Defensive manoeuvres

Over the past year, much has been said and written about the impending Money Laundering Regulations 2007. Larger firms may now be employing significant resources, both in systems and training mechanisms to comply with the new regulatory demands, as well they should, if they are to be prepared for the directive coming into force this December. But as recent cases demonstrate (see page 15), it is often not the larger firms that end up in deep water. It is the smaller practice, dealing with private individuals and small companies (as oppose to large corporates that face their own money-laundering-compliance requirements), that end up on the wrong side of investigatory scrutiny. There is a certain sense of misfortune in both the cases of Philip Griffiths and Brian Dougan. Judges in both cases agreed that the solicitors concerned did not knowingly commit crimes, but were rather convicted of failing to disclose to authorities suspicions involving possible money laundering. This seemingly lesser offence, however, did not stop either receiving custodial sentences; their legal careers, of course, were also shattered.
For finance professionals, there are also serious lessons to be learnt from such cases. With Dougan’s practice, for example, HM Revenue and Customs launched an investigation into Dougan’s business accounts, following the prosecution of an oils gang, led by Dougan’s client, and convicted fuel fraudster, Thomas McCague. This quickly uncovered as much as £300,000 passing through Dougan’s accounts over the course of 2001 and 2002, all of which was linked to McCague’s property purchases in Northern Ireland. Dougan eventually pleaded guilty to, and suffered the consequences of, illegally handling £66,500 of McCague’s ill-gotten gains. But the case also demonstrates the crucial role for accounting and finance staff in overseeing their firm’s finances to ensure compliance with all money laundering rules and regulations. Sue Mawdsley, a partner at Legal Risk, wrote in a recent issue of FD Legal (vol 1, iss. 2, Dec/Jan 2006/7): “Accounts departments are on the front line of the war on money laundering. Training accounts staff may be the insurance policy against fee-earner error or, heaven forbid, even a rogue partner.” She went on to describe how accounts staff at one firm they advised, admitted that if money was credited twice to a client account for the same transaction, they would immediately arrange a refund. “Some of the staff were found to be unlikely to check the source of funds against the expected source,” she said. “This is just what the money launderer wants. One regular payment comes in, and one irregular payment from another source.”
Accounts/finance professionals, solicitors and all those in a law firm’s senior management now needed to fully understand the money-laundering regulations, so that firms are safeguarded from future peril. “The focus on money-laundering regulation has increased tremendously since 2004, with the Money Laundering Regulations 2003 coming into force,” says Geoffrey Dearing, solicitor and consultant at Brachers Solicitors. “Recent decisions of the Court of Appeal have stressed that all professionals must comply scrupulously with the legislation, or face the consequences.”
As the new Money Laundering Regulations 2007 come into force as of 15 December 2007, however, firms will need to be even more on the ball, as existing regulations will be revoked from that date. “The impact of the new regulations will create further work for solicitors in the area of due diligence in terms of identification of clients, beneficial owners and beneficiaries, and there will be a need to monitor ongoing business relationships, including existing clients who may not have been subject of identity checks in the past,” says Dearing.

Fathoming the regulatory requirements
For Morgan Williams, partner and money laundering reporting officer (MLRO) at Lee & Priestley LLP, these preceding weeks involve really understanding the sometimes vague terminology to work out how his firm needs to respond to the regulations, before they come into force. “In a number of ways, the regulations are quite obviously a departure from the 2003 regulations – this is the advent of real risk-based language, frequently demanding risk-based or risk-sensitive analysis and procedures. The Law Society has been recommending this for years, but it was not necessarily the direction in which the 2003 regulations led us,” he says.
In particular, Williams is interested in how the new regulations appear to allow firms to construct their own anti-money-laundering framework for their individual businesses. For example, regulation 7(2) regarding the application of customer due-diligence measures, states: “Subject to regulation 16(4), a relevant person must also apply customer due diligence measures at other appropriate times to existing customers on a risk-sensitive basis.” Williams wonders, however, what this actually means in practice. “Okay, as MLRO I’m the relevant person, and the regulations say what I need to do – that is, to apply due-diligence measures to existing customers – but what is meant by ‘appropriate times’? I’m not an expert in money laundering and I don’t advise people every day on compliance. For me, ‘appropriate’ could mean anything from weekly to monthly, to never!”
Indeed, Williams also points out that due-diligence measures will necessarily vary between different types of firm, with different types of client and work, and different specialisations. “Appropriate times for client due-diligence measures will be different between our property lawyers where there is higher risk of money laundering and, say, our corporate or litigation divisions, where there is little suspicious activity. In addition, there will be very little resemblance between our compliance procedures and, say those of a large firm like Herbert Smith, which deals with very different kinds of clients.”
In addition to due-diligence measures, regulation 19 also focuses on the importance of record-keeping, both as evidence of a client’s identity but also, “in respect of a business relationship or occasional transaction which is the subject of customer due-diligence measures or ongoing monitoring.” For Williams, this again raises some questions. “The regulations seem to be driving towards a regime that is record based,” he says. “But the monitoring and record-keeping in one department is going to differ to the requirements of another practice area – for example, the Wills department is unlikely to have as extensive monitoring or record-keeping requirements as the property division. But how much monitoring and record-keeping is adequate?”

