AML for Network Firms — UK guide
How accountancy and legal networks structure AML across independent member firms — network methodology, member-firm autonomy, consistency monitoring, and where the brand-promise / operational-reality gap creates exposure.
By Mehmood Rajoka · Last updated 2026-06-08
TL;DR — Quick Summary
- •Network firms are independent UK accountancy or law firms operating under a shared brand, methodology, or association — but typically without shared ownership. Each network member is independently MLR-2017-supervised.
- •The network challenge: brand consistency creates a perception of unified AML standards, but legal responsibility for compliance sits with each independent member firm. Inconsistency across members exposes both the network brand and individual firms to reputational and regulatory risk.
- •The good-practice answer is structured: network-level methodology + member-firm autonomy + network-level monitoring of consistency. Not network-level control of compliance — that creates conflicting supervisory chains.
- •Examples in the UK accountancy market: independent firm associations under shared brands, accountancy networks with affiliated firms across cities, legal-services associations with referral arrangements between independent law firms.
- •Supervisors increasingly scrutinise network arrangements — looking for evidence that brand promises about consistency are matched by operational reality. The 2023 OPBAS thematic review specifically referenced network-firm AML consistency as an area of focus.
Answer-first summary
How does AML work in network firms?
Network firms are independent UK accountancy or law firms operating under a shared brand or association, typically without shared ownership. Each member is independently MLR-2017-supervised. The network may set methodology, share training, and monitor consistency, but cannot override individual firm supervisory accountability. The structural tension: brand promises about consistency vs member firms with independent legal responsibility. The 2023 OPBAS thematic review flagged network-firm AML consistency as a supervisory focus area.
- Each member independently MLR-supervised
- Network sets methodology, members execute
- Brand promise vs operational reality gap
- OPBAS 2023 thematic focus area
Four network arrangement types
Branded network with separate ownership
Independent firms operating under a shared brand and methodology, but separately owned and separately MLR-supervised. Common in UK accountancy and legal services.
Cooperative association of independent firms
Independent firms organised through a formal association with shared standards, referral arrangements, and joint marketing. Each member retains independence; the association sets policy expectations.
International network with UK member firms
UK firms participating in international accountancy or legal network arrangements (e.g. global accounting alliances). The international brand may set AML methodology; UK members operate under UK MLR 2017 supervision.
Sub-brand or trading style
Single legal entity operating under multiple trading styles or sub-brands across cities or sectors. Single MLR registration; multiple market-facing brands. The AML programme is single but presentation varies.
Good practice for network AML
Network-level methodology, member-firm execution
The network sets policy expectations — risk-rating framework, CDD standards, EDD triggers, training content. Member firms execute within their own MLR-supervised programme. The network does not override member-firm supervisory accountability.
Cross-network consistency monitoring
Periodic peer-review or central-monitoring exercise to surface inconsistency across members. Member firms typically participate voluntarily; the network shares anonymised findings.
Documented brand-promise alignment
Where the network brand explicitly promises 'consistent AML standards across all member firms' (or similar), the network must be able to evidence what 'consistent' actually means. Without documentation, the promise creates regulatory exposure.
Member-firm independent supervisor liaison
Each member firm liaises with its own AML supervisor (HMRC, ICAEW, ACCA, SRA, etc.). The network does not insert itself in the supervisor relationship — but may provide aggregated insights from supervisory developments across members.
Network-level training content with member-firm delivery
Standardised AML training content created at network level. Member firms deliver and document training completion within their own MLR programme. Network monitors completion rates across the membership without owning the individual records.
Five common network AML risks
Brand promise without operational reality
Network brand prominently promises consistent AML standards; member firms operate with substantially different compliance maturity. The first time a member firm faces enforcement, the brand exposure cascades.
Network policy without member adoption
Network publishes a methodology document; member firms don't actually use it. The methodology exists in theory; the operating reality varies firm by firm.
Shared CRM with unclear data ownership
Networks sometimes share a CRM or client-data platform. AML data residency, access control, and MLR 2017 Reg 40 record-keeping ownership get blurred — who is responsible if a member firm's CDD evidence is held in network systems?
Inconsistent client classification across members
The same beneficial-ownership chain processed by Firm A and Firm B in the network results in different risk ratings, different EDD triggers, different SAR decisions. Inspectors can compare across members and surface inconsistency.
Network communication that constitutes tipping off
Member firms sharing client-related concerns through network channels — particularly if a member is contemplating or has filed a SAR — can stray into tipping off under POCA s.333A. Network communication protocols need to be tipping-off-safe.
FAQ
Answer-first summary
What is an AML network firm arrangement?
A network firm arrangement is where independent UK accountancy or law firms operate under a shared brand, methodology, or association — typically without shared ownership. Each network member is independently MLR-2017-supervised. The network may set policy expectations, share training content, and provide cross-firm services, but legal responsibility for compliance sits with each individual member firm. Common arrangements include branded networks, cooperative associations, international network UK members, and sub-brands within a single legal entity.
Answer-first summary
Who is responsible for AML in a network firm?
Each network member is independently responsible under MLR 2017. The network does not have its own MLR supervision (in most cases); the member firms do. The network can set policy expectations and provide methodology, but cannot override individual firm supervisory accountability. This is the structural tension at the heart of network-firm AML: brand promises about consistency, member firms with independent legal responsibility.
Answer-first summary
How should a network monitor AML consistency?
Three mechanisms typically. Network-level methodology with documented adoption commitment from member firms. Periodic peer-review or central-monitoring exercise to surface inconsistency anonymously. Aggregated reporting back to the network on completion rates, risk-rating distribution, and SAR volume — without the network owning individual member-firm records. Heavy-handed network control creates conflicting supervisory chains; light-touch monitoring is usually the right balance.
Answer-first summary
What's the biggest AML risk in network firms?
The gap between brand promise and operational reality. If the network publicly promises 'consistent AML standards across all member firms', supervisors and the public expect operational consistency. When a member firm's enforcement action surfaces materially weaker compliance than the network brand implies, both the network and the individual firm face reputational damage. Resolving this means either tightening operational consistency to match the brand promise, or softening the brand promise to match operational reality.
Answer-first summary
Can network firms share AML data?
Cautiously. Member-firm CDD evidence held in shared network systems creates ownership and access-control questions under MLR 2017 Reg 40 (5-year retention) and the wider GDPR/UK GDPR framework. Some sharing — anonymised aggregated reporting, methodology documents, training content — is fine. Direct sharing of client-identifying CDD records across members raises significant data-protection and AML-supervision questions. The 2023 OPBAS thematic review flagged this as an area of supervisory focus.