Posted by Alison Wooddisse, head of practice compliance at Legal Futures Associate LexisNexis UK
It’s often said that life’s not a popularity contest – which is probably just as well if you’re the compliance officer for legal practice (COLP) for your firm.
As a lawyer, the best that can be said about your popularity rating with the general public is that it’s not as bad as estate agents or tax inspectors. The COLP role comes with the added distinction of being unpopular within your peer group.
You may already be seen as the jobsworth who bombards colleagues with policies and procedures that get in the way of advising clients. You scrutinise complaints files, assess every risk that moves, and bore people rigid with compliance training when they’re really busy. It’s enough to make anyone feel unloved, but your main crime against popularity is yet to come—from January 2013 you have to become head monitor and supergrass for your firm.
As COLP, you’ll have three core duties. They are to:
- Take all reasonable steps to ensure compliance with the SRA Handbook and pretty much everything else that applies to the firm (apart from the accounts rules);
- Report compliance failures to the SRA; and
- Keep a record of all compliance failures, and make it available to the SRA on request.
The first duty probably just makes you a compliance bore in the eyes of your colleagues, but the second and third duty could make a serious dent on your social standing within the firm.
Unfortunately, we’re not talking about Supergrass, the indie rock band from Oxford, although if you ever need cheering up, you could do worse than watch their Alright video—it’ll take you back to the days when you were young, happy and carefree.
On second thoughts, maybe that’s not such a good idea.
Nope, we’re talking about the duty to report compliance failures to the SRA; not just really, really bad compliance failures or ones that you can’t put right, but ALL compliance failures regardless of whether you’ve fixed them.
The timescale for reporting varies, depending on whether the firm’s committed a material or non-material compliance failure:
- Non-material compliance failures can be reported to the SRA as part of the annual information report (there’s no information yet about what this is likely to involve);
- Material compliance failures have to be reported to the SRA as soon as reasonably practicable – even if you take immediate steps to remedy the failure.
So what’s a material compliance failure? If you’ve been following my previous blogs, you won’t be surprised to hear that there’s no definition. Instead, in the spirit of outcomes-focused regulation, the SRA says the COLP should take into account all relevant factors, including:
- The detriment or risk of detriment to clients;
- The scale of the issue;
- The overall impact on the firm, its clients and third parties; and
- The extent of any risk of loss of confidence in the firm or the provision of legal services generally.
You also need to know that a compliance failure can be material either taken on its own or as part of a pattern of compliance failures
At the moment, the SRA hasn’t issued any real practical guidance or worked examples. From what we hear, some firms are planning to report everything unless it’s absolutely clear they shouldn’t. This isn’t necessarily the best strategy; if you persuade the SRA you’re an inveterate rule-breaker, you can expect to find your firm classed as high-risk, which could lead to more intense supervision.
Nor is it a good idea to under-report; the human factor means that few firms can honestly say they never have compliance failures and a wall of silence is likely to attract the SRA’s attention. As with all things, moderation and a sensible approach is probably the best way forward; if in doubt about whether a compliance failure is reportable, pick up the phone to the SRA’s ethics helpline.
Of course, even the best supergrass is only as good as his sources. You’re going to need a process for internal reporting of compliance failures to the COLP. This would be a good opportunity to emphasise the importance of compliance to the overall success of the firm, blah, blah—if that doesn’t work, you can always play the ‘don’t shoot the messenger’ card.
This is all about duty number 3: keep a record of all compliance failures, and make it available to the SRA on request.
Naturally, there’s no prescribed way of monitoring or recording compliance failures; this is outcomes-focused regulation. According to the SRA, it should be done in a way that allows you to:
- Monitor overall compliance with the firm's various regulatory and statutory obligations;
- Assess the effectiveness of the firm's systems and controls; and
- Identify and report a material failure or pattern of failures.
Some form of written register is a must, preferably in a spreadsheet or embedded into your practice management system, so you can filter and track trends. Here’s an example, populated with some phantom compliance failures, from which you shouldn’t draw any conclusions:
When to start?
It’s probably a good idea to train your staff and start your compliance failure register now. That way, your process will be running like a well-oiled machine by January and you’ll get a head start on identifying trends, giving you the chance to sort them out before the duty to report kicks in.
If you get on top of things now, you won’t have much to report to the SRA. It probably won’t make you feel young, happy and carefree again, but think what it’ll do to your popularity rating.