Reglo logoReglo
AML inspections8 min read

An SRA AML inspection checklist for law firms

SRA AML supervision has become more proactive and structured. Firms can now be selected for engagement even where no specific issue has been identified — through thematic reviews, risk profile, or intelligence-led triggers. Contact from the SRA is no longer unusual, and it does not necessarily mean something has gone wrong.

What it does mean is that your firm should be able to evidence how its AML systems and controls work in practice — not just on paper. This checklist covers what to have ready before an inspection, and how to make sure it tells a coherent, credible story.

1. Core documents, current and approved

An inspection — like a desk-based review — starts with a document request, often on a 10–14 day timeframe. The material needs to be accessible, current, and clearly the firm's approved position. Avoid circulating multiple drafts: be clear which version is the live one.

  • Firm-wide risk assessment, specific to your clients, services, jurisdictions, and delivery methods
  • AML policies, controls, and procedures in their approved, current versions
  • Training records showing ongoing and role-specific AML training
  • A sample of files demonstrating CDD and source-of-funds work

2. Consistency across the framework

The SRA tests whether your documents agree with each other and with practice. Inconsistency — not catastrophe — is the most common issue. Sense-check that your firm-wide risk assessment, policies, procedures, training materials, and client files tell one story.

If your risk assessment describes one approach and your files show another, that gap will be noticed. Reglo keeps these aligned so they don't drift apart between reviews.

3. People who can explain the framework

Inspections are interactive. The SRA may interview the MLRO, senior management, and fee earners to test how well AML processes are understood and applied. The MLRO in particular should be able to explain clearly how the firm identifies, assesses, and mitigates AML risk.

Brief everyone who may speak to the SRA from one current source of truth. The aim is not perfect or overly technical answers — it is credible, accurate, and consistent ones.

4. Files that evidence the work

File sampling tests how controls operate in real matters. Before submission, review sampled files to ensure they clearly evidence the work done — particularly around client due diligence and source of funds. Where a matter was, or wasn't, escalated to the MLRO, the reasoning should be recorded.

5. An internal review before you submit

Run an internal review before anything goes to the SRA. Step back, sense-check what they are about to see, and identify gaps or inconsistencies. This stage is often where issues can be found and fixed early — before they become regulatory findings.

Reglo helps firms keep this evidence organised and audit-ready — humans approve every change. AI drafts and organises; your compliance team decides.

This guide is general information for compliance teams, not legal or regulatory advice. Always refer to the SRA's current guidance and take your own professional advice where needed.

Keep reading

SRA AML inspection prep

Be ready before an inspection begins.

SRA desk-based review

Respond to document requests with confidence.

Firm-wide risk assessment

Keep your FWRA current and aligned.

AML training records

Role-specific AML training and attestations.

What documents the SRA may request in an AML review

Desk-based reviews

How to prepare COLPs and MLROs for SRA AML interviews

AML inspections

Common questions

How long do firms get to respond to an SRA AML document request?

Timeframes are typically tight — often around 10 to 14 days. If genuinely needed, it is better to engage early and agree an extension than to submit incomplete or inconsistent material under pressure.

Does an inspection automatically lead to enforcement?

No. Many engagements result in feedback, recommendations, or required improvements rather than enforcement. The SRA's aim is often to raise standards. A calm, organised, consistent response makes a real difference.

Want to walk into an inspection prepared?

Book a demo and we'll show you how Reglo keeps your policies, training, attestations, and evidence aligned — so an SRA AML inspection is an export, not a scramble.

30-min callNo commitment