Skip to main content

What is a Money Laundering Reporting Officer (MLRO)?

18 September 2024
A woman wearing glasses stands confidently in front of a diverse group of people

MLRO (Money Laundering Reporting Officer) and MLCOs (Money Laundering Compliance Officer) are two roles set out in the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, the MLR. 

Whilst not all firms require both, the responsibilities and actions required of the roles are important for maintaining the integrity of regulated organisations and monitoring illegal activity risks, minimising their chances of manifesting. 

To add even further confusion for anyone learning about the roles for the first time, you may also encounter the terms “Nominated Officer(s)” and “AML Officers”. 

Don’t worry; In this article we clearly explain the differences and similarities of each role, to help you understand the essential functions, responsibilities, and importance of MLROs, MLCOs, nominated officers and/or AML officers in supporting the National Crime Agency (NCA) in the fight against money laundering and other financial crimes.

One Ring Acronym to Rule Them All

OK; let’s start by clearing up one of the biggest sources of confusion. The term MLRO is often misused. Just as “Hoover” (the brand) has become a synonym for the term “vacuum cleaner”, or “Google” has become synonymous with “search engines”, the term MLRO is often used to refer to any position which has a responsibility in relation to anti-money laundering.

And this isn’t without good reason; as within smaller firms it is actually possible for the MLRO to wear many hats, including performing the roles and responsibilities of both the nominated officer and the MLCO.  Therefore it’s both understandable and reasonable to see this term widely mis-used. However, as you’re at the start of your journey, we feel it’s important you clearly understand the roles and responsibilities of each, and whilst we’ll touch on each in the course of this article, the following is a very high level introduction and summary which may help you along the way.

In large firm’s where each of the designated roles are fully required, a typical separation of roles would look something like this:

Demystifying AML roles & Responsabilities

  • Nominated Officer - These are the people within the organisation who act as the first point of contact for any money laundering “Suspicions”.
  • MLRO - Responsible for reporting the Suspicion to the NCA
  • MLCO - Responsible for SRA compliance of the organisation in relation to AML
  • AML Officers - An umbrella term for the above three roles

Within smaller law firms, it is acceptable for one person to hold the roles of nominated officer MLRO and MLCO, but often these are referred to as the MLRO (rather than MLCO) as SRA rules state that any SRA Authorised law firm must have an MLRO.

Therefore, for the rest of this article, whilst we will continue to endeavour to provide a clear separation and distinction between each, bear in mind that in reality, many firms will muddle the roles and responsibilities of each, and so we’ve sometimes used MLRO as an aver-arching term. 

Should you have any questions and need further clarification, please don’t hesitate to contact us and we will be happy to help.

The (Official) Role of the MLRO:

Quite simply, as the name implies, the MLRO is responsible for receiving reports of suspicions, making reports to the authorities and to the Board, and managing activity during investigations. However, as you’ll discover, most law firms actually combine the roles of the MLRO with the MLCO. So what is the MLCO responsible for?...

The (Official) Role of the MLCO:

The roles of the MLCO to ensure organisational compliance. They will need to be a Board member or senior manager.

  • The lead role in AML at the firm.
  • Primary AML contact with the SRA.
  • Has the ‘final word’ on AML matters.
  • Responsible for the FWRA.
  • Responsible for staff training and screening relevant employees.
  • Responsible for audits.
  • Responsible for oversight of AML resources (eg. EID/V).

At present around 90% of law firms have opted to have one person hold both roles, under the title of MLRO.

The appointment of a MLCO is fairly unusual in small firms. Regulation 21(1) states: 

Where appropriate with regard to the size and nature of its business, a relevant person must - appoint one individual who is a member of the board of directors (or if there is no board, of its equivalent management body) or of its senior management as the officer responsible for the relevant person's compliance with these Regulations

It doesn’t specify a threshold size for a firm to be required to appoint a MLCO, but it’s broadly accepted that sole practitioners or firms which provide only occasional work which falls within the scope of the regulations, are unlikely to require one. 

If you would like to know whether you need to have an MLCO, either read checkout this article by the Law Society, or feel free to contact us for individual guidance advice as part of AML consultancy services.

How is a MLRO different from a MLCO?

