When a private company applies to become a client, the accountancy firm must establish which individuals ultimately own or control it. Their identities must be checked, and the AML file must show why the practice was satisfied with the ownership position before accepting the engagement. The depth of the work should reflect the complexity of […]
Remote working and delivery-channel risk in AML
Accountancy firms must assess how remote onboarding, digital communication, and third-party delivery affect their ability to understand each client relationship. This becomes especially relevant when the firm is not dealing directly with the client or is relying too heavily on information from one channel. By extension, this makes it harder to confirm who is involved […]
Geographic AML risk in a firm-wide risk assessment
A firm-wide risk assessment (FWRA) must show where the practice’s geographic exposure comes from across its client base. This includes the countries connected to the client’s business activities, ownership, and financial arrangements, as well as the locations that the practice operates. In most cases, the geographic section of the FWRA can be organised around information […]
Does a small accountancy firm need an independent AML audit?
Small accountancy firms must decide whether their AML arrangements require independent testing under Regulation 21 and who can perform that work with sufficient separation. Any review carried out for that purpose should establish whether the practice’s controls operate effectively in day-to-day work and whether identified weaknesses are sufficiently addressed. Whether independent testing is needed depends […]
Service-line AML risk: Tax, payroll, bookkeeping, accounts, and TCSP work
Every accountancy practice is responsible for assessing how its services could be used to conceal criminal funds, support misleading financial records, or give credibility to questionable activity. In practice, the firm-wide risk assessment (FWRA) should begin with the services the practice actually provides. Each service line is important because it affects what the firm is […]
Employee screening under the Money Laundering Regulations
Accountancy firms are responsible for checking that employees whose work affects AML compliance have the competence and integrity needed for their role. This assessment applies when the employee is appointed and continues while they carry out relevant duties. The way responsibility is organised will depend on the practice. A larger firm, for example, might divide […]
When should firms review their AML risk assessment and policies?
Accountancy firms need to keep their firm-wide risk assessment (FWRA) and AML policies aligned with the way the business actually operates. This means setting a sensible review cycle and knowing when changes in the practice, such as client base or services, require a review before the planned date. The size and structure of the practice […]
How to use HMRC’s accountancy-sector risk guidance in a firm-wide risk assessment
Accountancy practices must evaluate how HMRC’s sector guidance affects their firm-wide risk assessment (FWRA). The FWRA should show which risks are relevant to the practice and how the firm reached its conclusion. How HMRC’s guidance is applied will depend on the size and structure of the practice. A sole practitioner, for example, might approach the […]
AML responsibilities for sole practitioners
AML duties do not disappear because an accountancy practice is run by one person. While a sole practitioner does not need the same compliance structure as a larger firm, supervisors still expect to see how AML risks are being assessed, managed, and reviewed in practice. The core issue is how these responsibilities sit with the […]
Who should be the MLRO or nominated officer in a small accountancy practice?
In a small accountancy practice, the MLRO role is significantly more important than an administrative appointment. It is the point at which internal concerns about possible money laundering are assessed and, where necessary, turned into an external report. The role needs someone with direct access to the client file and engagement context, as well as […]











