COLP Forum - September 2012
1.1 On Tuesday 25 September 2012 representatives of a number of law firms met at the offices of Maurice Turnor Gardner LLP (MTG) to discuss the role of the Compliance Officer for Legal Practice (COLP) under the SRA Handbook (the current edition of which is Edition 5 (released 1 October 2012). This report summarises the issues discussed.
2. THE SRA AND THE COLP
2.1 The SRA has created a specialist unit to deal with COLPs. However, it is understood that the SRA’s technical advisers have not yet formulated a firm view on how the new regime will develop over the coming years.
2.2 The SRA has always been reliant on receiving information which identifies a particular firm as a risk. On receipt of this information, it evaluates the risks associated with the firm by inputting the data into its specially designed risk matrix. There is some scepticism about how effective this system is (and will continue to be) in practice, particularly at assessing financial risks. Under outcomes focussed regulation (OFR), the SRA will rely on the COLP and firms informing the SRA of any non-compliance with the rules.
2.3 It is expected that the SRA will focus initially on single lawyer practices, firms where COLPs have not yet been nominated or firms where the SRA suspects that the COLP is unwilling to act (or not in a position to discharge the role competently).
2.4 In the medium term (two to four years), it is believed that the SRA is unlikely to focus on compliance issues in City law firms, not least because the SRA is keen to develop a good relationship with these firms.
2.5 Failed ABSs are likely to cause issues for the SRA and indeed, it is understood that the SRA expects as many as one in three to fail.
3. OUTCOMES FOCUSSED REGULATION
3.1 Under OFR, it is believed that a reasonable margin of error will be accepted in relation to COLP decision making. The Handbook clearly requires proper systems and processes to be in place. However, as long as the COLP records how he or she exercised judgement to reach a particular decision and shows that proper consideration was given to relevant factors, it seems unlikely the COLP will be criticised.
3.2 “Mission creep” during client work was identified as a potentially problematic issue for COLPs. It was suggested that COLPs need to be involved not only in overseeing business acceptance procedures, but also in ensuring robust processes that can adapt as the retainer evolves, ensuring that all decisions are properly recorded.
4. BREACHES -TO REPORT OR NOT TO REPORT?
4.1 Whether or not a potential breach should be reported to the COLP generated much discussion. Some firms believed that only significant issues should be reported internally and it was then for the COLP to decide objectively whether the breach is “material” . It is expected that the internal record of non-material breaches will need to be disclosed to the SRA at some point (probably when the annual information return is submitted) but it was thought that the SRA is not expecting, and will not be able to cope with, large volumes of reported insignificant breaches.
4.2 Some firms have implemented internal systems of reporting more minor incidents (e.g. sending an email to the wrong person where the duty of confidentiality would be breached) so that all of these can be reviewed and recorded by the COLP and lessons learned. It was felt by some that this may be an overly cautious approach leading to over-reporting. In this example, there may be no loss to the client and steps can be taken to remedy the breach. It was suggested that unless firms have recorded at least some breaches, the SRA may suspect that breaches are going unrecorded. Further, some attendees felt that it was for the COLP, and not the fee-earner, to judge whether a breach is material or de minimis and therefore all breaches (however small) should be reported and recorded accordingly.
4.3 While instances of negligence may not necessarily constitute breaches of the Code, these may indicate poor staffing decisions or a lack of supervision which would be breaches of the Code. It was suggested that PI issues should therefore be reviewed in order to decide whether there had been any breach of the Code. It was also felt that it is only a matter of time before PI insurers will request the annual information report as part of the annual renewal process.
4.4 It was argued that irrespective of whether a COLP reports a breach to the SRA, employees should be instructed to report all potential breaches to the COLP. A no-blame culture should be fostered in which employees and partners feel comfortable that they can admit their failings and learn from their mistakes. It was agreed that whilst a junior lawyer should feel comfortable reporting a breach to the COLP direct, it was more likely that the junior lawyer would discuss it first with the partner on the matter. A whistle-blowing policy supports the development of a culture of compliance and gives team-members reassurance. The inclusion of a specific reference to having a whistle-blowing policy in IB (10.10) in the Code demonstrates the importance the SRA attributes to this policy. On a more cynical interpretation, some commentators are worried that the SRA currently lacks the resources to move fully over to an OFR and risk-based approach and worry that a 'tick-box' mentality will remain. If these concerns are well-founded, a firm without a whistle-blowing policy would, it seems, fail to tick the required boxes.
5. COMMON BREACHES
5.1 A number of the common breaches that firms are reporting were discussed. These included:
(a) accidentally sending emails to the wrong recipient;
(b) accidental overpayment of tax out of client money;
(c) failure to register as FSA exempt;
(d) incorrect details of regulator in email footer; and
(e) engagement letters not sent out or sent out but not signed and returned.
5.2 It was felt that these sorts of example breaches will rarely be serious enough to justify an immediate report to the SRA, and the COLP’s only action will be to record these, and oversee steps that are taken to rectify the situation and ensure that no real loss has been caused to the client. However, the individual circumstances of each apparent breach must be considered as, depending on the circumstances, it is possible that a more serious breach may have been committed alone or as part of a pattern. It was widely agreed that whether a breach is reportable to the SRA or not, is a matter of the COLP’s judgement.
