What's new
GRC for Law Firms
Reporting AML Suspicions Within Your Firm (Course)
This course helps all those working in law firms understand their responsibilities when they suspect money laundering or terrorist financing. With a focus on internal reporting procedures rather than external reporting to the National Crime Agency, the course covers how to recognise suspicions, when and how to report to your MLRO, and what happens after you have made a report.
Previously focused on external reporting — the domain of compliance officers — this course has been refocused for all staff, providing practical guidance on recognising suspicious activity and following your firm's internal reporting procedures with confidence.
CPD: 0.67 hours
Anti-facilitating Tax Evasion for Law Firms,
PEPs and Sanctions
Both courses have had scenarios and assessment questions updated.
Monthly Compliance Update – March 2026 (Webinar)
On the first Thursday of each month, Brian Rogers hosts a 45-minute compliance update webinar for the legal profession. These sessions have proven very popular with our clients, attracting over 5,000 registrants for the live broadcast. These update webinars focus on current and upcoming events within the legal regulatory space and some of the topics covered in this edition were:
Mazur appeal hearing
When the compliance officer is the problem
Review of the LSB
SRA censured for SSB Group collapse
CQS Update 2026 (Webinar)
This webinar provides an update on the changes made to the CQS Conveyancing Practice and Risk, Compliance and Client Care courses, and other relevant CQS related topics.
CPD: 1 hour
PII Update 2026 (Webinar)
This webinar provides an insight into the current PII market and some of the risk areas being considered by insurers.
CPD: 1 hour
On-demand recordings of these webinars are made available through our LMS. You can find these recordings, as well as other webinars, inside the 'Webinars for Law Firms' library. You can also register to attend the live sessions by registering here.
Policies and Precedents
Our subject matter experts have carried out a comprehensive review of our AML policy suite, data protection documents, and other key policies. This March 2026 release reflects significant regulatory developments including LSAG Guidance (April 2025), the SRA Source of Funds and Wealth thematic review (November 2025), the Data (Use and Access) Act 2025 (provisions in force from 5 February 2026), the Employment Rights Act 2025, and emerging risks around digital identity fraud and proliferation financing.
Anti-Money Laundering
Anti-Money Laundering and Counter Financing of Terrorism Policy v6.4
New section on Economic Crime Levy (ECL) under the Finance Act 2022, including guidance on applicability for firms with revenue exceeding £10.2 million. Register of Overseas Entities section substantially updated to reflect current verification procedures. High-Risk Third Countries section updated to clarify FATF black list and grey list references and associated enhanced due diligence obligations. A targeted update will follow once pending amendments to the Money Laundering Regulations come into force.
AML Client and Matter Risk Assessment v2.2
Designated person question updated to reference the UK Sanctions List (replacing OFSI Consolidated List, effective 28.01.26). Ongoing monitoring triggers added. Source of funds narrative guidance strengthened to prompt analysis rather than merely collection of evidence. HNWI definition added. Note added that the Register of Overseas Entities cannot be solely relied upon for beneficial ownership verification. Client account misuse prompt added to matter risk section.
AML Source of Funds and Source of Wealth Questionnaires v3
Scope broadened from property purchases to all applicable matters involving financial transactions. New documentation requirements for fee earners to record evidence obtained, assessment rationale, and resolution of concerns. New red flags section identifying indicators requiring enhanced scrutiny and MLRO referral. Client money verification requirement added. Third-party contributor guidance strengthened. Cross-reference added to AML and CFT Policy.
AML Firm Wide Risk Assessment Questionnaire v2.2
New questions on proliferation financing risk assessment, supply chain risk, digital identity fraud (including deepfake and AI-generated documentation risks), and PEP guidance updated to reflect the domestic/non-domestic PEP distinction under the Money Laundering Regulations.
AML Politically Exposed Persons Questionnaire v1.4
Domestic and non-domestic PEP distinction added to reflect Regulation 35(3A) of the Money Laundering Regulations. Siblings added to the list of family members. Risk assessment outcome section redesigned to distinguish between lower risk and higher risk PEP classifications.