As touched on above, both are technically distinct roles with different responsibilities. A MLRO is responsible for reporting of Suspicious to the NCA, and is a mandatory role. The MLCO role is responsible for organisation compliance with SRA AML requirements and regulatory requirements. However, a dedicated MLRO position is not always appointed, with companies instead combining both positions into one, utilising the term MLRO. 

Both roles can be referred to as ‘AML Officers’.

The (official) role of a Nominated Officer

A Nominated Officer is usually the MLRO or MLCO, but could also be another senior manager or director. A Nominated Officer is a designated senior person within the firm whom staff should contact in the event of a concern or suspicion. The Nominated Officer might also make SARs to relevant authorities, albeit, this is usually conducted by the MLRO in any case.

When Is a MLRO Required?

For the legal sector, a MLRO is a mandatory requirement for any SRA authorised law firm.

For other industries, a MLRO is required for companies whose operations exposed to any of the following:

  • complex or high-value assets
  • large amounts of cash (such as casinos)
  • a large amount of personal or sensitive information
  • assets which are hard to track, such as expensive jewellery
  • Politically Exposed Persons (PEPs)

Or if a firm:

  • involves a high degree of anonymity, such as cryptocurrency firms
  • operates in an area of geopolitical instability
  • often deals with non-face-to-face transactions, such as online gambling
  • operates with cross-border transactions, such as multinational banks
  • experiences a high volume of transactions, such as money service businesses

This will typically included industries such as:

  • Law firms, especially those involved in financial transactions on behalf of clients
  • Accountancy firms
  • Financial institutions, such as banks and credit unions
  • Investment firms, such as asset management companies
  • Insurance companies, particularly those offering life insurance
  • Money services businesses (MSBs), such as currency exchange services
  • Casinos and gambling institutions, both physical and online
  • Real estate agencies involving buying, selling or managing real estate properties
  • Credit and loan providers, including payday lenders
  • Precious metals and jewellery dealers, trading in high-value goods such as gold

Key Responsibilities of a “MLRO” (AML Officer)

(Note: For the rest of this article, we will now use the term “MLRO” in the umbrella role sense as it will be more relatable for most UK law firms)

There are several key responsibilities that a MLRO must fulfil to monitor that a business is thorough with its AML controls. These include;

  • AML Compliance: The primary responsibility is to ensure that the firm adheres to all relevant AML regulations and guidelines. This includes implementing robust AML policies and procedures, and regularly updating them to reflect changes in the regulatory environment.
  • Risk Management: MLROs are tasked with conducting thorough risk assessments to identify potential money laundering risks within the firm. This involves analysing customer profiles, transaction patterns and red flags to detect suspicious activities. They also oversee the management of firm-wide risk assessments (FWRA).
  • Suspicious Activity Reports (SARs): One of the critical duties of a MLRO is receive and process internal reports of suspicious activity, And, if necessary, to file SARs through the National Crime Agency (NCA) when there are grounds to suspect money laundering or terrorist financing.
  • Know Your Customer (KYC) and Customer Due Diligence (CDD): MLROs ensure that the firm implements effective KYC and CDD measures. This involves verifying the identity of clients, understanding the nature of their business, and assessing their risk levels (are they a Politically Exposed Person, for example).
  • Training and Awareness: To foster a culture of compliance, MLROs have a key role in planning and overseeing regular, relevant training and awareness programmes for employees. These programmes help staff recognise signs of money laundering and understand their role in managing the risk.
  • Monitoring for Updates from Regulators: MLROs stay informed about the latest changes in AML laws, guidelines, and best practice issued by regulatory bodies such as the SRA. By doing so, the MLRO works to maintain AML policies and procedures that are current and compliant with the latest regulatory requirements and guidance/updates from regulators.
  • Liaison with Regulatory Authorities: MLROs act as the primary point of contact between regulated institutions and relevant authorities. They are responsible for communicating with regulators or supervisory bodies, responding to inquiries, and participating in audits and inspections.
  • Internal Reporting and Record Keeping: MLROs maintain detailed records of all AML activities, including internal reports of suspicious activities and the firm’s responses; reports must be made at least once per year. MLROs must also ensure that these records are accessible for regulatory review.
  • Assessing and Monitoring the Suitability Of Systems: MLROs evaluate the effectiveness of the firms’ AML systems and technologies, ensuring they are capable of detecting, preventing, and reporting suspicious activities. The MLRO regularly reviews these systems to ensure they are up-to-date with the latest regulatory requirements.
  • Reporting to senior management: The MLRO must report, at least annually (but in practice, far more often) to the senior management of the firm as to the state, suitability and currency of the firm’s AML controls.

