Reglo logoReglo
Desk-based reviews7 min read

How to prepare for an SRA desk-based AML review

A desk-based review is usually narrower than a full inspection and conducted remotely. The SRA requests a set of core documents, assesses them offsite, and may ask follow-up questions. The focus is whether your documentation is consistent, up to date, and aligned with the firm's actual risk profile.

Handled calmly and methodically, a desk-based review is a manageable, structured process. Here is how to approach it.

Start with mindset and coordination

When the initial email or letter arrives, respond in a calm, controlled, and structured way. On day one, understand exactly what has been requested, the scope of the review, and the deadlines. Identify a central point of coordination — usually the MLRO or compliance lead — to manage the response and ensure consistency.

Know what's current

Document readiness is critical. The SRA looks not just at what documents say, but how well they are controlled and aligned. Be clear which documents are current, avoid circulating multiple drafts, and ensure anything submitted reflects the firm's approved position.

  • Firm-wide risk assessment
  • AML policies and procedures
  • Training records
  • A sample of files

Check for consistency

Your firm-wide risk assessment, policies, procedures, and training materials should all align. If they tell different stories, that can quickly raise concern. Common issues at this stage are inconsistency rather than major failings — policies that don't reflect practice, risk assessments that are too generic, and gaps in how CDD has been recorded.

Review before you submit

Carry out an internal review before submitting. Sense-check what the SRA is about to see, identify any gaps or inconsistencies, and check whether documents reflect actual practice. Files should be reviewed to ensure they clearly evidence the work done, especially around client due diligence and source of funds.

Manage deadlines and follow-ups

Deadlines are usually tight. Manage them actively, and if more time is genuinely needed, engage early to agree an extension rather than submit incomplete information. Treat file sampling and follow-up questions as an extension of the same process, and keep follow-up answers consistent with what you have already provided.

Reglo helps firms keep this evidence organised and audit-ready — humans approve every change. AI drafts and organises; your compliance team decides.

This guide is general information for compliance teams, not legal or regulatory advice. Always refer to the SRA's current guidance and take your own professional advice where needed.

Keep reading

SRA desk-based review

Respond to document requests with confidence.

SRA AML inspection prep

Be ready before an inspection begins.

Policy version control

Approved versions and timestamped audit trails.

What documents the SRA may request in an AML review

Desk-based reviews

An SRA AML inspection checklist for law firms

AML inspections

Common questions

What's the difference between a desk-based review and an inspection?

A desk-based review is narrower and remote — the SRA requests core documents and assesses them offsite. An inspection goes further, with interviews and file sampling to test how controls operate in practice.

What's the most common problem firms have?

Inconsistency — policies that don't reflect practice, generic risk assessments, and gaps in CDD recording — rather than major failings.

See how Reglo keeps this evidence ready

Book a demo and we'll show you how Reglo keeps your policies, training, attestations, and audit-ready evidence aligned for SRA reviews — with humans approving every change.

30-min callNo commitment