Transcript How to approach Outcomes Focused Regulation and the new Code

How to approach outcomes focused
regulation and the new Code of
Conduct
Peter Scott Consulting
www.peterscottconsult.co.uk
Disclaimer
This presentation is for general guidance only. It should
not be relied upon or acted on in any way whatsoever and
is provided without responsibility on the part of the
presenter.
You should consult a solicitor or other professional adviser
before taking any action in relation to anything contained
or referred to herein.
Today’s session
1.
To provide a roadmap to help you find your way around outcomes
focused regulation and the code of conduct, and what it will mean
for you in practice
2.
What COLPs and COFAs will need to do in order to effectively
perform their roles
3.
How to implement OFR by systemising your compliance
Where to find the new regulations?
www.sra.org.uk
1. What OFR will mean in practice
• Everyone who works in a law firm is now subject to regulation
by the SRA
• Managing risk and compliance needs to be seen as
‘everyone’s job’ – and everyone has a role to play
• Compliance needs to be ‘lived’ on a daily basis by everyone
and there should be no exceptions to following procedures.
Otherwise everyone is at risk
But it will not be enough just to be compliant …
“If you cannot demonstrate compliance we may take regulatory
action”
SRA – “Outcomes Focused Regulation at a glance” – SRA website
Why is it so important that all the new regulations
are fully complied with?
Consider the impact on a firm and its people of:
- Disciplinary action
- Bad publicity
- Lost clients
- Complaints and claims
- Increased professional indemnity premiums
SRA’s enforcement approach
An enlarged set of regulatory tools :
–
–
–
–
–
–
Risk based supervision – desk and firm based
Relationship managers
monitoring visits
regulatory settlement agreements
increased powers to fine
Interventions
The Handbook
Contains all the requirements to regulate solicitors, partnerships, LLPs,
limited companies and ABS and their staff. It includes:
•
•
•
•
•
•
•
•
The Principles
Code of Conduct
Authorisation Rules
Accounts Rules
Specialist Services Rules
Indemnity Insurance Rules/Compensation Fund Rules
Disciplinary Procedure Rules
All training requirements
The Principles
• Overarch the Handbook
• Based on the previous core duties (rule 1) in the
Code of Conduct 2007
• Mandatory – deal with fundamental behaviour.
• Stand alone
The Principles
Mandatory
• Six will be familiar to you:
–
–
–
–
–
–
integrity;
independence;
best interests of clients;
proper standard of service;
uphold rule of law and proper administration of justice; and
maintenance of the trust the public places in you and the provision of
legal services.
• Four are new …
The Principles continued …..
Comply with your legal and regulatory obligations and deal with your regulators
and ombudsmen in an open, timely and co-operative manner;
Run your business or carry out your role in the business effectively and in
accordance with proper governance and sound financial and risk management
principles;
Run your business or carry out your role in the business in a way that encourages
equality of opportunity and respect for diversity;
Protect client money and assets.
The Code of Conduct
•
Requirements of the Code are expressed as outcomes, which are mandatory
•
Outcomes describe what you are expected to do in order to comply with the
relevant Principles
•
NB - the Outcomes set out in the Code are not an exhaustive list of the
application of all the Principles
•
Supplemented by Indicative behaviours, which are examples of behaviour in
respect of achieving outcomes and are non mandatory
The structure of the Code of Conduct
Divided into four sections:
– You and your client
– You and your business
– You and your regulator
– You and others
You and your client
Has 6 chapters setting out Outcomes in relation to:
•
•
•
•
•
•
Chapter 1 Client Care
Chapter 2 Equality and diversity
Chapter 3 Conflicts of interest
Chapter 4 Confidentiality and disclosure
Chapter 5 Your client and the court
Chapter 6 Your client and introductions to third parties
Chapter 1- client care
• Principles to be achieved – acting in best interests of
clients and providing a proper standard of service
• Indicative behaviours are grouped into 4 areas:
- Dealing with the client’s matter
- Fee arrangements
- Complaints handling
- Accepting instructions
Client care outcomes include …
– you treat your clients fairly
– you provide services to your clients in a manner which protects their interests
in their matter, subject to the proper administration of justice;
– clients are in a position to make informed decisions about the services they
need, how their matter will be handled and the options available to them
– the service you provide to clients is competent, delivered in a timely manner
and takes account of your clients needs and circumstances;
– you have the resources, skills and procedures to carry out your clients’
instructions;
– clients receive the best possible information both at the outset and when
appropriate as their matter progresses about the likely overall cost of their
matter;
Client care indicative behaviours include …
•
agreeing an appropriate level of service with your client, for example the type and frequency
of communications;
•
explaining your responsibilities and those of the client;
•
ensuring the client is told, in writing, the name and status of the person dealing with the
matter and the name of the person responsible for its overall supervision;
•
explaining any arrangements, such as fee sharing arrangements or referral arrangements,
which are relevant to the client’s instructions;
•
explaining any limitations or conditions on what you can do for the client, for example,
because of the way the client’s matter is funded;
•
in taking instructions and during the retainer, having proper regard to your client’s mental
capacity or other vulnerability, such as incapacity or duress;
And some more indicative behaviours …
• discussing whether the potential outcomes of the client’s case are likely to
justify the expense or risk involved including any risk of having to pay
someone else’s legal fees;
• clearly explaining your fees and if and when they are likely to change;
• discussing how the client will pay…;
Complaints
• The best way to deal with complaints is to prevent them
happening in the first place
• If you sense even a hint that a complaint may possibly be
made, then immediately speak to the appropriate person you
work with so the matter can be dealt with.
