What FCA AML Audits Mean for Solicitors

The regulatory landscape for professional services is on the cusp of a significant shift. For solicitors in England and Wales, the government’s proposals to expand the Financial Conduct Authority (FCA)’s role as an Anti-Money Laundering (AML) supervisor are a clear signal: proactive compliance is no longer optional—it’s essential. Central to this change is the prospect of a formal, rigorous FCA AML audit regime, mirroring the Authority’s existing, outcomes-focused supervisory style.

This article, drafted in December 2025, provides a critical analysis of the proposed reforms, focusing on the practical implications of an FCA AML audit for law firms and what Managing Partners and Money Laundering Reporting Officers (MLROs) must do now to ensure FCA AML audit readiness.

The New Regulatory Imperative: Why the FCA AML Audit Looms Large

The reform aims to strengthen and harmonise the UK’s supervisory framework by equipping the FCA with the necessary duties, powers, and accountability mechanisms to operate as a robust AML supervisor across professional services.

For solicitors in England and Wales, the practical outcome is greater scrutiny and a higher likelihood of facing a structured FCA AML audit. Historically, firms primarily engaged with the Solicitors Regulation Authority (SRA) for AML oversight. The expanded FCA role signifies a move towards a more consistent, data-driven supervisory approach aligned with wider legislative frameworks like the Financial Services and Markets Act 2000 (FSMA). This fundamentally raises the stakes for compliance.

Extended Powers: What an FCA AML Audit Will Entail

The proposals largely involve extending and clarifying existing Money Laundering Regulations (MLRs) provisions to allow the FCA to fully exercise its supervisory and counter-terrorist financing (CTF) mandate.

Registration, Gatekeeping, and Pre-Audit Scrutiny

Under the new regime, the FCA would be empowered to:

• Register all in-scope professional services firms.
• Conduct enhanced gatekeeping checks before a firm is permitted to operate.
• Accept, refuse, suspend, or cancel registrations.

Crucially, an FCA AML audit could, in effect, begin at the registration stage, particularly if risk indicators are identified. This pre-emptive scrutiny necessitates a “right-first-time” approach to foundational compliance.

Policing the Perimeter and Public Registers

The FCA would also gain the power to “police the perimeter” and identify unregistered firms. Furthermore, all FCA-supervised firms could appear on a public register.

For solicitors, this heightens the reputational risk. A failure to satisfy an FCA AML audit could lead to public censures and reputational damage that extends far beyond the immediate regulatory consequence. Transparency in the register makes non-compliant operation significantly harder.

Risk-Based Supervision and Targeted FCA AML Audits

A core element is the FCA’s ability to apply a consistent, risk-based supervisory approach. This includes:

• Maintaining up-to-date sector risk profiles specific to the legal sector.
• Conducting detailed desk-based and, critically, on-site FCA AML audits.
• Requiring detailed information and documentation from firms.

FCA AML audits for solicitors are expected to be detailed, data-driven, and focused on verifiable outcomes, rather than simply procedural checklists.

Directions, Skilled Person Reviews, and the Cost of Failure

The FCA may also secure enhanced powers to:

• Issue formal directions to firms to remediate deficiencies.
• Require the appointment of a Skilled Person (under section 166 or equivalent) to conduct an independent AML review.

For solicitors in England and Wales, a Skilled Person Review following a negative FCA AML audit is a serious prospect. It can be prohibitively costly, highly intrusive, and carry significant professional and reputational fallout.

Enforcement and Accountability

The proposals envisage a shift towards more rigorous, dissuasive enforcement following a failed FCA AML audit. Powers are likely to include:

• Impose substantial civil penalties.
• Issue suspensions or prohibitions on carrying out regulated activities.
• Initiating criminal proceedings for serious breaches of the MLRs.

Moreover, the FCA’s strengthened role in intelligence sharing, particularly concerning Suspicious Activity Reports (SARs), means that issues uncovered during an FCA AML audit could directly feed into criminal intelligence pipelines, linking regulatory failure to potential criminal investigation.

FCA AML Audit Readiness: A Solicitor’s Action Plan

While the proposals are under consultation, the direction of travel is unambiguous. Solicitors in England and Wales must assume that the FCA AML audit will become the new standard of regulatory engagement.

Now is the time for action:

1. Conduct a Mock FCA AML Audit: Do not wait for the FCA. Instruct an AML audit. Commission a Regulation 21 independent AML audit that specifically mimics the expected rigour and structure of an FCA AML audit.
2. Stress-Test Core Compliance: Rigorously stress-test existing AML policies, controls, and procedures against FCA-level expectations, focusing on demonstrable outcomes.
3. Validate Risk Assessments: Ensure the firm’s Firm-Wide Risk Assessment (FWRA) and Client/Matter Risk Assessments (C/MRAs) are current, comprehensive, and fully defensible under intense scrutiny.
4. Review SAR Processes and Audit Trails: Confirm that SAR submission processes are robust and that all compliance decisions have clear, contemporaneous audit trails.
5. Train for FCA AML Audits: Prepare MLROs and senior management for the detailed, data-driven supervisory engagement that defines the FCA’s approach.

Law firms who embrace FCA AML audit readiness as an immediate, high-priority strategic goal will be best positioned to navigate this new, more rigorous era of AML supervision.