Money Laundering Red Flags
Money laundering, or even the potential risk of money laundering remains a very real risk for firms operating within the legal sector. As you may have seen in the Law Gazette, in November 2023 Ashfords LLP (Ashfords Solicitors) were fined over £100,000 by the SRA for money laundering compliance failures, making it the fourth largest fine ever imposed by the SRA.
Interestingly, and a cause for concern for many legal professionals, is that such a hefty fine was issued despite that fact that:
- Ashfords Solicitors reported themselves to the SRA once they became aware of the compliance failures
- The SRA confirmed that there was no suggestion that any money laundering or other financial crime had taken place.
(You can read the full report on the SRA website.)
As one anonymous commentator on the Law Gazette article stated:
“This is hardly an incentive to self report or, indeed, interact with the Regulator at all.”
This therefore begs the question; what can your law firm do to lessen the likelihood of being in a similar position with the potential for a fine and overly public damage to your brand and reputation which accompanies it, or even need to even self-report in the first place?
Prevention being better than cure, you should regularly (e.g. at the very least annually) review your controls, processes and staff training with the help of an AML specialist such as PDA Legal as we can help you identify potential weaknesses or areas of concern and address them before they evolve into a situation that requires a report to the regulator.
In addition, ensuring that your team is well aware of (and up-to-date with) the most common or highest risk red flags serves as an invaluable additional safeguard in busy environments where heavy workloads could seed a temptation to cut corners. Knowledge of the red flags triggers a crucial reminder to colleagues to pause and ensure your due diligence checks, controls and processes are followed to the letter, without undue exception.
The Legal Sector Affinity Group guidance highlights more than 300 warning signs. Whilst there’s not room in this article to cover all of them, we can provide your team with dedicated AML training to cover them in-depth. For today, however, we will be touching on:
- Some of the most common warning signs
- Which legal services are most commonly targeted or exposed to money laundering risks
- Money laundering in relation to digital assets
- How you can prevent or protect yourself from money laundering
- What you action should consider if you suspect money laundering is in progress
- What should you consider if you identify money laundering after the act
Most common money laundering red flags and warning signs
Whilst there are over 300 warning signs, these can broadly be grouped into the following categories. It’s worth noting that warning signs may not occur in isolation and may fit into more than one category:
- Unusual or secretive clients
- Unusual transactions
- Unusual source of funds
- Third-party funding
- Geographical concerns
- Sanctions exposure
- Politically exposed persons (PEPs)
- The Ultimate Beneficial Owner is unclear (UBO)
- Use of bogus or unusual representatives
- Complex company ownership structure or Shell company usage
- Misuse of business accounts to execute personal transactions
- Suspicious track records
- High risk industries
- Adverse media coverage
- Sudden changes in instructions
- Account or personal data inconsistencies
- Suspicious employee activity
Unusual or secretive clients
Naturally criminals want you to know the least amount possible about themselves (either their true identity, or false aliases) or their activities. Therefore, one of the first red flags is a client who is being (or who you feel is being) unusually obstructive, secretive, or less than forthcoming with certain information.
This will often relate to information around:
- Who they are
- Who the beneficial owner is
- The source of where money originated
- Why they’re performing a given transaction
- A new but unusual client persona vs your typical client base
It’s important that all staff are familiar with your Know Your Customer (KYC) checks and Customer Due Diligence (CDD) procedures.
Unusual transactions
Most legal transactions follow a well defined process and therefore in many cases transactions will follow an almost mundane similarity. Therefore, when something feels a little unusual, even if it’s not enough to be suspicious in isolation, it can normally be worth paying attention to. This might include:
- Being asked to help with a transaction which is outside your normal area of expertise or services
- Being asked to follow an usual transaction process or timeline
- Involving a larger sum of money than you might expect
- A transaction which feels unusual or out of place for the client’s circumstances or proposed aim
- Transactions between parties which have no clear connection, an unusual connection, or indeed, a connection with a known third party where it may be an unusual transaction for that party
Unusual source of funds
A key purpose of money laundering is to conceal the original source of funds. Therefore, when the source of funds is confusing or multi-layered, or the method of payment of the funds is unusual, it’s vitally important to dig deeper.