A few questions for you …
• Do your client care procedures and letters of engagement
need review?
• In particular, do you need to reconsider complaints handling?
• How will you demonstrate that you are treating clients fairly?
• Is your costs information clear?
Chapter 2 – equality and diversity
• Principle - Equality of opportunity and respect for diversity
• Unlawful discrimination and victimisation are not acceptable
Outcomes
• Your Equality and Diversity Policy – do you know what it says?
• NB – the Indicative Behaviours
More questions for you …
• Do you need to review your E and D policy?
• Does it contain procedures which will enable you to
demonstrate compliance with the Outcomes?
• What would be appropriate training for your people?
Chapter 3 – conflict of interests
•
•
Deals with
- own interest conflicts – you must never act
- client interest conflicts – can only act in 2 limited circumstances
Outcomes, include
- O (3.1) you must have effective systems and controls in place to enable you to
identify and assess potential conflicts of interests.
- O (3.6) and O (3.7) – exceptions where you may act when there is a client conflict
conflict of interests
Client conflict “…any situation where you owe separate duties to act in the best interests of
two or more clients in relation to the same or related matters, and those
duties conflict, of there is a significant risk that those duties conflict.”
Own interest conflict “…any situation where your duty to act in the best interests of any client in
relation to a matter conflicts, or there is a significant risk that it may conflict,
with your own interests in relation to that or a related matter”
Exceptions where you can act where there is conflict
•
Outcome O(3.6) - The clients have a substantially common interest in relation to a
matter; or
•
Outcome O(3.7) - The clients are competing for the same objective.
•
Conveyancing conflicts
- Buyer / Seller?
- Lender / Borrower?
“The difference with the new code is that the decision whether or not a conflict exists will be a matter for
your professional judgment – the decision rests with you” - SRA Professional Ethics Team
More questions for you …
•
•
•
•
•
Do your conflict checking procedures need review?
“Own interest conflicts” – do you have a register of interests?
Do you have a policy for conveyancing conflict situations?
Do you have a ‘conflicts committee’ to consider conflicts?
Staff training
Chapter 4 - confidentiality
•
Principle – acting in the best interests of clients
•
Outcomes require that confidential information is protected
•
Do you have effective systems and controls in place to preserve client
confidentiality?
•
Outcomes also require that:
– you must disclose to your client information of which you are aware that is
material to their case
– if your duty of confidentiality to one client comes into conflict with your duty
of disclosure to another the duty of confidentiality takes precedence
Chapter 5 – your client and the Court
• Principle - Upholding the rule of law and administration of justice
• Outcomes must be demonstrated if you conduct litigation or advocacy
• Responsibilities to court
• Versus duties to clients – note O (5.5)
• Treatment of witnesses and witness evidence
Chapter 6 – Introductions to third parties
• Principles - Independence and Integrity and acting in the best
interests of clients
• Applies to all introductions including to other lawyers
• How can you demonstrate compliance with these outcomes?
You and your business
• Chapter 7 Management of your business
• Chapter 8 Publicity
• Chapter 9 Fee sharing and referrals
Chapter 7 – management of your business
• Must have effective systems and controls in place to achieve compliance
with all the regulations in the Handbook
• ensuring staff are trained to maintain an appropriate level of competence,
• Supervising clients’ matters and checking of quality of work.