The Importance of MLROs in Legal and Financial Practice

There are four key reasons why the roles of a MLRO are vital to a business’s approach to money laundering, and society in general. These include;

  • Regulatory Compliance: By ensuring adherence to AML regulations, MLROs help financial institutions avoid legal penalties, fines, and reputational damage associated with non-compliance.
  • Financial Integrity: MLROs play a key role in protecting UK and Global financial systems from being exploited by criminals. By identifying and mitigating money laundering risks, they help maintain the integrity and stability of regulated sectors.
  • Reputation Management: Institutions known for strong AML practices are more likely to gain the trust of customers, investors, and regulators. The MLRO’s work in preventing financial crime enhances the institution’s reputation.
  • Global Standards: In a globalised economy, adherence to international AML standards, such as those set by the Financial Action Task Force (FATF), is crucial. MLROs ensure that institutions meet these standards, facilitating smoother international transactions and partnerships.

Challenges Faced by MLROs

Due to their critical role, MLROs face numerous challenges that could impact the safety and legitimacy of a firm’s operations. These challenges involve;

  • Evolving Regulations: The regulations surrounding AML are ceaselessly evolving and tightening, so MLROs must stay updated with any changes to ensure compliance. 
  • Complex Financial Networks: The complexity of financial transactions and the emergence of new financial technologies pose significant challenges in identifying and mitigating risks.
  • Resource Constraints: Not every firm has a large budget or vast resources to work with; MLROs who face limitations in resources may find it more challenging to implement comprehensive AML programs effectively. Nonetheless, reporting indicates that regulators expect the controls, including the resource of the AML Officers themselves, to be ‘appropriate’ and ‘adequate’; not ‘reasonable’.
  • Balancing Act: MLROs must balance the need for stringent AML measures with the operational needs of the business, ensuring that compliance does not hinder legitimate business activities.
  • Being proactive: An MLRO should not simply be a resource or sounding board for AML queries. An MLRO must lead the charge through proactive monitoring of controls, people and risk data.
  • Impact on own workload: An AML Officer of a small-to-medium sized firm might spend 25% of their working week concentrating upon their AML responsibilities.

The role of AML Officers must be adequately resourced, even if that means the post-holder has to reduce the amount of time they spend on other activities, including those which can bring financial gain. This requirement reaffirms the importance of this role, and how strict compliance measures must be prioritised for firms at risk of money laundering.

Who Can Become a MLRO?

Becoming a MLRO requires a combination of relevant qualifications, experience, and personal attributes, due to the regulated nature of the role and the utmost importance it brings to a firm. If you’re considering becoming a MLRO, consider the following;

  • Education & Certifications: While there is no specific degree required, a background in finance, law, business, or a related field is often beneficial. 
  • Professional Experience: Candidates typically need several years of experience in handling and processing financial transactions, compliance, risk management, or a related area. Experience in AML or general financial crime prevention is particularly desirable. 
  • Attention to Detail: Attention to detail is an important skill for a MLRO - the ability to meticulously review, analyse and assess transactions, documentation, and reports to detect any irregularities or suspicious behaviour is essential
  • Analytical Skills: Strong analytical skills are necessary to identify and assess potential money laundering risks and to monitor suspicious activities effectively.
  • Communication Skills: MLROs need excellent communication skills to liaise with members of the Board and supervisory bodies or regulatory authorities.
  • Regulatory Knowledge: A robust understanding of AML regulations, guidelines and best practice is essential. This knowledge must include familiarity with national and international standards to account for overseas touchpoints. 
  • Leadership Qualities: As the MLRO often leads the firm’s AML efforts, leadership and management skills are important for overseeing AML programs and coordinating with various departments.

Could You Benefit From MLRO Training?

At PDA Legal, we understand the importance of compliance. Our AML training service and compliance management services offer comprehensive, bespoke solutions to real industry issues. Get in touch with us today for a FREE consultation.

Contact Us

Get in touch for a free no obligation quote today
  • Law Society Lexcel Assessor. Legal Practice Quality Mark.
  • Cyber Essentials  logo
  • Information Commissioner's Office logo
  • ISO logo
  • Legal Aid Agency logo
  • Solicitors Regulation Authority