Posted by Jess Irwin, senior consultant, and Jen Dunlop, managing director of Compliance Office, on behalf of Legal Futures Associate VinciWorks [1]
Jen Dunlop
The Solicitors Regulation Authority (SRA) announced on 2 June that it intends to proceed with reforms to strengthen protections around client money [2], following its consultation earlier this year. Subject to Legal Services Board (LSB) approval, which is not guaranteed, these changes are likely to be in place by early 2027.
On the face of it, tightening protections around client money sounds sensible. The detail, as ever, tells a more complicated story.
Having worked inside the SRA, I (Jen) know how the organisation thinks. These reforms reflect a genuine desire to do better. The problem is that good intentions and effective regulation are not the same thing, and firms need to understand what they are actually signing up for.
The return of accountants’ reports: a lesson unlearned?
The headline change is that all law firms holding client money will be required to submit annual accountants’ reports to the SRA, whether or not they are qualified, along with a declaration providing further key information.
Firms currently exempt under rule 12.2 of the accounts rules [3] due to low levels of client money held must confirm their exemption status. Failure to comply will attract fixed penalty fines.
For those with longer memories, this is a return to pre-2014 practice. The SRA scaled back the requirement a decade ago so that only qualified reports had to be submitted.
The reason this is significant is not that more data is inherently bad (indeed, it can certainly be a good thing), but that more data is only valuable if the organisation receiving it has the capacity and structure to do something useful with it.
The first time around, it didn’t. The SRA lacked the capacity to properly analyse the reports it received and to use the information to proactively assess firms’ risk profiles. There is a reasonable question about whether anything has materially changed.
The SRA is not operating from a position of strength right now. It has publicly acknowledged a significant increase in misconduct reports [4]. Its latest consultation on its draft business plan [5] is seeking a budget increase of £25m, representing a 29% rise for 2026/27, to address a range of pressures.
The LSB has already demonstrated it is prepared to push back, having refused to approve the SRA’s proposed complaints-handling rule changes in January. Approval of these client money reforms is therefore not a foregone conclusion.
If the SRA secures its budget increase through practising certificate fees, the more pressing question is how that resource is deployed.
Before opening the floodgates on accountants’ reports, it would be worth rebuilding the kind of risk-profiling capability the SRA had until around 2013. That team existed specifically to identify firms at risk and take proactive steps before problems escalated. Its absence has been felt.
Reactive regulation is always more expensive than preventative regulation for regulators and firms alike. Given the new chief executive’s professed desire to move towards a more proactive, rather than reactive stance, this would surely fit well with the SRA’s plans.
Jessica Irwin
Separation of roles: the logic has a flaw
The second significant change concerns the separation of compliance roles.
Firms with a turnover above £600,000 or holding more than £2m of client money at any point in the most recent reporting period will no longer be able to have a single individual who can unilaterally determine significant management decisions also holding the COLP or COFA role.
A partial exemption exists for smaller sole owner-manager firms, who may retain the COLP role but not the COFA role.
The SRA has moved its originally proposed £500,000 client money threshold to £2m, acknowledging that the original figure was too low. The revised threshold is more workable, but the underlying logic still has a flaw.
The requirement is not simply to separate the COLP and COFA roles from each other. Both roles must also be separated from anyone who can make significant decisions about how the firm is run. In practice, that means any partner or senior individual with meaningful authority is likely to be excluded.
The compliance roles will fall to less senior people, who may have limited compliance experience in terms of what those roles actually require, limited interest in risk and compliance, and limited influence over senior managers, which is needed to carry out their roles effectively.
There is a real risk that this reform quietly diminishes the importance of COLP and COFA positions, precisely when the SRA wants them strengthened. Pulling the right people away from fee-earning work to take on compliance responsibilities they have not been trained for does not obviously make firms safer. It may do the opposite.
What should firms do now?
These are still proposals. LSB approval is required, and implementation remains some months away. There is no need for immediate action, but there is value in starting to think carefully now rather than scrambling later.
The practical questions worth working through are: who in your firm is best placed to hold the COLP and COFA roles under the new separation requirements, what gaps in their compliance knowledge need to be addressed before these changes come into force, and what training will be required to give them the best possible chance of doing those roles well?
The SRA’s direction of travel on client money protection is broadly right. The execution needs scrutiny. Firms that engage with these changes now, rather than waiting for the LSB decision, will be in a stronger position when the rules land.