Anti-Money Laundering
A client walks into your firm wanting help buying a flat in cash, no mortgage, no questions asked about where the money came from. Say yes without a second thought, and you are not merely being unhelpful to the profession's reputation — you may be committing a criminal offence yourself, one that carries a maximum sentence of fourteen years in prison. Anti-money laundering law is unusual among the subjects on the SQE1 syllabus in that it does not just regulate what your client may do; it regulates what you may do in response, and getting it wrong can end a career as surely as it can end a client's liberty.

The Proceeds of Crime Act 2002 (POCA 2002) is the backbone of English money laundering law, and its most important feature — one students often miss — is that its principal offences apply to everyone in England and Wales, not merely to solicitors, accountants, or bankers working in regulated professions. A builder paid in unexplained cash, a friend who agrees to "hold" someone else's money, a person who simply spends stolen funds: all of them can fall within POCA's reach.

Three sections do the heavy lifting, and together they are known as the principal (or substantive) money laundering offences:
Section 327 — concealing, disguising, converting, transferring, or removing criminal property from the jurisdiction. Section 328 — entering into or becoming concerned in an arrangement which the person knows or suspects facilitates another person's acquisition, retention, use, or control of criminal property. Section 329 — acquiring, using, or possessing criminal property.

Notice the shape of these three offences: section 327 targets the laundering act itself (hiding or moving dirty money), section 328 targets facilitating someone else's laundering (the classic solicitor's-risk provision, since conveyancing, trust structuring, and corporate transactions can all be "arrangements"), and section 329 targets simply having the property. A single set of facts can trigger all three.
What makes property "criminal" in the first place? Section 340 supplies the definition: property is criminal property where it constitutes or represents a person's benefit from criminal conduct, and the alleged offender knows or suspects that it does so. Criminal conduct here is deliberately broad — it means conduct that constitutes an offence anywhere in the UK, or would constitute an offence in the UK had it occurred there. This means foreign tax evasion, foreign bribery, or foreign drug trafficking can all generate "criminal property" for POCA purposes, even though the underlying conduct never touched England or Wales.

The mens rea: suspicion is enough
Here is the detail that catches out students who assume criminal offences always require something close to certainty: the mental element for the principal offences is knowledge or suspicion that the property is criminal property. Suspicion is a markedly lower threshold than actual knowledge — the courts have described it as more than fanciful but well short of belief on the balance of probabilities. For a solicitor, this means a nagging doubt about a client's source of funds is not something you can lawfully choose to ignore; the moment suspicion arises, POCA's machinery engages.
A narrow defence — and why it barely helps solicitors
Section 329 carries its own defence: a person does not commit that offence if they acquired, used, or possessed the property for adequate consideration — in essence, they paid a fair price and were not complicit in the underlying wrongdoing. Crucially, this defence is confined to section 329. It does not extend to sections 327 or 328, so a solicitor cannot argue "but we were paid our normal fee" as an answer to a facilitation charge under section 328. Given how often solicitors' exposure arises through section 328 (advising on or arranging transactions), this asymmetry matters enormously in practice.
Conviction on indictment for any of sections 327, 328, or 329 carries a maximum sentence of fourteen years' imprisonment — a penalty on a par with serious violent and sexual offences, reflecting Parliament's view of money laundering as a serious threat to the integrity of the financial system.

The disclosure defence: how a solicitor stays lawful
POCA does not simply criminalise handling suspect property and leave professionals with no way out. It builds in an escape route: a person has a defence to the principal offences if they make an authorised disclosure before carrying out the prohibited act and obtain appropriate consent, or if they intended to disclose but had a reasonable excuse for not doing so. Section 338 sets out the requirements for making a valid authorised disclosure. Appropriate consent means consent from the firm's nominated officer, or — where the nominated officer refers the matter onward — consent from the National Crime Agency (NCA).

