Our experts have created this money laundering information hub to help you learn more and keep up to date.

Discover more from a selection of money laundering insights articles written by the AMLCC  founder and money laundering expert, Richard Simms. Find answers to your AMLCC product FAQs and AML regulation FAQs. Read more detailed money laundering information and background in our AML law and guidance section.


AMLCC regulation questions

MLRO: Money Laundering Reporting Officer
DMLRO: Deputy Money Laundering Reporting Officer
NCA: National Crime Agency
SAR: Suspicious Activity Report

Money laundering is the process by which proceeds of crime are integrated into the legitimate economy. Under the Proceeds of Crime Act (POCA) 2002 money laundering offences are committed when a person:

  • Conceals, disguises, converts or transfers criminal property (Section 327)
  • Enters into an arrangement regarding criminal property (Section 328)
  • Acquires, uses or possesses criminal property (Section 329)

Put simply: doing “stuff” with or with regard to the proceeds of crime is going to be a money laundering offence.
Conviction of any of these offences can be punishable for up to 14-years imprisonment and/or a fine.

All individuals or firms acting as ASPs (Accountancy Service Provider, defined to include accountants, bookkeepers, tax advisors, auditors and insolvency practitioners) have a legal obligation to report any knowledge or suspicion (or grounds for either) of money laundering as soon as practically possible. Full definitions are provided within the 2017 money laundering regulations as expanded by AMLGAS (Anti-Money Laundering Guidance for the Accountancy Sector).

For an employee, their duty ends once they have reported their suspicions to their firm’s MLRO (Money Laundering Reporting Officer) or DMLRO (Deputy MLRO). Once this report has been sent, it is then the responsibility of the MLRO to consider if a report to the NCA (National Crime Agency) via a SAR (Suspicious Activity Report) is required.

It’s a criminal offence for ASPs not to comply with the 2017 Money Laundering Regulations.

Individuals in the regulated sector commit an offence if they fail to disclose knowledge or suspicion (or grounds for suspicion) that money laundering is occurring or has occurred. The maximum penalty is 5-years imprisonment and/or a fine.

The Proceeds of Crime Act (POCA) 2002 provides full details on the obligations and penalties.

Businesses need to establish a system that maintains their compliance with AML regulations and provides evidence of such compliance. The key requirements are:

  • Appointing an MLRO (Money Laundering Reporting Officer) and having clear reporting procedures to the MLRO
  • Performing a risk assessment on their firm and keeping it updated
  • Performing risk assessments on every client and keeping them updated
  • Undertaking due diligence and ongoing monitoring for all clients
  • Maintaining clear and up-to-date records
  • Carrying out training for relevant staff and senior managers
  • Having clear anti-money laundering compliance policies and procedures
  • Identify reportable matters to the National Crime Agency (NCA)

Monitoring and amending the above routinely and as circumstances dictate.

The MLRO (Money Laundering Reporting Officer or Nominated Officer) is responsible for ensuring that all relevant staff are trained on an annual basis to make sure they are up to date with legislation and aware of the firm’s own policies and procedures. It’s also their job to submit any SARs (Suspicious Activity Reports) to the NCA (National Crime Agency) and to maintain the confidentiality of the report to avoid ‘tipping off’.

It’s worth noting that the MLRO is a well established term for the individual with responsibility for considering and making reports to the National Crime Agency. That role is often doubled-up as the person who is responsible for money laundering compliance within a firm. This role is also referred to as Money Laundering Compliance Principal.

Identification and verification of clients is essential. Don’t forget that it’s the natural persons behind a client that must be identified and verified, this applies equally when the client is not a natural person (the client’s beneficial owner(s)).
Verification of a client may include:

  • Obtaining their photocard driving licence or passport to verify their name, DOB and visual identity
  • Obtaining an up-to-date utility bill (no older than 3 months) to verify their address
  • Undertaking an online verification, where appropriate, to further verify the identity of the client or beneficial owners.

It’s worth considering the role of confirming that such a person exists and that the person you are dealing with is that person. This is particularly important to minimise the risk of identity fraud.

