework’.

Seniority

If conducted internally, it should only be by someone of senior management level. This ensures that they will have unhindered access to all information that they require to conduct the audit.

Expertise

The regulations require that adequate resources be applied and the auditor should be able to demonstrate experience and expertise in conducting IAAs and to understand the process of audit trailing.

Timing

If asked by the SRA, firms need to be prepared to defend their decisions as to the frequency of their IAA. On average, independent AML Audits take place every 12-24 months.

Duration

Including reporting, IAAs take 3 to 4 days on average. If an IAA is conducted internally by a senior manager who is also a fee earner, that represents a lot of lost fee income.

Preparation

Preparation for an IAA is not necessary; in fact, it could be dangerous. Too much preparation could give rise to a false impression as to the true state of the firm’s controls.

Audit coverage

IAAs are not concerned with the firm’s AML policy, alone. Dozens of associated policies, controls and documents should be reviewed, matters perused and trailed, and people interviewed.

Gravitas of the report

For an IAA to be valid, it cannot be ignored or put to one side. Also, Lexcel/CQS/ISO accreditation does not guarantee AML compliance; to the contrary, it can give rise to a false sense of security. PDA’s IAA reports are typically 20-30 pages long; for accredited firms as well as those that are not.

The good news is that our independent AML audit service provides a convenient solution, enabling you and your team to focus on revenue-generating work.
View PDF

What Our Independent AML Audits Review

As our AML compliance audits are performed by experienced experts, we review your firm’s operation and AML framework in the same way as an official SRA inspection; but with the significant advantage that our findings, coupled with our subsequent support if required, provide you with the ability to address any issues prior to a formal SRA inspection. In addition, as experts in the ‘real world’ application of AML regulations, we can provide professional advice, consultancy, training and more.

Our AML Auditing Process

Much of our approach to Independent AML Audit scheduling and content is informed by our many discussions with firms that have been through the SRA’s thematic review process. Typically, our AML audits take place in two stages, both of which are conducted on a transparent, scheduled, fixed fee basis which provides you with peace of mind that you know how much you need to budget for and what to expect from us at each step.
Two businesswomen in professional suits collaborating over a laptop, engaged in a discussion in a modern office setting.

Step1: Initial Consultation

We conduct an initial consultation with you, where we discuss the make-up of your firm and start to identify the level of risk to which it is exposed. During that conversation, we can pinpoint the aspects to be covered in the audit, the people and documents involved and even commence the planning for the visit to your offices in due course.
Two businesswomen looking at a laptop

Step 2: Desktop Review & Gap Analysis Report

Our clients have told us time and again that our audit reports are the most detailed, but easy to digest, that they have ever received.

We start by reviewing your documented controls and records that support AML controls and provide you with a written Gap Analysis Report.

We don’t simply review an AML policy. Like dropping a stone into a pond, your AML controls touch upon many others. And so, we review a host of supporting documents and records as well, including;

  • The Practice/Firm-Wide AML Risk Assessment
  • The policy for staff training on AML
  • Staff training records
  • Supervision procedures
  • File review procedures
  • Reporting and monitoring procedures
  • MLRO reports
  • Matter file forms for recording outcomes of AML checks
  • Reviews of EID/V service providers
A team meeting in an elegant office

Step 3: Interim Report and Discussion

We are unique in the sector by sending you an interim written report after the desktop portion of the audit, rather than making you wait until after the onsite visit!

And, we conduct a conversation with you to consider the findings so far.

This provides the opportunity to pinpoint any particular aspects of concern that the firm might like for us to drill into when we conduct the onsite portion of the audit.

Then, we prepare the visit plan to share with you in advance of the visit.

professional team meeting

Step 4: Onsite Visit and Audit

After the desktop review has been completed, we follow up with a visit to your offices to examine the controls in action.

The list of aspects that we examine is long and thorough, and includes;

  • Meeting with supervisors, Heads of Department, the MLRO and others in responsible roles
  • Conducting file reviews to examine the conduct of AML controls in the ‘real world’
  • Viewing the operation of the case management system controls for AML
  • Perusing the AML forms on matter files
  • Examination of the training records and training programme that supports AML controls
  • Examination of the risk register
  • Examination of the register of breaches, near misses and the regular reviews of risk data
  • Reviewing historical file review findings/trends
  • Meeting with fee earners and support staff to understand their perspective and to test their application and experience of controls

At the end of the visit, we meet with the MLRO and compliance managers to provide immediate feedback and to discuss any immediate concerns.

woman works on laptop

Step 5: Add Findings to GAR

We add our findings from onsite to the Gap Analysis Report to provide you with a written narrative as to where your practice stands with its AML controls and next steps to resolve the gaps.