The following are examples which may signal a need to be extra cautious:
- Unusually large cash payments
- Digital transactions using Cryptocurrency (e.g. Bitcoin)
- If a bank account has been recently opened prior to the transaction
- Transactions where there is a lack of sufficient papertrail (e.g a bank statement might show a large amount of cash being paid into an account, but you are unable to verify the source of that payment)
- If funds are being provided in an unusual frequency or pattern (e.g. funds which would normally be provided as a lump sum are being provided as multiple small amounts, or vice-versa)
- If the amount of money involved seems unusual for a typical client within a given demographic
- Funds received from high risk countries
- “Layering” makes it difficult to correctly and confidently identify the original source of funds or the Ultimate Beneficial Owner
Third-party funding
Just as airport security staff will ask “Did you pack your own bag” and “Has anyone else given you something to carry on their behalf”, the same rationale applies to money laundering checks. Third-party involvement is perfectly normal within certain transactions such as property purchases which may involve a legitimate chain with various third-party’s providing funds. However, it’s worth querying details in relation to the third-party; especially in regards to their motives.
- Do you know (and have you been able to verify) the identity of the third-party?
- Why have they provided the client with funding?
- What are they receiving in return? Are the funds being provided as a gift?
- Is it someone that the client knows well? Is it someone they trust? Don’t always assume that a family member is always acting in your client’s best interest or vice-versa.
- Has the client been provided with the funds by someone on the Sanctions list?
Geographical concerns
Certain countries are deemed to present a higher risk due to association with certain types of crime, sanctions, or levels of corruption. A red flag might present when there is no apparent connection between that client and a given country, or where such a link would be unusual.
Sanctions exposure
It’s important to consider if a transaction may be subject to UK or international sanctions, or an attempt to circumvent sanctions.
The UK financial sanctions list applies to:
- Individuals
- Entities
- Ships
A separate list defines financial sanctions by regime including:
- Countries
- Administration / Governments
- Terrorist Groups
Clients or transactions with links to any of the above warrant closer inspection to ensure everything is correct and legal.
Politically Exposed Persons (PEPs)
A Politically Exposed Person is an individual who is more at risk or more susceptible to being exposed (willing or otherwise) to bribery, corruption, money laundering or other illegal activities.
Whilst there is no internationally agreed list of PEPs, these typically include high-profile figures or persons with significant connections to power or wealth. This might include:
- Politicians or party officials
- Government officials
- Senior business leaders (especially of state-owned entities)
- Heads of police or the military
PEPs also extend to family members or close connections of the above.
The Ultimate Beneficial Owner is unclear (UBO)
Ultimate Beneficial Ownership generally refers to ownership of an entity such as a company, and therefore it is classed as the person who has direct control and responsibility for actions and transactions that a company makes.
In the case of money laundering, the UBO may be harder to identify and this may be due the fact that a shell company has been used, or that there is a complex company ownership structure.
Use of bogus or unusual representatives
The purpose of having robust AML legislation at government level, coupled with robust AML policies, processes and controls at ground level is to make money laundering extremely difficult, and in an ideal world, impossible.
Therefore, criminals sometimes resort to creating fictitious entities and/or representatives to reduce some of the barriers which are placed in their way.
Similarly, sometimes criminals might ask a legitimate representative to perform a transaction outside their usual sphere of knowledge in the hope that they will be less familiar with some of the safeguards, risks or warning signs.
Therefore, red flags could present themselves as:
- Company names or job titles which fall outside of the norm for the transaction type
- Firms which are not located within the same country as the client
- Firms which are very newly established
- Firms not cited on, or registered with official regulatory sources for a given country
- Addresses from PO boxes
- Addresses which cannot be verified as a physical business address via sources such as Google Maps street view
Complex company ownership structure or Shell company usage
Sometimes you will be reviewing the company structure aspect first before identifying the UBO. Therefore, this may be the first red flag you encounter as you may find the company ownership structure is either unusual, complex, opaque, or utilises shell companies which ultimately may make identification of the UBO challenging or impossible.
Misuse of business accounts to execute personal transactions
Business accounts (legitimate or otherwise) can sometimes be used to perform personal transactions in an attempt to hide or add a level of “layering” to mask money laundering. Therefore, it can be worthwhile querying unusual personal transactions which have passed through business accounts or large cash withdrawals from business accounts.
Suspicious track records
Whilst previous criminal convictions should not be assumed to be an indicator of guilt, it would be fair to say that connections to individuals that are known to be either directly or indirectly connected with criminal or less-than ethical practices, should raise a red flag. By ensuring the correct processes are followed, you will not only be protecting yourself and the firm, but you will also potentially be helping genuine ex-offenders with rebuilding their credibility and trustworthiness.
