The inter-governmental Financial Action Task Force (FATF) has released a guidance document, ‘Risk-based Approach for Legal Professionals in June this year ahead of New Zealand mutual evaluation by FATF in 2020.

The Report is well worth the read and discusses the need for a ‘Risk Based Approach’ and focuses on the requirement of firms to identify risk and allocate resources to that risk. This requires an enterprise wide culture of compliance that removes obstacles and provides intuitive tools to build a strong compliance base.

Part of that tool kit is the use of technology to assist managing scarce resources that focuses on automation, standardisation and simplification. Technology is an important part of the process however so are specialists and experts in the field. Firms should rely on external expertise including, Managed Services Specialists, to ensure the firms resources are managed efficiently with value-add engagement while the heavy lifting is managed by those specialists.

The Legal Profession will surely be the focus of supervisors and regulators as they become tougher in enforcing risk obligations and compliance failings over the coming few years given the timing.

Risk Based Approach

‘The basic intent behind the FATF recommendations as it relates to legal professionals is to ensure that their operations and services are not abused for facilitating criminal activities and money laundering. This is consistent with the role of legal professionals, as guardians of justice and the rule of law to avoid knowingly assisting criminals or facilitating criminal activity.[1]’

“The risk-based approach is central to the effective implementation of the FATF recommendations. It means … legal professionals should identify, assess and understand the money laundering risks firms are exposed to and implement appropriate mitigation measures. This approach enables appropriate allocation of resources where the risks are higher[2]”.

Legal firms should implement appropriate measures and controls to mitigate the potential Money Laundering risks for those clients that, as a result of the Risked Based Assessment, are deemed to be higher risk[3]. These measures should be tailored to the specific risked faced, both to ensure the risk is adequately addresses and to ensure appropriate allocation of resources are directed to Customer Due Diligence. Customer Due Diligence should allow a legal professional to establish with reasonable certainty the true identity of each client[4].

The Risk Based Approach requires enterprise wide adherence to Anti-Money Laundering policies, procedures and controls. This can only truly be realised when a culture of compliance is part of the firms’ DNA.

A Culture of Compliance

Any discussion on achieving compliance will invariably bring up ‘Compliance Culture’. An effective compliance culture needs to be enterprise wide adherence to risk management objectives with the buy-in from organisation at all levels.

‘Legal professionals and the leadership of law firms should recognize the importance of a culture of compliance across the organization to ensure sufficient resources are devoted to its implementation appropriate to the size, scale and activities of the organizations[5].’

The challenge we see and heard over the last year is the difficulty in imbedding these new processes into the day to day activities of the firm. All levels of the firm need to be engaged in order to have effective controls. So why is it so difficult establishing a culture of compliance?

Employees encounter subtle obstacles in their day-to-day roles. Whether that be complexity of policies and processes, gaps in knowledge, gaps in capability or varying degrees of individual attention to detail. My own experience has shown varying levels of attention to compliance. Some follow corporate policy to a tee while others are more focused on getting the deal done with compliance being seen as a hindrance to their roles, not part of their roles.

Standardisation, simplification and automation can remove obstacles and can provide intuitive tools to reduce the burden of compliance on staff. A compliance culture is adopted more readily when changes to processes and technology can be implemented with ease.

Technology can help drive compliance culture. Technology should automate the unnecessary parts of the process and reduce the additional burden placed on staff. A culture of compliance should simplify the process assisting the firm focus on revenue.

Using Efficient Technology
Customers have told us that customer due diligence is a major hurdle in their focus on revenue, the firm’s ability to commence work for clients. This is taking resources from client work, increasing the cost of compliance and causing frustration to clients and the firm.

FATF guidelines encourage Legal Professionals to consider using reputable technology-driven solutions to minimise the risk of error, find efficiencies in their AML / CFT processes and foster a culture of compliance[6]. These solutions have become more affordable, and more tailorable to the legal profession. This is particularly important for small law firms that have less resources available to managing AML compliance[7].

