What is Compliance?

Compliance is the state of being in accordance with established guidelines or specifications or the process of becoming so – software, for example, may be developed in compliance with specifications created by a standards body, and then deployed by user organisations in compliance with a vendor’s licensing agreement.[1] It is the process of adhering to policies and decisions that can be derived from internal directives, procedures and requirements, or from external laws, regulations, standards and agreements.[2] Compliance sometimes overlaps with security—but the motive behind compliance is different as it is centred around the requirements of a third party, such as industry regulations, government policies, security frameworks, and client/customer contractual terms.[3]

In IT, compliance is a set of digital security requirements and practices and following compliance requirements is a way to ensure that a company’s business processes are secure and that sensitive data (including customers’ data) won’t be accessed by unauthorised parties.[4] Information Technology compliance can mean different things for every company depending on which technologies they implement in their business and their digital security requirements – health care organisations and banks will have different compliance standards than a computer sales office.[5]

While law firms can deliver compliance management and assistance to their clients without relying on legal IT software, this is an increasingly unsustainable approach to doing so -legal clients increasingly want more for less and if firms cannot deliver it, the reality is they will find another legal practice.[6] The goal of compliance is to provide security that is both desired by the customer and required by law in certain situations.[7] Compliance is a prevalent business concern, partly because of an ever-increasing number of regulations that require companies to be vigilant about maintaining a full understanding of their regulatory requirements for compliance and to adhere to compliance standards, an organisation must follow requirements or regulations imposed by either itself or government legislation.[8]

What is the Source of Funds Check?

Source of funds checks are very important but a few people are aware of them.[9] A source of funds check refers to the origin of the funds: proof to show that your funds come from a legitimate source – salary, profits earned from your business, a loan from the bank, and so on and firms need to know the source of their users’ funds for several reasons like – to ensure that the transactions made were completed by lawyers, to protect users and their funds from fraud, and to comply with the laws and regulations that allow firms to operate as a financial company.[10]

According to the LSAG guidance, “Source of Funds refers to the funds that are being used to fund the specific transaction in hand – i.e., the origin of the funds used for the transactions or activities that occur within the business relationship or occasional transaction – so the question you are seeking to answer should not simply be, “where did the money for the transaction come from,” but also “how and from where did the client get the money for this transaction or business relationship since it is not enough to know the money came from a bank account.[11] In establishing the source of funds, law firms must seek to understand not only where funds came from (in terms of the account from which they were transferred) but the activity that was involved in generating those funds – for example, a source of employment, the sale of a house, or an inheritance.[12] Source-of-funds checks are about limiting opportunities for criminals to use criminal property: there can be no money laundering without criminal property.[13]

What is Anti-Money Laundering (AML)

Anti-money laundering (AML) is a legal terminology that refers to the web of laws, regulations, and procedures aimed at uncovering efforts to disguise illicit funds as legitimate income.[14] It refers to the activities financial institutions perform to achieve compliance with legal requirements to actively monitor for and report suspicious activities.[15]  The objective of anti-money laundering (AML) is to deter criminals from feeding their illicit funds into the financial system as criminals use money laundering to hide the true source of their money that has been derived from crimes.[16] The primary purpose of AML regulations is to prevent money laundering and regulators publish a series of procedures to achieve this goal.[17]

The Financial Action Task Force (FATF) is responsible for the creation of most anti-money laundering standards, it made a framework for countries to follow and after putting this framework into effect, the FATF then began to systematically identify countries that did not have proper legislation regarding money laundering.[18] This tactic of singling out countries without the proper legislation against money laundering encouraged them to modify their legislation and actively start enforcing these policies and currently, 37 countries are a part of FAFT. Apart from KYC measures, organisations can apply Customer Due Diligence (CDD) procedures to understand their customers’ risks and know their customers better as the CDD procedures can detect risks new customers might bring and take necessary measures.[19] Anti-money laundering is closely related to counter-financing of terrorism (CFT), which financial institutions use to combat terrorist financing and AML regulations combine money laundering (source of funds) with terrorism financing (destination of funds).[20] Anti Money laundering laws or AML legislation is becoming increasingly strict for financial service providers as they must be prevented from financial crimes, financial action and/or terrorism.[21]

What is an ID Check?

