Staying ahead of the risk: How to strengthen your firm’s Source of Funds checks

Legal Eye’s Alison Holt spoke at the Liverpool Law Society’s ‘Legal Finance in Focus: From Cashiering to Compliance’ event on 19 November 2025.  

Given the recent news that regulatory responsibility for Anti-Money Laundering (AML) will move from the SRA to the Financial Conduct Authority (FCA) in the future; it is clear that law firms must ensure that their approach to Source of Funds (SoF) and Source of Wealth (SoW) stands up to scrutiny at every stage of the transaction. 

Compliance specialist Alison took attendees through her session by reminding them that SoF is not a box-ticking exercise but a core safeguard against handling criminal property. 

Through case studies, practical examples and insights from the SRA’s latest thematic review, Alison outlined where firms are falling short and what good practice now looks like. Here are some key takeaways from the session:  

Red flags can arise at any stage of the matter

A common difficulty for law firms is when some checks have been rushed or are incomplete, for example:  

Unexpected mortgage shortfall eliminated by a third party

A £40,000 redemption shortfall was said to have been “settled by a brother”, bypassing the client account entirely. When the firm sought evidence, the client refused to provide any. A Suspicious Activity Report (SAR) was filed.  

The lesson: SoF risks do not disappear simply because funds do not pass through your client account. Concerns should be documented within the client and matter risk assessment, together with mitigation steps. 

When you have multiple small deposits that are inconsistent with client profile

Here a shortfall appeared to be covered by 28 separate payments from different individuals:  

The client, a machine operator on a modest salary, claimed these were repayments of informal loans made to friends. The pattern indicated potential unlicensed money lending. A SAR followed. 

The lesson: plausibility matters – and must be assessed against the client’s financial profile. 

Post-completion bank rejection labelled “extremely sensitive”

In another matter example, a remortgage surplus was rejected by the client’s bank. After aggressive follow-up calls, the client ceased contact. The bank cited an “extremely sensitive matter”. The firm submitted a SAR.  

The lesson: monitoring does not stop at completion. Behavioural changes and third-party feedback can be significant indicators. 

Across all scenarios, it is clear that vigilance is required from everyone in the firm; from support teams noticing unusual behaviour to fee earners reviewing financial evidence and accounts staff identifying payment anomalies. 

Why do robust SoF and SoW checks matter?

AML regulations require firms to scrutinise transactions to ensure they are consistent with the client’s known circumstances, it is unlikely that the new supervisory body will move too far from the same.  

The phrase “where necessary” in the Money Laundering Regulations is deliberately flexible. It reinforces the need for a risk-based approach meaning that the onus is on the firm to decide whether checks are sufficient and to justify that position. 

Law firms are high-risk targets because of their role in property transactions, access to client monies and the perceived legitimacy they confer. Poor SoF controls can expose firms to criminal liability under POCA, breaches of the MLRs, and serious reputational damage. 

Applying a risk-based approach

A strong matter risk assessment is crucial in determining how far to go with SoF and SoW checks. 

Lower-risk scenarios

Routine, low-value work for long-established clients may require limited evidence.

Medium-risk indicators

Self-employed clients, cash-intensive trades such as nail bars or takeaways, and newly established businesses with no accounts usually warrant greater scrutiny.

High-risk categories

These include PEPs, clients linked to high-risk jurisdictions, large third-party contributions, complex ownership structures or transactions beyond a client’s apparent financial capacity. 

Where risks rise, firms should ask for more – and be prepared to pause work if responses are inadequate. 

What good evidence and good scrutiny look like

Document collection alone is not enough. Firms must review, question and reconcile information to ensure it is credible. 

Examples of appropriate evidence include: 

  • Bank statements over a meaningful period, with large credits or unusual patterns explained and verified. 
  • Payslips, tax returns or business accounts that align with the stated source of funds. 
  • Gift letters supported by donor identification and wealth evidence. 
  • Sale contracts, inheritance papers or probate schedules. 
  • For companies: PSC registers, ownership charts, UBO identification and checks against Companies House. 

Open-source searches play a vital role. Basic online research can confirm whether a business genuinely exists, whether adverse media reports raise risks, and whether counterparties have links to sanctions or high-risk jurisdictions. 

Lessons from the SRA’s thematic review

The SRA’s thematic review, published on 5 November 2025, examined nearly 10,000 files across more than 1,500 firms.  

The findings reveal recurring weaknesses: 

  • Firms often gather evidence but fail to assess it properly. 
  • Rationales for decisions are not documented. 
  • SoF checks occur too late in the transaction, limiting time for scrutiny and inflating commercial pressure. 
  • Staff across all levels lack the training needed to identify behavioural or transactional red flags. 

Good practice includes early checks, clear internal standards, regular training and case management controls that stop matters progressing without completed due diligence. 

Commonly overlooked risks

Pooled funds

Wedding gifts, group savings or crowdfunding contributions are difficult to trace and often overlooked in risk assessments. 

Tranche payments

Clients paying in multiple instalments or requesting refunds in parts may be trying to evade banking AML thresholds. Firms should ask for evidence if clients cite bank limits. 

Work that does not involve the client account

POCA applies to arrangements that facilitate use or movement of criminal property, even if no money passes through the firm. Drafting asset transfers or trust documents can still present AML exposure. 

Emerging risks and regulatory changes

The evolving political landscape and global instability continue to influence financial crime risks. Examples include capital flight from collapsing regimes, complex cross-border banking routes and informal money transfer systems such as hawala and hundi.  

These scenarios require heightened due diligence, particularly where clients or counterparties originate from high-risk countries. 

The sector must also prepare for the shift to the FCA as the single professional services supervisor for AML and CTF. Firms should expect more data-driven supervision, more rigorous testing and an increased focus on whether controls work in practice. 

Alongside FCA oversight, the SRA will continue to take conduct action, creating potential dual exposure for firms. 

What firms should be doing now

  • Do not accept client monies or progress transactions where concerns remain unresolved. 
  • Escalate promptly to your MLRO and consider SARs where appropriate. 
  • Strengthen your firm-wide risk assessment to reflect emerging typologies such as pooled funds, tranche payments and high-risk jurisdictions. 
  • Enhance case management systems to ensure checks are completed early. 
  • Train all staff – not just fee earners – to recognise red flags and understand their obligations. 
  • Maintain comprehensive audit trails, including clear rationales linking explanations to evidence. 
  • Periodically test the effectiveness of policies, controls and procedures, and update them to reflect regulatory changes. 

A proactive approach to staying compliant 

The costs of AML non-compliance extend far beyond regulatory penalties. Client trust, reputation and operational resilience are at stake. In a climate where criminals are increasingly sophisticated and regulatory expectations continue to rise, firms need a robust, evidence-based approach to SoF and SoW. 

Legal Eye supports firms with independent audits, risk assessments, file reviews, MLRO guidance and staff training to help build a culture of informed vigilance. 

To discuss how we can help your firm strengthen its AML processes, contact our team at [email protected] or call 020 3051 2049. 

Latest Articles

Any Questions?

To find out more about Products and Services, please complete the form below.



    Privacy and cookie policy | © Legal Eye Limited 2025