Independent AML Audit

We provide this service to assist SRA regulated law firms meet their obligations - not only to have in place and documented compliant policies & procedures - but also to be able to satisfy themselves and the SRA that they are being operated by staff.

Regulation 21 of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 requires the relevant person to:

1(c)      establish an independent audit function with the responsibility:

(i)         to examine and evaluate the adequacy and effectiveness of the policies, controls and procedures adopted by the relevant person to comply with the requirements of these Regulations;

(ii)        to make recommendations in relation to those policies, controls, and procedures; and

(iii)       to monitor the relevant person's compliance with those recommendations.

You may carry out the Independent AML Audit internally, but it should not be carried out by the MLRO or the MLCO or anyone else responsible for maintaining the AML function within the firm. You may have the review done externally but should use someone with sufficient expertise as it remains your responsibility to the SRA to ensure this is done effectively. Quite a bit to organise! May firms choose to instruct an independent consultancy to carry out the Audit. We have done this for many firms. We also assist firms through AML audits carried out by the SRA - so we are well aware of what the SRA are expecting to see.

We Can Help

We recognise that for many smaller firms this will be a headache and you will not have someone with sufficient expertise who can do this who is not involved in the AML function in the firm. Larger firms may wish to have the rigour or external audit.

What we will do

1.    An Interview with the MLCO & MLRO (who may be the same person)

2.    A Review of AML Policies, Procedures and Controls

3.    Review a number of sample files (if required)

4.    Interview some staff members (if their files were reviewed)

5.    Report in writing on our findings with Recommendations

6.    Follow Up Remote Review to ensure the recommendations have been implemented

 All work is carried out remotely unless by separate arrangement.

Our Charges

£995 + VAT

If you go for a similar Sanctions Regime Independent Compliance Audit at the same time we offer a discounted combined price of £1,500 + VAT (which would mean a discount of £245 + VAT on the combined price)

(This is on the assumption of 1 office & up to 50 staff. If there are more offices you wish to have included, the charge will be £250 + VAT per additional office. There will be an additional charge of £250 + VAT for each 25 staff over 50 in number, but this will not duplicate to the office charge.)

Contact Us: Ingemar: 07887 524507 or [email protected]

Other AML Help from Us:

We can also help with other aspects of your compliance, for example

(Sanctions Regime compliance - see separate services for this on our website.)

Just ask - we can also bespoke around your needs.

Extract from the SRA Report

What we expect

 We consider that Regulation 21 should be interpreted as follows:

•     Size: Only at the very smallest practices will a Regulation 21 audit not be appropriate to the firm’s size. All other practices who carry out regulated work must establish an audit function. 

•     Nature: We expect most firms to carry out an internal audit. If firms consider they do not need to carry out an audit, they will need to justify this based on their size and nature. We consider that the following are some indicators that a firm is of a nature that requires an audit:

o  Having more than one office.

o  Having fee earners who focus on an area of regulated work e.g. conveyancers.

o  The partners being responsible for others’ compliance with the regulations.

•     Independent: This does not necessarily mean engaging a specialist agency or consultancy, though that is an option. Firms should make sure that, as a minimum, those with responsibility for maintaining their AML framework are not those auditing it. As well as an external entity, this could for example be:

o   a senior member of the firm who does not carry out regulated work

o   an MLRO from another firm

o   an office manager with no regulatory or fee-earning role

o   a reciprocal arrangement between small firms to review each other’s compliance

•     Adequacy: The audit must check whether the firm’s policies, controls and procedures are:

o   up to date with the law, regulations and regulatory guidance

o   suitable for the work the firm carries out

o   appropriate to the firm’s size and nature.

•     Effectiveness: The audit should consider whether the firm’s policies, controls and procedures are being followed and are serving their intended purpose. This is difficult to evidence without a review of files.

•     Make and monitor recommendations: The auditor must be of sufficient seniority to police this and make sure that any recommended measures are put in place. If an external provider is used, the recommendations should become

the responsibility of a suitably senior and independent person within the firm.

•     Regularity: The regulations do not specify a time period for audit. We would suggest an audit:

o   of policies, controls, and procedures when the regulations change

o   following revision of the firm’s policies, controls and procedures

o   following any other major change at the firm (for example a merger with another firm)

o   at a regular interval determined by the size and nature of the firm, for some an annual basis may be appropriate

•      In many cases, we found that the file reviews we undertook did not reflect the firm’s policies and procedures. Time and effort spent drafting and implementing policies might prove to be wasted if fee earners are unaware of them or ignore them. We suggest that a compliant audit, including file reviews, is likely to be the best way to make sure that policies are being followed.

•      Where firms engage an external agency to conduct an audit, it is for them to ensure that it meets the requirements of Regulation 21. The responsibility to produce a compliant audit remains with the firm and cannot be transferred.

"We at Spires Legal wholeheartedly recommend Ingemar and his team at Hunnings Consultancy Ltd. Ingemar has supported us throughout our journey from new start up to established firm. It is refreshing to have a consultant that takes the time to understand your business and its priorities, stands by your side as it develops and is flexible in approach as your needs change.
The feedback we have from our team, and which we regularly hear from others is that Ingemar is an insightful and knowledgeable trainer who is comprehensive yet engaging in his approach. Still unsure? Five minutes on the phone with Ingemar and you will be sold on how much value he can add to your business!"

Arj Arul - Director at Spires Legal

Click here to see more testimonials

Business Support for Law Firms

We will get back to you within 24 hours. For more information and to discuss how our service can work for you;
Call: 07887 524 507 
Fill out our contact form
Send us an email:
[email protected] 
We look forward to speaking to you...

How Can We Help You?

Contact Form Demo (#1)


Quality services, in a timely & efficient manner for a reasonable fee. Assisting clients since 2014 as their Trusted Advisers on matters relating to the running of their Business.