In an era of increasing financial crime sophistication, small law firms must remain vigilant and proactive in their anti-money laundering (AML) efforts. The Solicitors Regulation Authority (SRA) has recently updated its sectoral risk assessment following the UK Government’s latest National Risk Assessment (NRA), and the implications are significant—especially for smaller practices that may lack the resources of larger firms.
This blog post breaks down the key points from SRA Update 143, published on 10 September 2025, and offers practical advice for small law firms to stay compliant and protect themselves from being exploited by money launderers.
Why This Update Matters
The SRA’s updated guidance reflects the evolving landscape of financial crime and the persistent vulnerabilities within the legal sector. The NRA continues to rate legal services as high risk for money laundering, underscoring the need for firms to reassess their AML strategies.
Under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017), firms within scope must incorporate the sectoral risk assessment into their own risk evaluations. This is not just a regulatory requirement—it’s a critical tool for safeguarding your firm’s reputation and operations.
Key Risks Identified in the Updated Guidance
The SRA’s sectoral risk assessment highlights several emerging and ongoing risks that small law firms should be aware of:
1. Geopolitical Instability and Illicit Funds
The collapse of the Sheikh Hasima regime in Bangladesh is cited as a potential trigger for attempts to purchase UK property using funds of questionable origin. Firms must be alert to clients from politically unstable regions and scrutinize the legitimacy of their funds.
2. Unfamiliar Banking Systems
Clients may use informal banking systems such as Hundi or Hawala, which are difficult to trace and verify. These systems pose a significant risk, especially if firms lack the expertise to assess them properly.
3. Inadequate Due Diligence
Some firms are failing to critically examine due diligence documents. For example, one case involved a photo ID that appeared decades older than the age stated. This highlights the importance of not taking documents at face value and ensuring thorough verification.
4. Use of Offshore Companies
Clients increasingly use offshore entities to obscure the identity of beneficial owners. This tactic complicates the due diligence process and can mask illicit activity. Firms must dig deeper to uncover the true ownership structure.
5. Accounts Rules Breaches
Violations of the SRA Accounts Rules, particularly Rule 3.3 (which prohibits using the client account as a banking facility), can inadvertently facilitate money laundering. Misrecording funds or failing to monitor transactions properly can expose firms to serious risks.
6. Technology and Consultancy Models
While new technologies and consultancy models offer operational efficiencies, they also introduce vulnerabilities. Over-reliance on e-verification tools or lack of centralized supervision in consultancy setups can allow suspicious activity to go unnoticed.
Practical Steps for Small Law Firms
To mitigate these risks, small law firms should take the following actions:
1. Update Your Firm-Wide Risk Assessment
Use the SRA’s sectoral risk assessment as a benchmark to revise your own AML risk profile. Consider geopolitical factors, client types, transaction patterns, and service areas.
2. Enhance Client Due Diligence (CDD)
Go beyond basic checks. Verify the authenticity of documents, understand the source of funds, and identify beneficial owners. Be cautious with clients using unfamiliar banking systems or offshore structures.
3. Train Your Team
Ensure all staff—especially those involved in client onboarding and financial transactions—receive regular AML training. Include case studies and real-world examples to reinforce learning.
4. Monitor Transactions Closely
Implement systems to track and flag unusual transactions. Pay attention to patterns that deviate from the client’s known profile or business activity.
5. Review Your Use of Technology
While digital tools can streamline processes, they should not replace human judgment. Use e-verification as a supplement, not a substitute, for thorough due diligence.
6. Strengthen Internal Controls
If your firm operates under a consultancy model, ensure there is a robust supervisory framework. Centralized oversight is essential to maintain compliance and detect irregularities.
Common Pitfalls to Avoid
Small law firms often face resource constraints, but cutting corners in AML compliance can be costly. Avoid these common mistakes:
- Assuming low-value transactions are low risk: Money launderers often use small amounts to test systems.
- Failing to document risk assessments: Regulators expect a clear audit trail.
- Overlooking red flags in client behavior: Sudden changes in transaction patterns or reluctance to provide information should prompt further scrutiny.
- Using the client account as a banking facility: This is a direct breach of Rule 3.3 and a known money laundering risk.
Looking Ahead: A Culture of Compliance
The SRA’s updated guidance is a timely reminder that AML compliance is not a one-time task—it’s an ongoing commitment. For small law firms, fostering a culture of compliance is key. This means embedding AML awareness into daily operations, encouraging staff to speak up about concerns, and continuously improving systems and processes.
Remember, the consequences of failing to comply are severe: regulatory sanctions, reputational damage, and even criminal liability. But with the right approach, small firms can not only meet their obligations but also build trust with clients and regulators alike.
Final Thoughts
The legal sector remains a target for money launderers, and small law firms are not immune. The SRA’s Update 143 provides valuable insights into current risks and expectations. By taking proactive steps—updating risk assessments, enhancing due diligence, and strengthening internal controls—small firms can protect themselves and contribute to the broader fight against financial crime.
If you haven’t already, review the full guidance on the SRA’s website here and ensure your firm is aligned with the latest expectations.