The UK legal sector has entered a new era of regulatory scrutiny and 2026 represents a significant escalation in the Solicitors Regulation Authority’s (SRA) approach to anti-money laundering (AML) enforcement. For law firms, compliance is no longer a routine administrative function—it is a central business risk that demands urgent attention. Read the full article here.
A Step Change in Regulatory Intensity
The SRA’s latest Anti-Money Laundering Annual Report (2024–25), published in October 2025, paints a stark picture of increasing oversight. There were 935 proactive AML engagements during the reporting period—almost double the 545 recorded previously—demonstrating a substantial increase in regulatory activity.
Of these, 833 firms underwent either on-site inspections or desk-based reviews, signalling a much more hands-on approach to supervision.
Despite this intensified scrutiny, compliance levels across the profession remain concerning. The report found that:
- One-third of firms were non-compliant
- A further 54% were only partially compliant
This highlights a persistent gap between regulatory expectations and actual firm practices.
Persistent Weaknesses in Core AML Controls
The SRA’s findings show that many firms continue to struggle with the fundamentals of AML compliance. Reviews of 5,873 client files revealed recurring weaknesses in critical areas, including:
- Client and matter risk assessments
- Source of funds and source of wealth verification
- Firm-wide risk assessments
- AML policies, controls and procedures (PCPs)
Perhaps most concerning is that these are not new issues. The continued prevalence of basic compliance failures suggests that many firms have yet to embed AML requirements effectively into their day-to-day operations.
Data-Driven Enforcement Becomes the Norm
One of the most notable developments is the SRA’s shift towards data-led regulation. Firms are now increasingly selected for inspection based on sector-wide data analysis, meaning poor or inconsistent data returns can directly trigger regulatory attention.
This represents a fundamental change in enforcement strategy: regulators are no longer reliant solely on periodic reviews but can proactively identify risk patterns and intervene earlier.
At the same time, high-risk practice areas remain firmly under scrutiny. Conveyancing continues to be identified as the highest-risk area, while sanctions compliance has seen heightened focus, with 47 targeted inspections reported in the latest period.
Rising Fines Signal Zero Tolerance
Alongside increased supervisory activity, financial penalties have risen both in frequency and severity. Recent enforcement actions include fines ranging from £658 for smaller firms to £300,000 for significant historical compliance failures.
Notable penalties have been imposed for:
- Failure to identify politically exposed persons (PEPs)
- Long-term non-compliance spanning many years
- Weak or ineffective AML controls
By late 2025, more than 35 fines had been issued, totalling over £565,000, underscoring the SRA’s commitment to “ratchet up the consequences” for non-compliance.
The message is clear: enforcement is no longer symbolic—it is economic.
The Looming Transition to FCA Oversight
Adding further complexity, the UK government has confirmed plans to transfer AML supervision of legal services to the Financial Conduct Authority (FCA).
While this transition will occur gradually, it signals an even more rigorous regulatory environment ahead. Commentary suggests that firms should expect:
- More complex and data-heavy reporting requirements
- Greater regulatory assertiveness
- Higher expectations for demonstrable compliance
This structural shift is likely to amplify existing pressures rather than ease them.
A “Prove It” Compliance Environment
Taken together, these developments mark a decisive shift from a rules-based to an evidence-based regulatory model. It is no longer enough for firms to have AML policies in place—they must be able to demonstrate that those policies are effective in practice.
The SRA’s approach reflects a broader trend across the regulatory landscape: compliance must be visible, auditable, and consistently applied. Firms that rely on manual processes or fragmented systems may struggle to meet these expectations.
What Law Firms Should Do Now
While the article does not set out prescriptive steps, the implications are clear. Firms must move beyond reactive compliance and adopt a proactive, structured approach to AML risk management.
Key priorities include:
- Ensuring AML frameworks are fully implemented and regularly reviewed
- Strengthening documentation and audit trails across all client matters
- Improving the accuracy and consistency of data submitted to regulators
- Addressing known high-risk areas such as conveyancing and sanctions compliance
Crucially, firms should view compliance as an investment in resilience rather than a regulatory burden.
Conclusion: A Defining Moment for AML Compliance
The SRA’s intensified enforcement activity in 2026 represents more than just a regulatory uptick—it marks a fundamental transformation in how AML compliance is assessed and enforced in the legal sector.
With increased inspections, rising fines, and the impending transition to FCA oversight, the direction of travel is unmistakable: higher standards, stricter enforcement, and zero tolerance for basic failures.
For law firms, the challenge is not simply to comply, but to demonstrate compliance clearly and consistently. Those that act now will not only avoid enforcement action but also position themselves to navigate an increasingly complex regulatory future with confidence.