Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and Sanctions Policy

Last Update: 02/04/2026

Purpose

The purpose of this Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and Sanctions Policy is to establish a comprehensive framework through which AIO Legal Services identifies, assesses, manages and mitigates the risks of money laundering, terrorist financing, proliferation financing and financial sanctions breaches.

The firm is committed to maintaining the highest standards of integrity, ethical conduct and regulatory compliance. It recognises its important role in protecting the legal profession and the wider financial system from being used to facilitate criminal activity, terrorist financing or sanctions evasion.

This Policy establishes the firm’s approach to:

  • identifying and assessing money laundering, terrorist financing and sanctions risks;
  • applying proportionate customer due diligence measures;
  • adopting a risk-based approach to client acceptance and ongoing monitoring;
  • identifying politically exposed persons (PEPs), beneficial owners and high-risk clients;
  • complying with UK financial sanctions legislation and sanctions screening requirements;
  • detecting and reporting suspicious activities;
  • maintaining appropriate records;
  • promoting a culture of compliance and ethical conduct;
  • ensuring that all personnel understand and fulfil their legal and regulatory obligations; and
  • protecting the firm, its clients, the public and the legal profession from financial crime.

This Policy forms part of the firm’s wider governance, compliance and risk management framework and shall be read alongside the firm’s Compliance Monitoring Policy, Financial Management Policy, Data Protection Policy, Risk Management Policy and all other relevant policies and procedures.

Scope

This Policy applies to all anti-money laundering, counter-terrorist financing and financial sanctions activities undertaken by AIO Legal Services and applies to every individual acting on behalf of the firm.

The Policy applies to:

  • the Director;
  • the Compliance Manager;
  • the Money Laundering Reporting Officer (MLRO);
  • the Deputy Money Laundering Reporting Officer (where appointed);
  • consultants;
  • employees;
  • temporary staff;
  • agency workers;
  • contractors;
  • outsourced service providers performing relevant functions; and
  • any other individual acting on behalf of the firm.

The Policy applies throughout every stage of the firm’s relationship with clients, including:

  • client onboarding and acceptance;
  • client identification and verification;
  • customer due diligence (CDD);
  • enhanced due diligence (EDD);
  • risk assessments;
  • sanctions screening;
  • beneficial ownership verification;
  • source of funds and source of wealth enquiries;
  • ongoing monitoring of business relationships;
  • transaction monitoring where applicable;
  • internal reporting of suspicious activities;
  • suspicious activity reporting to the National Crime Agency (NCA);
  • compliance with UK financial sanctions;
  • record keeping;
  • staff training;
  • compliance monitoring; and
  • regulatory reporting.

This Policy applies to all legal services provided by the firm that fall within the scope of applicable anti-money laundering legislation and shall also inform the firm’s approach to non-regulated work where financial crime risks may reasonably arise.

Every individual acting on behalf of AIO Legal Services has a personal responsibility to comply with this Policy, exercise appropriate vigilance, report suspicious activity without delay, and cooperate fully with the firm’s AML, CTF and sanctions procedures. Failure to comply with this Policy may result in disciplinary action, termination of engagement, regulatory reporting and, where appropriate, criminal or civil proceedings.

Legal & Regulatory Framework

AIO Legal Services is committed to preventing money laundering, terrorist financing, proliferation financing and breaches of financial sanctions by maintaining an effective anti-financial crime framework that complies with all applicable legal, regulatory and professional obligations.

This Policy has been developed having regard to, and shall be interpreted consistently with, the following legislation, regulations and guidance, as amended from time to time:

  • the Proceeds of Crime Act 2002 (POCA);
  • the Terrorism Act 2000;
  • the Anti-terrorism, Crime and Security Act 2001, where applicable;
  • the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, as amended;
  • the Sanctions and Anti-Money Laundering Act 2018;
  • the Economic Crime (Transparency and Enforcement) Act 2022;
  • the Economic Crime and Corporate Transparency Act 2023;
  • the Office of Financial Sanctions Implementation (OFSI) guidance and financial sanctions regime;
  • guidance issued by the National Crime Agency (NCA);
  • guidance issued by HM Treasury relating to financial sanctions and terrorist financing;
  • the Legal Services Act 2007;
  • the CILEx Regulation Code of Conduct, Authorisation Rules and all other applicable CILEx Regulation requirements;
  • the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, where relevant to the processing of personal data for AML purposes; and
  • any other applicable legislation, statutory instruments, regulatory guidance or professional practice guidance relating to anti-money laundering, counter-terrorist financing, proliferation financing or financial sanctions.