ID verification or ID check is an authentication process that compares the identity a person claims to possess with data that proves it and many documents can serve as providers of this objective truth: birth certificates, social security cards, driver’s licenses, and others.[22] The ability to accurately recognize, identify, and verify a person is fundamental to establishing trust between financial service providers and their clients.[23] Identity verification is the important process of ensuring that a person is who they claim to be when opening a bank account, applying for a loan, or other financial processes. Though identity verification is an important security measure in combating new account fraud, Identity verification also plays a role in Know Your Customer (KYC) and anti-money laundering (AML) efforts at financial institutions which assess and monitor customer risk.[24]

Commonly for ID check, each candidate will provide a different set of identification documents – examples of commonly provided documents are birth certificates, passports, driver’s licences, medicare cards and bank/credit cards – and they are provided with detailed guidance as to what combinations of ID documents and additional details need to be provided and this documentation can be uploaded entirely online.[25] There are several methods and systems of carrying out offline and online identity verification services which means the identity verification process can be carried out in different ways depending on the channel and the way the method is used.[26] However, it is important to understand that not all online identity verification services and solutions comply with the standards and qualifications needed by law for most procedures (especially financial sector operations) to guarantee their legitimacy, safety, and trust – one such method is to verify people’s identity remotely is the use of images and selfies and it is only used to identify individuals for low-risk operations, as it is unreliable and uncertain.[27]

How are Compliance, Source of Funds Check, AML and ID Checks Used in the Legal Industry?

It is no secret that law firms are among the biggest targets for money laundering and lawyers who handle excessive amounts of funds confidentially are at the risk of non-compliance with the anti-money laundering regulations.[28] Moreover, legal department of most companies – with the help of legal department software solutions – is often the silent partner in the compliance dialogue but their expertise is nonetheless essential – with regulations such as the EU’s Fifth Money Laundering Directive (5MLD) front and centre when it comes to compliance, many law firms will be looking at what they need to do to ensure best practice and avoid Anti-Money Laundering (AML)-related difficulties in the years to come.[29] Under the supervision of OPBAS (The Office for Professional Body Anti-Money Laundering Supervisors), legal industry regulators have increased oversight to tackle the money laundering threat in the sector and in a climate of heightened regulatory focus, it is more important than ever that your Customer Due Diligence (CDD) controls are robust.[30]

The growing number of frauds, tax evasion, investment scams, and money laundering cases across the globe has once again turned the spotlight on the importance of complying with ID and Source of Funds Check, and AML policies.[31] Just because the money comes from a client’s bank account does not mean it’s clean – the bank may well have put in a report and received consent to send it to you while law enforcement gathers evidence on how the funds are being used and you need to make your own decision about the consistency of the funds with the client and whether there is information on which you can form a suspicion of money laundering.[32] Law firms can check all of this through policy document management softwares. This is available on Good Law Software’s platform too due to its partnership with Thirdfort.

To combat these frauds, law professionals must analyse the bank statements to determine if the documents clearly represent all the finances and transactions and if there is any suspicious activity, it is imperative to further investigate and bring it to the attention of the higher-ups – to put it simply, as a lawyer, you must be able to explain each legal transaction you have made with your clients and if required, you should also have sufficient evidence to prove that you took every measure to verify the source of funds.[33] Legal tech and compliance, AML, Source of Funds Check and ID Checks teams have to make risk management a main priority — and a core departmental mandate where their core value comes from helping companies manage exposure to legal and regulatory risk, and prevent reputational damage, while achieving strategic objectives.[34] As doing this manually is nothing short of a nightmare, law practitioners need to utilise legal technology solutions like Good Law Software that makes all of this easier through its partnership with Thirdfort.

The legal software systems can save time, which is one of the benefits of the legal practice software platforms, and in turn money – these are very important considerations, but by far the most important one is that compliance, Source of  Funds Check, AML and ID Checks are important and not optional![35] Law firms are encouraged to underpin your AML policies and procedures with a combination of expansive, insightful intelligence and flexible technology so that the lawyers will be able to conduct risk-based CDD that meets AML obligations quickly which will free them to focus on their core priority – customers.[36]

Although aspects of legal and compliance risk management vary from company to company, there are general principles that corporate counsels, risk officers, and compliance managers would do well to follow and paramount among them is adopting and implementing legal technology softwares in the form of AI-based legal document management systems that help further the corporate values of preparedness, adaptability, and resiliency, and are ideal for risk controls and mitigations, and reduced disputes.[37]

Through the efficient management of your key client data, GLS and Thirdfort integration provides effective, safe and secure ways in which your law firm can communicate with your clients and meet your compliance obligations.[38]

Aspects of compliance and legal risk management differ from company to company.