High risk industries
Certain industries have greater exposure to transactions which utilise cash or crypto currency payments. Examples include:
- Adult entertainment
- Gambling
- Online gaming
- Arms dealing
- Gems or precious metals
- High value pawn brokerage
- High value antiques or collectables
Adverse media coverage
When recent sanctions were imposed on Russia and various Russian subjects in 2022 following Russia’s invasion of the Ukraine, a flurry of news coverage highlighted how a number of “oligarchs” with connections to the Russian military or high ranking political figures were attempting to relocate assets to safe harbours.
Whilst absolutely no suggestion is being made as to attempted money laundering in any of these instances, it provided the public with a rare and interesting glimpse of how quickly individuals attempt to relocate high value assets in the face of adverse media coverage, even if they are not the initial focus or cause.
Not all negative media is as widespread or visible; some negative press may be limited to within just that of a single country or industry and yet, within those smaller circles the impact can be just as significant.
Therefore, people who have involvement or connections with companies, entities or individuals who have (or are predicted to soon receive) connections with crime or negative media attention should trigger this red flag.
Sudden changes in instructions
Whilst a sudden change of instructions is not always a cause for concern, you should ask yourself if there is a reasonable explanation or whether something else may have triggered the request.
For example:
- Have they shown discomfort with your due diligence processes and procedures? It may be a signal that they are becoming concerned that you may detect their true intent.
- Have you been instructed to work on a litigation case which has subsequently been settled out of court? According to the Law Society, “sham litigation” is just one example of money laundering techniques within which a sudden change in instructions is a red flag. There is an article on Thomson Reuters titled “Dirty laundry: are the English courts washing dirty money” which explains how sham litigation works and the scale of the problem.
Account or personal data inconsistencies
For all of their complexities, sometimes money laundering attempts can be spotted by the simplest of errors or inconsistencies, but often it’s the tiny details which get overlooked.
More often than not, an error or typo in a name, address or date of birth can be explained exactly as just that. However, if those errors appear in official documents then that should be a red flag. Similarly, using an unusual format (e.g. using a USA date format on a UK document, or perhaps spacing a phone number with unusual spacing) can be very easily overlooked yet a clear indicator that something is not quite correct.
Suspicious employee activity
As mentioned earlier in this article, processes and controls are in place to make money laundering extremely difficult. Therefore, criminals may attempt to coerce, entice or blackmail people within the process to aid a transaction’s progress.
As a result, one aspect of ensuring we as an industry have a credible and robust due diligence system, is to actually be aware of what is happening within our own organisation to spot any suspicious activity internally.
This might include staff members who:
- are overprotective about certain cases, or communication with certain clients
- refuse to take holidays when work is being performed for certain clients
- have a lifestyle which seems unusual or disproportionate to their personal circumstances or means
- have begun to exhibit a change in their behaviour, perhaps becoming more closed off from their colleagues or working later than normal so that they can be alone in the office
To help safeguard against these risks, firms should include “Screening of Relevant Employees” as a specific action within their internal policies and processes. Section 9.4 of the LSAG guide provides insight on this aspect. Screening should take place regularly, as people’s circumstances change, and therefore so might their need to generate extra income and therefore their susceptibility to coercion or corruption.
It’s important to note that these indicators alone do not signal malicious intent, but they are still worth watching for. A change in behaviour and working late could for example signal they are struggling to cope with their workload or personal issues; both of which are things a good employer should take an interest in from the point of view of employee mental health and wellbeing.
Legal services most commonly targeted
Money laundering happens across a range of industries where it’s commonplace to process transactions involving large sums of money; often across international borders. However, whilst money laundering is not a unique risk for the legal sector, there are certain legal services which can find themselves being more frequently favoured by criminals due to solicitor-client privileges which can help shield their activities, and specific characteristics that make it easier to hide the illicit origins of funds.
Commonly targeted legal services include:
- Conveyancing
- Trust and company formation
- Services which handle digital assets such as cryptocurrency
How can you prevent money laundering?
The ultimate aim of legislation is to make money laundering impossible. However, the sad reality is that legislation is normally reactive in nature, whereas criminals are well-funded, technically advanced, and well versed in creating ever-evolving and innovative ways to find loopholes in otherwise secure systems or processes.
Therefore, there is no guarantee that you can fully prevent money laundering from taking place, but there are a few things which can help you reduce your risks.