The Compliance Manager and the Money Laundering Reporting Officer (MLRO) shall monitor legislative and regulatory developments and ensure that this Policy, the firm’s procedures and its risk assessments are reviewed and updated whenever necessary to maintain ongoing compliance.

Where any conflict arises between this Policy and applicable legislation or regulatory requirements, the relevant legal or regulatory requirement shall prevail.

Policy Statement

AIO Legal Services adopts a zero-tolerance approach to money laundering, terrorist financing, proliferation financing, sanctions evasion and all forms of financial crime. The firm is committed to maintaining effective systems and controls designed to prevent its services from being used, knowingly or unknowingly, to facilitate criminal conduct or circumvent financial sanctions.

The firm shall maintain a comprehensive, risk-based anti-money laundering and sanctions compliance framework that is proportionate to the nature, size and complexity of its legal practice. This framework shall include appropriate governance arrangements, client due diligence procedures, risk assessments, sanctions screening, ongoing monitoring, internal reporting mechanisms, staff training and compliance monitoring.

AIO Legal Services shall:

  • identify and assess money laundering, terrorist financing, proliferation financing and sanctions risks before accepting instructions;
  • undertake appropriate customer due diligence and verification measures before establishing business relationships where required by law;
  • identify beneficial owners, politically exposed persons (PEPs) and other higher-risk individuals or entities;
  • verify source of funds and source of wealth where appropriate;
  • conduct financial sanctions screening before accepting instructions and throughout the course of relevant business relationships;
  • monitor client relationships on an ongoing basis using a risk-based approach;
  • maintain appropriate records demonstrating compliance with applicable legislation;
  • report suspicious activity promptly through the firm’s internal reporting procedures and, where appropriate, to the National Crime Agency (NCA);
  • comply fully with all applicable UK financial sanctions legislation and reporting obligations; and
  • provide regular AML, CTF and sanctions training to all relevant personnel.

The firm will not establish or continue any business relationship where it is unable to satisfy its customer due diligence obligations, where unacceptable financial crime risks are identified, or where doing so would breach applicable legislation or financial sanctions.

All individuals acting on behalf of AIO Legal Services have a personal responsibility to remain vigilant, comply with this Policy, report suspicious activity immediately, and cooperate fully with the firm’s AML, CTF and sanctions compliance arrangements.

The Director, Compliance Manager and MLRO shall promote a culture of integrity, accountability and regulatory compliance throughout the firm and shall ensure that adequate resources, systems and oversight are maintained to safeguard the firm, its clients and the wider public from financial crime.

AML, CTF and Sanctions Principles

AIO Legal Services is committed to maintaining effective systems and controls to prevent money laundering, terrorist financing, proliferation financing and breaches of financial sanctions. The firm adopts a risk-based approach to financial crime compliance and is committed to conducting its business with integrity, transparency and the highest standards of professional and ethical conduct.

The firm’s AML, CTF and sanctions framework shall be guided by the following principles:

  • adopting a risk-based approach to identifying, assessing and managing financial crime risks;
  • undertaking appropriate customer due diligence before establishing business relationships where required by law;
  • applying enhanced due diligence measures where higher-risk clients, matters or jurisdictions are identified;
  • identifying and verifying beneficial owners and persons exercising control over legal entities;
  • identifying politically exposed persons (PEPs), their family members and known close associates where applicable;
  • understanding the purpose and intended nature of each business relationship;
  • obtaining and verifying the source of funds and, where appropriate, the source of wealth;
  • conducting appropriate financial sanctions screening before accepting instructions and throughout relevant business relationships;
  • maintaining ongoing monitoring of clients and matters to identify unusual or suspicious activity;
  • refusing to establish or continue business relationships where customer due diligence requirements cannot be satisfied or where unacceptable financial crime risks exist;
  • maintaining accurate and complete AML records and documentation;
  • reporting suspicious activity promptly through the firm’s internal reporting procedures and, where appropriate, to the National Crime Agency (NCA);
  • complying fully with all applicable UK financial sanctions legislation and reporting obligations;
  • ensuring that all personnel receive appropriate AML, CTF and sanctions training;
  • maintaining effective governance, compliance monitoring and independent oversight of the firm’s financial crime controls; and
  • fostering a culture in which financial crime prevention is recognised as a shared responsibility across the firm.

The firm shall review these principles periodically to ensure they remain proportionate to its risk profile and consistent with legislative developments, regulatory guidance and recognised best practice.

