Client Due Diligence, Compliance Checklist for Law Firms



The Legal Sector Affinity group (LSAG) defines Client Due Diligence (CDD) as a “collective term for the checks you must do on your clients, which may differ depending on the circumstances” which references a risk-approach where the amount and frequency of due diligence needed, is correlated with the risk presented by the client.

This checklist presents a meticulous Client Due Diligence Checklist which emphasises the risk-based approach, tailored specifically for law firms, to standardise the process of identifying, verifying, and assessing clients to ensure compliance with regulatory obligations and ethical requirements.

Topics covered include:

Client Identification 

Client Verification

Source of funds and wealth

Politically Exposed Persons (PEPs) and Sanctions screening 

Risk Assessments

Ongoing monitoring

Reporting mechanisms for suspicious activities

This list is not exhaustive and aims to provide overarching compliance oversight and governance. By following this checklist in conjunction with ongoing guidance provided by the regulatory bodies, law firms can bolster their compliance efforts, mitigate potential risks, and exceed the standards expected across the legal industry.

1. Obtain the full legal name of the client:
This involves collecting the client’s or entity’s complete legal name, engaging the law firm’s services, and ensuring accuracy for future reference and documentation.

2. Gather the client’s contact information:
Besides the legal name, it’s crucial to gather comprehensive contact details, including the client’s address, phone number, and email. This information facilitates communication and correspondence throughout the engagement.

3. Identify the nature of the client’s business or legal matter:
Understanding the client’s business activities or legal needs helps tailor legal services accordingly and identify potential conflicts of interest.

1. Collect government-issued identification:
Requesting official identification such as a driving licence or passport helps verify the client’s identity and ensures compliance with anti-money laundering regulations.

2. Verify the authenticity of provided identification:
Employ appropriate means to authenticate the provided identification documents to mitigate the risk of identity fraud or misrepresentation. The use of legal tech solutions such as the one we provide at Validient, can capture and verify documents with ease, speed, and accuracy. 

3. Confirm the client’s address:
Validate the client’s address through utility bills or other official documents to ensure the accuracy and reliability of contact information.

1. Obtain information on the source of client funds: 

Investigate the origin of funds involved in the engagement to ensure compliance with anti-money laundering regulations and to mitigate the risk
of financial crime.

2. Investigate the client’s financial background:
Conduct due diligence on the client’s financial history, including income sources, assets, and liabilities, to assess their financial stability and integrity.

3. Assess the legitimacy of funds:
Verify the legitimacy of funds and wealth sources to prevent involvement in illicit financial activities and ensure compliance with regulatory requirements.

1. Determine PEP status:
Identify whether the client or any beneficial owners are PEPs and whether they are domestic or foreign.

2. Conduct enhanced due diligence:
If the client is identified as a PEP, implement additional due diligence measures to mitigate the heightened risk of corruption or improper influence.

3. Document relationships with PEPs:
Maintain detailed records of any work conducted for PEPs and increase the frequency of reviews throughout the business relationship.

1. Screen against relevant sanctions lists:
Conduct screenings against national and international sanctions lists to ensure the client is not involved in prohibited activities or transactions.

2. Conduct compliance checks:
Implement procedures to verify compliance with applicable laws and regulations, including those related to money laundering, terrorism financing, and other financial crimes.

3. Monitor ongoing compliance:
Establish mechanisms for ongoing monitoring of client activities to detect any changes that may affect compliance with sanctions or regulatory requirements.

1. Identify potential conflicts:
Conduct a comprehensive analysis to identify any conflicts of interest between the firm’s existing clients or matters and the prospect.

2. Evaluate the significance of conflicts:
Assess the significance and potential impact of conflicts identified, considering ethical obligations and professional responsibility.

3. Maintain confidentiality and integrity:
Handle conflicts of interest with discretion, maintaining confidentiality and integrity throughout the conflict resolution process to uphold client trust and professional standards.

1. Assess overall risk:
Evaluate the overall risk associated with the client and the engagement, considering factors such as reputation, legal history, and financial stability.

2. Consider relevant factors:
Take into account various factors that may contribute to risk, including the nature of the client’s business, geographic location, and expected risks outlined in your firm-wide risk assessment.

3. Develop risk mitigation strategies:
Develop and implement strategies to mitigate identified risks, such as enhanced due diligence procedures or contractual safeguards.

1. Maintain comprehensive records:
Document all client due diligence activities, including information collected, decisions made, and the rationale behind those decisions.

2. Document decision rationale:
Clearly document the reasoning behind decisions made during the due diligence process to demonstrate compliance with regulatory requirements and internal policies.

3. Retain records:
Ensure proper retention of records in accordance with regulatory requirements and internal policies, considering the prescribed retention periods for different types of documents once a business relationship has ended.

1. Implement monitoring procedures:
Establish processes for monitoring ongoing client relationships to detect any changes or developments that may impact a client’s risk level.

2. Regularly review client information:
Periodically review and update client information and due diligence records to reflect changes in circumstances, regulations, or risk profiles.

3. Stay informed:
Stay up to date with changes in client circumstances, industry trends, and regulatory requirements to demonstrate continued compliance and effective risk management.

1. Establish reporting protocols:
Set clear protocols for reporting suspicious activity or potential financial crimes internally, ensuring timely and appropriate responses.

2. Encourage open communication:
Foster an environment where staff feel comfortable reporting concerns internally, without fear of reprisal, to facilitate effective risk management and compliance.

3. Reporting to Authorities:
Report suspicious activity findings to relevant authorities, maintaining transparency and cooperation with law enforcement agencies

1. Assign responsibility for oversight:
Designate reporting officers or teams to oversee compliance with client due diligence requirements, ensuring accountability and adherence to procedures.

2. Implement governance structures:
Establish internal compliance teams or review boards, to oversee and monitor compliance efforts across the organisation.

3. Conduct periodic reviews and audits:
Regularly conduct reviews and audits of client due diligence processes to evaluate effectiveness, identify areas for improvement, to ensure ongoing compliance.

1. Provide training:
Offer comprehensive training to staff members involved in client due diligence processes to ensure they understand their roles and responsibilities.

2. Ensure awareness of obligations:
Educate staff about relevant regulatory obligations, best practices for compliance, and the importance of ethical behaviour in client interactions.

3. Promote a culture of compliance:
Foster a culture of compliance andvwithin the firm by promoting awareness, providing ongoing training, and leading by example.

This checklist serves as a framework for conducting client due diligence within a law firm, emphasising the importance of compliance with regulatory requirements and ethical standards

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram