Loschinee Naidoo, Compliance Consultant at Legal Eye takes a close look at the implications of the SRA’s Risk Outlook 2013 – a must-read for anyone involved with compliance (and that means all of us). Legal Eye provides sound knowledge and practical solutions to comply with the ever-changing regulatory framework. ConvergeTS in partnership with Legal Eye has produced a free, easy-to-read booklet covering the key issues of cloud computing and compliance.The 2nd July 2013 marked the unveiling of the SRA Risk Outlook 2013 at a launch event in Birmingham. The SRA Risk Outlook is to accompany the SRA Regulatory Risk Framework and Risk Index which were published in December 2012.
In this article I will point out why every COLP and COFA should take an in-depth look at the SRA Risk Outlook 2013.
I will highlight:
a) the key risks identified by the SRA and what they expect from Law Firms relating to effective management of these risks;
b) the particular risks pertaining to Conveyancing and how the SRA will expect you to mitigate these risks;
c) a broad outline in terms of a Risk Register
In her speech at the launch event, Samantha Barrass (SRA Executive Director) said: “Risks are often described like cockroaches – they hide well, multiply quickly and become everyone’s problem to stamp out. The Risk Outlook is part of our repellent, exposing the risks and putting controls in place to ensure that the serious ones are managed out as early as possible. In order to achieve this, we need a clear view of the risks and to put in place controls, which include Law Firms’ management of risk and the actions they take and are able to evidence with documentation, to manage the risks within their business.”
The way we manage risk at all levels within our own Law Firms must take into account the risks identified by our Regulator (SRA). The SRA has prioritised the risks and they fall into three broad categories, namely Current Risks, Emerging Risks and Potential Risks.
- Financial difficulty – an increased number of firms are in financial difficulty. Financial failure can lead to other significant risks, such as disorderly closure, poor standards of service and the misuse of client money
- Dishonest misuse of client money or assets
- Lack of diverse and representative profession
- Failure to co-operate or comply with notification and information requirements
- Lack of adequate succession planning – a number of firms are becoming unable to continue trading with no viable exit or succession plan in place, causing financial difficulty, disorderly closure and placing consumers’ interests at risk.
- Poor standards of service (particularly where vulnerable clients are involved). How does your Firm deal with vulnerable clients? Do you have a policy in place to ensure that you are always acting in the best interest of your client?
- Inadequate systems and controls over the transfer of money
- Improper or abusive litigation
- Lack of due diligence over outsourcing arrangements
- Group contagion
- Lack of transparency in complex business structures
- Conveyancing is an area of practice which accounts for a high proportion of claims on professional indemnity insurance, the Compensation Fund (“the Fund”) and complaints.
We will now consider particular risks that Law Firms, specialising in Conveyancing should include in their Risk register:
The COLP should discuss with the Partners any business decisions that will impact on the commercial progress of the firm. For example, consider business development in another practice area to compensate for down-turn in conveyancing instructions.
Ensure that you have a disaster recovery policy to cover the possibility of any disaster affecting the Firm and business continuity in such event occurring. This should include a disaster recovery and business continuity plan for your IT – which can be provided via a cloud computing solution for example. Do you have adequate succession planning, in terms of partners exiting the practice or an action plan if employees leave or become ill?
Regulatory Risks are dealt with by numerous policies across the Firm including an AML Policy, Data Protection Policy, Equality and Diversity Policy, Health and Safety Policy, Anti Bribery Policy, Conflict of Interest, Supervision, Risk Management. The COLP must establish, monitor, record and report in terms of all regulatory aspects of the business.
Important Questions to Ask
- How does the Firm assess conveyancing related risks?
- How does the firm record these risks?
- Who has ownership of these risks?
- How regularly does the firm re-assess these risks?
- Is Risk managed from inception of matter to post completion?
- What training does the Firm provide to employees on managing risks relating to conveyancing work, data protection, AML, equality and diversity etc? How regularly is training undertaken, how does the Firm record what training has been provided and to whom?