Governance and Responsibilities

AIO Legal Services recognises that effective governance is fundamental to maintaining an effective anti-money laundering, counter-terrorist financing and sanctions compliance framework. Clear responsibilities are assigned to ensure appropriate oversight, accountability and compliance with applicable legal and regulatory obligations.

Director

The Director has ultimate responsibility for the firm’s AML, CTF and sanctions compliance framework and shall:

  • ensure that appropriate governance arrangements, policies and procedures are established and maintained;
  • promote a culture of integrity, ethical conduct and regulatory compliance;
  • approve the firm’s Firm-Wide Risk Assessment and AML policies;
  • ensure that sufficient resources are allocated to support effective AML compliance;
  • review significant financial crime risks, compliance reports and material incidents;
  • ensure that appropriate corrective action is implemented where deficiencies are identified; and
  • oversee the effectiveness of the firm’s AML governance arrangements.

Money Laundering Reporting Officer (MLRO)

The firm shall appoint a suitably qualified Money Laundering Reporting Officer (MLRO) responsible for overseeing the firm’s compliance with applicable anti-money laundering, counter-terrorist financing and sanctions legislation.

The MLRO shall:

  • oversee the firm’s AML, CTF and sanctions compliance programme;
  • receive and assess internal reports of suspicious activity;
  • determine whether a Suspicious Activity Report (SAR) should be submitted to the National Crime Agency (NCA);
  • maintain appropriate records of internal reports and external disclosures;
  • oversee the firm’s Firm-Wide Risk Assessment;
  • provide guidance to personnel on AML, CTF and sanctions matters;
  • monitor legislative and regulatory developments;
  • oversee AML training;
  • monitor compliance with this Policy; and
  • report material AML issues to the Director.

Where appointed, a Deputy MLRO shall support the MLRO and perform their duties during any period of absence or unavailability.

Compliance Manager

The Compliance Manager shall work alongside the MLRO to support the firm’s governance framework by:

  • monitoring compliance with this Policy and related procedures;
  • undertaking compliance reviews and file audits;
  • monitoring implementation of corrective actions;
  • maintaining compliance records;
  • assisting with regulatory reporting where appropriate; and
  • recommending improvements to strengthen the firm’s financial crime controls.

Consultants, Employees and Contractors

Every individual acting on behalf of AIO Legal Services has a personal responsibility to:

  • comply with this Policy and all AML procedures;
  • complete mandatory AML, CTF and sanctions training;
  • conduct appropriate client due diligence where required;
  • remain alert to indicators of money laundering, terrorist financing, proliferation financing and sanctions breaches;
  • report suspicious activity immediately to the MLRO;
  • maintain confidentiality and avoid tipping off;
  • cooperate fully with internal investigations and compliance reviews; and
  • maintain accurate records of AML activities undertaken.

Shared Responsibility

Preventing financial crime is a collective responsibility. All individuals acting on behalf of AIO Legal Services are expected to exercise professional judgement, remain vigilant and contribute actively to protecting the firm, its clients and the wider public from money laundering, terrorist financing, proliferation financing and sanctions evasion. Failure to comply with this Policy may result in disciplinary action, termination of engagement, regulatory reporting and, where appropriate, criminal or civil proceedings.

Customer Due Diligence (CDD)

AIO Legal Services shall apply Customer Due Diligence (CDD) measures in accordance with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, adopting a risk-based approach to verify the identity of clients, understand the nature of the business relationship and assess the potential risk of money laundering, terrorist financing or sanctions breaches.

Customer Due Diligence shall be completed before establishing a business relationship or carrying out any transaction where required by applicable legislation. The firm shall not commence work where mandatory CDD requirements have not been satisfactorily completed, unless permitted by law.

Customer Due Diligence shall include, where appropriate:

  • identifying the client and verifying their identity using reliable, independent source documents or electronic verification systems;
  • identifying and verifying any beneficial owner and understanding the ownership and control structure of legal entities;
  • identifying any individual acting on behalf of the client and verifying that person’s authority to act;
  • understanding the purpose and intended nature of the business relationship;
  • assessing the client’s money laundering, terrorist financing and sanctions risk;
  • undertaking financial sanctions screening before accepting instructions;
  • identifying whether the client or beneficial owner is a Politically Exposed Person (PEP), a family member or a known close associate;
  • obtaining information regarding the source of funds and, where appropriate, the source of wealth;
  • determining whether Enhanced Due Diligence (EDD) is required; and
  • documenting all due diligence undertaken and the rationale for decisions made.

The level of Customer Due Diligence shall be proportionate to the level of risk presented by the client, the matter, the transaction, the delivery channel and the jurisdictions involved.

Customer Due Diligence shall not be regarded as a one-off exercise. The firm shall undertake ongoing monitoring throughout the business relationship to ensure that client information remains accurate and up to date, transactions remain consistent with the firm’s understanding of the client, and any changes in risk profile are identified promptly.

Where the firm is unable to complete the required Customer Due Diligence, doubts the authenticity or adequacy of information obtained, or identifies an unacceptable financial crime risk, it shall decline to establish or continue the business relationship and shall consider whether a Suspicious Activity Report (SAR) should be submitted to the National Crime Agency (NCA).

The MLRO shall oversee the firm’s Customer Due Diligence procedures and ensure that appropriate records are maintained demonstrating compliance with applicable legal and regulatory requirements.

Enhanced Due Diligence (EDD)

AIO Legal Services shall apply Enhanced Due Diligence (EDD) measures where a client, transaction or business relationship presents a higher risk of money laundering, terrorist financing, proliferation financing or sanctions evasion. Enhanced Due Diligence shall supplement, and not replace, the standard Customer Due Diligence requirements.

Enhanced Due Diligence shall be undertaken whenever required by applicable legislation or where the firm’s risk assessment identifies an increased level of financial crime risk.

Circumstances that may require Enhanced Due Diligence include, but are not limited to:

  • clients assessed as presenting a high money laundering or terrorist financing risk;
  • Politically Exposed Persons (PEPs), their family members or known close associates;
  • clients established or operating in high-risk third countries;
  • complex or unusually large transactions;
  • transactions lacking an apparent economic or lawful purpose;
  • complex corporate structures or ownership arrangements;
  • trusts or legal entities with opaque ownership structures;
  • cross-border transactions involving higher-risk jurisdictions;
  • clients involved in sectors recognised as presenting elevated financial crime risks;
  • adverse media or credible allegations of criminal activity;
  • potential sanctions exposure; or
  • any other circumstance where the firm considers that enhanced scrutiny is justified.

Enhanced Due Diligence measures may include, where appropriate:

  • obtaining additional identification and verification documentation;
  • obtaining additional information regarding the client, beneficial owners or controlling individuals;
  • verifying the source of funds and source of wealth using reliable independent evidence;
  • obtaining additional information regarding the purpose of the transaction or business relationship;
  • conducting enhanced financial sanctions and adverse media screening;
  • requiring senior management approval before establishing or continuing the business relationship;
  • increasing the frequency and intensity of ongoing monitoring;
  • reviewing transactions more closely throughout the retainer; and
  • undertaking any additional enquiries considered necessary by the MLRO.

The reasons for applying, or deciding not to apply, Enhanced Due Diligence shall be fully documented and retained within the client file.

Where Enhanced Due Diligence does not satisfactorily mitigate the identified risks, or where the firm remains unable to obtain sufficient information to understand the client or the proposed transaction, AIO Legal Services shall refuse to establish or continue the business relationship and shall consider whether the circumstances give rise to an obligation to submit a Suspicious Activity Report (SAR) to the National Crime Agency.

The MLRO shall periodically review all matters subject to Enhanced Due Diligence to ensure that the enhanced measures remain appropriate, effective and proportionate to the level of risk presented by the client or transaction.

Ongoing Monitoring

AIO Legal Services shall undertake ongoing monitoring of all business relationships where required by applicable anti-money laundering legislation. Ongoing monitoring is intended to ensure that the firm maintains an up-to-date understanding of its clients, identifies changes in risk, and detects unusual, suspicious or potentially unlawful activity throughout the course of the retainer.

The extent and frequency of ongoing monitoring shall be proportionate to the level of risk presented by the client, the legal matter, the jurisdictions involved and any other relevant risk factors.

Ongoing monitoring may include, where appropriate:

  • reviewing the continued appropriateness of the client risk assessment;
  • ensuring that customer due diligence information remains accurate, complete and up to date;
  • reviewing changes to ownership, control or beneficial ownership of legal entities;
  • monitoring transactions and instructions to ensure they are consistent with the firm’s understanding of the client and the purpose of the retainer;
  • reviewing changes to the source of funds or source of wealth where relevant;
  • conducting periodic sanctions screening;
  • reviewing adverse media and publicly available information where appropriate;
  • identifying unusual, complex or unexplained transactions or instructions;
  • reviewing changes in geographical or jurisdictional risk;
  • reassessing whether Enhanced Due Diligence is required; and
  • maintaining accurate records of all monitoring activities undertaken.

Where ongoing monitoring identifies information that materially changes the client’s risk profile, the firm shall update its risk assessment and implement any additional due diligence measures considered necessary. Where appropriate, the MLRO shall determine whether the circumstances require the submission of a Suspicious Activity Report (SAR) to the National Crime Agency (NCA).

Where the firm is no longer able to satisfy its customer due diligence obligations, or where the level of financial crime risk becomes unacceptable, AIO Legal Services shall consider terminating the business relationship in accordance with applicable legal and regulatory requirements.

Source of Funds and Source of Wealth

AIO Legal Services shall obtain and assess information regarding the Source of Funds (SOF) and, where appropriate, the Source of Wealth (SOW) to ensure that funds involved in a matter originate from legitimate and lawful sources. The level of enquiry shall be proportionate to the money laundering, terrorist financing and sanctions risk presented by the client and the nature of the legal services being provided.

For the purposes of this Policy:

  • Source of Funds refers to the immediate origin of the money or assets involved in a particular transaction or legal matter.
  • Source of Wealth refers to the origin of the client’s overall accumulated wealth or assets.

The firm shall obtain Source of Funds and, where appropriate, Source of Wealth information where:

  • Enhanced Due Diligence is required;
  • the client is a Politically Exposed Person (PEP);
  • unusually large or complex transactions are involved;
  • the matter presents a higher financial crime risk;
  • the transaction is inconsistent with the client’s known financial profile;
  • concerns arise regarding the legitimacy of funds or assets; or
  • applicable legislation or regulatory guidance requires further enquiries.

Evidence obtained may include, where appropriate:

  • bank statements;
  • contracts of sale;
  • completion statements;
  • inheritance documentation;
  • probate records;
  • investment statements;
  • company financial records;
  • audited accounts;
  • tax documentation;
  • payslips or employment records;
  • trust documentation; or
  • any other reliable independent evidence demonstrating the lawful origin of the relevant funds or wealth.

The firm shall critically assess the information obtained and shall not rely solely upon client declarations where further verification is reasonably required. Where the Source of Funds or Source of Wealth cannot be satisfactorily established, the firm shall decline to proceed with the matter or terminate the business relationship where appropriate, and the MLRO shall consider whether a Suspicious Activity Report should be submitted.

Politically Exposed Persons (PEPs)

AIO Legal Services recognises that Politically Exposed Persons (PEPs), their family members and their known close associates may present an increased risk of money laundering due to the positions of influence they hold or have previously held. The firm shall adopt a risk-based approach when dealing with PEPs and shall not automatically refuse instructions solely because an individual is identified as a PEP.

Before establishing a business relationship, the firm shall take reasonable steps to determine whether a client, beneficial owner, authorised representative or other relevant individual is:

  • a Politically Exposed Person;
  • a family member of a Politically Exposed Person; or
  • a known close associate of a Politically Exposed Person.

Where a PEP relationship is identified, the firm shall:

  • undertake a documented enhanced risk assessment;
  • apply Enhanced Due Diligence measures;
  • obtain senior management approval before establishing or continuing the business relationship;
  • establish and verify the Source of Funds and, where appropriate, the Source of Wealth;
  • conduct enhanced sanctions and adverse media screening;
  • increase the frequency and level of ongoing monitoring; and
  • maintain appropriate records demonstrating the basis upon which the relationship has been accepted or continued.

The firm recognises that not all PEPs present the same level of financial crime risk. The level of scrutiny applied shall therefore be proportionate to the overall risk assessment, taking into account the individual’s position, jurisdiction, the nature of the legal services, the source of funds, sanctions exposure and any other relevant risk indicators.

Where a PEP presents an unacceptable financial crime risk, or where satisfactory due diligence cannot be completed, AIO Legal Services shall decline to establish or continue the business relationship and shall consider whether the circumstances require internal escalation and the submission of a Suspicious Activity Report to the National Crime Agency.

The MLRO shall periodically review all client relationships involving Politically Exposed Persons to ensure that the enhanced due diligence measures remain appropriate, effective and proportionate throughout the duration of the business relationship.

Sanctions Compliance

AIO Legal Services is committed to complying fully with all applicable UK financial sanctions legislation and shall not knowingly establish or continue a business relationship, provide legal services or facilitate any transaction that would breach applicable financial sanctions.

The firm recognises that financial sanctions are an essential component of the United Kingdom’s efforts to combat money laundering, terrorist financing, proliferation financing and threats to national and international security. Accordingly, sanctions compliance forms an integral part of the firm’s anti-financial crime framework and shall be incorporated into its client acceptance, risk assessment and ongoing monitoring procedures.