There are, however, principles that business counsels, risk officers, and compliance managers follow and prioritise in adopting and implementing.

Legal technology softwares in the form of legal document management systems further help today’s legal professionals to adhere risk management compliance policies, being ideal for risk controls and mitigations.

References

[2] https://www.gartner.com/en/information-technology/glossary/compliance

[3] https://www.bmc.com/blogs/it-security-vs-it-compliance-whats-the-difference/

[4] https://spinbackup.com/blog/it-compliance-explained/

[5]https://finance.yahoo.com/news/information-technology-compliance-212500645.html

[6] https://contractbook.com/blog/what-is-compliance-technology

[7]https://finance.yahoo.com/news/information-technology-compliance-212500645.html

[8] https://www.techtarget.com/searchdatamanagement/definition/compliance

[9] https://blog.revolut.com/what-is-source-of-funds-and-how-does-it-affect-me

[10] https://support.simplex.com/hc/en-gb/articles/360018931738-What-is-source-of-funds-check-

[11]https://www.lawscot.org.uk/news-and-events/blogs-opinions/source-of-funds-and-source-of-wealth-what-you-need-to-know/

[12] https://complyadvantage.com/insights/what-is-source-of-funds-source-wealth/

[13]https://www.lawsociety.org.uk/en/topics/anti-money-laundering/source-of-funds-clean-or-consistent-with-risk

[14] https://www.investopedia.com/terms/a/aml.asp#citation-11

[15] https://www.sas.com/en_us/insights/fraud/anti-money-laundering.html

[16] https://complyadvantage.com/insights/anti-money-laundering/

[17] https://sanctionscanner.com/knowledge-base/anti-money-laundering-aml-49

[18] https://complyadvantage.com/insights/anti-money-laundering/

[19] https://sanctionscanner.com/knowledge-base/anti-money-laundering-aml-49

[20] https://www.sas.com/en_us/insights/fraud/anti-money-laundering.html

[21] https://internationalsales.lexisnexis.com/glossary/compliance/anti-money-laundering-aml

[22] https://www.lightico.com/blog/what-is-id-verification/

[23] https://vilmate.com/blog/digital-id-and-identity-verification/

[24] https://www.onespan.com/topics/identity-verification

[25]https://www.peoplecheck.com.au/id-check/#:~:text=The%20ID%20Check%20involves%20the,date%20of%20birth%20and%20photograph.

[26] https://www.electronicid.eu/en/blog/post/identity-verification/en

[27] https://www.electronicid.eu/en/blog/post/identity-verification/en

[28]https://www.legalfutures.co.uk/associate-news/why-is-it-crucial-for-lawyers-to-identify-and-verify-source-of-funds

[29]https://a-teaminsight.com/legal-compliance-planning-qa-what-should-your-top-aml-priorities-be-for-2020/?brand=dmi

[30] https://risk.lexisnexis.co.uk/insights-resources/infographic/solicitors-aml-compliance

[31]https://www.legalfutures.co.uk/associate-news/why-is-it-crucial-for-lawyers-to-identify-and-verify-source-of-funds

[32]https://www.lawsociety.org.uk/en/topics/anti-money-laundering/source-of-funds-clean-or-consistent-with-risk

[33]https://www.legalfutures.co.uk/associate-news/why-is-it-crucial-for-lawyers-to-identify-and-verify-source-of-funds

[34] https://www.lexology.com/library/detail.aspx?g=830f024f-7bda-4962-ac16-0bc2a73d86e6

[35]https://a-teaminsight.com/legal-compliance-planning-qa-what-should-your-top-aml-priorities-be-for-2020/?brand=dmi

[36] https://risk.lexisnexis.co.uk/insights-resources/infographic/solicitors-aml-compliance

[37] https://www.lexology.com/library/detail.aspx?g=830f024f-7bda-4962-ac16-0bc2a73d86e6

[38]https://www.legalfutures.co.uk/associate-news/why-is-it-crucial-for-lawyers-to-identify-and-verify-source-of-funds