Clean Hands, Dirty Money
Legal Innovation
Legal Technology and Innovation

The Illusion of AML Compliance: Why Solicitors and Law Firms Continue to Fail

Written by John Barwell
AML · Solicitors · Regulatory accountability

The Law Society’s money-laundering risks guidance is not merely another compliance update. It is a warning about how quickly criminal methods are evolving, and how exposed law firms become when AML controls are treated as paperwork rather than professional duty.

Category
Regulatory accountability
Jurisdiction
England & Wales
Reading time
c. 7 minutes
Last reviewed
1 June 2026
By-line
Legal Lens

Publication snapshot

  • The Law Society’s AML risk material identifies fast-moving threats for solicitors and law firms.
  • The risk areas include AI-enabled fraud, deepfakes, cryptocurrency, conveyancing fraud, complex corporate structures and sanctions exposure.
  • The central problem is the gap between published guidance and embedded firm-level compliance culture.
  • The SRA’s own AML reporting shows significant supervisory activity, but enforcement credibility remains a live public-interest question.
  • The practical answer is stronger risk assessment, better supervision, real-time monitoring and a culture where AML is treated as a non-negotiable professional obligation.
Reader note: this article is public-interest commentary on anti-money laundering compliance in the legal profession. References to weak enforcement, poor compliance culture, client-account misuse, conveyancing fraud, cryptocurrency risk or professional gatekeeping failure are made as general criticism and analysis. They should not be read as allegations against any particular firm, solicitor or individual unless supported by a court, tribunal, regulator, disciplinary decision or other competent authority.

Why this matters

AML compliance is not an administrative burden that sits apart from professional ethics. It is one of the ways the legal profession protects the rule of law from exploitation by criminals, fraudsters and those seeking to move or disguise illicit wealth.

Solicitors occupy a privileged position in the financial system. They handle client money, advise on property transactions, create and unwind corporate structures, assist with estate planning, and facilitate high-value commercial arrangements. That position makes them useful to legitimate clients. It also makes them attractive to criminals.

The Law Society’s money-laundering risk material is therefore important not because it tells the profession something abstract, but because it shows how specific, practical and current the risk has become. The question is whether firms are converting that guidance into daily conduct.

Core issue: guidance does not protect the public unless firms turn it into supervision, training, risk assessment, source-of-funds scrutiny and refusal to act where the risk cannot be managed.

A profession at risk

The legal profession is a gatekeeper profession. That is a strength when firms perform due diligence properly. It is a weakness when firms treat AML checks as form-filling, rely on incomplete information, or fail to challenge implausible transactions.

The most obvious risk is client-account misuse. Client accounts can be attractive because they carry the appearance of professional legitimacy. Where money moves rapidly through a solicitor’s account without proper purpose, due diligence or transactional justification, the firm becomes part of the risk pathway.

Another persistent weakness is poor client and matter risk assessment. If a firm cannot explain why a client, transaction or source of funds is low, medium or high risk, it cannot demonstrate that it applied the correct level of scrutiny.

The recurring fault lines

Client accounts

Large, fast or unexplained movements of money can create serious laundering risk where there is no clear legal-service purpose.

Risk assessments

Client and matter assessments must be specific, reasoned and updated when the facts change.

Beneficial ownership

Superficial reliance on registers may be inadequate where ownership, control or influence is obscured.

Firm culture

AML failure often begins when fee earning, speed or client pressure is allowed to override risk judgment.

Emerging threats: AI, deepfakes and cryptocurrency

Generative AI has changed the fraud landscape. Deepfakes, voice cloning, impersonation and AI-enabled phishing make it easier to deceive clients, staff, counterparties and finance teams.

For law firms, this is not only a cybersecurity issue. It is also an AML and client-protection issue. If identity can be manipulated, payment instructions can be altered, and correspondence can be spoofed, then verification procedures must become more robust.

Cryptocurrency creates a different risk. Its use in ordinary legal services may remain limited, but the source-of-funds and source-of-wealth problem is acute where cryptoassets are converted into conventional currency before a solicitor is instructed. Conversion into pounds does not remove the obligation to understand where the value came from.

Traditional risk

Cash, property, corporate layering and client-account misuse remain central AML concerns for law firms.

Emerging risk

AI-enabled impersonation and cryptoasset conversion make verification and source-of-wealth analysis more difficult.

Firms that continue to operate old verification routines against new fraud methods are not being cautious. They are falling behind the threat.

Conveyancing and corporate structures remain high-risk

Conveyancing remains one of the highest-risk practice areas because property transactions provide speed, value and apparent legitimacy. Fraudsters can target deposits, impersonate parties, spoof emails, create bogus law firms, and divert payments into criminal-controlled accounts.

These risks are not limited to one weak link. A conveyancing file can involve identity risk, source-of-funds risk, cyber risk, sanctions risk, beneficial ownership risk and pressure to complete quickly.

Corporate structures create a separate but connected problem. Circular ownership, nominee arrangements, layered entities and offshore links can make it difficult to understand who ultimately owns, controls or benefits from a transaction.

How AML risk becomes professional risk

  1. 1

    A client or transaction appears commercially attractive but carries unusual complexity, urgency or opacity.

  2. 2

    The firm treats AML questions as a checklist rather than a live risk assessment.

  3. 3

    Source of funds, beneficial ownership or transaction purpose is not properly evidenced.

  4. 4

    The firm becomes exposed to regulatory, criminal, civil and reputational consequences.

The practical answer is not to avoid complex work. It is to ensure that complex work is supervised, documented and challenged by people with sufficient experience and independence.

The SRA’s enforcement problem

Guidance is useful only if it is backed by credible enforcement. That is where criticism of the SRA becomes unavoidable.

The SRA’s AML Annual Report records significant supervisory activity, including proactive inspections, desk-based reviews, sanctions inspections and enforcement action. That activity matters. But enforcement credibility depends not only on the number of engagements, but on whether firms believe serious AML failures will carry serious consequences.

Where penalties appear low against the duration or seriousness of non-compliance, the deterrent effect is weakened. Firms may conclude, wrongly but predictably, that AML failure is a manageable regulatory cost rather than a fundamental professional breach.

Accountability point: a regulator can publish guidance, warnings and annual reports, but the profession will judge seriousness by enforcement outcomes, speed of intervention and whether repeat or long-running failures attract meaningful consequences.

Raising the bar for compliance

The profession needs a cultural shift. AML compliance should be treated as part of competent legal practice, not as an administrative layer imposed by regulation.

That means partners, compliance officers, fee earners and finance teams must understand the risks in the work they actually do. A conveyancing team needs to understand payment diversion, source-of-funds evidence and fraud indicators. A corporate team needs to understand beneficial ownership and layering. A private-client team needs to understand trusts, politically exposed persons and source-of-wealth risk.

Firm-level controls

  1. Use live client and matter risk assessments rather than static tick-box forms.
  2. Apply source-of-funds and source-of-wealth checks proportionately but rigorously.
  3. Monitor client-account use and challenge transactions with no clear legal-service purpose.
  4. Update training for AI impersonation, deepfake, spoofing and cryptoasset risks.
  5. Escalate complex ownership, offshore or high-risk matters for senior review.

Regulatory controls

  1. Target supervision at high-risk practice areas, not only firms with obvious historic breaches.
  2. Publish clearer learning from enforcement outcomes and repeat-risk patterns.
  3. Use meaningful sanctions where failures are prolonged, systemic or senior-led.
  4. Test whether firms are applying guidance in live files, not merely holding policies.
  5. Make AML enforcement visibly connected to client protection and public trust.

The strongest firms will not wait for enforcement. They will treat the Law Society’s risk material as a prompt to test files, retrain teams, update controls and challenge complacency.

The closing point: a warning unheeded?

The Law Society’s risk material should be treated as a practical warning. The threats are not theoretical. AI-enabled fraud, cryptoasset laundering, conveyancing fraud, corporate layering and sanctions exposure already sit inside the risk environment of modern legal practice.

The question is whether solicitors and law firms are adapting quickly enough. If AML remains a compliance file rather than a professional instinct, the profession will remain exposed.

Guidance without enforcement is weak. Enforcement without culture change is incomplete. The profession needs both: firms that treat AML as non-negotiable, and a regulator willing to act decisively when they do not.

Legal Lens supports litigants in person, whistleblowers, small-business accountability work and public-interest scrutiny in England & Wales. Contact Legal Lens.

This article is public-interest commentary and general legal-policy analysis. It is not legal advice, AML advice, regulatory advice, tax advice or professional-conduct advice. Anti-money laundering duties, sanctions controls, source-of-funds checks, source-of-wealth evidence, cryptocurrency, conveyancing fraud, corporate structures, SRA enforcement, regulatory settlement agreements, limitation, privilege, confidentiality and publication risk are fact-sensitive and should be assessed against the underlying rules, guidance, file evidence and independent advice where required.

Leave a Reply

Your email address will not be published. Required fields are marked *

Skip to toolbar