The firm shall:

  • comply with all applicable financial sanctions imposed under the Sanctions and Anti-Money Laundering Act 2018 and associated regulations;
  • comply with guidance issued by the Office of Financial Sanctions Implementation (OFSI);
  • adopt a risk-based approach to sanctions compliance;
  • identify and assess sanctions risks before accepting new instructions;
  • undertake appropriate sanctions screening before establishing a business relationship and throughout its duration;
  • monitor changes to sanctions regimes and update internal procedures where necessary;
  • immediately escalate any actual or potential sanctions matches to the Money Laundering Reporting Officer (MLRO);
  • refrain from dealing with frozen funds or economic resources except where authorised by law or an appropriate licence has been obtained;
  • comply with all applicable reporting obligations relating to sanctions; and
  • maintain appropriate records demonstrating compliance with sanctions legislation.

Where the firm identifies that a client, beneficial owner, authorised representative, counterparty or any other relevant person is, or may be, subject to financial sanctions, no further action shall be taken without consultation with the MLRO. The MLRO shall assess the circumstances, determine whether a sanctions match exists, consider whether any reporting obligation arises and ensure that the firm complies fully with its legal obligations before any further work is undertaken.

Where compliance with financial sanctions legislation prevents the firm from accepting or continuing instructions, AIO Legal Services shall decline or terminate the engagement in accordance with applicable legal and regulatory requirements.

Financial Sanctions Screening

AIO Legal Services shall conduct financial sanctions screening as part of its customer due diligence and ongoing monitoring procedures to identify individuals, entities or organisations that are subject to UK financial sanctions or other applicable sanctions regimes relevant to the firm’s risk assessment.

Sanctions screening shall be undertaken using reliable and appropriately maintained screening systems or other recognised verification methods before establishing a business relationship and thereafter on a risk-based basis throughout the duration of the engagement.

The firm shall normally conduct sanctions screening against:

  • clients;
  • beneficial owners;
  • authorised representatives;
  • directors, partners or controlling individuals of corporate clients where appropriate;
  • trustees, settlors and beneficiaries of trusts where relevant;
  • counterparties where the nature of the transaction justifies screening;
  • recipients of funds where appropriate; and
  • any other individual or entity identified through the firm’s risk assessment.

Additional sanctions screening shall be undertaken where:

  • there is a material change in ownership or control;
  • new parties become involved in the matter;
  • the scope of the legal services changes significantly;
  • new sanctions are issued or existing sanctions are amended;
  • adverse media or intelligence indicates increased sanctions risk;
  • the matter involves higher-risk jurisdictions; or
  • any other circumstance gives rise to an increased sanctions risk.

Where a potential sanctions match is identified, the individual concerned shall not be informed of the potential match until the matter has been assessed by the MLRO and any applicable legal or regulatory obligations have been considered. The MLRO shall investigate the alert to determine whether it represents a false positive or a genuine sanctions match.

Where a genuine sanctions match is confirmed, the MLRO shall:

  • immediately suspend any activity that may breach financial sanctions legislation;
  • determine whether assets or economic resources are subject to asset-freezing measures;
  • make any required reports to the Office of Financial Sanctions Implementation (OFSI) without undue delay;
  • consider whether a Suspicious Activity Report (SAR) should also be submitted to the National Crime Agency (NCA) where appropriate;
  • maintain comprehensive records of the investigation, decisions and reports made; and
  • ensure that no action is taken that could breach financial sanctions legislation or otherwise prejudice any regulatory or criminal investigation.

The firm shall periodically review the effectiveness of its sanctions screening procedures to ensure that they remain proportionate, effective and consistent with current legislation, OFSI guidance and the firm’s overall financial crime risk assessment.

Suspicious Activity Reporting (SARs)

AIO Legal Services is committed to identifying, investigating and reporting suspected money laundering, terrorist financing and other criminal property offences in accordance with the Proceeds of Crime Act 2002, the Terrorism Act 2000, and all applicable legal and regulatory requirements.

Where any individual acting on behalf of the firm knows, suspects, or has reasonable grounds to know or suspect that a person is engaged in money laundering, terrorist financing or another offence requiring disclosure, the matter shall be reported immediately to the Money Laundering Reporting Officer (MLRO) in accordance with the firm’s Internal Reporting Procedures.

The MLRO shall promptly assess each internal report to determine whether there are reasonable grounds for suspicion and whether a Suspicious Activity Report (SAR) should be submitted to the National Crime Agency (NCA).