• Outsourcing
– links to COLP’s and COFA’s responsibilities
Chapter 8 - publicity
•
•
•
•
•
•
Principle – to maintain the trust the public places in you
Accurate publicity
Clarity on charges
Prohibition on unsolicited approaches
Clear information about your regulatory status
Risk areas in relation to publicity?
Chapter 9 - Fee sharing and referral arrangements
• Outcomes emphasise the importance of the core duties –
independence of professional judgement, integrity and
clients’ best interests etc.
• Requirement to inform clients of any financial or other
interest the introducer has in referring the client now extends
to referrals between solicitors.
• Referral fees – now under review by government.
Chapter 9 - Outcomes
•
Your independence and your professional judgment are not prejudiced by virtue of any arrangements with
another person;
•
Your clients’ interests are protected regardless of the interests of an introducer or fee sharer or your
interests in receiving referrals;
•
Clients are in a position to make informed decisions about how to pursue their matter;
•
Clients are informed of any financial or other interest which an introducer has in referring the client to
you;
•
Clients are informed of any fee sharing arrangement that is relevant to the matter;
•
You do not make payments to an introducer in respect of clients who are the subject of criminal
proceedings or who have the benefit of public funding.
•
Where you enter into a financial arrangement with an introducer you ensure the arrangement is in writing
More questions …
• Do you have a record of all referral arrangements which
happen in the firm?
• If payment made for referrals - is agreement in writing?
• How do you monitor compliance with the Outcomes?
• How do you demonstrate achievement of the Outcomes
relating to information which the client must have?
Chapter 10 – you and your regulator
•
•
•
•
Principle - Dealing with regulator and ombudsman in open, timely and cooperative manner
Notification requirements
Production of documents and information
Dealing with SRA’s and ombudsman’s enquiries
•
Key Indicative Behaviours include actively monitoring achievement of the
outcomes;
•
The firm will only be able to do this if everyone in the firm immediately reports
compliance problems to the appropriate person
You and your regulator
“You notify the SRA promptly of any material changes
to relevant information about you including serious
financial difficulty, …serious failure to comply with or
achieve the principles, rules, outcomes and other
requirements of the Handbook.”
Chapter 10 - key Indicative Behaviours
Compliance with outcomes demonstrated
by, inter alia:
• actively monitoring achievement of the outcomes;
• actively monitoring you financial stability;
• notifying SRA promptly of indicators of serious financial
difficulty such as inability to pay indemnity insurance, rent or
salaries and breach of bank covenants;
• having a whistle-blowing policy;
You and others
• Chapter 11 – relations with third parties
• Principles - Integrity and trust
• Not taking unfair advantage
• Undertakings - connected with Chapter 7 Outcomes
Chapter 12 – separate businesses
•
•
•
•
•
Principles - Best interests of clients and Integrity
Who is bound?
Prohibited separate business
Permitted separate business activities
What customers must expect from you
2. COLPs and COFAs
• Compliance officer for legal practice
• Compliance officer for finance and
administration
Challenges for the COLP and COFA
1.
2.
3.
4.
Understanding the COLP’s and COFA’s roles and responsibilities
The planning COLPs and COFAs need to do to effectively fulfil their roles
How COLPs and COFAs can secure ‘buy-in’ and ‘accountability’ from
everyone in a firm
Identification and assessment by COLPs and COFAs of a firm’s compliance
risks
- in order to be able to DEMONSTRATE to the SRA that a firm is compliant
Role of compliance officers
•
•
•
•
A senior person
A manager or an employee
COLP must be a lawyer or REL
COFA – no required qualifications
Time scales for approvals
• 31 May 2012 – nomination forms available on SRA website
• 31 July 2012 – deadline for nominations
• 31 October 2012 – approvals process to be completed
NB – declarations to be given
(see handout)
The scope of the COLP’s role under Rule 8 of the SRA
Authorisation Rules is extensive and very wide
8.5.(c) SRA Authorisation Rules
(i)
Take all reasonable steps to:
(A) ensure compliance with the terms and conditions of the authorised
body’s authorisation except any obligations under the SRA Accounts
Rules
(B) ensure compliance with any statutory obligations of the body, its
managers, employees or interest holders in relation to the body’s
carrying on of authorised activities
(C) record any failure so to comply and make such records available to
the SRA on request;
8.5.(c) SRA Authorisation Rules (continued)
(ii) As soon as reasonably practicable, report to the SRA any failure so to comply
provided that:
(A) in the case of non-material failures, these shall be taken to have been reported
as soon as reasonably practicable if they are reported to the SRA together with such
other information as the SRA may require in accordance with Rule 8.7(a): and
(B) a failure may be material either taken on its own or as part of a pattern of failures
so to comply.
