AML compliance is a legal requirement for UK-regulated businesses, and the stakes are high. Including fines, reputational damage, and even loss of trading ability if you get it wrong. This AML compliance checklist gives you clear, step-by-step actions to meet the Money Laundering Regulations 2017. Along with preparing for HMRC inspections and keep your risk management on track. Whether you’re an estate agent, letting agent, TCSP, or another regulated firm, you’ll find practical guidance and tips to make compliance part of your everyday workflow. Not just a box-ticking exercise!
Why use an AML compliance checklist?
An AML checklist ensures you’re meeting regulatory requirements and reduces the risk of costly fines or enforcement action. It also makes HMRC inspections smoother, as you’ll have all the evidence they need ready to go.
💡 Flex Tip: Don’t wait until you get the HMRC visit letter! Treat this checklist as part of your monthly or quarterly housekeeping, not just an emergency prep tool.
AML Compliance Checklist
1. Risk Assessment
- Written, up-to-date AML risk assessment
- Business-wide risks identified (services, clients, geography)
- Risk-based approach applied to clients and transactions
💡 Flex Tip: Keep a one-page “snapshot” summary alongside your full risk assessment. Inspectors love seeing a quick reference that matches your detailed document.
2. AML Policies & Controls
- AML policy tailored to your business
- Procedures for CDD, EDD, ongoing monitoring, record keeping
- Escalation process for suspicious activity
💡 Flex Tip: Review your policy annually or whenever there’s a regulatory change and keep a “last reviewed” date on the front page to show HMRC you’re proactive.
3. Customer Due Diligence (CDD)
- Proof of ID and address collected and verified
- Source of funds checks documented (where needed)
- UBOs identified for corporate clients
- Enhanced due diligence for high-risk clients (PEPs, offshore)
💡 Flex Tip: Always keep a note of how you verified a document. For example, “verified by electronic ID check” or “original seen in person.” It saves you having to remember details later.
4. Training & Staff Awareness
- AML training for all relevant staff
- MLRO and senior management responsibilities defined
- Training refreshed annually
💡 Flex Tip: Keep a shared “training log” that everyone can access. It’s proof for HMRC and a great reminder tool for your team.
5. Record Keeping
- CDD, risk ratings, and notes securely stored
- Records retained for 5 years after relationship ends
💡 Flex Tip: Organise client files consistently. Inspectors often check more than one file to see if your approach is the same every time.
6. Reporting
- SAR process documented and understood
- Staff trained on how to escalate red flags
- SAR submissions logged
💡 Flex Tip: Even if you don’t submit a SAR, log when you considered it. HMRC values evidence of your decision-making process.
Preparing for an HMRC AML Inspection
HMRC may ask to see:
- Your AML risk assessment
- AML policy and procedures
- Staff training records
- Example CDD files
- SAR records (if applicable)
Keeping this documentation up-to-date is key to passing an inspection.
💡 Flex Tip: Before an inspection, do a “mock audit”. Pretend you’re HMRC and pick three random client files to review. You’ll quickly see any gaps before they do.
Get the full printable AML checklist
Prefer a printable PDF version of this checklist to keep on your desk or share with your team?
Request your free downloadable checklist here ➜
Related AML Resources
© Flex AML – This guide is for internal use only. Please don’t copy or republish it without permission. If you’d like to license or share this content, let’s talk.
Flex AML 