In assessing whether a SAR should be submitted, the MLRO shall consider, where appropriate:

  • the information provided by the reporting individual;
  • the client’s due diligence records;
  • the nature and purpose of the transaction or retainer;
  • the source of funds and source of wealth;
  • the client’s risk profile;
  • sanctions screening results;
  • any adverse media or intelligence;
  • any further enquiries that may lawfully be undertaken; and
  • all other relevant circumstances.

Where the MLRO determines that a SAR should be submitted, it shall be made to the National Crime Agency as soon as reasonably practicable and in accordance with applicable legal requirements.

The MLRO shall maintain a confidential register of all internal reports, decisions, SAR submissions, requests for further information and related correspondence. Access to such records shall be strictly limited to authorised individuals.

The submission of a SAR does not necessarily require the firm to terminate the business relationship. The MLRO shall determine the appropriate course of action after considering the legal, regulatory and operational circumstances of each case.

Internal Reporting Procedures

Every individual acting on behalf of AIO Legal Services has a personal legal and professional responsibility to remain alert to indicators of money laundering, terrorist financing, proliferation financing and sanctions breaches.

Where an individual knows, suspects, or has reasonable grounds to suspect that criminal property or terrorist property may be involved, they shall immediately submit an internal report to the MLRO. Reports shall be made as soon as practicable after the suspicion arises and before taking any further action that may prejudice a potential investigation.

Internal reports should include, where available:

  • the identity of the client or relevant parties;
  • the matter reference;
  • a clear description of the circumstances giving rise to suspicion;
  • relevant dates and transactions;
  • supporting documentation;
  • any action already taken; and
  • any other information that may assist the MLRO in assessing the matter.

Following receipt of an internal report, the MLRO shall:

  • acknowledge receipt where appropriate;
  • review the available information;
  • obtain additional information where lawful and necessary;
  • determine whether the statutory threshold for suspicion has been met;
  • decide whether a SAR should be submitted to the National Crime Agency;
  • determine whether a Defence Against Money Laundering (DAML) application is required;
  • provide appropriate instructions regarding the continuation or suspension of work; and
  • record the decision-making process and reasons for the decision.

Internal reports, investigations and decisions shall be handled on a strictly confidential basis. Information shall only be disclosed where necessary for the discharge of legal or regulatory obligations.

Individuals must not investigate suspected criminal activity beyond what is reasonably necessary to fulfil their professional responsibilities and shall follow the directions of the MLRO at all times.

Defence Against Money Laundering (DAML)

Where AIO Legal Services intends to undertake an act that may constitute a prohibited act under the Proceeds of Crime Act 2002, the MLRO shall consider whether it is appropriate to request a Defence Against Money Laundering (DAML) from the National Crime Agency before the act is undertaken.

A DAML request may be appropriate where the firm proposes to continue acting or undertake a transaction that could involve criminal property and where statutory protection is required before proceeding.

The decision to seek a DAML shall be made exclusively by the MLRO after considering:

  • the information contained within the internal report;
  • the level of suspicion;
  • the proposed activity;
  • applicable legal obligations;
  • any risk to clients, the firm or third parties; and
  • relevant guidance issued by the National Crime Agency.

Where a DAML request is submitted, the firm shall not proceed with the relevant activity until:

  • appropriate consent or a defence has been obtained;
  • the statutory notice and moratorium periods have expired in accordance with applicable legislation; or
  • the proposed activity may otherwise lawfully proceed.

During this period, all personnel shall comply with the instructions of the MLRO and shall take no action that may amount to tipping off, prejudice an investigation or breach applicable legislation.

The MLRO shall maintain complete records of all DAML requests, communications with the National Crime Agency, decisions received and actions taken. These records shall be retained securely in accordance with the firm’s Record Keeping Policy and applicable statutory requirements.

The firm shall ensure that all relevant personnel receive appropriate training regarding the purpose of DAML requests, the circumstances in which they may be required, and the procedures to be followed to ensure compliance with the Proceeds of Crime Act 2002 and associated regulatory obligations.

Tipping Off and Prejudicing Investigations

AIO Legal Services recognises that preserving the confidentiality of money laundering investigations is essential to the effective operation of the UK’s anti-money laundering regime. All individuals acting on behalf of the firm shall comply with the statutory prohibitions relating to tipping off and prejudicing an investigation under the Proceeds of Crime Act 2002 and the Terrorism Act 2000.

No individual shall disclose information that is likely to inform a client or any other person that:

  • an internal report has been submitted to the Money Laundering Reporting Officer (MLRO);
  • a Suspicious Activity Report (SAR) has been submitted or is intended to be submitted to the National Crime Agency (NCA);
  • a Defence Against Money Laundering (DAML) request has been made;
  • a money laundering, terrorist financing or sanctions investigation is being undertaken or contemplated; or
  • law enforcement agencies or regulatory authorities are conducting, or may conduct, enquiries relating to the client or the matter.