Lacking time and/or resources?
With firms facing increased demands for due diligence and record keeping – especially, for example, where a client is not seen in person (see regulation 14, ‘Enhanced customer due diligence and ongoing monitoring’) – increased resources, involving both time and financial investment, will be needed. “Firms will need in particular to consider the enhanced due diligence and monitoring requirements,” says Dearing. “In accordance with the regulations, training must also now be carried out ‘regularly’ and firms will need to put in place any policies and procedures which have not yet been implemented to meet the new regulatory requirements.” Regulation 20, for instance, provides that solicitors will need to:
“Establish and maintain appropriate risk-sensitive policies and procedures which relate to:

Customer due-diligence measures and ongoing monitoring;
Reporting;
Record keeping;
Internal controls;
Risk assessment and management;
The monitoring and management of compliance with, and the internal communication of, such policies and procedures,

In order to prevent activities related to money laundering and terrorist financing.”
This is all well and good, but in firms (particularly smaller businesses) where resources may be stretched, there might be serious concerns about how these requirements can be met. Williams, for instance, is a partner in the corporate services/banking department. He is also the firm’s client care partner and risk partner, as well as its MLRO. That’s a fair few responsibilities for one lawyer. In addition, he thinks that few professionals before today had really understood the 2003 money-laundering-compliance requirements and even fewer would have read the earlier 1990’s regulation. Perhaps this is why Dearing also appears to be so busy right now. Since 2004, he has been a consultant for Brachers Solicitors (he was formerly the firm’s managing partner, from 1996 to 2004), which includes assisting in some areas of risk management, particularly anti-money laundering where he provides some internal training. He also acts as a consultant for a group of nine law firms in risk management, as well as assisting a number of firms over the past three years with anti-money-laundering training. It is again a broad remit, reflecting the sudden and quite far-reaching push that firms must now make to be compliant.
And despite such efforts, some firms will still be facing questions over who will ultimately take responsibility for compliance. “There’s a bit of a debate about who is going to bear the brunt of technical aspects,” admits Williams. “There’s so much administration demanded by the regulations – trust-based issues will be dealt with by the head of the private-client department. But for corporate issues – for example, ascertaining beneficial ownerships – I’ll have to shoulder the responsibility. If I’m not here, it’ll have to be shared out.” Many firms may seek to centralise control for money-laundering compliance, thereby leaving lawyers to get on with their jobs of fee earning but, even then, the chosen person may not have the expertise to understand the requirements of each practice area and different clients. “A lawyer experienced in litigation or employment just wouldn’t be able to deal with the issues arising from beneficial ownerships with corporate clients,” says Williams. This inevitably means that compliance will involve a firm-wide team effort – firms will not be able to get away with trusting an individual or two to manage the complex requirements of the incoming regulations.

But what about the clients?
Firm-wide training, an agreed line of responsibility, and the implementation of effective record-keeping processes will be essential for firms in weeks and months to come. But there is the inevitable impact of such efforts on client relationships. Williams agrees that there will be delay issues as firms look to verify a client’s identity and beneficial ownership. Perhaps a larger client, managing its own money-laundering compliance, will understand the difficulties and there will be few issues over co-operation. But others may find it difficult to understand why their legal-service delivery is suddenly taking so long. For a new client, there is a loophole in the regulations regarding client identification:

“Such verification may be completed during the establishment of a business relationship if:

This is necessary not to interrupt the normal conduct of business; and
There is little risk of money laundering or terrorist financing occurring, provided that the verification is completed as soon as practicable after contact is first established.” (Reg. 9(3))

