← All guides
Risk 6 min read · Updated June 2026

AML & client due diligence: a practical checklist

Firms carrying out work in scope of the Money Laundering Regulations must apply customer due diligence (CDD) and keep records. The goal is to know who your client is, understand the purpose of the matter, and spot anything that doesn’t add up. This is general guidance — follow your firm’s MLRO and the current regulations.

The core steps

  • Identify the client and verify their identity from reliable, independent sources
  • Identify any beneficial owners for entities, and verify where required
  • Understand the purpose and intended nature of the matter
  • Apply a risk-based approach — enhanced due diligence for higher-risk situations
  • Carry out ongoing monitoring through the life of the matter

Record-keeping

Keep a clear record of the checks you carried out, the evidence you relied on, and your risk assessment — and retain it for the period the regulations require. If you can’t show the work, it’s as if you didn’t do it.

Common pitfalls

  • Treating CDD as a one-off box-tick rather than ongoing monitoring
  • No central record of which matters had checks and which are outstanding
  • Source-of-funds enquiries skipped on higher-value matters

How Fitzentic helps

Conflict checks and an AML/KYC checklist are built into intake, so a matter can’t quietly progress without the right checks — and every step is recorded against the file.

This guide is general information for UK firms, not legal advice. Always check the current rules and guidance that apply to your firm.

See how Fitzentic helps

Run your whole firm — confidentially, with the records a well-run practice needs.

More guides

See Fitzentic run your firm

Book a demo