Key Aspects

• On 5 August 2024, the Solicitors Regulation Authority (SRA) published its latest guidance on complying with the UK Sanctions Regime. This document reflects significant updates, aligning with recent legislative changes and proactive supervision practices. 
• The guidance outlines best practices, including assessing sanctions risks, continuous monitoring, staff training, and implementing policies to verify clients against sanctions lists using digital tools. 
• It also highlights the complexity of verifying non-natural persons due to intricate legal structures and recommends firms to regularly reassess clients and related parties in response to sanctions changes. 
• The SRA's guidance highlights several red flags, such as unusual transactions and opaque ownership, which may indicate risks and necessitate further investigation or reporting.

Best Practices

The SRA’s guidance provides several best practices for firms to follow to ensure compliance with the UK Sanctions Regime. To comply with the sanctions regime, it is essential to know the clients, their ownership, and control, as well as any counterparties and third parties providing funding. Counterparties and third parties present risks because if they are designated persons or controlled by designated persons, the funds they introduce may need to be frozen and made unavailable to the designated person.

Relying on others for assurance about designation status is insufficient. A basic verification of client identities, including for non-natural persons with significant control or ownership (at least 50%), and counterparties should be done against the UK consolidated sanctions list. This can be done with digital screening tools or HM Government's free screening platform, which can find both partial and exact matches.

Designated persons may attempt to conceal their identity to evade sanctions. Therefore, client assurances should be verified thoroughly, and assumptions about non-natural persons having no links to designated individuals should be avoided.

The thorough due diligence involves answering 'who', 'how', and 'why' regarding the matter. Checking names against the sanctions list alone is not sufficient; it is crucial to determine if a designated person controls the client or counterparty.

The Guidance further enumerates standard actions for ensuring Compliance with the financial sanctions regime, which include:

• Assessing and mitigating sanctions risks.
• Implementing policies to verify clients and counterparties using independent sources.
• Keeping records of risk assessments.
• Continuously monitoring clients for changes in sanctions status.
• Training staff on sanctions compliance and procedures.
• Reporting sanctions risks and compliance performance to senior management.
• Conducting regular independent audits of the compliance regime.
• Establishing protocols for handling designated persons, including reporting, freezing assets, and halting payments.
• Screening staff for sanctions compliance during onboarding.
• Self-reporting breaches of the sanctions regime.

Due diligence on non-natural persons and counterparties can be complex due to intricate legal structures. Verification of identities is crucial to ensure compliance, avoiding situations where designated persons are hidden behind anonymizing structures.

Firms with an AML compliance regime can achieve high standards of sanctions controls by verifying clients according to money laundering regulations and then checking against sanctions lists. The definition of 'control' under the sanctions regime differs from 'beneficial ownership' in AML regulations, often requiring a 50% shareholding threshold.

For firms without an AML regime, implementing this compliance framework can be more challenging. Including 'becoming a designated person' as a valid reason for ending client relationships is advisable. Senior management should approve the onboarding of higher-risk clients and matters, with heightened scrutiny of fund movements. For state-owned entities in jurisdictions with designated senior politicians, consideration should be given to whether these politicians control the entities.

Regular rechecking of clients and related parties in response to sanctions changes is necessary, and subscribing to OFSI/OTSI alerts is recommended. Maintaining a comprehensive understanding of clients and counterparties, including their ownership structures, is crucial, as highlighted by various examples of firms encountering designated persons during their engagements.

Offering services to designated persons is high-risk due to stringent and changing sanctions requirements, and potential reputational and financial risks. Firms should limit this work to experienced staff, ensure clear communication between sanctions experts and finance teams regarding frozen funds, and consider forming sanctions committees and centralizing queries for better control and compliance.

How to choose a proper screening tool?

Screening tools can help firms avoid exposure to designated persons by offering services compliant with AML requirements. To ensure these tools provide adequate protection, the Guidance suggests considering the following:

• Update Frequency: How often is sanctions data updated? Daily updates are ideal.
• Sanctions Databases: Which databases are searched, and do they cover all relevant geographical areas?
• Jurisdictional Coverage: Do they cover all jurisdictions relevant to your business, and how frequently are these lists updated?
• Name Variations: How does the tool handle different name spellings or translations from non-Roman scripts?
• Match Confidence: For partial or 'fuzzy' matches, what is the confidence level, and is it adjustable?
• Beneficial Ownership: How does the tool assess beneficial ownership and control?

Red Flags

The guidance also identifies several red flags and additional considerations that firms should be aware of to avoid potential pitfalls. 

Such red flags, which may also indicate AML concerns, include unusual, opaque, or large transactions; aggressive client behavior towards controls; and unexplained involvement of specific jurisdictions, particularly those known for illicit activities. Other indicators are clients or counterparties changing names without valid reasons, using newly opened or irrelevant accounts, and signs of sham litigation. Additional red flags include outdated due diligence, unsubstantiated restructuring, obscure ownership through corporate vehicles, and third parties potentially hiding designated persons. Characteristics that may exacerbate risks include newly established companies, trusts set up for children, anomalies in gold transactions, and oil transactions involving sanctioned entities or non-compliant jurisdictions. If such red flags are identified, firms should assess if a report to OFSI/OTSI or exiting the client relationship is necessary.

By adhering to these best practices and remaining vigilant about red flags, firms can effectively navigate the complexities of the UK Sanctions Regime. The SRA’s comprehensive guidance provides a solid framework for maintaining regulatory compliance and mitigating risks associated with designated persons.