Back to Insights
Construction & Property5 min read·May 2026·Architects · Engineers · Quantity Surveyors

AML Obligations for Irish Architects: What the Criminal Justice Act Actually Requires

Most Irish architects do not know they are designated persons under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010. Some are aware of the designation in the abstract but have never implemented the obligations it creates in practice.

The designation is not theoretical, and it is not contingent on the size of your practice. Where the trigger conditions are met, the compliance obligations apply in full — the same framework that governs solicitors and accountants in Ireland.

Designation Trigger

When Architects Become Designated Persons

Under Schedule 2 of the CJ(MLTF)A 2010 (as amended by the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Acts 2018 and 2021), a person is a designated person when they provide, in the course of business, services involving the preparation or execution of transactions for a client in connection with:

  • the buying or selling of real property or business entities;
  • the managing of client money, securities or other assets;
  • the opening or management of bank, savings or securities accounts; or
  • the organisation of contributions necessary for the creation, operation or management of companies.

For architects, the most common triggers are: acting as contract administrator where client funds flow through or are directed by the practice; acting in a professional capacity as part of a property acquisition or development transaction; or providing services to a client whose engagement is structured as a property purchase or sale.

Routine design work with no transactional element does not trigger designated person status. The obligation activates at the point where the architect's services form part of a transaction in relation to real property — not merely at the point of instruction to design a building.

Customer Due Diligence

What CDD Requires — Identification, Verification, Source of Funds

Under s.33 of the CJ(MLTF)A 2010, a designated person must apply customer due diligence measures before establishing a business relationship or carrying out a transaction above the relevant threshold. For property transactions there is no de minimis threshold — CDD applies to every transaction.

CDD requires three distinct steps, each of which must be documented. Identification means establishing the client's identity: full name, date of birth, and permanent address. Verification means confirming that identity using documents, data, or information from a reliable and independent source. A client self-reporting their own details does not constitute verification.

Acceptable verification documents — individual clients

  • Current Irish passport or national identity card — provides photographic identification and nationality.
  • Irish driving licence — photographic identification only; must be supplemented with independent address verification.
  • Utility bill, bank statement, or government correspondence dated within 90 days — provides address verification from an independent source.
  • For clients outside Ireland: equivalent government-issued photo ID plus address verification from an institution regulated in their jurisdiction.

Where the client is a corporate entity, CDD extends to the ultimate beneficial owner — defined under s.26 of the 2010 Act as any individual holding, directly or indirectly, more than 25% of the shares or voting rights, or otherwise exercising control. For development companies and SPVs, tracing beneficial ownership to a natural person is frequently the most complex element of CDD.

Ongoing Monitoring

The 90-Day Proof of Address Rule in Long-Running Projects

The 90-day currency requirement for proof of address documents creates a specific operational problem for construction practices. A project that runs for three years requires ongoing monitoring under s.35 of the 2010 Act — the obligation does not expire once initial CDD is completed.

In practice, this means building periodic re-verification into project administration. The Law Society of Ireland's AML guidance, which is the most detailed available framework for Irish designated persons, treats ongoing monitoring as requiring reassessment whenever there is a material change in the client relationship, the nature of the transaction, or the risk profile of the client.

For a construction project spanning multiple years, triggers for re-verification include: a change in the identity of the instructing party; a material change in the scope or value of the contract; and any information that emerges during the engagement suggesting the initial risk assessment requires revision.

Risk Assessment & STR

Risk Ratings, Documentation, and Suspicious Transaction Reports

Under s.30A of the 2010 Act (inserted by the 2021 Amendment), designated persons must carry out and document a business-wide risk assessment and a client-level risk assessment for each engagement. The client-level assessment must produce a documented rating — Low, Medium, or High — with a written narrative explaining the basis for that rating.

A risk rating of 'Low' without documented reasoning is not compliant. The documented thought process is the compliance record — the rating itself is secondary. An inspector examining your files will read the narrative, not just the rating.

Where a designated person knows, suspects, or has reasonable grounds to suspect that property is the proceeds of criminal conduct, they are obliged under s.42 of the 2010 Act to file a Suspicious Transaction Report with the Garda Síochána Financial Intelligence Unit and Revenue through the GoAML portal. The obligation to file is not contingent on certainty — suspicion, and reasonable grounds for suspicion, are the relevant thresholds.

GoAML Registration — Practical Note

Designated persons must register on the GoAML system operated by Revenue before an STR obligation arises — registration after the triggering event is not compliant. Practice principals should confirm registration is in place. The RIAI has issued practice guidance on AML obligations for architects, including GoAML registration, as part of its continuing professional development materials. Where a practice has not previously engaged with this guidance, it should be reviewed before accepting any instruction involving a property transaction.

Immediate Action Checklist

Four tasks. Apply before accepting any instruction involving a property transaction.

  • Assess every active client engagement against the Schedule 2 CJ(MLTF)A 2010 trigger conditions. Any instruction involving the buying or selling of real property, or management of client funds in connection with a property transaction, requires CDD.
  • Confirm GoAML registration is in place for the practice. Registration must precede any obligation to file an STR — it cannot be completed retrospectively.
  • For each designated-person engagement, produce a written risk assessment with a documented Low/Medium/High rating and supporting narrative. A rating without reasoning is not compliant.
  • Build ongoing monitoring into project administration for long-running contracts — re-verify proof of address and reassess risk rating at material changes in the engagement.

The CJ(MLTF)A 2010 does not provide an exemption for practices that were unaware of their designation. The obligation applies from the point the trigger conditions are met.

Oibrio monitors AML designation obligations for Irish construction professionals so your practice is inspection-ready.

Bi-weekly. No marketing.