Reducing the touchpoints for customers improves speed to service. Technology and automation reduce the cost of acquisition, protects the customer experience through an enhanced on-boarding process and enables the firm to reduce the demands on the Practice Manager and Partners. This can be a difficult task without focusing on simplification, standardisation and automation.

An enterprise wide approach to preventing financial crime and preventing the facilitation of money laundering can be critical to a firm’s success. Empowering the firms first line of defense by giving them access to on-boarding tools embeds the right culture of compliance from the start.

Dimension GRC has developed an affordable cloud-based solution which effectively navigates the complexity of Anti-Money Laundering regulations by making compliance simple and cost effective through the use of powerful, intelligent, intuitive software.

In designing Dimension GRC’s Anti-Money Laundering solution we have focused on the user experience, a user experience that helps our clients achieve a culture of compliance. We believe everyone should have access to the right tools to protect their business from money laundering risk. The way we do this is by making our products beautifully designed, intuitive and with the user in mind.

Managed Services – Specialisation Works.
We know from speaking with legal professionals that they are experiencing increased regulatory scrutiny and, with the Financial Action Task Force (FATF) mutual evaluation of New Zealand scheduled for next year, we don’t expect that scrutiny to lessen. Firms are rapidly evolving their Anti-Money Laundering (AML) programs, processes and systems. One approach that is proving popular is the managed service model, or compliance outsourcing.

We are seeing firms experience administrative increases. These increased volumes, compounded by non-existent or aging technology and processes contribute to a rising cost of compliance across core functions including:

· Customer due diligence at Onboarding;

· Remediation and on-going compliance due diligence;

· Enhanced due diligence including PEP’s, Sanctions, Adverse Media and Close Known Associates;

· Transaction monitoring and suspicious activity investigation; and,

· Task management and reporting.

When faced with the ‘heavy lifting’ of this level of complex administrative compliance work the costs add up without adding value to firms’ clients, staff or partners. Many are calling for new approaches, including, in many cases, adapting a managed services model for Anti-Money Laundering (AML) compliance.

Practice Managers are heavy on the workload and Partners and lawye

rs are under pressure to commence work with the clients – every billable hour counts. Many firms are seeking opportunities to scale their operations and drive additional efficiencies. Firms are able to accelerate progress to sustainability by taking advantage of Dimension GRC’s AML/CFT Managed Services solution.

Whether you are a small to medium sized organisation or a large enterprise-based entity with multiple offices and global reach – a managed service can provide operational agility across all areas. Time is money and when it comes to time, AML / CFT tools should be doing the heavy lifting.


Lawyers play a significant role in the economy and have unique visibility across sectors. Catching these crimes as they happen is no simple matter, and of course systemic complexity breeds expense. Partners, and the legal sector as a whole, will experience increasing compliance and regulatory pressures for the next two to five years as the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 is implemented across the New Zealand economy.

Lawyers are dragging their heels on anti-money laundering (AML) compliance, risking penalties, reputational damage and full-scale police investigations when the regulator begins its inspections towards the end of this year.

It makes sense to have a cross-practice enterprise wide risk management programme that integrates AML compliance and technology with the firms existing policies to address duplication, increase billable hours and standardise processes across matters. An integrated approach will increase time for billable hours and save money.

Dimension GRC will help you manage scarce resources and improve efficiencies. Reserve a free 30 minute workshop to review your firms Anti-Money Laundering practice to simplify, standardise and automate the heavy lifting so you can spend more time focusing on your clients.

Learn more about Dimension GRC at

0800 863 463

[1]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp59

[2]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp6

[3]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp44

[4]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp55

[5]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp23

[6]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp53

[7]The Financial Action Task Force (FATF). 2019. Risk-based Approach for Legal Professionals. [ONLINE] Available at: [Accessed 9 July 2019], pp53