Some practical takeaways from the Law Society’s Risk and Compliance Conference

At the Law Society’s Risk and Compliance Annual Conference 2024, attendees asked their most pressing questions to a panel of experts, who provided answers that were practical, insightful and provided risk and compliance teams with information they could use in their firms.

The first question set the tone for the session. A participant noted that the Solicitors Regulation Authority (SRA) are now using a formula for fines and it has increased its fining scope. Are these fines accurate? Should the formula be reformed?

Jayne Willetts, solicitor advocate for Jayne Willetts & Co Solicitors, responded clearly that no, the formula doesn’t produce accurate results and there is no relation in the fine to the seriousness of the breach. Basically, she said, it punishes those that earn a lot of money and not others. But, she added, when the case goes to the Solicitors Distribution Tribunal, there is a better formula that is based on the actual breach.

Another question referred to the top risks on the risk register. Kerrie Machin, partner at Mitigo responded that cyber risks are at the top and it’s important to carry out a risk assessment in relation to systems and data including hijacking and changing email accounts and bank details and ransomware attacks. He noted that bad actors are beginning to recognise that data is valuable. They can steal it and threaten to reveal it on the dark web. This actually happened in the past few months to some firms. 

Kayleigh Smale, a compliance and anti-fraud specialist, said that a firm wide risk assessment is  needed to ensure that the firm is covered, and it needs to be updated as needed, such as when new technology is introduced or new practice areas. It’s important to that the risk assessment is a  living, breathing document and keeps up with the SRA’s latest AML updates.

Emma Williams, director of European risk & compliance for Simpson Thacher & Bartlett LLP, believes that your people are your top risks. They provide the highest risk exposure and with the new workplace culture rules, the situation could get riskier. It’s been nearly one year since the rules were implemented so that requires review. 

Another question was raised about training, specifically the costs involved and what is the priciest element of it. 

Williams noted that fee-earners record their time to a particular code, so its difficult to see what the actual costs were while non fee earners don’t do that and its easy to see their costs are. Firms are asked by insurers and head offices what the costs are. Often for smaller firms this is complicated especially when they don’t have dedicated compliance teams. 

People, she believes, have a limited idea of what training is. It can be 10 minutes at a team meeting, it could be an e-mail, it could be video recordings. What’s important is to be smart about it and provide your staff with what they need. 

The next few questions were more technical. One participant wanted to know how to verify ID documents when a client is housebound and can’t get certified copies. Smale said that it’s important to use a risk based approach and ask if you have evidence why the client is homebound? Why can’t you pay a visit? You need to understand the risk of the matter.

Another participant asked if they need to screen counterparties for non regulated work. Williams said she thinks it depends on where you set your risk appetite. Some firms will screen everyone even if not they are not an actual client. She thinks you should but it’s not a legal requirement, although it might be for a sanctions check. Remember, to keep the check  proportionate to the type of work you are doing. 

Another participant asked about source of funds/ source of wealth inquiries in private client work. Williams agreed that it’s tricky. Do you start from a suspicious place? The firm needs to decide because there is little guidance and yet its important to understand the client’s source of funds and wealth.It’s hard to just suspect everyone, the starting point does not have to be that there is an issue.

The issue of compliance with KYC, beneficiaries with no photo ID and alternative acceptable forms of ID was raised. Smale noted that it depends on who they are. If someone doesn’t have a passport, you can confirm their identity in other ways but it requires a risk based approach. Ask yourself, what are you being asked to do? Does it make sense? It’s not a black and white issue with right and wrong answers.

Tips for getting partner engagement on risk and compliance were requested. Machin had one suggestion: Demonstrate what would happen if things went wrong and they got fined.  These are very easy areas to investigate, especially AML, and there is an obligation to deal with matters as effectively as possible. 

The touchy subject of a firm acting as a bank account was raised. Willets noted that for complicated property deals, this comes up often and usually at the last minute. It’s important that fee-earners are trained to be as alert as possible to the issue of money laundering in these kinds of cases. There are what she calls outlandish proposals such as restricting firms from holding client money, but she believes we need to ensure that the profession participates in these debates as restricting firms from client money and restricting compensation funds will be problematic for the legal profession.

Finally, participants wanted to know how to stay on top of SRA updates. Williams recommended joining Linkedin groups, checking on the SRA website, keeping up with the legal press and signing up to various newsletters.