There is no 'pass' or 'fail’ where the audits are concerned. Instead, we apply colour coding to each of the remarks in our report, to provide at-a-glance navigation as to the suggested prioritisation that the Firm might apply to addressing each concern.

We endeavour to provide as much value as possible by providing you with plain language feedback and explanations of concerns to be addressed. This means that our reports typically run to a sector-leading 30+ pages.

Front view of business people talking

Step 6: Review

After your having read the report, and if you wish, we conduct a final conversation with you to chat through any points raised in the report.

Three business professionals engaged in discussion at a table, with a laptop open in front of them.

Step 7: Optional

A review of the Firm’s progress in taking action on the guidance provided following the Audit; usually 3 to 6 months after Stage 6.

We ask the Firm to provide us with copies of documentary evidence of the progress that it has made towards addressing the issues.

Then we conduct a remote meeting, either by MS Teams or telephone, to provide our feedback and discuss any aspect of the issues.

Finally, we follow-up with a written summary by way of our independently documenting the Firm’s progress and to summarise any further guidance.

Pricing

We strive to provide you with unparalleled value through services that are bespoke to your practice.

Our pricing is competitive and transparent. And, it’s tailored according to the scope of the work that we do for you.

Wherever possible, we conduct work on a fixed fee basis.

Book a Free AML Audit Consultation

Join our free Best Practice Group and save:

Members of our free-to-join Best Practice Group receive a substantial discount on all of our services.

Find out more

Additional Anti-Money Laundering Services

In addition to Anti-Money Laundering audits, we also offer:

Additional Auditing Services

We can also provide auditing in the following areas:
Leaf Icon

Why Work With PDA Legal?

The PDA Legal Team:

  • Has over 25 years experience in the legal sector.

  • Has supported over 500 legal organisations.

  • Has worked with The Law Society on Lexcel and has authored articles and spoken at national Law Society events on key compliance topics.

  • Ensure that all discussions with us are conducted in the strictest of confidence.

  • Operates, wherever possible, on a fixed price model and project scheduling.

  • Offers a free, no obligation initial consultation.

Book your free AML consultation today

What Our Clients Have to Say About PDA’s AML Support…

“We’ve had independent AML reports before, but PDA’s was by far the most detailed and helpful.”
“PDA’s AML audit report works like a checklist, so that we can see what we need to do, at-a-glance.”
“Thank you for the AML audit, PDA. We feel much better prepared for an SRA visit now!”
“PDA understands AML controls in the context of how real law firms actually work.”
“We now have a reliable structure for the screening of employees, thanks to guidance from PDA”
“AML felt like ‘smoke and mirrors’ until PDA simplified it for us.”
“PDA has been a second and third pair of hands to support our time-poor MLRO.”
“The Partners’ hesitance about an Independent AML Audit melted away when PDA hand-held us through every step.”
“We knew that something wasn’t quite right with our AML processes; thank you, PDA, for pinpointing the issues for us.”
“PDA conducted our Independent Audit so smoothly. We didn’t realise that it could be that painless!”
“PDA didn’t just conduct our AML audit; they stayed to help us update our AML controls, too.”
“PDA’s insight cut through the fog to help us select the appropriate EID/V system for our needs.”
“PDA conducting our Independent Audit saved us a lot of time (and we enjoyed the fresh perspective).”
“PDA’s Independent Audit report put the whole thing into logical context. Very pleased!”
“We’ll be welcoming PDA back to do next year’s Independent Audit too.”
“PDA isn’t the first consultancy that we’ve used to help us with AML… but it will be the last.”
    More Testimonials

    Book Your Free AML Consultation Today

    By clicking submit you agree to how we use your data as explained in our Privacy Policy

    Submit

    Related AML Articles

    Woman working late at the office

    What Happens During an SRA Inspection?

    A visit from the Solicitors Regulation Authority (SRA) can be a daunting prospect for many law firms, potentially causing a great deal of stress for those involved. These visits, usually referred to…
    Read more
    Three professional women in business attire standing together in an office environment, showcasing teamwork and collaboration.

    7 Steps To Create A Robust AML Compliance Programme

    Law firms regulated by the Solicitors Regulation Authority (SRA) have a legal obligation to comply with Anti-Money Laundering (AML) legislation, and a duty to follow additional best practice guidelin…
    Read more
    A woman in a grey sweater typing on a laptop on top of a wooden table, surrounded by documents.

    Independent AML Audits - What Law Firms Need to Know

    As of June 2023, the UK Government estimates that money laundering costs the UK economy more than £100bn every year. As a supervisory body, the Solicitors Regulation Authority (SRA) assigns dedicated…
    Read more
    View All AML Articles
    Get in touch for a free no obligation quote today
    Contact Us
    Law Society Lexcel Assessor. Legal Practice Quality Mark.
    Cyber Essentials logo
    Information Commissioner's Office logo
    ISO logo
    Legal Aid Agency logo