Audio Coursesby JellypodLesson 08 of 15
Overview
Paul Crowther: Welcome back to Compliance Pods for Legal Professionals, and just a reminder that the content of this podcast is for general information purposes only and does not constitute legal advice. So Buckle up. Because Here. We. Go.
Andre Grayson 2: Hi All, it's Andre Grayson here, and as always, I’m joined by Paul Crowther. Today, we’re diving into the world of anti-money laundering training—what’s required, who needs it, and why it’s not just a box-ticking exercise. Paul, I feel like AML is one of those topics that everyone thinks they understand, but the details trip people up every time.
Paul Crowther: Absolutely, Andre. And, you know, it’s funny—well, not funny if you’re the one getting fined—but the Money Laundering Regulations 2017, they’re really clear. Regulation 24 says “relevant employees” need regular training. But people always ask, “Who’s actually relevant?” It’s not just the solicitors, is it?
Andre Grayson 2: No, and that’s where firms can get caught out. The SRA’s guidance is pretty clear: it’s not just fee earners. Admin, finance, even reception—if they’re handling client ID, funds, or onboarding, they’re in scope. I’ve seen firms where the admin team is the first line of defence, collecting due diligence, and yet they’re left out of the annual AML training. That’s a big risk.
Paul Crowther: Yeah, and I’ve got a story about that. There was a firm—won’t name names, obviously—but they did their annual AML training, ticked all the boxes for the solicitors and paralegals, but completely missed the admin staff. The SRA came in, did a spot check, and, well, let’s just say the fine was enough to ruin someone’s summer holiday plans. It’s a real-world example of how missing just one group can have a massive impact.
Andre Grayson 2: And it’s not just about avoiding fines. If your admin or finance team doesn’t know what a suspicious payment looks like, or how to escalate it, you’re leaving a gap in your defences. The regulations are there for a reason—money laundering risks don’t care about job titles.
Paul Crowther: Exactly. And, you know, as we’ve said in previous episodes—like when we talked about high-risk jurisdictions—compliance is everyone’s job, not just the regulated individuals. The best practice is to train everyone, even if their role seems a bit removed from the frontline. It’s about building a culture, not just ticking a box.
Andre Grayson 2: So, let’s talk about what actually goes into AML training. It’s not just a PowerPoint on the Proceeds of Crime Act and calling it a day. The regulations say you need to cover the law—so, Poca the MLRs, Terrorism Act, all that—but also how to spot red flags, understand your firm’s policies, and, crucially, what to do if you see something suspicious.
Paul Crowther: Yeah, and I think the best training is the stuff that’s actually relevant to your firm. Like, if you’re doing a lot of conveyancing, you need scenarios that make sense for that. Not just generic “what is money laundering” slides. And don’t forget the National Crime Agency’s role, or how to escalate a suspicion to your MLRO. It’s got to be practical.
Andre Grayson 2: Absolutely. And the delivery route matters too.
Paul Crowther: That’s a great point. I mean, e-learning is fine, especially from the Legal Compliance Academy! ,But you do need a mix. Blended learning, role-specific modules, maybe even a bit of healthy competition with quizzes. And, you know, if you’re updating your policies or there’s a regulatory change, you can’t just wait for the next annual session. You’ve got to keep people in the loop.
Andre Grayson 2: Yeah, and the SRA expects that. If there’s a breach, or someone changes roles, you update the training. It’s not just once a year and forget about it. And, honestly, the more you tailor it to your firm’s risk profile, the more likely people are to actually remember what to do when it matters.
Paul Crowther: And let’s not forget, the training should include real case studies—stuff that actually happened, not just theory. That’s what sticks with people. I always say, if you can make someone think, “That could be us,” you’re halfway there.
Andre Grayson 2: So, you’ve done the training—now what? This is where a lot of firms fall down. You’ve got to keep records: who attended, when, what was covered, whether they passed any assessments. If someone misses a session, you can’t just shrug and move on. The SRA expects you to follow up, escalate if needed, and treat persistent non-attendance as a disciplinary issue.
Paul Crowther: Yeah, and the SRA’s not messing around. We’ve seen big fines for firms that didn’t deliver AML training to all relevant staff. And it’s not just the big firms—there was that 2022 case where support staff who handled client ID missed out on training, and the firm got sanctioned. It’s all public now, too, so your reputation’s on the line.
Andre Grayson 2: And it’s not just about avoiding enforcement. Monitoring your training programme is part of your broader compliance system. Your AML risk assessment should inform your training content. If you’re doing high-risk work—cross-border, high-volume conveyancing—your training needs to reflect that. Otherwise, you’re not compliant, even if you’ve ticked the attendance box.
Paul Crowther: Right, and here’s a question for firms: how do you make sure this isn’t just a once-a-year panic? How do you build a culture where everyone, from the receptionist to the managing partner, takes AML seriously?
Andre Grayson 2: Exactly. So, my advice is keep your records up to date, audit them regularly, and make sure your training evolves with your firm’s risks. Unlike me, it’s not glamorous, but it’s essential. And if you get it right, you’re not just avoiding fines—you’re protecting your firm and your clients.
Paul Crowther: Well said, André. That’s all for today’s episode. If you’ve got questions or want to share your own AML training stories, let us know. And don’t forget, the SRA’s got a consultation open on complaints procedures—have your say, the link’s in the show notes. Stay compliant, stay safe, and we’ll see you next time.
Andre Grayson 2: Thanks, Paul. Always a pleasure. Take care, everyone, and remember: stay compliant, s tay safe and we’ll catch you next time!
