Home · GDPR Compliance
Last updated: April 2026
AuProFix is committed to protecting personal data and ensuring full compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Money Laundering Regulations 2017 (as amended).
We are committed to providing high-quality, professional and transparent services. We confirm in writing the services we provide, communicate clearly and promptly, and keep clients updated on progress and any delays.
Client information is treated as strictly confidential and will not be disclosed to any third party without prior consent, unless required by law or regulation.
We have a written agreement with another AAT Licensed Accountant who will take over client files and urgent duties in the event we are temporarily or permanently unable to practice. The continuity accountant will:
Any transfer of information complies with the UK GDPR and relevant data protection laws.
Our AML procedures comply with the Money Laundering Regulations 2017 (as amended), the Proceeds of Crime Act 2002, and related legislation.
We conduct a firm-wide risk assessment annually, considering the nature, scale and complexity of services, geographic risk, types of clients, delivery channels and client risk profiles (including PEPs and high-risk sectors).
CDD is performed before establishing a business relationship, when conducting an occasional transaction, if money laundering is suspected, or if previously collected information becomes inadequate.
EDD is required for high-risk clients, Politically Exposed Persons (PEPs), clients in high-risk third countries, and unusual or complex transactions.
We monitor transactions, ownership and structure changes, expiry of identification documents, and unusual behaviour throughout the engagement.
All CDD, risk assessment, and monitoring records are retained for 5 years after the end of the client relationship or the date of an occasional transaction, then securely deleted or destroyed.
All relevant staff receive AML training at induction, annually thereafter, and whenever regulations or risks change. Training covers legal responsibilities, recognising red flags, and internal reporting procedures.
Suspicions are reported immediately to the Money Laundering Reporting Officer (MLRO), who will assess the concern and, if required, submit a Suspicious Activity Report (SAR) to the National Crime Agency (NCA).
It is a criminal offence to inform a client that a SAR has been made or an investigation is underway. All staff are trained to avoid tipping off.
If proportionate to the size and nature of the firm, an independent audit is conducted annually to assess compliance and recommend improvements.
We aim to resolve concerns quickly and professionally. Complaints can be raised in writing to the firm's principal. We acknowledge complaints within 5 working days and aim to provide a full response within 14 days. Unresolved matters can be escalated to the Association of Accounting Technicians (AAT).
Either party may terminate the engagement with reasonable written notice. We will inform clients of any outstanding work and fees and ensure a smooth transition.
This policy and our AML procedures are reviewed at least annually and updated as necessary to reflect changes in regulation, guidance and internal processes.
For information on how we handle your personal data, please see our Privacy Policy. To exercise your rights or raise a concern, contact contact@auprofix.co.uk.