What is a ‘material’ failure to comply?
Guidance Notes to Rule 8 provide:
(x) In considering whether a failure is “material” and therefore reportable, the
COLP or COFA, as appropriate, will need to take account of various factors,
such as:
• the detriment, or risk of detriment, to clients
• the extent of any risk of loss of confidence in the firm or in the
provision of legal services
• the scale of the issue
• the overall impact on the firm, its clients and third parties.
In addition, the COLP/COFA will need to keep appropriate records of failures
in compliance to:
• monitor overall compliance with obligations
• assess the effectiveness of the firm’s systems
• be able to comply with the duty to report breaches which are material
because they form a pattern.
The COFA’s role under Rule 8.5(e) of the SRA
Authorisation Rules is to
(i)
take all reasonable steps to
(A) ensure that the body and its employees and managers comply with any obligations imposed upon
them under the SRA Accounts Rules; and
(B ) record any failure so to comply and make such records available to the SRA on request; and
(ii) as soon as reasonably practicable, report to the SRA any failure so to comply, provided that:
(A) in the case of non-material failures, these shall be taken to have been reported as soon as
reasonably practicable if they are reported to the SRA together with such other information as the SRA
may require in accordance with Rule 8.7(a); and
(B) a failure may be material either taken on its own or as part of a pattern of failures so to comply.
Additional responsibilities for COFA’s
•
•
•
•
Ensure that they have access to all accounting records
Carry out regular checks on the accounting systems
Carry out file and ledger reviews
ensure that the reporting accountant has prompt access to all
the information needed to complete the accountants report
• take steps to ensure that breaches of the SRA Account Rules
are remedied promptly, and report any breach to the SRA as
required
• Monitor, review and manage risks to compliance with the SRA
account rules
Why will the COLP/COFA need to keep records?
•
•
•
•
Allow for inspection by the SRA
Monitor overall compliance with obligations
Assess the effectiveness of the firm’s systems
Be able to comply with the duty to report breaches
They will only be able to effectively carry out their roles if
everyone in the firm works in the way they are required to do
What will a COLP and a COFA need
to do to carry out their roles
effectively?
Do you really know what is expected of you by the SRA?
This is what Samantha Barras, Executive Director of the SRA said
in December 2011
“What has changed is the explicit requirement for firms actively
to engage with Principles and Outcomes, and avoid a tick-box
approach. That is the role of the COLP in particular – to be
responsible for taking reasonable steps to put in place systems
and controls for good compliance in the firm”
“To be the focal point in the firm for thoughtful engagement with
our regulatory regime”
And she continued …..
“For those firms in the Relationship Management approach to
supervision, we will expect to meet regularly with the COLP and
for that person to be completely on top of risk and compliance in
your firm ……. A titular COLP will not be acceptable”.
Bearing in mind those words …
• Have you considered whether you will be able to satisfactorily
fulfil the role?
• And if so, how will you from the outset be able to ensure you
can meet your responsibilities?
Systems and controls for good compliance?
- Outcome O(7.2) requires firms to have appropriate systems and controls in
place to achieve and comply with all Principles, rules and outcomes and
other requirements of the Handbook
- Outcome O(7.3) requires firms to identify, monitor and manage risks to the
achievement of all outcomes, rules, Principles and other requirements in
the Handbook if applicable and take steps to address issues identified
As the COLP or COFA, what will you now need to do to ensure that you will be
able to take all reasonable steps to enable your firm to achieve, inter alia,
these outcomes?
First actions, first conversations to have?
1. Secure internal buy-in as a condition of your taking on the
role
2. Assess whether you will be provided with sufficient:
- independence of role;
- access to information regarding risk; and
- resources
to enable you to effectively carry out the role.
1. Securing internal buy-in
Who has one (or more) of these in their firm?
“That’s a great idea
…for the rest of you!”
“Heavyweight gorilla”
“You can’t manage
me.
I’m a big biller!”
Deal with your big gorillas!
Your role as the COLP or COFA will only be capable of
being effectively carried out if partners and other
owners of your firm accept that they must be
‘accountable’
Accountability?
“We have no room for those who put their own personal
agenda ahead of the interests of the clients or the office”
David Maister’s “Predictive package”
How can the COLP or COFA secure accountability?
