Most letting agents may be at risk of breaching anti-money-laundering (AML) regulations following changes introduced by HMRC, says compliance technology firm Coadjute.
In September HMRC published revised AML guidance introducing a new checklist of 34 named risk indicators that must be addressed within every agency’s Business Risk Assessment (BRA) and Policies, Controls and Procedures (PCPs).
Any business that has not updated its documentation and onboarding processes since September 9 is likely to be non-compliant and could face fines of up to £158,000, based on recent HMRC enforcement cases.
Coadjute’s chief operating officer, John Reynolds, warns that the implications of the new rules are only just being understood.
He says: “In recent weeks we’ve seen growing confusion across the industry. Agents are receiving audit requests and warning notices, and many are realising their existing AML files and policies simply don’t meet the new benchmark. If you’re still doing what you’ve always done, you may now be breaking the law.”
HMRC’s framework explicitly names red-flag patterns including super-prime price anomalies, SPVs, offshore entities, intermediaries, remote onboarding and third-party payers. The regulator has also clarified that most commonly used digital ID tools and sanctions look-ups alone are not sufficient to meet AML obligations.
“Tick-box apps and partial checks don’t cut it anymore,” Reynolds added. “Agents must be able to evidence how each transaction was reviewed against the 34 risks, what was found and what Enhanced Due Diligence was done.”
Coadjutor is urging letting agents to professionalise or outsource their AML processes to avoid reputational damage and fines – especially as HMRC is already “naming and shaming” non-compliant firms.
Reynolds concludes: “Just as agents outsource payroll or EPCs, AML now needs specialist handling. The new rules make ad-hoc compliance impossible to defend. Getting it right protects not just your licence but your brand.”
