Intapp: Improving AML compliance, CDD practices, and risk assessment
Expectations around anti-money-laundering (AML) compliance and client due diligence (CDD) practices are rapidly evolving, causing many challenges for risk and compliance professionals in the U.K. These challenges were brought up during our latest Intapp risk and compliance roundtable, “An Expert Panel Discussion on Risk Assessment, AML, and CDD.”
Daragh McLaughlin, Practice Group Leader for Risk and Compliance at Intapp, spoke with Amasis Saba, Head of Business Acceptance for the U.K., CE, and MENA at Freshfields Bruckhaus Deringer, and Emma Oettinger, Head of Financial Crime and Risk at Ashurst, about key issues including the Solicitors Regulation Authority (SRA) — which regulates solicitors in England and Wales — and expanding risk awareness within firms. Here are some of the highlights from the discussion.
Meeting AML and CDD Expectations
Firms supervised by the SRA must follow a long list of AML obligations. One of the biggest challenges around AML compliance is identifying source of funds and relaying funding information to compliance teams. During the webinar, we asked attendees whether they have a team that constantly checks funds from third parties. Although most of the poll respondents said they did, others acknowledged that their firms have yet to create a dedicated compliance group.
In addition to struggling with AML compliance, some firms — and, more specifically, their fee earners — struggle to meet CDD guidelines. “In firms that have big, centralised functions, fee earners can feel fairly divorced from the CDD process,” Saba said. Fee earners are often “responsible for ongoing monitoring,” Saba continued, “but if the fee earner isn’t aware of the risks involved with the client, that is a challenging undertaking.”
Saba stressed that firms must work towards establishing strong compliance teams and processes and “be comfortable with section 6.17 of the Legal Sector Affinity Group (LSAG) guidance, which covers source of wealth and funds, and 6.18(b) for the enhanced due diligence piece.”
To appropriately address and manage funds and due diligence, Oettinger recommends investing in advanced technology. “You can use your systems to help control [due diligence and] make sure that the payments coming in are from a client or pre-approved third-party payer,” Oettinger explained. “A lawyer [should be able to] look at the system and say, ‘I can see all my people are cleared,’ or, ‘We’re missing some parties; let’s get that updated before any money actually moves.’”
Identifying and Verifying UBOs
Another challenge that SRA-regulated firms face revolves around regulation 28(4)(b) of the LSAG guidance, which states that firms must identify the ultimate beneficial owner (UBO).
“The Law Society of England and Wales has always taken the view that identifying the UBO meant identifying the person who exercises control,” said Saba. However, he continued, “some regulators took the view that identifying meant proving the person’s identity.”
So which interpretation is correct? “The vast majority of our regulators and supervisors … expect [firms to] do both,” Saba explained. “You have to take reasonable measures to verify the identity of the beneficial owner.”
Oettinger then elaborated on how gathering information about the UBO can help firms decide whether to move forward with a matter. “If there isn’t publicly available information about [the UBO], or if [the UBO isn’t] willing to give you a passport or biography, then the warning bells should start ringing,” she said.
Expanding Risk Awareness
To further expand risk awareness within your firm, Saba and Oettinger recommend examining your current processes to determine whether those processes allow you to:
- Identify and track your firmwide hotspots
- Track firmwide changes
- Expand your risk considerations around sanctions
- Report and manage information around sanctions
- Track environmental, social, and governance (ESG) criteria
Oettinger reiterated how technology can help firms capture this and other crucial information to inform both operational and strategic decisions. “Compliance can be value-adding to the strategy of the firm,” she said. “If you’ve got a system that provides … key data points, you can do a risk assessment of [matters] opened during a set period of time and compare that over time frames to actually see if it’s stable or [if there’s] a shift.”
OnePlace Risk & Compliance uses AI, machine learning, and predictive analytics to help firms easily collect and manage client data, ensure compliance, and streamline AML and CDD management. Read our AML compliance data sheet to learn how Intapp Intake — part of the OnePlace Risk & Compliance suite — can improve your AML process.
Download the full webinar to learn more about risk, CDD, and AML compliance, schedule a demo to learn more about OnePlace Risk & Compliance.
Register today for our April 21 webinar, “The Intapp Advantage: Streamlining Risk Assessment and AML Processes.”