This is where the timing rules that examiners love to test come in. Once a request for consent reaches the NCA, the agency has a notice period of seven working days to respond; if it says nothing within that window, consent is treated as given by operation of law. If the NCA instead refuses consent within the notice period, a further moratorium period of 31 days begins, during which the transaction still cannot proceed without consent — giving law enforcement a combined window of up to roughly five weeks to investigate before a solicitor is free to act. Get this timeline wrong on the exam (or in practice) and you either transact too early, exposing yourself to a section 327–329 charge, or you needlessly stall a client for weeks you didn't need to.
A second tier of offences under POCA applies not to everyone, but specifically to those working in the regulated sector — a category that includes solicitors conducting relevant business such as conveyancing, company formation, and the management of client money and assets. These are failure-to-disclose offences, created by sections 330 and 331, and they punish silence rather than action.
- Section 330 makes it an offence for a person in the regulated sector to fail to disclose knowledge or suspicion of money laundering — to a nominated officer or the NCA — where there are reasonable grounds for that knowledge or suspicion.
- Section 331 is the mirror-image offence for the nominated officer (commonly known as the Money Laundering Reporting Officer, or MLRO): it is an offence for that officer to fail to pass on a report received from a colleague once they themselves know or suspect money laundering.
The test for these offences is deliberately demanding on professionals: it combines subjective suspicion (what did this individual actually think?) with an objective standard (what would a reasonable person working in the regulated sector have known or suspected, given the same information?). You cannot escape liability merely by claiming genuine ignorance if a reasonably alert solicitor in your position would have seen the red flags. Conviction on indictment carries a maximum sentence of five years' imprisonment — substantially lower than the principal offences, but still a career-ending outcome.
Legal professional privilege as a defence. A solicitor acting as a professional legal adviser has a defence to the failure-to-disclose offence where the relevant information came to them in privileged circumstances. This reflects the special protection the law affords to client confidences. But the defence is not absolute: it evaporates where information is communicated with the intention of furthering a criminal purpose — the well-known crime/fraud exception to privilege. A client who confides past wrongdoing while seeking genuine legal advice is different, in the law's eyes, from a client who uses the solicitor's office as a tool to commit further crime.

Suppose a solicitor suspects money laundering, makes an internal report, and now wants to explain to the client why the transaction has stalled. This is precisely the moment POCA's third category of offence bites. Section 333A creates the tipping-off offence, applying to those in the regulated sector who disclose that a suspicious activity report has been made, or that an investigation is being contemplated or carried out, where that disclosure is likely to prejudice the investigation. Conviction on indictment carries a maximum sentence of two years' imprisonment.
Separately, section 342 creates an offence of prejudicing a money laundering investigation — for example, by falsifying, concealing, destroying, or otherwise disposing of documents relevant to an investigation. This offence is broader than tipping off in that it is not confined to the regulated sector and does not require a disclosure at all; destroying evidence is enough.
The practical tension for the solicitor is real and constant: you must comply with your firm's internal reporting procedure and avoid alerting the client to the fact that a report has been or may be made, while somehow managing the client relationship and explaining delay without revealing the true reason. Vague, generic explanations for delay ("we need to complete further checks") are the standard professional technique for navigating this without committing an offence.
Making a suspicious activity report (SAR) internally
A suspicious activity report (SAR) is the mechanism by which knowledge or suspicion of money laundering travels from the individual solicitor who spots it to the people empowered to act: first the firm's nominated officer, and — if that officer decides escalation is warranted — ultimately the NCA. The expectation on a solicitor is to make an internal SAR to the nominated officer as soon as reasonably practicable after knowledge or suspicion arises; delay undermines both the solicitor's own defence and the firm's ability to seek appropriate consent before a transaction proceeds.
| Offence | Who it applies to | Conduct | Max sentence (indictment) |
|---|---|---|---|
| s.327 | Anyone | Concealing/disguising/converting/transferring/removing criminal property | 14 years |
| s.328 | Anyone | Arrangement facilitating another's acquisition/retention/use/control of criminal property | 14 years |
| s.329 | Anyone | Acquiring, using, or possessing criminal property | 14 years |
| s.330/331 | Regulated sector | Failure to disclose suspicion of money laundering | 5 years |
| s.333A | Regulated sector | Tipping off about a report or investigation | 2 years |
| s.342 | Anyone | Prejudicing an investigation (e.g. destroying documents) | N/A (triable either way) |
POCA punishes solicitors who get caught up in laundering after the fact; a parallel regulatory regime exists to stop firms getting caught up in the first place. The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 ("the MLR 2017") impose customer due diligence (CDD) obligations on law firms carrying out relevant business, and a breach of these regulations is a distinct regulatory matter from the criminal offences under POCA — a firm can fall foul of the MLR 2017 without anyone having committed a POCA offence at all.
Standard due diligence under the MLR 2017 requires a firm to:
- Identify the client and verify that identity using documents, data, or information from a reliable, independent source.
- Identify any beneficial owner of a corporate or trust client and take reasonable measures to verify that person's identity. A beneficial owner of a corporate client is generally an individual who holds, directly or indirectly, more than 25% of the shares or voting rights, or who otherwise exercises control over the client — the threshold that most students memorise as the headline figure, though "control" can capture individuals below it too.
- Obtain information on the purpose and intended nature of the business relationship, so the firm has a baseline against which to judge whether later transactions look consistent or suspicious.

