Quick quiz before we start. What comes first, AML verification or the invoice?
If you said invoicing, you have just described the most expensive mistake in client onboarding. Verification comes first. Billing a client before they clear AML means taking money from someone you might have to decline.
Now three more:
- Do you have a standard client workflow written down?
- Is it practical enough that your team actually follows it?
- Do you know the risk you carry when they don’t?
If any answer is no, and for most firms at least one is, you have a problem. There is a fix, and it has a name. More on that at the end.
First, the workflow itself: propose, engage, verify, bill. One order, and no skipping.
The Four-Act Client Workflow
By now you probably know the four acts already, even if you have never named them. You propose your services and the terms of engagement. You engage the client with a legally binding signature. You verify the client is who they claim to be. Then you invoice for the service, on the terms the engagement set.
Here is what each act does and what it unlocks.
Most firms run client workflows in the wrong order or let billing/invoicing take over the verification. It’s not fatal on its own, as you can always terminate the engagement if anything looks suspicious and file a Suspicious Activity Report (SAR).
But if you act on or deliver the services before verification clears, it is a criminal offence under regulation 86, MLR 2017, and can lead to:
- Up to two years’ imprisonment on conviction on indictment, a fine, or both
- Civil penalties from HMRC and the FCA on top
- A narrow defence only: you must show you took all reasonable steps and exercised all due diligence, which is hard to argue when you delivered first and checked later
So why overtake a step, when following the order keeps you safe?
Act One, Propose
This is where you send the proposal and the engagement letter to the client. It is you saying: I will do this and this, for this much, on these terms.
The proposal can be verbal, written, or in any other form. All of them work. The engagement letter is different. It has to be written, and well documented.
Going beyond the workflow, this is the act that makes or breaks the offer. To make yours count, you have to:
- Build an offer no one would deny
- Respond while the interest is still hot
- Remove every friction from saying yes
- Make it visually outstanding
- Include a clear call to action
We have covered how to make each of these happen in our post, Reasons Your Accounting Proposal Is Losing You Clients.
Act Two, Engage
This is where you enter into a legally binding contract with the client. It follows Act One, and it is done when the client signs your engagement letter.
The signature can be electronic or on paper. Either works, but it has to be there, and the process has to be well documented. Without a signed letter you have an interested party, not a client, and no defined basis on which to act.
An electronic signature closes the act cleanly:
- The client signs the moment they accept, no printing, posting, or scanning
- The timestamp records exactly when the engagement became binding
- The audit trail is what you stand on if a scope or fee dispute arrives later
That signed record matters at the next act, because verification runs against a client you are now legally engaged to act for.
We have covered how a legally binding e-signature worksand what makes one stand out in our post, Everything Accountants Need to Know About Electronic Signatures, KYC & AML.
Act Three, Verify
This is where you verify the client is who they claim to be. Under the Money Laundering Regulations 2017, you cannot proceed with an engagement until due diligence is done. There is no exemption for a client who feels low-risk or who came through a trusted referral.
This step includes:
- KYC: collect and confirm who the client is
- CDD: verify that identity against a reliable independent source
- AML check and sanctions screening: run the client against sanctions and PEP lists
- Customer Risk Rating: classify the client on the AML result and your firm’s risk appetite
- EDD: extra scrutiny where the rating comes back high risk
If something looks suspicious at any point, you also have an obligation to file a Suspicious Activity Report (SAR) and to keep records for at least five years from the end of the engagement.
Act Four, Bill
Billing is the fourth gate, and it earns its place last for a reason. By the time you invoice, the proposal has defined the fee, the engagement letter has made it binding, and verification has confirmed you can legally act.
The firms that struggle with cash flow are usually the ones that deliver first and bill later. They finish the work, raise an invoice, then chase it for sixty days while the next quarter piles up.
Reverse it:
- Raise the invoice and set up the payment method at the point of engagement
- Capture a direct debit mandate or card subscription when the client signs, so the first collection is scheduled before delivery begins
- For recurring work, this removes invoice chasing entirely
This only works because the prior acts were clean. The fee is defensible because the proposal tied it to a deliverable, the client cannot dispute the charge because the engagement letter recorded their agreement, and you are billing a verified client, not one who might fail AML after you have taken their money.
Conclusion
Propose, engage, verify, bill. That is the client workflow, four acts where each one opens the next, and none should open early.
Run them in order, and you never start work on an unsigned letter or bill a client you have not verified. Run them out of order, and every gap becomes a dispute, a delay, or a reportable exposure.
So before your next client signs, ask yourself: does every fee tie to a deliverable, does work ever start before the letter is signed, and has anyone been invoiced before AML cleared? If any of those makes you pause, it is the sequence that needs fixing, not the effort.
See the four-act client workflow run end to end.
Frequently Asked Questions (FAQs)
A client workflow is the repeatable sequence a firm uses to take on and serve a client: propose, engage, verify, bill. Each step unlocks the next. A proposal sets scope and fee, an engagement letter makes it binding, verification clears AML, and billing collects payment before delivery.
You can, if the client has already signed the engagement, because you can still terminate and file a SAR. But delivering the service before verification clears is a criminal offence under regulation 86 of the MLR 2017, carrying fines, civil penalties, and up to two years’ imprisonment.
Onboard in four ordered steps: propose, engage, verify, bill. Send a proposal setting the scope and fee, get the engagement letter signed, complete KYC and AML verification, then invoice and set up payment before delivery. Each step unlocks the next, so running them in order keeps you compliant and protected.