You can try to persuade partners that this is why they should be
compliant …
“The pursuit of excellence, with the aim of doing things better
for the clients”
Director of Risk of a ‘top ten’ UK law firm
However laudable, currently this is unlikely to ‘win hearts and
minds’.
Instead, adopt the ‘zero tolerance’ approach!
For example, require from your partners the following contractual
assurances as a condition precedent to your acceptance of the role ….
• All partners to comply with all Principles, Outcomes and Rules and other
requirements of the Handbook and to fully support the COLP / COFA –
with sanctions if they do not.
• Full access to be given to all firm’s information
• Indemnities to be provided in relation to the COLP’s / COFA’s
responsibilities in respect of penalties, costs and expenses
• A right to take independent advice at firm’s expense for the resolution of
disputes
• Incorporate a ‘whistle-blowing’ policy
• Firm to pay premiums on appropriate insurance policies for COLP and
COFA
2. Assess whether you will be provided with sufficient:
• independence of role;
• access to information regarding risk; and
• resources
to enable you to effectively carry out the role.
Independence of role?
The Guidance Notes to Rule 15.1 Authorisation Rules state that
“As well as evidence about the candidate, the Suitability Test takes into
account evidence about the honesty and integrity of a person that the
candidate is related to, affiliated with or acts together with, whom the SRA
has reason to believe that person may have an influence over the way in
which the candidate will exercise their role.”
How independent will your role be as COLP / COFA?
Independence of role, for example in relation to reporting
obligations?
• If an employee or non equity partner?
• Even if an equity partner?
• If a managing partner, where responsibility to drive performance of the
firm may conflict with the COLP / COFA role?
(in many firms the managing partner is likely to be the only
person capable of ensuring compliance procedures are followed)
Access to information / knowledge?
•
Will you be provided with access to full information likely to
impact on compliance and other risks?
•
What are your risks?
•
Where does the knowledge of your risks reside?
•
Can you / will you be able to access it?
•
Do you / will you have systems to monitor, review and
upgrade your knowledge?
If you cannot measure risk, you will not be able to manage it
Law firm risks
Operational
Management
Failure to manage your knowledge will involve serious risk
Compliance / Risk
Management
Knowledge
Management
Establish the resources you will need to
effectively carry out your role
For example:
•
•
•
•
•
•
Do you have a budget?
What will your team look like?
Internal or external?
Part time partners or professionals?
Paper records or use of IT
If IT is used - bespoke or ‘off the peg’ systems?
Plan your resources
Carry out a cost / benefit analysis to
establish the most resource effective
method for you to manage your role as COLP / COFA for
your firm to be compliant
First actions, first conversations … other areas on which to focus
•
Your role will need to be management driven with top level buy-in
- management must not only drive compliance but also live it
•
Zero tolerance is required, with no exceptions – just do it!
•
A mind-set change will be required – managing compliance risk needs to
be seen as everyone’s job - training and education programmes can build
awareness and change
•
Build a ‘no blame’ culture to encourage disclosure
•
Above all – identify your ‘big gorillas’ and deal with them
Otherwise everyone will be at risk
Above all, as a COLP or COFA you will
need to continuously challenge the
effectiveness of your firm’s compliance
management
3. Systemise your compliance
management
“If you cannot demonstrate compliance we may
take regulatory action”
SRA – OFR at a glance
The scope and volume of compliance now requires a
different approach
For example, under the SRA Code the Outcomes provide that firms must:
- have appropriate systems and controls in place to achieve and comply with all Principles,
rules and outcomes and other requirements of the Handbook
- identify, monitor and manage risks to the achievement of all outcomes, rules, Principles
and other requirements in the Handbook if applicable and take steps to address issues
identified
- Ensure compliance with all the reporting and notification requirements in the Handbook
Do you already have appropriate systems and controls in place to comply?
Your challenge ....
Is not merely to ensure your firm is compliant but …
to be able to DEMONSTRATE to the SRA that your firm
and everyone in the firm is compliant on an on-going
basis
How will you be able to do this?
Outcomes focused regulation is about
managing processes
How can these processes be systemised to
provide a cost effective method to manage
your compliance?
Do you know your compliance risks?
• What are your compliance risks
• Where does the knowledge of your compliance
risk reside?
• Can you access it?
• Do you have systems to monitor, review and
upgrade your knowledge?