All of this operates within a risk-based approach: a firm must assess the money laundering risk presented by each client and transaction and calibrate the intensity of due diligence to match. Crucially, CDD must generally be completed before the firm establishes the business relationship or carries out an occasional transaction for the client — due diligence is a gate to be passed through, not a formality to be tidied up afterward.
Simplified and enhanced due diligence
The risk-based approach cuts both ways:
Simplified due diligence (SDD) may be applied where the firm's own risk assessment identifies a low risk of money laundering or terrorist financing. Even so, the firm must continue ongoing monitoring of the relationship — SDD lightens the entry checks, not the vigilance that follows.
Enhanced due diligence (EDD) must be applied in higher-risk situations, including where: the client is a politically exposed person (PEP); the transaction is complex or unusually large; or the client is not physically present for identification purposes. EDD measures typically include obtaining additional information on the client's or beneficial owner's source of funds and source of wealth.
A politically exposed person is an individual entrusted with a prominent public function — think government ministers, senior judges, or heads of state-owned enterprises — together with their family members and known close associates. The elevated risk comes from the opportunity such positions create for corruption and the harder-to-trace international movement of funds that often accompanies it.

Ongoing obligations: monitoring, records, and governance
Due diligence is not a one-off event completed at onboarding. Firms subject to the MLR 2017 must carry out ongoing monitoring of the business relationship, including scrutiny of transactions to ensure they remain consistent with the firm's existing knowledge of the client. If a client's dealings suddenly look nothing like what the firm expected when the relationship began, that mismatch is itself a red flag worth investigating.
Beyond individual client files, the regulations impose firm-wide governance duties:
- A firm-wide written risk assessment of the money laundering and terrorist financing risks the firm faces, covering its client base, services, and geographic exposure.
- Appointment of a nominated officer and, where relevant, a management-level officer with responsibility for AML compliance — ensuring accountability sits with someone senior enough to act.
- Record-keeping: firms must keep records of customer due diligence and supporting evidence, generally for five years after the end of the business relationship, so that regulators and law enforcement can reconstruct what checks were done and when.
The Solicitors Regulation Authority (SRA) supervises solicitors' firms for compliance with the MLR 2017 and can take disciplinary action — quite separate from any criminal prosecution under POCA — where a firm's systems and controls fall short. A solicitor's failure to conduct adequate customer due diligence is, in other words, a regulatory breach in its own right, not merely a stepping stone to criminal liability.
For POCA purposes, the regulated sector includes independent legal professionals when they participate in specified financial or real property transactions on a client's behalf — conveyancing and the management of client funds being the paradigm examples for solicitors. This is why the failure-to-disclose and tipping-off offences (which apply only within the regulated sector) sit alongside the principal offences (which apply to everyone) as the twin pillars of a solicitor's AML exposure.
Put the pieces together and a coherent professional discipline emerges. When a solicitor is asked to act in a transaction and suspects the funds involved may be criminal property, the sequence of questions runs: Does appropriate consent need to be sought before proceeding? Has an internal SAR been made to the nominated officer as soon as reasonably practicable? And throughout, has the solicitor avoided tipping off the client while still discharging the firm's internal reporting procedure? Layered underneath all of this sits the preventive framework of the MLR 2017 — proper CDD at the outset, calibrated to risk, so that the suspicion triggering these questions arises as early and as reliably as possible. Mastering this topic for SQE1 means holding both halves in view at once: the criminal law that punishes getting it wrong, and the regulatory framework designed to stop things going wrong in the first place.