6. ANNUAL INFORMATION REPORT
6.1 There is no firm indication of when a draft annual information report will be available and it remains unclear whether the 31 October deadline for submission still stands. There was widespread concern about the SRA’s capacity for dealing with the large volume of information that it will receive when annual information reports are submitted. For example, if firms set out minor breaches in detail, there could be hundreds of breaches for each firm. Will the SRA review and evaluate all of these? Probably not. This begs two questions. First, are the firms' efforts worthwhile? Second, will poorly managed firms derive (perhaps misleading) reassurance if the SRA does not comment on breaches reported in the annual return?
7. NEXT COLP FORUM
1 The next COLP forum will be held on 5 February 2012. After a brief discussion on breaches that involve data protection issues at the recent COLP forum, it was agreed that this was an area worthy of more detailed discussion. Volunteers for a speaker on this or other subjects at the future COLP forums would be gratefully received.
8.1 The COLP Forum and the SRA It was proposed that MTG would be in contact with the SRA to suggest that if the SRA has issues on which it would welcome feedback (ideally before implementing new ideas or initiatives), then it should feel free to contact the COLP Forum to table these issues for discussion. It was agreed that offering the SRA the opportunity to attend the COLP Forum was a very good idea.
8.2 CLLS Open Forum Corinne Staves of MTG attended the CLLS Open Forum with the SRA on 26 September 2012. For those that were not present, the following points may be of interest:
(a) The SRA acknowledge that there have been a number of teething problems, and ask firms to bear with them as it adapts to the new regime (and puts in place staff and systems that are fit for purpose). However, the SRA remains adamant that it has achieved a lot in the last two years and in particular, is proud to have made the transition from a reactive approach to OFR to enable early identification of risk.
b) The SRA has decided upon its approach to international regulation. In brief:
(i) The current piecemeal approach in the Handbook relating to overseas’ practices will be scrapped.
(ii) Overseas' practices of England & Wales firms will be governed by a new separate Chapter of the Code. This will mainly contain principles and a few outcomes, to the extent they are not inconsistent with overseas' regulators’ rules.
(iii) Firms which simply have a presence in England & Wales (i.e. they are part of a larger international group), will be subject to an additional outcome in Chapter 7 which requires them to have systems and processes to enable them to identify and monitor risks associated with the overseas practices and “connected practices”.
(iv) “Connected practices” will be defined, but the SRA will not offer detailed guidance on how firms fit into these two categories. The SRA says it wants to cut through legal structures and look at the reality of the arrangements.
(v) The proposals will be put to the SRA Board at the end of 2012, with a view to a consultation early next year (ending March/April) and implementation of new rules in the second half of 2013.
(c) The COLP/COFA nominations and approvals process is broadly on track for the 31 December 2012 target. The SRA expects to send the first wave of approvals of straightforward nominees in the next few weeks. Approval of more complicated candidates (for example, those who are unknown to the SRA at the moment (likely to be COFAs, who are accounting/finance professionals rather than solicitors) or those who made declarations that might affect their eligibility) will take longer.
(d) It was noted that if City firms set up their own regulator, the vast majority of firms serving the community could not afford to continue (and, it seemed to be implied, the City would be at least in part responsible for the profession’s demise), so the SRA feel it is acceptable for City firms to bear a disproportionate burden of PC costs.
8.3 Is there actually an obligation to record breaches before 1 January 2013?
(a) It has been suggested that the obligation to record breaches only applies to COLPs and not managers of a firm because the specific requirement to record material breaches is found in the SRA Authorisation Rules rather than the Code: “The COLP of an authorised body must record any failure so to comply and make such records available to the SRA on request” (AR 8.5 (c) (ii)). It is arguable that Authorisation Rule 8.5 (c)(ii) can have no application before the COLP is formally appointed on 1 January 2013. Once the COLP has been appointed, AR 8.5 (c)(ii) can take effect but it presumably cannot apply to historic breaches.
(b) On the other hand, Outcome 10.3 of the Code places an obligation on all managers to notify material breaches whether there is a COLP or not: “you notify the SRA promptly of any material changes to relevant information about you including serious financial difficulty, action taken against you by another regulator and serious failure to comply with or achieve the Principles, rules, outcomes and other requirements of the Handbook”. This means that even before the formal appointment of the COLP, managers will need a systematic approach to looking at breaches and patterns of minor breaches in order to be able to decide on materiality. It will be difficult to review these without having a record. On a pragmatic reading, breaches will need therefore to be monitored and monitor and recorded prior to 1 January 2013.
Related in depth posts
Mergers, finance, technology and succession planning were high on the agenda at the latest Gazette roundtable, which discussed changing law firm business structures.
Brexit considerations for Professional Service firms
With the UKBA's requirement for a Tolstoyesque dossier of details on visa applicants, one may be able to sympathise with Roman Abramovich's immigration troubles.