Skip to main content

December 2025: The SRA’s AML Audit Crackdown Has Arrived

By

The Solicitors Regulation Authority (SRA) isn't sending Christmas cards this year. They're sending in the AML auditors.

Despite the upcoming shift where the FCA will assume wider AML regulatory oversight, the Solicitors Regulation Authority (SRA) is turning up the heat one last time. Forget a gentle warning—welcome to the AML Blitz of December 2025.

Let’s cut to the chase. SRA Chief Executive Paul Philip is clearly done with excuses. His public message is unambiguous: "We are still finding fairly basic deficiencies in AML arrangements within firms."

Translation for the Partners: You might effortlessly navigate a complex, multi-million-pound merger, but somehow, you still haven't nailed your fundamental firm-wide risk assessment. The era of the gentle wrist-slap is officially over. The SRA has made it clear that fines are "continually going up." AML Compliance is no longer a 'nice-to-have'—it’s an expensive, enforced reality.

The Downpour, Not the Drizzle

Remember that target of 700 SRA AML audits for 2025 period? They aren't waiting for the calendar to tick over. Between November and February alone, the SRA was already overshooting their target by 128%. This isn't a regulatory drizzle; it’s a full-blown, year-end downpour.

To help them prioritise which firms get the "VIP Audit Treatment," the SRA recently ran an intensive, six-week data-gathering exercise. It was a targeted effort designed to effectively sniff out firms for immediate inspection. If you submitted poor data, you've already put yourself on the priority list.

The Three Flavours of SRA AML Audit Pain

When the SRA AML audit team knocks on your door, you don't get a simple pass/fail. You get one of three escalating outcomes:

  • The Gold Star: You are fully compliant. They smile, they leave. (Given the current climate, this is highly ironic and very rare).
  • The Hand-Holding: You have "some corrective actions" needed. They offer guidance and require remediation. Crucially, no formal action is taken. This is often called "Outcome 2, where you panic-fix everything right after they leave."
  • The Slap: You have serious issues. You're given a stern compliance plan, but here's the kicker: your firm gets immediately referred to the AML investigation team for further action. Congratulations, your firm is now in the naughty corner, complete with official paperwork and a much bigger fine looming.

Your Last-Minute, Common-Sense Compliance Checklist

If reading this just gave you a sudden chill—and it has nothing to do with the winter weather—here is your simple, yet crucial, five-point checklist to shore up your defences right now.

  1. The Magic Documents: Do you have your current Policies, Controls, and Procedures (PCPs) documented, approved, and easily accessible? If the answer is "It's somewhere on the shared drive," you are already losing.
  2. Risk Assessment: Have you completed and signed off your Regulation 18 firm-wide risk assessment? This is the bedrock of your entire AML framework. A firm-wide risk assessment sets the framework, but client and matter risk assessments are where AML compliance actually lives or dies.
  3. The Training Fairy: Every single member of staff needs annual AML training. Not just the partners. Not just the fee earners. Everyone.
  4. MLRO/MLCO VIP Treatment: These individuals are your heroes (and those taking the bullet). They require special, tailored, one-to-one training that goes beyond the standard firm module. Equip them with the right armour.
  5. Damage Control: Run an idependent AML Audit now. Identify any immediate potholes (e.g., outdated PCPs, missing training logs), write down a clear plan for how you will fill them, and get the MLRO and Partners to sign it off. This is your immediate mitigation plan. You can’t fix the past, but you can certainly stop the breach today.

The SRA is coming and soon it will be the FCA. Get ready.

Labels:

Comments

New comments are not allowed.

Popular posts from this blog

Argie Bargie over Home Information Packs

By
In response to a question from Conservative MP David Amess on what methodology would be used to use to evaluate the effectiveness of the Home Information Pack programme, Communities and Local Government Minister Ian Austin was involved in heated argument. The wording of the debate ( reported in Hansard ) makes interesting reading, so I thought I would share it with you : Mr. David Amess (Southend, West) (Con): What methodology his Department plans to use to evaluate the effectiveness of the home information pack programme; and if he will make a statement. Mr. Andrew Mackay (Bracknell) (Con): What methodology his Department plans to use to evaluate the effectiveness of the home information pack programme; and if he will make a statement. Mr. David Jones (Clwyd, West) (Con): What methodology his Department plans to use to evaluate the effectiveness of the home information pack programme; and if he will make a statement. The Parliamentary Under-Secretary of State for Communities and Local...
Post a Comment
Read more

Paperwork is not a shield: Why your SRA aml audit demands more than just a dusty manual

By
The Solicitors Regulation Authority continues its aggressive crackdown on financial crime with a recent fine issued against Whiteheads Solicitors (Staffordshire) Ltd . This decision serves as a stark reminder that the regulator is looking far beyond simple paperwork during an SRA aml audit . The firm was fined 2,584 GBP plus 600 GBP in costs following an investigation into its compliance with the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. While the firm had a firm-wide risk assessment and general policies in place, the SRA identified critical failures at the matter level. Key compliance failures included: Failure to conduct adequate client and matter risk assessments . The SRA found a consistent pattern where the firm failed to sufficiently assess client matter risk levels as required by Regulation 28. Inadequate scrutiny of source of funds . In one specific property transaction, the firm failed to properly investigate the origin of funds provided by ...
Post a Comment
Read more

The High Street Practitioner’s Guide to Surviving the FCA

By
For a sole practitioner or the MLRO in a small high-street firm, "AML compliance" often feels like just another mountain of paperwork standing between you and your actual work. When you are juggling a heavy conveyancing caseload, a sensitive probate matter, and the day-to-day survival of your practice, the last thing you need is a new regulator with a reputation for being data-heavy and "zero-tolerance." But the ground is shifting. As the Financial Conduct Authority (FCA) takes over AML supervision from the SRA, the "high-street way" of doing things—relying on long-standing local reputations and gut instinct—is being replaced by a requirement for hard, documented proof. The end of "I’ve known them for years" In a small town, you often act for the same families for generations. You know their business, their parents, and their reputation. Under the old mindset, that felt like enough. Under the FCA, it isn’t. T...
Post a Comment
Read more