COLP and COFA - getting started Ian Muirhead

Why Outcomes Focused Regulation? Because the range of different business models for the delivery of legal services post-LSA precludes standardised rules The precedent is that of the FSA, which superseded 7 FS regulators in 2001 SRA was instructed by LSB to adopt FSA-style regulation OFR permits firms to decide on their own approach to compliance within overall guidelines

The SRA Handbook The Handbook comprises the new Code of Conduct and the (largely pre-existing) Rules, e.g.: - The SRA Accounts Rules - The authorisation/ practising requirements - The client protection rules - The disciplinary procedure rules - The property selling and financial services rules In future the rules will also be applied in a way which has regard to the outcomes

The Outcomes focus on RISK Firms must demonstrate to SRA that they are identifying and managing risk, particularly risk to the client and risk to the reputation of the profession For example, Outcome 3.1: “you have effective systems and controls in place to enable you to identify and assess potential conflicts of interest” The Code is a guide to compliance

Creating a compliant environment FSA March 2012 report to regulated firm: “The management of the firm should be able to demonstrate personal ownership and involvement with all regulatory requirements. This is vital to developing and sustaining a culture which enables the firm better to identify and manage risk to the firm and its clients”

The role of management New Principle 8 in the Code of Conduct requires effective business management, and Chapter 7 states: “Everyone has a role to play in the efficient running of a business. However, overarching responsibility rests with management. The managers should determine what arrangements are appropriate to meet the outcomes”

Conveyancing Enforcement Strategy The first specific strategy, demonstrating the SRA requirements of management: A governance structure with effective oversight of risk management systems Systems for identifying & monitoring risk Systems to monitor the firm’s viability How the handbook applies to the firm Evidence of training on risk Monitoring the effectiveness of systems

The role of COLP and COFA Management must create an efficient business environment, in which compliance equates to best practice SRA Authorisation Rule 8.5 requires firms to appoint COLP and COFA as representatives of management Compliance officers will not be regarded as sacrificial lambs (A.Townsend, SRA)

Does Lexcel ensure compliance? Lexcel is useful on policy. Less useful on business management and compliance. The summary to Lexcel V5 states: “COLP & COFA This is a SRA regulatory specific requirement which practices should automatically be compliant with. As such, it has not been included in V5.”

Responsibilities of COLP To ensure compliance with the terms of the firm’s authorisation and any statutory obligations To record any compliance failures As soon as reasonable practicable, report material failures to the SRA COFA has similar responsibilities in relation to the SRA Accounts Rules

Steps to be taken by COLP Familiarisation with the Code and Rules, regulator alerts, legal press Work with management to ensure that departments and branches are aware of and committed to compliance issues Create a paper trail to demonstrate compliance Demonstrate continually questioning standards and seeking improvement

The audit trail Management structure: who owns the risks? A compliance plan A “Risk Register” File checks Record of compliance failures Client feedback and complaints Reports to the SRA and management If you didn’t record it, it didn’t happen!

Reports to management & SRA Ideally, five annual reports to the firm’s management committee: –COLP & COFA –MLRO –Conflicts of interest –Complaints –Outsourcing Annual report to SRA and interim reports of material non-compliance

Structure and reporting lines Firm’s Management Committee Chief Executive COLP COFA Fee earners Admin/IT SRA Marketing MLROHR/ T&C

Compliance plan A document, accessible to staff and SRA, explaining the firm’s compliance policy and the forms used to record compliance Could be a compliance manual ABS application requires a compliance plan evidencing policies/ procedures for client care, complaints, equality, conflicts of interest, client confidentiality, money laundering, T&C, publicity, fee sharing, undertakings and accounts

Risk Register = evidence that management has thought about and considered how to address risk Could be rated by importance or likelihood Conveyancing strategy mentions over- dependence on business type or clients Major risks could include competition, loss of business records, business continuity Outsourcing is an SRA concern (O7.10) Provide for staff concerns to be included

Risk v opportunity Risk is the downside. Opportunities should also be identified and form the basis of the firm’s business plan Should include SWOT analysis - clients, growth, pricing, profitability, staff, brand Also finances - turnover, profits, cashflow, balance sheet, fee-earner gearing, WIP, debtor days, working capital, borrowings

Outsourcing, per the handbook Means legal activities and functions, e.g.: Legal secretarial duties Proof–reading Research Document review IT supporting delivery of legal services Business process Outsource contracts must permit SRA to have access to outsourced records

File checks By peer group or using consultants Covering MLR, risk assessment, fees, consistency of presentation 10% of files to be checked on average Can be random or related to KPIs Results fed into Personal Development Plans Checklists to avoid creating docs which could be used against the firm in any future litigation

Record of compliance failures Detailing: Date identified How identified Date of matter Description of matter Remedial action Date of reports to SRA where “material” Comments

Client feedback and complaints Aimed at improving services Serves also to foster client relationship Can provide testimonials for marketing Complaints should be analysed to prevent repetition Is a satisfied client a client necessarily one who has been treated fairly? (inequality of knowledge)

COFA’s audit trail Weekly review of bank balances Quarterly review of old client balances Fortnightly review of bills issued, to identify pending transfers Client and office a/c reconciliation Written Agreements with banks and building societies re client monies

SRA administration SRA’s Practice Standards Unit has been disbanded, so no pastoral help from SRA SRA wants much more annual information from firms, to inform its risk assessments “Fit and proper” tests for non-lawyers, new authorisations, office holders, owners, managers

Enforcement Approach is risk-based. SRA will prioritise issues by reference to their likely impact SRA will obtain data from other regulators, “thematic” work, consumers, Risk Centre Investigates via on-site visits, interviews, mystery shopping, thematic visits Fines for ABS (and traditional law firms?) <£250m per firm, <£50m per person

OFR – a blessing in disguise The IFA experience of FSA-style regulation is that it has made them more efficient as businesses This is what solicitors need if they are to be competitive in the post- Legal Services Act era

How SIFA can help solicitors COLP and COFA Compliance Manual Telephone and helplines Bushell’s Briefs up-date bulletins Monthly webcasts and staff training OFR and Lexcel consultancy ABS applications Go to

Balancing risk and opportunity

Next webcast..... Should you have any questions please contact me on or The next webcast is on Wednesday April 18 th by Ian Cockerill, SIFA Compliance Director on “The role of Lexcel in Outcomes Focused Regulation”.