KYC and AML Policy

Know-your-customer and anti-money-laundering obligations apply to a defined set of regulated sectors. Financial services, legal services, accountancy, estate agency, and others. The framework is built on the Money Laundering Regulations 2017 (as amended).

What a compliant KYC/AML policy needs to address

A compliant KYC/AML policy addresses: client risk assessment; the firm's risk assessment; customer due diligence (and enhanced due diligence in higher-risk cases); ongoing monitoring; record-keeping; reporting suspicions to the National Crime Agency; and staff training.

The policy is not a substitute for doing the work. Supervisors look at what the firm does, not just what it says. But it is the foundation, and a policy that is missing required elements is a regulatory risk in itself.

Required for businesses in regulated sectors or those subject to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.

Example: a typical scope and fixed fee

For a UK business in a regulated sector, the typical scope looks like this.

What's included

• A consultation to understand your business and regulatory obligations
• Drafting of a KYC and AML policy covering customer due diligence, enhanced due diligence, ongoing monitoring, suspicious activity reporting, record-keeping, and staff training
• One round of revisions based on your feedback
• Final version ready to implement

What's outside this scope

• MLRO services
• Filing suspicious activity reports
• Tax advice

Fixed fee: £450, no VAT.

How I will approach your matter

Once you have instructed me, I will arrange a consultation to understand your business and regulatory obligations before drafting a practical, compliant policy.