But Williams has concerns over this. “You can commence a relationship as long as the risk is low. But who is going to take the responsibility for this? How can you decide what the risk is until you’ve verified identity and beneficial ownership?”
In addition, with ongoing monitoring, Williams points to existing clients who may have incredibly complex ownership structures. If the firm regularly monitors such a client, they will need the client to co-operate by sending through all the required data/information. But what if the client (despite having spent the past 20 years with the firm) decides not to comply, asks Williams? In such a scenario, the regulations demand that the firms “must terminate any existing business relationship with the customer” (reg. 11(1)). “If we all wanted a good reason not to find any ‘appropriate times’ to apply ongoing due-diligence measures to existing clients, the fear of losing such loyal clients sounds rather enticing.”
For all the concerns over wording in the regulations and the additional resources that firms will need to employ to comply, there is still some positive feedback over the changes. As Williams says: “Any piece of legislation that forces professionals to know more about their clients is a good thing. If the Money Laundering Regulations 2007 makes our lawyers dig deeper into the firm’s client relationships, so much the better.”
For Dearing, the regulations also fit into the broader picture. “I believe anti-money-laundering requirements are highly relevant to several areas of the firm’s wider risk-management framework. Imagine the damage if a money-laundering offence is committed in terms of financial, professional and reputational risk?”
And this is perhaps where the key lies. There will continue to be concerns over responsibilities, resources and client satisfaction in connection with money-laundering regulation, but success will be about applying the rules on a firm-wide basis and integrating into the other financial and risk functions of the firm. The regulations will also need to be applied to each individual business – its specialisations, types of client, varying expertise and size. As Williams says, there will be no one-size-fits-all approach.
Finance professionals must understand the kinds of challenges their lawyers face in complying with the regulations – including concerns about delays or client dissatisfaction, which may lead to attempted short-cuts or avoidance techniques. Accounting staff need to be trained to recognise suspicious cash-flows or incomplete client ledgers. By understanding some of the vague language in the regulations and how their solicitors are responding to those, the finance team will also be able to far better support their firm and ensure that the business is safeguarded against future money-laundering threats.

Money Laundering Regulations 2007: Key highlights

5. Meaning of customer due diligence measures
“Customer due diligence measures” means:
(a) Identifying the customer and verifying the customer’s identity on the basis of documents, data or information obtained from a reliable and independent source;
(b) Identifying, where there is a beneficial owner who is not the customer, the beneficial owner and taking adequate measures, on a risk-sensitive basis, to verify his identity so that the relevant person is satisfied that he knows who the beneficial owner is, including, in the case of a legal person, trust or similar legal arrangement, measures to understand the ownership and control structure of the person, trust or arrangement; and
(c) Obtaining information on the purpose and intended nature of the business relationship.

7. Application of customer due diligence measures
(1) Subject to regulations 9, 10, 12, 13, 14, 16(4) and 17, a relevant person must apply customer due diligence measures when he:
(a) establishes a business relationship;
(b) carries out an occasional transaction;
(c) suspects money laundering or terrorist financing;
(d) doubts the veracity or adequacy of documents, data or information previously obtained for the purposes of identification or verification.
(2) Subject to regulation 16(4), a relevant person must also apply customer due diligence measures at other appropriate times to existing customers on a risk-sensitive basis.
(3) A relevant person must:
(a) determine the extent of customer due diligence measures on a risk-sensitive basis depending on the type of customer, business relationship, product or transaction; and
(b) be able to demonstrate to his supervisory authority that the extent of the measures is appropriate in view of the risks of money laundering and terrorist financing.

8.Ongoing monitoring
(1) A relevant person must conduct ongoing monitoring of a business relationship.
(2) “Ongoing monitoring” of a business relationship means:
(a) scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person’s knowledge of the customer, his business and risk profile; and
(b) keeping the documents, data or information obtained for the purpose of applying customer due diligence measures up-to-date.

9. Timing of verification
(1) This regulation applies in respect of the duty under regulation 7(1)(a) and (b) to apply the customer due diligence measures referred to in regulation 5(a) and (b).
(2) Subject to paragraphs (3) to (5) and regulation 10, a relevant person must verify the identity of the customer (and any beneficial owner) before the establishment of a business relationship or the carrying out of an occasional transaction.
(3) Such verification may be completed during the establishment of a business relationship if:
(a) this is necessary not to interrupt the normal conduct of business; and
(b) there is little risk of money laundering or terrorist financing occurring, provided that the verification is completed as soon as practicable after contact is first established.

11. Requirement to cease transactions etc.
(1) Where, in relation to any customer, a relevant person is unable to apply customer due diligence measures in accordance with the provisions of Part, he:
(a) must not carry out a transaction with or for the customer through a bank account;
(b) must not establish a business relationship or carry out an occasional transaction with the customer;(c) must terminate any existing business relationship with the customer;
(d) must consider whether he is required to make a disclosure by Part 7 of the Proceeds of Crime Act 2002 or Part 3 of the Terrorism Act 2000.

19. Record-keeping
(1) Subject to paragraph (4), a relevant person must keep the records specified in paragraph (2)...
(2) The records are:
(a) a copy of, or the references to, the evidence of the customer’s identity obtained pursuant to regulation 7, 8, 10, 14 or 16(4);
(b) the supporting records (consisting of the original documents or copies) in respect of a business relationship or occasional transaction which is the subject of customer due diligence measures or ongoing monitoring.

