AML Independent Audit including certification – demonstrate your commitment to compliance.
Examine | Evaluate | Refine | Recommend
Helping firms create better and more effective anti-money laundering and counter-terrorist financing policies, controls and procedures (PCPS) we have our certified AML Independent audit to help firms adhere to the latest guidance.
A requirement for all firms
On the 20th January 2021 the LSAG published new Anti-Money Laundering Guidance for the legal sector stating that ‘The practice must conduct an independent audit of the adequacy and effectiveness of its AML policies, controls and procedures’.
A certified programme
Our service helps firms to fulfil this requirement along with a certificate to demonstrate your commitment to your compliance. The audit report summarises an evaluation of your AML policies, controls and procedures and set out recommendations.
The report will identify whether these are adequate and whether they are working as they should. It also sets out any areas of non-compliance, both with the MLR 2017 and with the firm’s policy, identified during the audit.
The audit will be used as a monitoring tool to track the firm’s compliance with the recommendations made.
An audit every two years
The audit will consist of:
- Access to information—including your AML and CTF risk assessment, policies, training records, files and suspicious activity report and breach registers
• Access to relevant staff
• Testing the effectiveness of existing procedures and controls
• Testing of any automated systems in use by the firm
• Random selection of files for review focused on the AML aspect of the file – this is up to a maximum of 10 files.
An evaluation of findings:
The audit will conclude with an evaluation of findings, coupled with recommendations to help develop your firm’s policies and procedures.
The audit will identify whether your Firm’s policies, controls and procedures are:
- Adequate – in light of the risk assessment carried out
- Working – as they need and are intended to do
Our team will also report on any areas of non-compliance, both with MLR 2017 and with your firm’s policy, which are identified during the audit.
Over a minimum of 2.5 days the Legal Eye team will carry out the audit and make recommendations covering areas of improvement or change. These will note specific actions to help rectify problems or areas of non-compliance.
Your firm’s re-certification
Carried out remotely – remaining compliant is made easy with our re-certification audit.
Carried out over only half a day a review of the following documentation will be made:
- AML Policy
- Source of Funds Policy
- Source of Wealth Policy
- Reg 18 AML Practice Wide Risk Assessment
- Client Due Diligence Procedure
- Previous full independent AML Audit report.
Speaking with your people
At Legal Eye we pride ourselves on the support that we give to the firms we work with. This of course means the touchpoints we have with staff. As part of the independent re-certification, our team will also conduct the following:
- Interviews with 2 staff members
- Reviews of 2 files
- A maximum 1 hour telecom/video call with the firms MLRO/MLCO
The AML Audit Certificate is awarded for a period of 1 year subject to the firm meeting the following criteria:
- No significant changes to the AML regulations which the firm haven’t adopted
- The firm has not merged or acquired another practice
- There have been no significant changes to the Firms scope of legal services provided (e.g.: the conveyancing team has not significantly increased, new legal services offered or new delivery channels created)
- No significant findings have been found from the Firms regular file reviews of any AML compliance failures (if file reviews are not undertaken this would automatically invalidate the AML Audit Certificate)
- AML training must be up to date for all relevant staff
- The Firms AML Firmwide Risk Assessment Reg 18 Policy must be up to date
- No material correctives highlighted during the review
Failure to comply with the above requirements will invalidate your certificate and a further full AML Independent Audit will be required.
Once completed and independently confirmed by Legal Eye – your AML Audit Certificate will be issued.
Frequently Asked Questions
What does the AML Independent Audit include?
Legal Eye will examine, evaluate and make recommendations regarding the adequacy and effectiveness of the practice’s anti-money laundering and counter-terrorist financing policies, controls and procedures (PCPs). The audit will be used as a monitoring tool to track the firm’s compliance with the recommendations made.
How long does the AML Independent Audit take?
A minimum of 2.5 days will be required to carry out the audit.
What happens if correctives are identified during the audit?
Should correctives be required, the firm will have 28 days to complete. Legal Eye can provide you with a quotation to conduct the work to resolve the corrective actions. Alternatively, should you choose to conduct the corrective actions yourself Legal Eye will confirm the completed work and if the criteria is met then an AML audit certificate will be issued.
How long does the AML Certification last?
The AML Audit Certificate is awarded for a period of 1 year subject to the firm meeting the required criteria. Following the AML Audit in year 1, Legal Eye will carry out a re-certification for year 2 and biennially thereafter. This will be carried out remotely and will take approximately half a day.
What does my firm get following the audit?
On completion an AML audit certificate will be issued, and you will be able to use the Legal Eye AML Accreditation logo. Please refer to the logo usage guidelines for more information.
What is not included in the audit?
The SRA Accounts Rules and Technical Legal Review do not form part of the audit and certification.
What is the criteria that needs to be met for recertification?
The award is awarded for a period of 1 year and subject to the firm meeting the following:
- No significant changes to the AML regulations which the firm have not adopted.
- The firm has not merged or acquired another practice.
- There have been no significant changes to the firm’s scop of legal services provided (e.g the conveyancing team has not significantly increased or new legal services offered, new delivery channels created).
- No significant findings have been found from the Firm’s regular file reviews of any AML compliance failures – please note that no file reviews will automatically in validate the AML Audit Certificate.
- ML training must be up to date for all relevant staff.
- The Firm’s AML Firmwide Risk Assessment Reg 18 policy must be up to date.
- There must be no material correctives highlighted during the review.
- Failure to comply with the above will invalidate your certificate and a further full AML Independent Audit will be required.