A money laundering failure is not just an SRA enforcement problem — it is a live PI question, and the answers turn on who at the firm did what and whether the wrongdoer was dishonest.
Anti-money laundering compliance is now one of the most heavily enforced areas of solicitors’ regulation, and it overlaps with the PI policy in ways that catch firms off guard. The SRA has prosecuted firms and individuals for AML failings ranging from inadequate client due diligence and source-of-funds verification to outright facilitation of fraud. The financial cost falls in two places at once: regulatory fines and disciplinary costs on one side, third-party civil claims on the other. This guide is about the civil side — when AML failings produce a PI claim, how the SRA Minimum Terms and Conditions of Professional Indemnity Insurance (MTC) respond, where the dishonesty exclusion bites, and how innocent partners are protected. The statutory backdrop is the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Money Laundering Regulations 2017, as amended), the Proceeds of Crime Act 2002 and the Bribery Act 2010.
AML failures generate PI exposure through three main routes.
First, the firm acts on a transaction that turns out to be a fraud — most commonly conveyancing fraud, “vendor impersonation” or APP-style push-payment fraud against the buyer. The true owner sues the firm in negligence for failing to verify identity, source of funds or instructions. The claim is framed as breach of the solicitor’s duty of skill and care in compliance with the Money Laundering Regulations 2017 and the Legal Sector Affinity Group guidance. The defendant solicitor was not dishonest, just careless.
Second, the firm processes funds that prove to be the proceeds of crime. The Proceeds of Crime Act 2002 imposes criminal liability where the firm knew or suspected the funds; the civil exposure flows from any loss to the rightful owner. If the firm failed to make a required Suspicious Activity Report or proceeded without consent, the SRA enforcement track and the civil claim track run in parallel.
Third, an individual at the firm crosses the line — a fee earner, supervisor or partner who actually knows the transaction is suspect and either ignores it or actively facilitates it. This is where the dishonesty exclusion in the MTC matters.
The SRA’s enforcement focus in recent years has been firmly on AML, and the SRA’s powers include the imposition of unlimited fines on traditional law firms following statutory changes. Enforcement risk does not generate PI cover — fines are excluded under almost every PI wording — but the underlying compliance failures often do generate civil liability that the policy must respond to. A firm under SRA AML investigation should assume there is, or will be, a related civil claim and notify both as circumstances under clause 5 of the MTC.
The MTC is structured to keep cover in place for the firm in almost all AML scenarios short of an active conspiracy across the partnership. The mechanics:
Clause 1 (insuring agreement) covers civil liability arising from the firm’s private legal practice. Negligence in AML procedure — failure to verify ID, failure to question source of funds, failure to spot vendor impersonation — sits squarely within this. A claim by a defrauded buyer, lender or true owner is a covered loss.
Clause 5 (notifications) requires notification of claims and circumstances. SRA enforcement action, including an investigation into AML compliance, is a circumstance that may give rise to a claim and should be notified. So is any solicitor’s-own discovery that the firm has been used as a conduit for fraud, even before a third-party claim materialises.
Clause 6 (special conditions and dishonesty exclusion) is where the analysis gets sharper. Insurers are permitted under the MTC to exclude claims arising from the dishonest or fraudulent acts or omissions of an insured. Critically, this exclusion applies only as against the dishonest individual — the wrongdoer themselves. The firm, the partnership, the LLP, innocent partners and innocent employees remain covered. The Supreme Court has not formally restated this in a recent leading judgment, but the principle is built into the wording: the exclusion is individual, not collective.
Clause 7 (innocent insured) reinforces the point: the policy must continue to indemnify each insured who was not implicated in, and did not condone or recklessly disregard, the dishonest conduct. So if one partner is found to have helped a client launder funds, the firm and the other partners are still covered for civil claims arising from those acts.
Where AML exposure interacts with the Bribery Act 2010 — for example a firm advising a client on a transaction that turns out to involve a bribe — the same framework applies. Civil liability of the firm for negligence (failing to spot the indicators) is covered; civil liability of an individual partner who knew the payment was a bribe falls within the dishonesty exclusion as against that individual, but innocent partners remain covered.
Section 11 of the Insurance Act 2015 is a quiet but important backstop. Insurers sometimes try to decline AML-related claims on the basis of breach of risk management or compliance conditions in the wording. Section 11 prevents the insurer from doing so if the breach did not in fact increase the risk of the loss actually suffered. The MTC’s protections do not displace this.
Consider a 12-partner firm with a busy commercial property team. A junior conveyancer, supervised by a partner, acts on the sale of a £4 million London commercial property. The “seller” is in fact an impersonator who has obtained a forged title. The fee earner runs reduced ID checks because the client was introduced by a long-standing commercial client. Completion monies of £3.6 million are paid out before the true owner discovers the fraud and notifies the police and the firm. The true owner sues for £3.6 million plus interest and costs.
The firm notifies its PI insurer. No one at the firm is alleged to have been dishonest — the failure is a negligent ID verification and supervision breach against the standards in the Money Laundering Regulations 2017. The policy responds under clause 1. The £2 million primary engages, the excess (say £100,000) is recovered from the firm afterwards under clause 3 — not funded by the firm in advance — and the top-up layer engages above £2 million up to the relevant tower limit. Defence costs are paid in addition to the £2 million primary under clause 4. The firm faces the SRA in parallel; any fine falls outside cover, but the civil claim itself runs through the PI tower as intended.
Walk the underwriter through the firm’s AML framework, not just its claims experience. Underwriters now expect to see evidence of risk-based client due diligence procedures, source-of-funds verification, training records, MLRO appointment and reporting lines, and the firm’s response to any SRA AML thematic review. The renewal submission should anticipate clause 5 territory — notify any historic matters that the firm now suspects may give rise to a claim, even if no claim has been intimated. At higher limits, expect questions about the firm’s exposure to conveyancing fraud specifically: identity verification methods, panel lender requirements, and the firm’s policy on accepting introducers. Ask your broker to confirm in writing how the dishonesty exclusion is worded in the primary insurer’s MTC-compliant policy, and whether any top-up layers replicate the innocent insured protection or carry stricter wordings that could leave a gap above the primary.
Apex’s view: The dishonesty exclusion is the most feared and most misunderstood clause in solicitors’ PI. We routinely have to walk partners through clause 7 — yes, your rogue partner is out, but the firm is in, the other partners are in, the employees are in. The real exposure in AML is not the dishonesty exclusion. It is the firm that has not modelled its single-largest conveyancing fraud loss against its tower under clause 2.5 aggregation, and the firm that has been “thinking about” notifying an SRA investigation for six months. Notify early, model aggregation, and the MTC does what it is designed to do.
Apex Insurance Brokers serves UK professional services firms and commercial businesses. Call 0117 325 0027, email hello@apexinsurancebrokers.co.uk, or request a quotation.
Get a quote