The Solicitors Regulation Authority (SRA) has warned lawyers who rely on video calls to identify clients of the risks posed by ‘deepfake’ technology.
The regulator said it had also seen “increasing numbers” of law firms facilitating vendor frauds.
In an updated sectoral risk assessment for anti-money laundering (AML) and terrorist financing, the SRA said that not meeting clients face-to-face “may make sense in the context of a given transaction”, but where they appeared “unnecessarily reluctant or evasive about meeting in person”, this could be a cause for concern.
“You should also be aware of the risk posed by AI tools – known as ‘deepfakes’ – which can impersonate a real person’s appearance convincingly. This increases the risk of relying on video calls to identify and verify your client.
“If you only meet clients remotely, you should understand whether your electronic due diligence protects you against this, or to explore software solutions to assist in detecting deepfakes.”
Vendor fraud was another addition to the assessment. Properties, usually residential, were being targeted by fraudsters and sold “without the consent or knowledge of the genuine owners, with fraudsters often impersonating the owners”.
Fraudsters found the conveyancing process attractive in providing both the method of committing the fraud and the means of laundering money, as the purchase money goes through two client accounts.
Law firms were advised to watch out for warning signs such as properties being sold over or under the market value, reluctance to provide documentation, pressure to complete transactions very quickly or “instructions for minimal work be done”.
The SRA said solicitors should investigate further where clients insisted on depositing sums of money in portions or tranches, or asked their lawyer to transfer sums to them or third parties in a similar way.
“It may be that the client is transferring these sums in this way to evade AML controls imposed by banks. If the reason given is deposit or withdrawal limits, this should be simple for the client to evidence.”
Pooled funds and funding platforms were a new risk – transactions where a large number of participants, often strangers to each other, contribute to fund the purchase of a property or asset, such as cash gifts given at a wedding or crowdfunding.
This was “challenging” for law firms, since “it may prove difficult to establish the source of funds, particularly where there are numerous separate sums”.
The SRA warned: “Without knowing this it is impossible to assess the level of risk involved, or to determine whether any of the money involved has been laundered or is subject to sanctions.”
Meanwhile, solicitors who ditched traditional client accounts in favour of third-party managed accounts were cautioned that there were still “risks in play”.
Although they were “less able to monitor the movement of client monies”, the responsibility for any breach of the money laundering regulations “would still rest with you”.
The SRA went on: “You should also carry out due diligence on the account provider to make sure that they are properly defended against risks such as ransomware and cyber attacks.”
The assessment highlighted an amendment to the money laundering regulations on 10 January this year, which lowered the level of enhanced due diligence needed for domestic politically exposed persons (PEPs).
The starting point for the assessment of domestic PEPs, “now defined as those PEPs entrusted with prominent public functions by the UK”, was that the client or potential client presented “a lower level of risk” than a foreign PEP.
The SRA said it was for firms to decide how to approach the issue in advance of guidance from the Financial Conduct Authority later this year.
It was “important to note that PEPs may instruct a variety of firms, not just those that are large and high-profile. In our proactive work, we noted that PEPs are equally likely to instruct small firms and sole practitioners.”
Leave a Comment