On one level, outcome (7.5) of the current SRA Code seems easily manageable; you must comply with all legislation relevant to your business. Of course we must! Of course we do, no need to be overly concerned about monitoring achievement of this professional duty.
The reality is different. This outcome is labour intensive and requires vigilance about new legislation which must be incorporated in compliance and risk management strategies. It never ends; since 2011 there have been several new laws we have needed to consider, not least this year’s Money Laundering Regulations and the Criminal Finances Act. Next year we will need to add the General Data Protection Regulation. Change is constant.
However, in the midst of this horizon scanning, what about the legislation which has always been around. What about, for example, financial services law? My message about this is simple: understanding financial services matters, ignore at your peril.
The Financial Services and Markets Act 2000 (FSMA) stipulates that no one may carry on financial services regulated activities without being authorised (by the Prudential Regulation Authority or the Financial Conduct Authority) or being able to rely on an exemption. Breach of this requirement can result in criminal offences being committed. The double-whammy for solicitors, or anyone working in an authorised law firm, is the impact that this will have on their relationship with the SRA.
Only a handful of law firms are directly authorised by the FCA. The majority of firms rely on a legislative concession to carry on exempt regulated activities for their clients. This creates a minefield of risk considerations which starts with the need to ensure compliance with the SRA Financial Services (Scope) Rules 2001. Don’t be fooled into thinking this is light touch regulation. The SRA has responsibilities to ensure that their supervision of this activity is adequate to manage the risks inherent in our ability to provide such services without FCA authorisation.
In my experience, these Rules, and the consequences of providing financial services, are often overlooked when managing and mitigating risk. Many employees fail to realise the significance of providing such services or even, in some cases, fail to appreciate the fact that the services, which they are delivering to clients, come within this definition.
The Scope Rules create a rigorous framework and limits are imposed on all firms which are not directly authorised by the FCA. This includes a list of activities which must not be performed, together with basic conditions which must be satisfied in other circumstances, and restrictions related to certain types of financial services activities. For example, this is where the requirement to be on the FCA’s Exempt Professional Firms Register and appoint an insurance mediation officer (IMO) is prescribed. Do colleagues understand the significance of this restriction and does the designated IMO understand their compliance oversight role? More basically, is the term insurance mediation understood?
In addition to the Scope Rules, we must also comply with the SRA Financial Services (Conduct of Business) Rules which tell us how financial services must be provided, the records which must be maintained and the information which must be provided to clients. Are these Rules being monitored for compliance? The SRA needs to be satisfied that we are acting in a client’s best interests, delivering proper standards of service, acting with integrity and independence, and not diminishing our roles as trusted advisers. We can demonstrate this with effective auditing tools.
It is not inconceivable that the regulator may decide to take a greater interest in how we undertake these activities. Remember the financial services survey which the SRA published earlier in the year? This was part of the SRA’s education programme, i.e. educating themselves about the risks of facilitating these services by authorised firms. What’s to stop further reviews and research?
Does this make you feel uncomfortable? Would it be an appropriate use of resources to undertake an internal assessment of the risks posed by the firm’s activities so that any conversation with the SRA will be fuss-free and supported by an audit trail?
As a starting point, I would suggest that the following questions are asked:
- Can we list what financial services we offer to our clients and are we clear about the limits of this type of activity?
- Do colleagues understand the SRA requirements and the legal backdrop?
- Would tailored training to relevant colleagues be a sensible precaution?
- Do we have appropriate systems and policies to satisfy the SRA that we comply with Handbook requirements and we monitor for compliance?
- Are the risks associated with the provision of financial services factored into our risk register and breaches being recorded by the compliance officers?
Understanding financial services matters, ignore at your peril.
Tracey Calvert is a lawyer who specialises in professional ethics, regulatory and legal compliance issues. She is the director of Oakalls Consultancy Limited, which provides training and compliance solutions. She has written several books, is a Legal Compliance Association Board member and on the editorial board of the Law Society’s Legal Services Bulletin. She is an officer of the International Bar Association’s Professional Ethics Committee and a contributor to ‘Cordery on Legal Services’.
Her latest book, ‘Financial Services for Lawyers’, is available in paperback and kindle versions from Amazon, www.amazon.co.uk and provides practical guidance on the issues described in this article.