Electronic verification  is used to complement the normal identification documents as a tool for ‘Enhanced Customer Due Diligence’ (EDD). It is usually reserved for high-risk clients or those requiring EDD in order to:

  • Search their electronic footprint
  • Search the PEP (politically exposed person) database and sanctions lists
  • Perform extra checks to confirm that a person’s identity exists

However, a firm may choose to run an electronic verification on all clients to manage the risk of a client being a PEP or on the sanctions list.

You’ll need to advise your client that you intend to carry out an online verification but you do not need their permission. The best way to inform your clients is to include a paragraph in your letter of engagement stating that these checks are likely to occur during the verification process and that it may leave a soft ‘footprint’ on their file. We are advised by our online verification provider that this will not affect the credit rating of an individual.

It’s not uncommon that a client may have, for example, recently moved to a new house, or that they’re living with their parents or partners where they have no external records of living at an address.

The hard copy verification process should already have been undertaken and the circumstances of any particular client should be considered along with what evidence may be available or what risk is attached to the client.

You’ll need to verify all of your clients and carry out at least normal customer due diligence in order to demonstrate that you are complying with the money laundering regulations. Any variation from your standard policy should be noted and approved by senior management.

A high-risk client could, for example, include the following:

  • Cash-based business
  • High-risk business such as opaque business practices or obscure trading procedures
  • Clients who operate in high-risk jurisdictions
  • Clients you have never met face to face
  • Politically exposed persons (PEP) or those on the Treasury Sanctions List
  • Clients who are evasive
  • Clients who try to put you off your guard
  • Clients who try to direct your actions

AMLCC’s client risk assessment tools will take users through the risk assessment process for clients.

If you have, for example, never met a client, then their ID should be certified by an identifiable individual of good standing such as a solicitor or accountant. A video call may be worthwhile to help verify their identity but will not be enough on its own.

You may also consider an online verification to check  their electronic footprint. This will help with checking the sanctions lists and helping with recognising that a person is politically exposed. It is not recommended to use electronic verification without having met an individual along with their actual documents or having had such documents correctly certified.

AMLCC’s client risk assessment tool includes Enhanced Due Diligence factors and measures to apply where they are required.

The person who should carry out the AML checks should be the person who the individual is a client of. Therefore, if an accountant outsources to a third-party bookkeeper, the client is technically the accountant’s and so they should be carrying out the AML checks. However, any third party who is hired should be given training on the firm’s AML policies and procedures to ensure they are working to the same standards.

In general, the AML due diligence checks follow the engagement letter. As a freelancer there would be an agreement in place to provide services and not an agreement to be an employee of the accountancy practice.

Provision of accountancy (including bookkeeping) services to a third party is almost certainly going to fall under the definition within the 2017 Money Laundering Regulations as expanded by the Anti-Money Laundering Guidance for the Accountancy Sector (AMLGAS).

If providing regulated services, then the freelancer must be supervised for AML and must undertake the necessary AML steps.

  • Customer due diligence
  • Ongoing monitoring of clients and evolving risks
  • Documentation and recording
  • Reporting SARs (Suspicious Activity Reports)
  • Risk assessments for clients and the firm
  • Control procedures
  • Training
  • Cash handling
  • Client account

A comprehensive text editable draft firm policy is available in AMLCC.

The easiest way to submit a SAR is by using the SAR Online System.The quality of the SAR can affect the ability of the NCA (National Crime Agency) to prioritise and process the report. It can also affect the law enforcement agencies’ decision or ability to investigate. It’s therefore important to include as much detail as possible; poor quality reporting can lead to delays in action being taken.

‘Tipping off’ can be found in the Proceeds of Crime Act 2002 (Section 333). It creates an offence of tipping-off a client that a SAR report is about to be made or has been made about the client.

If the MLRO (Money Laundering Reporting Officer) has decided not to submit a SAR to the NCA, then a record of that decision should be documented clearly along with the reasons why that decision was made.

Scroll to Top