At its Risk and Compliance Annual Conference, Law Society president expresses concerns 

The Law Society’s Risk and Compliance Annual Conference 2024, started off with a bang. Nick Emmerson, president of The Law Society, noted that, along with increasing compliance obligations on law firms were increasing fining powers by the Solicitors Regulation Authority (SRA). Emmerson was clear on where he stood on that. He called on the UK government to put a stop to those increasing powers.  

As Emmerson noted, current SRA fining powers are now unlimited for economic fine offences. Other offences are capped at £25,000. While the SRA wants to extend this to all offences, the Law Society does not believe they have a credible case for this. 

Continue reading

Adapt it correctly and it can help you build a process that works  

The Solicitors Regulation Authority’s (SRA) recently-released template for client and matter risk assessments is just the beginning of a firm’s assessment journey with its clients and matters. The templates were created to guide firms and help them understand the SRA’s requirements and expectations and, significantly, how to comply with them. 

The template highlights the questions firms should be asking, how important it is to maintain documentation and that firms need to record their considerations.

In light of the SRA template, how does a firm build a client and matter risk assessment process that works?

Continue reading

Template available in Omnitrack 

In a session on anticipated increased AML regulations at the Law Society’s recent Anti-Money Laundering and Financial Crime Conference 2023, the Solicitors Regulation Authority’s (SRA) representative made an announcement: The agency would be releasing a client and matter risk assessment template.

Anyone attending the conference could hear the sighs of relief from the participants, many of whom are in charge of compliance for their firms.

The template is now available and it could make a huge difference in how law firms manage their client and matter risk. 

Continue reading

The Solicitors Regulation Authority says it is keeping up to date with emerging risks and trends

An updated anti-money laundering (AML) and terrorist financing (TF) sectoral risk assessment was just published by the Solicitors Regulation Authority (SRA) that covers proliferation financing and sanctions. 

The regulatory body, which oversees solicitors in England and Wales, also noted that firms are not allocating sufficient resources to AML work as an emerging risk, mostly due to increased economic pressures. 

Continue reading

They want to know how your law firm handles financial sanctions  

Last month, the Solicitors Regulation Authority (SRA) released a questionnaire compelling law firms to report on their firm’s approach to financial sanctions. The survey is due on May 31.

A few of your key questions about this survey are answered here.

Continue reading
What are the benefits of ESG?

Climate change poses serious risks to companies and not just those with asset-heavy supply chains. Even the most flexible, digital professional services companies may be vulnerable.

Thus, all companies need to understand the risks posed by climate change – as well as the opportunities. Companies that prioritise climate risk management will be better positioned to withstand its effects and capitalise on new opportunities.

Continue reading

From new ESG regulations to a crackdown on bribery, rapid fluctuations in crypto currency, changes to the regulated sector and the ongoing conflict in Europe demanding a laser-like focus on the supply chain, 2023 looks set to demand even more from compliance professionals.

We have created an in-depth guide to everything compliance in 2023. The guide covers the top ten items you can expect to see in your regulatory inbox, with tips on next steps.

Continue reading

Findings from the SRA’s recent thematic review included the insight that firms need to have stronger evidence that supervision is taking place. Out of 76 files reviewed by the SRA, only 29 of them showed evidence of supervision taking place. Therefore, in their new guidance, the SRA has included a section on effective supervision that is applicable to all solicitors and firms that supervise individuals delivering legal services, including services that are provided by fee earners who are not directly regulated by the SRA.

The new guidance also stresses that merely having supervision in place is not sufficient to fulfil firms’ regulatory obligations; rather, supervision needs to be effective. Therefore, firms should take proactive steps to ensure that supervision is effective and that supervisors are being held accountable.

Continue reading
Modern Slavery Freedom

Modern countries are fighting forced labour and human trafficking with legislation that makes it harder to use forced labour in their supply chains and profit from it. Modern slavery acts in the United Kingdom, United States, and other countries around the world are requiring large companies to disclose information regarding their efforts to eradicate human trafficking and slavery within their supply chains. The legislation also requires companies to take concrete steps to combat modern slavery when it is discovered. The US has recently introduced the Slave-Free Business Certification Bill 2022.

Slave-Free Business Certification Bill of 2022: What is it?

With this recent bill, the US is joining the growing list of countries requiring businesses to examine more extensively possible problems with modern slavery in their supply chains. If passed, the bill will require large companies to undergo mandatory audits that will identify if they are or are not using forced labour within their supply chains.

Continue reading