AML and tenant referencing: ensuring compliance in lettings transactions

Tenant referencing has always been about reducing commercial risk. Is the tenant who they say they are? Can they afford the rent? Will they look after the property?

In today’s property market, it also sits alongside a second priority: protecting your business from being used to launder money, evade sanctions, or facilitate wider financial crime. That is why a compliant, well-run referencing process should not be treated as an admin step. It should be designed as a control point.

This guide explains how to align tenant referencing with AML for estate agents and anti-money laundering expectations in a practical, branch-friendly way, without turning your lettings pipeline into a bottleneck.

Why AML belongs in lettings workflows

Lettings transactions can be attractive for criminals because they can involve:

• Multiple parties (landlord, tenant, guarantor, company directors, third-party payers).
• Fast turnaround times and pressure to “get the deal done”.
• Payments that can be fragmented (holding deposit, rent in advance, deposit, top-ups, corporate payments).
• Overseas connections, complex ownership, or opaque funding routes.

A robust approach reduces legal and regulatory exposure, but it also protects your brand. If a property is linked to illicit finance or sanctions breaches, it is rarely a “compliance issue only”. It becomes a reputational and operational crisis.

The real point of tenant referencing in an AML context

Referencing is often treated as a credit and affordability check. Compliance demands a wider lens. Your process should be capable of answering three additional questions:

1. Are we dealing with the right people?
   Identity, ownership, beneficial control, and whether someone is acting on behalf of another party.
2. Do the payments make sense?
   Not just “can they pay”, but “does the payment route align with the customer profile and declared circumstances”.
3. Is there anything that makes this transaction higher risk?
   Geography, unusual urgency, complex structures, inconsistent documents, or attempts to avoid questions.

When you embed these checks into referencing, you create a joined-up compliance journey rather than bolting AML onto the end of a tenancy.

Design your workflow around risk, not rigid tick-boxing

A workable compliance model uses a tiered approach:

• Standard checks for typical low-risk domestic tenants with straightforward payment routes.
• Enhanced checks where the risk profile changes, such as corporate lets, overseas tenants, high-value rents, third-party funders, or unusual payment patterns.

This is not about treating every applicant as suspicious. It is about making sure your process can scale up when the risk increases, and that your staff know exactly when to escalate.

Key control points to build into tenant referencing

1) Clear customer identification at the right moment

Speed matters in lettings, so you need a clear rule on when checks happen.

A sensible approach is:

• At offer acceptance / pre-tenancy stage: verify identity for tenants and guarantors, and confirm landlord identity/ownership details where relevant.
• Before any material funds move beyond initial permitted payments: ensure the parties and payment sources are understood and documented.

If your team regularly takes rent in advance or accepts third-party payments, define the trigger point clearly. The policy should be unambiguous at branch level.

2) Consistent evidence requirements that match the risk

For tenants and guarantors, standard referencing tends to include identity and address evidence plus affordability proof. From an AML angle, you should also consider whether the payment route is consistent with the story.

Examples of evidence that can be appropriate, depending on risk:

• Payslips and employment contract (or accountant letter for self-employed).
• Bank statements showing salary credits and rent outgoings.
• Evidence supporting rent-in-advance (savings, bonus, property sale proceeds).
• Proof of relationship and rationale where a third party is paying.

Where the explanation is reasonable and the evidence supports it, the case can remain low risk. Where it does not, that is your decision point.

3) Third-party payer rules (a frequent weak spot)

A large portion of lettings risk sits here. Your policy should set out:

• When third-party payments are allowed.
• What evidence is required (identity of payer, relationship to tenant, reason for paying, and proof of funds where appropriate).
• Who must approve it (for example, branch manager or nominated officer).

This is also where staff need confidence to say “no” to transactions that do not stack up, even if the tenancy looks commercially attractive.