A Risk Management / KM integrated approach
• Approach risk from a KM viewpoint and vice
versa
• Need to manage the risks relating to
knowledge in any event
• Managing the risks
– Quality assurance
– Greater competitiveness
Establishing the resources you will need to
effectively manage your compliance
For example:
•
•
•
•
Internal or external?
Part time partners or professionals?
Paper records or use of IT
If IT is used - bespoke or ‘off the peg’ systems?
A systematic approach is required
•
Put in place a formal compliance risk
management process to identify and manage every area of
compliance risk for the SRA Handbook and Code
•
Establish a comprehensive database covering all compliance risk
areas
•
Standards such as Lexel and ISO 9000 are likely to help
Implementing a compliance risk management
Strategy
DIAGNOSIS
Identification and
assessment
MITIGATION
Control, transfer and
avoidance
MONITORING
Auditing, tracking and reporting
When a risk crystallises
LIMITATION
Minimising the effect of
crystallised risks
Use of risk management tools?
Use an integrated risk management system to
quantify, assess and control risk by :
– streamlining diagnosis, mitigation and
monitoring
– embedding common risk management
procedures
– providing information access to all who
need it
– creating and maintaining one central, up to
date risk database
Identifying and assessing your compliance risks
Compliance Risk Mapping
IMPACT
High
High impact/ low incidence
High impact/ high incidence
Low impact/ low incidence
Low impact/ high incidence
Low
Low
High
INCIDENCE
Compliance risk identification and assessment
• Incidence - probability
• Impact - severity
Some examples of compliance risks
•
•
•
•
•
•
•
•
•
•
•
Lack of management commitment to best practice
and compliance risk management
Lack of knowledge by management
Lack of supervision
High risk work
Lack of client vetting / fraud
Lack of client care / matter care
Lack of resource capability
Lack of knowledge / expertise / experience
Precedents / multiple use of advice
International work / overseas offices
Mergers
Using ‘brainstorming’ as a method of identifying and
assessing compliance risks
• ‘Top down – bottom up’ brainstorming sessions in each
group in your firm to:
-
to identify every compliance risk area
are we achieving every Outcome under the new Code?
are we compliant in every area?
do we have gaps?
what will be required to fully comply?
to what standards should we comply?
how should we prioritise our efforts?
Risk Diagnosis
Set criteria for
assessing risks
Identify detailed
risks
Identify high
level risks
Assess severity of
detailed risks
Assess severity of
high-level risks
Risk
map
Risk
summary
Compliance risk Mitigation
Designed to:-
• Ensure effective compliance
• Avoid / reduce non compliance
• Avoid / reduce incidence of risks
• Transfer some risks
Risk mitigation
Risk
map
Risk
summary
Residual
risk
summary
Consider impact /
probability
correlation
Consider available
mitigation
techniques
Contingency
plan
requirements
Insurance
requirements
summary
Required
controls
summary
Compliance risk monitoring involves…
•
Auditing, tracking and reporting
•
Comparing actual outcomes to pre-set indicators
•
Confirming effectiveness of your risk responses
•
Reporting compliance and exceptions
•
Establishing [annual / periodical] compliance risk
management reports
Risk monitoring
Required controls
summary
Contingency plan
requirements
Set risk indicators and
methods to monitor
them
Insurance
requirements
summary
Annual Risk
Management Report
Risk limitation involves
•
•
•
•
Risk crystalisation scenarios
Contingency plans
Limitation procedures
Post event assessment
Advantages of a formal compliance risk management
process for the new SRA Code?
•
Structured approach focuses on key compliance risk
areas
•
Can demonstrate how a firm is complying and the
effectiveness of compliance / outcomes
•
Continuous monitoring ensures management of
compliance and risk is “lived” day to day
•
Universal application to all compliance and risk areas
•
Comfort / assurance to PI insurers [and SRA?]
Effective use of IT systems for compliance risk management?
Use an integrated compliance risk management
system to cost effectively manage compliance risk
areas by:
– creating and maintaining one central, up to date
compliance and risk database
– providing information access to all who need it in
relation to exposure to risk
– embedding compliance and risk management
procedures – e.g. client inception procedures
– streamlining identification, assessment,
mitigation and monitoring of compliance risks
Outcomes focused regulation is about processes
Using IT systems is likely to be the most cost
effective and compliant method to manage
these processes.
Any questions?
Compliance needs to be ‘lived’ on a daily basis
by everyone in a law firm and there can be no
exceptions to following procedures. Otherwise
everyone is at risk.
Any questions?