Risk and compliance themes that will shape conveyancing in 2026

Conveyancing in 2026 will sit at the intersection of economic crime enforcement, sanctions and national security, data and cyber resilience, and accelerating automation. Even where regulators are not directly “aiming at conveyancers”, property transactions are routinely used as an entry point for money laundering, fraud, sanctions evasion, and misuse of client money. The practical consequence is straightforward, firms will be expected to demonstrate defensible controls (risk-based, evidenced, and consistently operated), not merely policies.

Below are six enforcement and compliance themes to watch, and what they mean for how conveyancers should approach risk in 2026.

National security and sanctions

Across the United Kingdom and allied jurisdictions, national security framing is increasingly used to justify faster, sharper enforcement, particularly where there are links to Russia, Iran, complex ownership chains, or professional services enablers. In the United Kingdom, the Office of Financial Sanctions Implementation and the Solicitors Regulation Authority have continued to publish sanctions-focused materials relevant to legal services, reinforcing the expectation that firms can evidence a risk-based approach to compliance.

For conveyancers, the operational risk is that “sanctions exposure” often looks like ordinary client onboarding, corporate vehicles, overseas funds, intermediaries, family trusts, or rapidly changing instructions. A sanctions breach does not require intent; weak screening, poor escalation, or misunderstanding “ownership and control” concepts can be enough.

Practical considerations for conveyancers in 2026

• Treat sanctions as a transaction gating control, not an administrative check.
• Align sanctions screening to beneficial ownership realities and intermediaries (agents, introducers, lenders, and banks), not only the named client.
• Build documented decision trails for false positives, licensing considerations, and transaction stoppage decisions, because reviews are retrospective.

Key questions

• Do we screen clients, beneficial owners, counterparties, and relevant third parties (including where funds route through banks or intermediaries) in a way that is auditable and repeatable?
• Do we have clear escalation routes and “stop” triggers, especially for urgent completions and high-pressure clients?

Fraud enforcement tightens

Fraud remains a core enforcement priority, and the United Kingdom has now embedded the Failure to Prevent Fraud corporate offence under the Economic Crime and Corporate Transparency Act, supported by government guidance on what “reasonable fraud prevention procedures” look like.

Even where a conveyancing firm is not in scope (the offence applies to large organisations), two dynamics matter in 2026:

1. Client and lender due diligence will become more demanding. Counterparties will increasingly ask firms to evidence anti-fraud controls as part of panel onboarding, vendor due diligence, and transaction readiness.
2. Property fraud is increasingly cyber-enabled (impersonation, diverted funds, manipulated identities and instructions), meaning that “traditional fraud” and information security have become inseparable.

Conveyancers should expect more scrutiny of end-to-end transaction controls. Client identity verification, change-of-bank-details processes, verification of instructions, and supervision around junior fee earners and case handlers.

Key questions

• Have we mapped our fraud risks (including payment diversion, impersonation, insider threats, and document manipulation) to specific controls, ownership, and evidence?
• Can we show what we do when controls fail (incident handling, remediation, client communications, and insurer notifications)?

Programme effectiveness replaces paper compliance

Enforcement bodies are converging on a common theme.  They are less interested in whether you have a policy, and more interested in whether it is implemented, tested, and improved.

In the United Kingdom, the Serious Fraud Office guidance on evaluating corporate compliance programmes reinforces this effectiveness lens. Internationally, the United States Department of Justice Evaluation of Corporate Compliance Programs remains a widely used benchmark for what “good” looks like: risk assessment, resourcing, incentives, continuous improvement, and data-informed testing.

For conveyancers, the move towards “effectiveness” shows up in familiar risk points:

• inconsistent source of funds and source of wealth standards between teams
• poor file notes and limited reasoning for decisions
• unmanaged exceptions (“we will do it this way just this once”)
• training that is generic and not tailored to roles

Key questions

• Do we have a current if from wide assessment of risks (anti-money laundering, sanctions, fraud, cyber risk, and client money), and can we show how it maps to controls and supervision?
• If asked by a regulator, a lender, or an insurer, can we evidence testing outcomes and remediation trends, not only training completion?

Anti-money laundering and identity assurance

Anti-money laundering remains foundational in conveyancing, but the bar is rising on two fronts:

• Supervisory intensity and expectations.  The Solicitors Regulation Authority continues to emphasise practical anti-money laundering obligations and publishes supporting guidance and materials for firms.
• Identity assurance to reduce registration fraud. His Majesty’s Land Registry guidance for conveyancers positions identity checks as a core control in reducing registration fraud risk.

In 2026, firms should anticipate a tougher “prove it” environment.  Show the logic for risk ratings, demonstrate source of funds and source of wealth analysis, and evidence why you were comfortable proceeding.

Key questions

• Are our customer due diligence and enhanced due diligence triggers clear, and do we apply them consistently under time pressure?
• Are identity checks robust enough for modern impersonation risks, and do we retain the right evidence for audit and Land Registry requirements?

Crisis readiness

Legal services firms are attractive targets. High-value transactions, sensitive data, and time-critical completions. The National Cyber Security Centre has published sector-specific analysis to help law firms understand threats and build resilience.

In 2026, crisis management for conveyancers should be treated as a transaction integrity capability, not simply an information technology concern. The firms that fare best are those that can quickly answer:

• What happened?
• Which client matters are affected?
• Can we complete safely?
• Who decides to halt or resume activity?
• What evidence supports our decisions?

Key questions

• Do we have a practical incident playbook for payment diversion attempts, email compromise, ransomware, and data exposure, and have we rehearsed it?
• Are decision rights and escalation paths unambiguous when completion deadlines collide with suspected compromise?

Artificial intelligence and data governance

Artificial intelligence adoption in legal operations will continue to expand (document review, onboarding support, call triage, drafting, and summarisation). The compliance risk in 2026 will shift from “are we using artificial intelligence?” to how we govern it,  validation, access controls, data handling, human oversight, and explainability.

In the United Kingdom, the Information Commissioner’s Office guidance on artificial intelligence and data protection notes it is under review following the Data (Use and Access) Act 2025, which signals evolving expectations and the need to keep governance current. At European Union level, the Artificial Intelligence Act is rolling out progressively, with major obligations phasing in over time, creating a moving compliance target for firms operating across borders or serving European Union-linked clients.

Key questions

• Do we have visibility of where artificial intelligence is used (including informal “shadow” use by staff) and what data is being entered into tools?
• Are artificial intelligence guardrails and controls clearly defined, implemented, and monitored?
• Do we have an incident response plan for artificial intelligence-related risks, and are we ready to respond?

What “good” looks like for conveyancers in 2026

A practical way to think about 2026 is the design of compliance so it can be defended later. That means:

• a risk assessment that reflects real workflows
• controls embedded into case handling, not bolted on afterwards
• consistent evidence capture (screening results, file notes, and rationale)
• clear escalation routes and stop and go decision rights
• periodic testing, measurable outcomes, and tracked remediation