4) Corporate and relocation lets: treat “company” as a risk indicator, not a reassurance

Corporate tenancies can be legitimate, but they often introduce complexity. Your referencing process should capture:

• Company registration details and trading address.
• Directors and beneficial ownership (who ultimately controls the company).
• Who will occupy the property (and their identity checks).
• Who is paying, from where, and why that payment route makes sense.

If the corporate structure is unusually layered, offshore, or reluctant to disclose control, that is a red flag worth escalating.

5) Sanctions screening as part of the referencing pack

Sanctions compliance is not optional, and it is not limited to “obvious” jurisdictions. Incorporate sanctions screening for relevant parties, particularly where there are overseas links or high-value arrangements.

Make it operationally simple:

• Screen names at the same point you verify identity.
• Re-screen if the tenancy is delayed or if a new payer appears.
• Record the date and outcome of the check in the file.

A practical starting point for understanding supervision and expectations in the sector is HMRC’s guidance for estate agency businesses on money laundering compliance: 

6) Define suspicious indicators in plain English for lettings teams

Most referencing issues are commercial, not criminal. Staff need clarity on what genuinely merits escalation.

Common lettings red flags include:

• Unusual urgency paired with resistance to checks.
• Inconsistent income evidence or documents that appear altered.
• Large rent-in-advance with no credible explanation.
• Payments split across multiple unrelated accounts.
• A different party insisting on paying “to keep it simple”.
• A tenant who refuses to provide basic information but offers to pay more.
• Corporate tenants where ownership/control cannot be clearly established.

Your policy should also cover what staff must do next: pause, escalate internally, and document the rationale.

Record keeping: build a file that can defend itself

If you are ever inspected, the strongest position is a file that tells a coherent story:

• Who the tenant/guarantor/landlord is.
• What checks were done, when, and by whom.
• Why the risk level was assessed as standard or enhanced.
• What evidence supports the source and route of payments.
• Any escalations and outcomes.

Set a consistent filing structure (even if you use different referencing providers) so compliance does not depend on individual memory.

Data protection and customer experience: you can do both well

Referencing involves sensitive personal data. A strong process protects customers while protecting the business:

• Ask only for what is necessary for the risk level.
• Store it securely with access controls.
• Set retention rules that match legal and regulatory requirements.
• Use clear customer-facing explanations to reduce friction.

Your scripts matter. When staff can explain checks calmly and consistently, customers are less likely to push back, and your team is less likely to make exceptions.

Embedding compliance into day-to-day lettings operations

Policies fail when they live in a folder and do not influence behaviour. To make this real:

• Use a short, branch-ready checklist that mirrors your referencing stages.
• Train staff using real scenarios (third-party payer, corporate let, overseas tenant, rent in advance).
• Create an escalation route that is fast and judgement-based, not bureaucratic.
• Track exceptions and review them monthly so patterns are spotted early.
• Ensure the nominated officer is visible and approachable.

This is where many agencies tighten up: not by adding more checks, but by making the right checks repeatable.

Where “AML” and “referencing” often go wrong

Most issues stem from one of these gaps:

• Referencing is outsourced and treated as “done”, with no internal ownership.
• Staff rely on affordability results but do not consider payment routes.
• Third-party payments are accepted informally to keep the deal moving.
• Corporate tenants are treated as low risk because they appear established.
• There is no consistent documentation of risk decisions.

A practical policy closes these gaps with clear triggers, clear responsibilities, and consistent file notes. Please refer to the article outlined in the UK Government’s guidance on financial sanctions and AML obligations for letting agents.

Final thought: protect the tenancy, protect the business

A good lettings operation is built on trust and pace. Compliance does not have to slow you down. The goal is a referencing journey that is:

• Standardised where it should be.
• Risk-based where it needs to be.
• Documented in a way that stands up to scrutiny.

Treat tenant referencing as your most valuable compliance control point in lettings, and you reduce operational risk while improving decision quality.

If you need more information, click on this link.