Conducting Source of Funds verification on corporate clients

In recent years, Britain has been labelled a ‘global money laundering hub,” with Transparency International reporting that £6.7bn of questionable funds were invested in UK property between 2016 and 2022.

Source of Funds (SoF) verification is a crucial part of the due diligence process and plays an important role in identifying and preventing money laundering. Carrying out such due diligence on corporate clients is more complex than with individual clients.

So how can firms ensure their SoF verification process for corporate clients is effective and does not fall foul of the regulations?

What is Source of Funds?

Source of Funds (SoF) verification is a process of establishing where funds came from, and the activity involved in generating them.

The first step is to establish the origin of the funds. Common sources include (but are not limited to): raising capital through debt, equity or government incentives; retained earnings or funding from personal savings; private equity; venture capital; crowdfunding; donations; grants; and subsidiaries.

Once the initial source has been established, the direction of travel for further enquiries will emerge. For example, if the source is the personal savings of a director, SoF checks must follow the trail to understand the ultimate origins of these savings and the activity that generated them.

Identifying criminality

It is worth considering throughout the SoF verification process that all businesses regardless of sector are, to some degree, at risk of exploitation. At the core of the process is the question: how could this corporate entity be used to launder money?

Being aware of common methods used for money laundering will help firms identify where it is present. These can include false invoicing, shell companies, or complex transactions – all of which are designed to obscure the dirty money's original source.

Firms should focus on two areas:

• The original funds that were injected into the company
• The continuous monies which enable the entity to continue trading

Taking into consideration when the company was incorporated and how long it has been in existence may affect the risk profile and the level of focus and due diligence we wish to undertake on each element

Taking a risk-based approach requires you to be curious about the company more generally. Asking relatively straightforward questions will enable you to build a more complete picture, and therefore make more informed decisions on next steps. These should include, but are not limited to:

• Where is the client incorporated?
• How long has the client been established?
• What sector does the company operate in?
• What are the day-to-day business activities?
• Who are the main shareholders and beneficial owners?
• Who controls the company?

The parameters of your role

It is not the responsibility of regulated firms and their employees to go out seeking evidence of any crime or corruption. For example, firms are not required to undertake detailed due diligence of a business to see if they ever failed to pay for a required licence or their tax return.

However, regulated firms and their employees are required to consider whether the source of funds is consistent with the client’s risk profile, transaction, and the nature of the business – including its day-to-day activities and financial profile.

When assessing the funding source, it's important to consider several questions to ensure thorough due diligence. First, do you fully understand the names of the ultimate beneficial owners and the complete identities of the investors or funders? Have these individuals been properly identified and/or verified? If the funding provider is an entity, it is important to determine if they are regulated. If they are, the risk associated with the funding is significantly lower, which directly influences the extent of due diligence required.

Next, consider the purpose of the funding. If there is no apparent connection between the funder and the entity receiving the funds, do you understand the reasons behind their support? Also, examine the complexity of the funding structure. Is it unusually large, or does it seem to lack a clear economic or legal purpose? Understanding why the funding is being sourced in a particular way is essential. Are you confident with the explanation provided regarding the chosen funding model? Does the funding for the transaction involve a regulated entity?

It’s also important to determine whether the funding is intended for the purchase of an asset or if it could potentially be recouped. Are there any conditions attached? If the payment is being processed through an electronic payment service, check whether this service is regulated, and in which jurisdiction. If it’s not, consider the controls that the service has in place and associated risks.

For non-regulated entities or funding from individuals, identify and verify the parties involved to the extent possible. Certain funding structures, such as crowdfunding, may complicate the process of conducting due diligence on every source of funding. But consider who you can identify and verify.

For those you cannot, consider if this exposes any additional risks and whether it is legitimate that this should be the case. It may not be possible to verify all funders but can you seek out the controlling individuals or any individual or entity contributing significantly more than others, for example.

This might include identifying and verifying the individuals controlling the funding, or those donating significantly. Ultimately, it’s crucial to collect enough information to be comfortable, ensure you document and explain to a third party looking in both internally and/or externally your considerations and rationale.

How to gather information

The type of evidence required for SoF corroboration depends on the specific source, its origin and the means of transfer.

These documents differ in their integrity, reliability and independence but in general will include: annual report & financial statements; the latest audited accounts; information from a reputable electronic verification service provider; information on the companies or parent company's websites; statements from a bank, building society or credit union; financial statements presented to the annual general meeting or corporate filings or self-declaration.

All private limited and public companies registered in the UK must file their accounts at Companies House. These will usually have to include profit and loss accounts and a balance sheet signed by a director on behalf of the board and the printed name.

Electronic company search providers can help to identify the ultimate ownership structure and beneficial owners. Once aware of the individual(s), firms can utilise technology to obtain independent and secure verification of that individual's identity.

However, for all companies, especially those outside of the UK where records are not as accessible, a reputable electronic screening provider can support the process by collating the required due diligence for review. This can also include copies of any relevant fillings of annual accounts.

Every business is different, and every SoF verification process will inevitably require its own tailored approach. In general, if the transaction and its associated evidence are consistent and there is no suspicion of criminal activity, firms do not have to go further to prove that the funds are clean. However, it is always important to keep a record of all questions asked, answers provided, considerations, rationale and supporting evidence received. This will mean firms/solicitors are prepared for any future inquiries from an auditor, regulator or law enforcement.

If approached with a good understanding of the process and a curious mindset, firms can undertake a thorough SoF verification that will play a crucial role in preventing criminals from using the proceeds of crime.