Personnel shall continue to deal with clients professionally and courteously while ensuring that their conduct does not inadvertently reveal the existence of a suspicion or investigation.

Where uncertainty exists regarding whether proposed communications with a client or third party may constitute tipping off or prejudice an investigation, no communication shall be made until advice has been obtained from the MLRO.

The MLRO shall provide appropriate guidance regarding communications with clients following the submission of a SAR or DAML request and shall determine whether legal services may continue without breaching applicable legislation.

Any actual or suspected breach of the tipping off provisions shall be reported immediately to the MLRO and the Director. Such breaches shall be investigated promptly and may result in disciplinary action, regulatory reporting and, where applicable, criminal proceedings.

 

Record Keeping

AIO Legal Services shall maintain complete, accurate and up-to-date records demonstrating compliance with all applicable anti-money laundering, counter-terrorist financing and financial sanctions obligations. Records shall be sufficient to enable the firm, regulators and competent authorities to understand the basis upon which client acceptance decisions, risk assessments and reporting decisions have been made.

The firm shall maintain records including, where applicable:

  • client identification and verification documents;
  • customer due diligence and enhanced due diligence records;
  • client and matter risk assessments;
  • Firm-Wide Risk Assessment documentation;
  • beneficial ownership verification records;
  • source of funds and source of wealth information;
  • sanctions screening results;
  • politically exposed person (PEP) assessments;
  • ongoing monitoring records;
  • internal suspicious activity reports;
  • MLRO decisions and assessments;
  • Suspicious Activity Reports (SARs);
  • Defence Against Money Laundering (DAML) applications and responses;
  • regulatory correspondence;
  • AML compliance reviews and audits;
  • staff training records; and
  • any other documentation required to demonstrate compliance with applicable legislation.

Records shall be retained securely for the period prescribed by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and any other applicable legal or regulatory requirements. Upon expiry of the applicable retention period, records shall be securely destroyed unless continued retention is required by law, regulatory obligation or ongoing legal proceedings.

Access to AML records shall be restricted to authorised individuals and protected through appropriate physical, technical and organisational security measures. Electronic records shall be subject to appropriate backup, access control and audit trail arrangements to preserve their confidentiality, integrity and availability.

The MLRO shall periodically review the firm’s record-keeping arrangements to ensure that records remain accurate, complete, secure and compliant with applicable legal and regulatory requirements.

Staff Training

AIO Legal Services recognises that effective anti-money laundering, counter-terrorist financing and sanctions compliance depends upon knowledgeable, competent and vigilant personnel. The firm is committed to providing regular training to ensure that all individuals understand their legal responsibilities and are able to identify, assess and report financial crime risks effectively.

AML, CTF and sanctions training shall be provided to all relevant personnel:

  • upon joining the firm;
  • before undertaking work within the scope of the Money Laundering Regulations;
  • following significant legislative or regulatory changes;
  • where this Policy or related procedures are materially updated;
  • where compliance monitoring identifies knowledge gaps or additional training requirements;
  • following significant financial crime incidents or regulatory findings; and
  • at least annually as part of the firm’s continuing competence programme.

Training shall be proportionate to the individual’s role and responsibilities and may include:

  • money laundering, terrorist financing and proliferation financing risks;
  • applicable AML legislation and regulatory requirements;
  • customer due diligence (CDD) and enhanced due diligence (EDD);
  • client and matter risk assessments;
  • beneficial ownership identification;
  • source of funds and source of wealth enquiries;
  • politically exposed persons (PEPs);
  • financial sanctions and sanctions screening;
  • recognising suspicious activity and financial crime indicators;
  • internal reporting procedures;
  • Suspicious Activity Reports (SARs);
  • Defence Against Money Laundering (DAML);
  • tipping off and prejudicing investigations;
  • record keeping obligations;
  • the responsibilities of the MLRO; and
  • the firm’s AML, CTF and Sanctions Policy and related procedures.

The MLRO shall maintain an AML Training Register recording all training delivered, including the date, content, attendees, method of delivery, completion status and any identified continuing competence requirements.

The effectiveness of the firm’s AML training programme shall be reviewed periodically through compliance monitoring, file reviews, internal audits, staff assessments and regulatory developments. Where deficiencies or recurring issues are identified, targeted refresher training shall be provided promptly to ensure that the firm’s financial crime controls remain effective and compliant with applicable legislation.