Property is the single largest vehicle for money laundering in the United Kingdom. The National Crime Agency estimates that billions of pounds of criminal proceeds are laundered through UK real estate each year. Because of this, estate agents have been supervised under anti-money laundering (AML) legislation since 2007, and the obligations have only grown heavier since the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 came into force.
If you operate an estate agency business in England, Scotland, Wales, or Northern Ireland, you are legally required to comply with these regulations. HMRC is your supervisory authority. Non-compliance carries criminal penalties, including unlimited fines and up to two years in prison.
The regulations define an estate agent broadly. You are covered if you carry out estate agency work as defined by the Estate Agents Act 1979: introducing buyers and sellers of land or property. This includes traditional high street agents, online-only agents, property auction houses, and anyone involved in facilitating the sale or purchase of land or buildings.
Lettings agents were brought into scope by the Money Laundering and Terrorist Financing (Amendment) Regulations 2019, effective from 10 January 2020. If you let property with a monthly rent of 10,000 EUR or more (or the sterling equivalent), you are now subject to the same AML obligations as sales agents.
Property developers who sell properties they have built are also within scope, as are relocation agents and some sourcing agents. If there is any doubt, the safe assumption is that you are covered.
Every estate agency business must register with HMRC for AML supervision before carrying out any regulated activity. Registration is done online through HMRC's AML supervision service. There is an annual fee, currently ranging from around 300 to 500 per premises depending on the size of the business.
HMRC conducts compliance visits, desk-based reviews, and themed inspections. During a visit, they will ask to see your risk assessment, your policies and procedures, your client due diligence records, your staff training records, and evidence that your nominated officer is performing their role. If they find gaps, you will receive a finding. Repeated or serious findings lead to penalties or, in extreme cases, criminal prosecution.
HMRC published sector-specific guidance for estate agents in its AML guidance for supervised businesses. You should read it. It is not optional background reading: it is the standard against which you will be judged.
Your first obligation is to carry out a written risk assessment that identifies and assesses the money laundering and terrorist financing risks your business faces. This must be specific to your firm, not a generic template downloaded from the internet and filed away.
The risk assessment must consider the types of clients you deal with, the countries and geographic areas you operate in, the products and services you offer, the transaction types you handle, and the delivery channels you use. An estate agent in central London selling 2M flats to overseas buyers has a very different risk profile from a high street agent selling 200K terraces in a Welsh market town. Your risk assessment must reflect this.
It must be reviewed and updated at regular intervals, and whenever a significant event occurs (new service line, new office, legislative change). Keep a record of every review, even if the conclusion is that nothing needs changing.
Client due diligence (CDD) is the core of your AML compliance. You must verify the identity of your client before you establish a business relationship with them. For estate agents, this means before you begin marketing their property or before you begin acting for them as a buyer.
For individuals, you need to obtain and verify the client's full name, date of birth, and residential address. Verification means checking these details against a reliable, independent source. The standard approach is a current passport or photocard driving licence for identity, plus a recent utility bill, bank statement, or council tax letter for address. Electronic verification through a reputable provider is also acceptable and increasingly common.
For companies, you must identify the company itself (name, registered number, registered office), its directors, and its beneficial owners. A beneficial owner is any individual who holds more than 25% of the shares, voting rights, or otherwise exercises control over the company. You must take reasonable steps to verify the identity of each beneficial owner using the same standard as for individuals.
For trusts, you must identify the settlor, the trustees, the beneficiaries (or class of beneficiaries), and any individual who exercises control over the trust.
Enhanced due diligence (EDD) is required in higher-risk situations. The regulations specify several triggers, but the most common ones for estate agents are:
EDD means you must obtain additional information about the client and the purpose of the transaction, increase the frequency of monitoring, and ensure that senior management approves the business relationship. You cannot just tick a box; you must document what additional steps you took and why.
If you know or suspect, or have reasonable grounds for knowing or suspecting, that a person is engaged in money laundering or terrorist financing, you must file a Suspicious Activity Report (SAR) with the National Crime Agency (NCA). This is not discretionary. Failure to report is a criminal offence carrying up to five years in prison.
You must not tip off the client. If you suspect a transaction and file a SAR, you must not tell the client or any third party that you have done so. Tipping off is itself a criminal offence.
Common red flags in property transactions include: purchasers using cash or cash equivalents for large deposits; transactions at significantly above or below market value; clients who are evasive about the source of funds; rapid buying and selling of the same property; use of complex corporate structures with no clear rationale; and transactions involving jurisdictions with weak AML controls.
Your nominated officer (the person responsible for receiving internal suspicion reports and deciding whether to file SARs) must be named and must have sufficient seniority and training to perform the role effectively. In a small agency, this is often the principal. In a larger firm, it should be a senior compliance officer.
You must keep copies of all CDD documents and evidence of all transactions for at least five years after the end of the business relationship or the completion of the transaction. This means five years from completion of the sale or, for lettings, five years after the tenancy ends.
Records must be sufficient to allow a transaction to be reconstructed. In practice, this means keeping copies of identification documents, verification results, the risk assessment for each client, any EDD records, and any internal suspicion reports and SAR filings. If HMRC asks to see a client file from three years ago, you need to be able to produce it in full.
Every member of staff who is involved in regulated activity must receive AML training. This includes negotiators, valuers, property managers handling high-value lettings, and administrative staff who process client onboarding. Training must cover the law, your firm's policies and procedures, how to recognise suspicious activity, and how to make an internal report.
Training must be provided at induction and then at regular intervals. HMRC does not specify a frequency, but annual refresher training is the widely accepted minimum. You must keep records of who was trained, when, and what was covered. A dated attendance register or a completion certificate from an online course is sufficient.
Staff who have not been trained are a liability. If a negotiator fails to spot an obvious red flag and no SAR is filed, the firm's defence that it had reasonable policies will collapse if it cannot show that the negotiator had been trained to recognise the risk.
HMRC has a range of enforcement tools. Civil penalties range from a few hundred pounds for minor record-keeping failures to 225,000 or more for serious, systemic failures. Criminal prosecution is reserved for the most egregious cases, but it is not theoretical: HMRC has prosecuted estate agents for failure to register, failure to conduct CDD, and failure to file SARs.
Beyond the direct penalties, a finding of AML non-compliance can destroy a business. Mortgage lenders, solicitors, and surveyors will hesitate to work with an agent that has been publicly sanctioned. Clients will go elsewhere. Professional indemnity insurers may refuse cover or increase premiums. The reputational damage often exceeds the financial penalty.
AML compliance is not a one-off exercise. It is a continuous obligation that must be embedded in the way your agency operates every day. The firms that treat it as a paper-pushing nuisance are the ones that end up with HMRC enforcement letters.
Slatewick builds tools that automate the documentation burden for regulated industries. Less time on paperwork, more time on clients.
Learn moreCompliance tools for regulated industries. Built with the tools of tomorrow, guided by the values of yesterday.