- Are there procedures to test whether the implemented systems work in practice, i.e: feeding back on their effectiveness?
The COFA must keep under review the financial aspects of the business and ensures that the relevant systems and procedures are in place.
The COFA together with the Accounts Department, will keep under review the level of bad debts, the amount of work in progress and the amount unbilled as part of the overall financial risk that needs to be managed.
The COLP is responsible for the management of the Firm’s risk profile. In this respect he/she will keep under review the Firm’s Policy, procedures and arrangements for the management of risk, receive risk notices and take such action in respect of them that seems appropriate and monitor all aspects of risk in accordance with the Risk Register.
SPECIFIC ASPECTS OF RISK TO BE MONITORED
Conflict of Interest
Any transaction involving the acquisition of rights over land is likely to have an inherent risk of conflicts of interest due to there being aspects of negotiation.
- What systems does the Firm have to identify and assess conflicts, when a file is opened is this confirmed on the file opening form, both in terms of Own Interest Conflict and Client Conflict?
- Do you have a Register of Interests?
- Is your Conflict of Interest policy up to date and updated annually?
- Has the Firm decided that it will / will not act in certain instances?
- Has Conflict of Interest training been completed across the firm and is it part of your induction programme?
Conveyancing is an area where it is common for firms to enter into referral arrangements with third parties for the introduction of business, for example with estate agents, and mortgage/financial advisers. This could compromise a firm’s integrity, professional judgement and/or independence.
- Are you at risk because you are dependent upon one introducer/referrer for their conveyancing business?
- How does the firm ensure that if it has arrangements with third parties who introduce conveyancing business that their independence and integrity is not compromised?
- How does the firm manage any introducer relationships?
- Do you have signed agreements in place and is this monitored and reviewed by your COLP
- Are file reviews completed quarterly?
- Do you have a cold calling question contained in your client care letter and is this monitored?
- Is an Annual Risk Review completed?
Costs Information (Including Publicity about Fees)
Integral to this is that publicity relating to costs in conveyancing transactions is clearly expressed, not pitched at an unrealistically low level and is not misleading.
- Are you transparent about all costs?
- How does the firm ensure that its publicity about charges and costs information is accurate and not misleading?
- Who approves the firm’s publicity?
Firms who place reliance upon conveyancing transactions for a significant proportion of their fee income, are particularly vulnerable in an economic downturn.
- What systems and controls do you have in place for monitoring the Firm’s financial stability and economic viability?
Property Related Fraud, Anti Money Laundering and Anti-Bribery
Conveyancing presents significant opportunities for property-related fraud, money laundering and bribery.
- Do you have adequate Property Related Fraud, AML and Anti Bribery Policies in Place?
- Are you effectively managing your Client Due Diligence Requirements in terms of Identification and Verification?
- Is AML/Anti Bribery Training implemented across the firm and does it form part of your Induction Programme?
- Are File reviews completed to ensure procedures are being followed and completed?
- Do you have an internal and external procedure for assessing and making reports to SOCA?
- Do you record gifts and entertainment?
Data Protection Breaches
- Do you have a Data Protection Policy?
- Does DP training form part of your induction process?
Reporting Breaches to the SRA/COLP/COFA
- Are Risk and Complaints Registers regularly reviewed to identify trends, facilitate internal and external reporting in terms of breaches?
- Are documented file reviews completed to identify training needs and breaches?
Being Removed From Lenders Panels
- Do you have checklists and processes for timely completion of all required panel management information?
- Is there adherence to lender criteria and CML Handbook?
- Do you have a business continuity plan and is it regularly tested in terms of its effectiveness?
- Are important contact/ information accessible on back-up systems?
Hopefully, you now have a useful overview of the SRA Risk Outlook, understand what the SRA identifies as risks and consider these risks as part of your risk management plan.
Loschinee Naidoo, Compliance Consultant, Legal Eye.
Download ‘Cloud & Compliance: Your Questions Answered’ here.