15 June 2026
By Jack Constant, The Professional Alternative
Ask any managing partner whether their firm takes compliance training seriously and the answer will almost always be yes.
However, then ask when the training was last refreshed, whether it was role-specific or whether attendance was actually recorded, and the confidence tends to thin out fast.
That gap between believing training is in place and being able to evidence it is exactly where regulators are now focusing their attention.
The Solicitors Regulation Authority’s enforcement record over the past two years shows what happens when the gap is exposed – fines, prolonged investigations and reputational damage that outlasts the financial penalty by years.
Headline fines have grown sharply. In March 2025, Simpson Thacher & Bartlett’s London office was fined £300,000 by the Solicitors Disciplinary Tribunal (SDT) after an SRA review found long-standing weaknesses in its AML control framework, including the absence of a compliant firm-wide risk assessment.
Tolhurst Fisher LLP was fined £120,000 last year after the SDT found the firm had failed to comply with two sets of AML regulations over a 15-year period.
Amphlett Lissimore Bagshaws LLP was fined £114,006 for operating without compliant AML controls between 2019 and 2024, while Gordons Partnership 2020 Ltd received a £77,784 fine for systemic weaknesses across its CMRA and audits.
Smaller firms are not spared. Harrison Thames Valley Solicitors LLP was fined £25,000 for missing risk assessments and AML policies, and Tyndallwoods Solicitors was fined £27,813 for widespread AML failings.
At the other end of the scale, a Newcastle sole practice, Caisson Turner Legal Services, was fined for an eight-year gap in its risk assessment records, with the case only closed after investigative costs were added on top of the fine.
The pattern across nearly every case is the same. It is rarely a single catastrophic error that triggers enforcement.
It is the accumulation of policies that exist on paper but were never embedded and training that was either never delivered, never refreshed or never recorded.
Long before a fine is announced, a firm under review is already paying a price. The SRA’s most recent AML annual report, as reported by Legal Futures, recorded 935 proactive engagements in a single year, almost double the period before, with 833 firms subjected to an onsite inspection or desk-based review.
Each of those reviews pulls fee earners and compliance staff away from client work, often for months, to gather files, evidence historic decisions and respond to regulator queries.
For firms with genuine gaps, this is where the financial cost multiplies. Legal and advisory bills mount, remedial projects are commissioned under pressure, and the fine itself, when it eventually lands, is frequently the smallest line on the final bill.
The SRA has been explicit that it is no longer enough to hold a policy document. Firms must be able to show how decisions were made, by whom and on what training basis.
It’s no good waiting for the knock at the door. That evidence has to exist before the regulator asks for it.
SRA and SDT decisions are published and once a firm’s name is attached to a six-figure AML fine or a finding of systemic non-compliance, that record does not disappear when the cheque clears.
It sits in the trade press, in due diligence searches run by prospective clients and in the memory of referrers who have other firms to choose from.
For firms competing for corporate work, panel appointments or high-value private client instructions, a published enforcement history can quietly close doors long after the compliance gap has been fixed.
Rebuilding that trust typically takes far longer than resolving the underlying breach – even more so in the digital era, where Google and AI catalogue information indefinitely.
Regulatory data now backs up what compliance officers have long suspected. Roughly a fifth of AML fines cite inadequate training or unclear MLRO and MLCO oversight as a contributing factor, and around two-thirds involve policies and procedures that existed in name only, with no evidence they were ever applied in practice by staff who understood them.
That is the pattern worth sitting with. Firms are not usually fined because they lack a policy folder.
They are being fined because the people handling client files, verifying identities and assessing risk were never properly equipped to apply that policy. Nobody could prove otherwise when the regulator asked.
The direction of travel is clear, as proactive supervision is increasing, fines are rising and the forthcoming transfer of AML oversight to the Financial Conduct Authority (FCA) is expected to bring a more data-driven, assertive style of enforcement still.
Firms that wait to be selected for review before addressing their training gaps are choosing the most expensive way to find out where those gaps exist.
The Professional Alternative works with law firms and accountancy practices to close that gap before it becomes a finding.
Our compliance eLearning gives every member of staff, from fee earners to support teams, role-specific training that is recorded, refreshed and ready to evidence the moment a regulator asks.
When it comes to the cost of failure, the cheapest fix is always the one applied before the investigation starts.
To find out how we can help your firm build a defensible training record, get in touch with The Professional Alternative today.