- Training - Your staff ultimately have the power to spot and eliminate most money laundering attempts when they are provided with the right training. Therefore, a regular and robust training program should be at the forefront of your safeguards. Without this, even the most robust processes will be easy to circumvent. At PDA Legal, we provide a range of ad-hoc training services and our newly introduced regular training sessions cost from as little as £9.50 per delegate, which means there is no excuse for failing to provide your staff with the best training possible
- Ensure you have a designated Money Laundering Reporting Officer (MLRO) - The MLRO plays a crucial role in an organisation's efforts to combat money laundering and comply with anti-money laundering (AML) regulations. The MLRO will typically oversee AML activities ranging from policy development and submission of suspicious activity reports (SARs) to internal and external reporting.
- Your Firm-Wide AML Risk Assessment A meaningful Firm-Wide Risk Assessment for AML is worth many times its own weight in gold. A detailed analysis of the risks to which your practice or department is subject and the suitability of the controls designed to manage those risks is the cornerstone of your firm’s AML strategy.
- Have regularly audited checklists & processes - If your controls and processes are weak out of date or incomplete, so is your ability to minimise your exposure to money laundering. An independent AML audit conducted annually is invaluable for not only meeting your legal and regulatory obligations, but also for highlighting opportunities for improved efficiencies within the organisation which can help improve your performance, profitability and staff morale.
- Screening of Relevant Employees - Sadly not all employees have either the firm’s or the client’s best interests at heart. This could either be due to someone joining a law firm with malicious intent from the outset, an employee who has developed grievances over time, or an otherwise loyal employee who is struggling financially and has been coerced or forced to act on behalf of criminals.Therefore, in addition to providing training and ensuring you have robust controls and processes, it is necessary to regularly review and assess if there may be any potential weaknesses at staff level. Screening is usually a combination of the analysis of the outputs of; training, supervision, file reviews, appraisals, DBS checks and sometimes dip sampling of work.
What should you do if you identify or suspect a case of money laundering may be in progress?
The first thing to do is try to avoid alerting the suspect to your suspicions. Each firm should have a defined reporting process but this will normally require you to inform the MLRO immediately, and complete a Suspicious Activity Report (SAR). Each country has their own specific route for reporting, but in the UK the National Crime Agency (NCA) is the designated authority to which SARs should be reporting via the online NCA SAR Portal. The reporting is facilitated through the Suspicious Activity Reports Regime (SARs Regime).
You could commit a “failure to disclose” offence if you decide not to report it to your firm’s MLRO or the NCA.
The SRA also states that SRA-regulated firms must report any facts or matters which you reasonably believe are capable of amounting to a serious breach, outfits regulatory arrangements or should be brought to their attention for the purpose of investigation and/or being able to exercise its regulatory powers. However, as touched on at the start of this article, some firms are hesitant to disclose this as it could result in heavy penalties even if no illegal activity has taken place if the company is found to have weaknesses in their AML controls or processes.
Once a suitable course of action has been agreed with the relevant authorities, it would be wise to perform an internal review to ascertain if the identification of the attempt came about due to change, or as a result the efficacy of your staff training, controls and/or procedures.
What should you do if you realise money has been laundered?
Ultimately, the process is the same but the implications could be more serious, both from a regulatory standpoint and potentially in terms of legal implications and damage to your firm’s reputation or client confidence.
In addition, the fact that you’ve spotted this after the event means there are some serious weaknesses in your internal systems which need to be improved. As a result, after having complied with your legal and regulatory obligations, you should as a matter of some urgency, perform a thorough review of all aspects of your money laundering processes, controls and training activities.
Given there were already weaknesses, it would be unwise to utilise the same team (e.g if you normally perform this internally). Therefore, we would strongly recommend retaining the services of a specialist anti-money laundering consultant such as PDA Legal to perform a full, thorough and independent review of your entire AML safeguards.
The good news is that PDA Legal have over 25 years experience within the legal sector and have supported over 500 UK law firms, so are well placed to bring your internal standards back to a suitable level.
Don’t risk it - ensure your team know how to spot the red flags
As this article has shown, a hefty fine from the SRA is no longer something that’s reserved for failings in AML safeguards where a breach has been successfully committed. As a result, it is more important than ever to ensure your team receives the best training available to help protect your brand, your company and your clients.
All of our training is delivered in private and tailored specifically to your needs, and you can now choose from ad-hoc training or opt for one of our affordable annual training packages which provides you with access to regular live training from as little as £9.50 per delegate.
Contact us today for a no obligation discussion to learn more about our range of AML services and how we can help you.