Guidance for AML Officers on How to Comply with the Money Laundering Regulations v3.5
Proliferation financing added to the FWRA section referencing the Regulation 18A obligation. Failure to prevent fraud signpost added under the Economic Crime and Corporate Transparency Act 2023. PEP training triggers updated to reflect the domestic/non-domestic PEP distinction.
Independent Audit and Review of AML and Financial Crime Risk v4.2
New audit questions covering proliferation financing, PEP procedures, digital identity verification including deepfake fraud risks, and supply chain risk reflecting updated LSAG guidance.
Legal and Regulatory Compliance
Whistleblowing Policy v2.3
Updated to reflect the Employment Rights Act 2025, which adds sexual harassment as a new category of qualifying disclosure under whistleblowing law, expected to come into force on 06.04.26. Firms should monitor government announcements to confirm the commencement date.
Anti-Bribery Policy v2.5
Minor changes: one spelling correction and two footnotes for larger firms regarding the corporate offence of failure to prevent fraud from 1 September 2025.
Anti-Bribery Policy Supporting Documents
Minor update — one outdated hyperlink replaced.
Anti-Facilitating Tax Evasion Policy v2.2
Regulatory landscape section updated to reflect the planned transfer of AML supervision for legal firms from the SRA to the FCA, and the HMRC tax adviser registration requirement for firms providing tax advice.
Anti-Facilitating Tax Evasion Policy Supporting Documents v1.5
Regulatory landscape section updated to reflect the planned transfer of AML supervision for legal firms from the SRA to the FCA.
Information Technology and Data Protection
Data Protection Policy v2.5
Updated to reflect Data (Use and Access) Act 2025 provisions in force from 5 February 2026, including recognised legitimate interests, expanded automated decision-making permissions, and enhanced ICO enforcement powers. Confirms section 103 complaints handling duty commences 19 June 2026.
Data Protection Policy Supporting Documents v2.8
Updated to reflect Data (Use and Access) Act 2025 provisions in force from 5 February 2026. AI processing sections added to both client-facing and staff privacy notice templates. Guidance added on section 103 complaints handling duty commencing 19 June 2026.
Data Protection Breach Reporting Procedure v2.4
Updated to reflect Data (Use and Access) Act 2025 provisions in force from 5 February 2026, including the ICO's expanded enforcement and investigatory powers. Confirms section 103 complaints handling duty commences 19 June 2026.
Information Management and Security Policy v4.3
Updated to reflect PECR fine alignment with UK GDPR levels and ICO's renewed enforcement focus on cookies and electronic marketing under the Data (Use and Access) Act 2025. Cross-reference added to the firm's AI Policy.
Information Management and Security Policy Supporting Documents v1.4
Minor update to reflect current data protection legislation references and addition of PECR compliance question to the self-assessment questionnaire.
Client Care and File Management
Artificial Intelligence Policy v3
Updated following review to incorporate feedback on professional indemnity insurance notification requirements, DPIA obligations for AI tools, and related governance provisions.
Retirements
The following content has now been retired and will no longer be found in their respective libraries.
GRC for Law Firms library – Webinars:
Monthly Compliance Update – March 2025 (Retired)
Breach Management – A Practical Guide (Retired)
How will this be made available?
This release will be made available to all GRC for Law Firms and Policies & Precedents for Law Firms subscribers on March 26th 2026.
Please note, if you are a client utilising our ContentServe solution you will need to download the latest Pathways into your LMS.
What’s coming?
Our next content release is scheduled for April 30th. It will have updates to courses, webinars, and policies, including our redesigned and renamed course: How to be an effective MLRO/MLCO (previously titled How to be an MLRO/MLCO).
We hope you enjoy this latest content release and if you have any queries, please take a look at our Access LMS Evo Help Centre.
If you would like to find out more information about our Legal Learning products or inquire on adding any of these products to your account you can find more information regarding this here.
Kind Regards
Access Legal Learning Team