Complying with the UK sanctions regime – SRA guidance

On 28 November 2022, the SRA published guidance entitled “Complying with the UK Sanctions Regime” (the “Guidance”). This document provides an overview of the regulator’s expectations of law firms and regulated individuals working within this field, and offers some practical advice on avoiding breaches.

The Guidance emphasises that “all designated persons may be provided with paid-for legal service as long as there is appropriate licensing in place allowing for it”. On the other hand, it cautions that breaching UK sanctions “is a criminal offence, punishable by fine and/or imprisonment”. In addition, from a regulatory perspective, not following the Guidance may be considered as an aggravating factor in any enforcement action taken by the SRA.

Solicitors and other regulated individuals will wish to study the Guidance very carefully. However, we note that the following are said to be features of an effective sanctions compliance regime:

  1. An assessment of the sanctions risks to which the firm may be exposed, for example, which work areas or client groups are most likely to result in a sanctions breach and how can the firm mitigate these risks (with reference to our section on sanctions risk in this Guidance) and what is the firm’s exposure to other jurisdictions.

  2. A written and implemented set of policies, controls and procedures to identify all clients and counter-parties, and to verify their identities using independent materials (for example, passports or other equivalent documentation). Where the client is not a natural person, this applies to ultimate beneficial owners of the client or individuals exerting ultimate control of the entity.

  3. A record of your assessment of sanctions risk for each client and/or matter which identifies any indicators of higher sanctions risk. This should determine how much work will need to be done to assess and verify the background of the client including appropriate checks as to where they have derived their wealth and relevant jurisdictions.

  4. A documented and implemented policy and procedure to monitor clients on an ongoing basis to ensure their sanctions status has not changed after they were originally screened for example after changes to the sanctions list, or after a significant period of time has passed such as a year.

  5. Training on the sanctions regime and related internal compliance procedures for relevant staff including subscribing to the alerts OFSI issues on changes to the regime.

  6. Regular reports to senior management on the sanctions risks and performance of the controls in the firm including making sure they take decisions about work involving designated persons.

  7. A form of regular (for example annually) independent (whether internal or external) audit of the firm’s compliance regime. This should include reviews of the firm’s risk assessment, policies, controls, procedures and training with the results and recommendations reported to senior management and acted upon.

  8. Specific controls and protocols on what to do if you identify a designated person or likely designated person to make sure correct reporting to OFSI, freezing of any client assets held and placing a halt on taking any payment from them.

The Guidance is available here.

The information provided in this article is of a general nature and does not constitute, nor should be relied on, as legal or professional advice.

News & Insights