The cases that demonstrate money-laundering dangers for law firms

Philip Griffiths – ‘one error’ leads to imprisonment
In September 2006, the Court of Appeal reduced the sentence handed down to solicitor Philip Griffiths, from 15 months’ imprisonment to six months. His conviction for money-laundering offences, however, had already reaped devastating consequences, with Mr Justice Leveson noting that the solicitor had already lost his legal practice and that the impact on his health and personal life had been dramatic. He also predicted that Griffiths would be ‘rightly’ struck off the roll.
Griffiths responded by saying, in a reverberating warning to other solicitors, that ‘it only takes one error to find yourself in the same situation’. Indeed, Griffiths was acquitted of more serious offences based on knowledge and suspicion; instead, he was convicted of failing to disclose to authorities when he had reasonable grounds for knowing or suspecting that a transaction involved money laundering. In fact, when he acted for an estate agent whom he knew and trusted in the purchase of a house for less than its value, he only earned his normal conveyancing fee of £399. When it transpired that the property was being sold by drug traffickers, that mere £400 must have seemed as pretty paltry compensation for Griffiths’s ensuing imprisonment.

Brian Dougan – a wake-up call for accounts departments
In December 2006, a confiscation hearing in Liverpool Crown Court ordered a convicted solicitor to pay £86,500, including costs, to cover his part in a £300,000 red diesel money-laundering scam. Brian Dougan from Armagh, was jailed for three months on 24 July 2006, following a lengthy investigation by HM Revenue and Customs into the suspicious activity of an oils gang, led by convicted fuel fraudster Thomas McCague. This included an examination of the origin of large sums of money passing through Dougan’s client accounts on behalf of McCague in 2001 and 2002. In May 2006, Dougan eventually pleaded guilty to converting or transferring the proceeds of criminal conduct by allowing £66,500 to pass through his client account, on behalf of McCague. Defending himself, Dougan claimed that McCague had a profitable car-wash business and he was not surprised when large amounts of cash were brought in.
At the trial, Judge Swift acknowledged that ‘Dougan was a naive victim of a sophisticated criminal’, but that neither prevented a custodial sentence nor the more recent financial penalty for his involvement in money laundering.

Bowman v Fels: Litigation departments off the hook?
On 8 March 2005, the Court of Appeal handed down its decision in the matter of Bowman v Fels [2005] EWCA Civ 226; (2005). The decision had been eagerly awaited by solicitors who were struggling to comprehend and observe the requirements of the Proceeds of Crime Act 2002 (the Act) since it came into force on 24 February 2003.
Ms Bowman and Mr Fels were estranged cohabitees. Bowman claimed a beneficial interest in a property registered in Fels’s sole name arising out of a constructive trust. In the course of the litigation that arose from the breakdown of Bowman and Fels’ relationship, the solicitors acting for Bowman made an authorised disclosure to the National Criminal Intelligence Service (NCIS) – in accordance with what they understood to be their obligations under the Act – of their suspicion that Fels had included the cost of work he had carried out at the property in his business accounts and VAT returns, even though these works were unconnected with his business. A consequence of the disclosure was for Bowman’s advisers to seek a delay in the trial because it was believed that the appropriate consent required from NCIS to permit them to continue with the litigation would not be forthcoming before the trial. Bowman’s solicitors did not feel that it was appropriate for them to inform Fels’s solicitors of the reasons for seeking an adjournment. On an interlocutory application, Judge Cowell found that Bowman’s solicitors should explain to Fels’s solicitors why they were seeking an adjournment and that their refusal to continue preparing for trial whilst awaiting consent from NCIS was inappropriate.
Bowman’s solicitors appealed the decision because of the criticism of their interpretation of the Act. The Law Society, the Bar Council and NCIS intervened in the appeal.
The Court of Appeal concluded on a central issue, saying: “The proper interpretation of s328 [“a person commits an offence if he enters into or becomes concerned in an arrangement which he knows or suspects facilitates (by whatever means) the acquisition, retention, use or control of criminal property by or on behalf of another person”] is that it is not intended to cover or affect the ordinary conduct of litigation by legal professionals,” (paragraph 83 of the judgment). The court also went on to conclude that s328 was not sufficiently strongly worded to override legal professional privilege (paragraph 87 of the judgement).
These judgements would imply that litigation work is not affected by money-laundering compliance. However, litigation practices need to be careful as the court also held that legal privilege would not apply to clients who had used solicitors to pursue sham litigation – for example, staged accident claims. Nor would it pertain to dealings following the completion of litigation.