24 hour helpline:
So, you and your fellow Partners have realised that the deadline for appointing your Compliance Officer roles, COLP and COFA, is looming. The 31st of March 2012 had seemed so far away, but now you can’t avoid the elephant in the room any longer. Who wants the roles?
Silence is the stern reply… Nobody wants the added responsibility and the increased strain on fee earning time.
So, in order for you all to avoid what you perceive to be a poisoned chalice, you decide to go to the open job market with a view to recruiting your very own dedicated COLP and COFA. Job done!
In drawing up the specifications you consider that they must be a lawyer to comply with Rule 8.5(g)(ii)(b)(I) of the SRA Authorisation Rules 2011; at least, say, 5 years PQE; and with previous management or compliance experience. You are therefore looking at offering a salary of around £40k- £50k.
The firm gets a dedicated figurehead for risk and compliance and the Partners all avoid having to worry about it too much.
But how much consideration was given to the risks involved at recruiting specifically for that role and what are those risks?
You have just recruited an individual that you probably don’t know very well to report any ‘material breach’ of the regulatory regime to the SRA, without any indication as to how that individual will interpret the regulations or any consideration of how risk averse they are. What if they are a complete ‘chancer’ who believes it is worthwhile running the risks of not reporting and arguing the toss if it comes to it? What if the opposite is true and you have employed a Compliance Officer who decides that every time you fail to give a costs estimate (for example) the SRA should be informed, with the corresponding effect on the firm’s risk profile?
How much knowledge and experience does that individual actually have of the regulatory regime? Solicitors’ regulatory compliance is a relatively new and specialist area of expertise, particularly with the implementation and application of ‘Outcomes Focused’ Regulation. Does experience of running your own firm under previous regimes really qualify you to manage the entire compliance and risk management function? After all, your firm already had a Managing Partner who did not feel comfortable taking on the Compliance Officer roles themselves. You have placed a great deal of trust in an individual whose regulatory and risk management experience is likely to be relatively untested.
So, what if you decide that you’ve made a mistake? They haven’t acclimatised well to the firm’s ethos or it has become apparent that they are just short of useless and not worth their £40k price tag. You’ve employed them! You have to go through the disciplinary process, provide opportunities for them to train and improve their performance and then, should you reach the point where enough is enough, you have (typically) a 6 month notice period to cover and pay for, as well as the costs of sourcing a replacement or going to back to the Partner’s meeting saying ‘So what now?’
What other options could you have explored? Your Partners don’t want the day to day role of auditing and file reviews; they don’t want to draft the plans or populate the risk registers and they don’t want to have to deal with the day to day enquiries and correspondence with the SRA. So delegate or outsource those tasks!
Do you really need a £40k a year lawyer to go through client files and check that the appropriate client care precedent has been provided to the client, or that the risk assessment has been completed on file opening? Do you really need a high grade Finance Director to carry out the bank reconciliations? Or do you just need an individual to make sure that these things are done and to once in a while check the quality of that base level auditing function. Better the Devil you know…and are already paying for!
The compliance officer needs to be the person at the top of the pyramid making sure that the compliance functions are operating effectively. That means that the day to day functions can be performed by those with less experience or qualifications, using suitable precedent forms and procedures, with a system of supervision of those functions. Alternatively they can be outsourced, with regular audits or file reviews and an independent and comprehensive report that can be provided to both the regulator and your indemnity insurer. This way an individual within the firm, who is known to and trusted by the Partners (and who doesn’t incur an additional £40k hole in the annual revenue) maintains control over the reporting function without the perceived level of pressure on fee earning.
Too many firms have assumed that the Compliance Officer roles will entail responsibility for the entire compliance and risk management function and have therefore baulked at the idea of fulfilling them internally. If they are seen as a supervisory role with a lower grade of fee earner or admin staff, or an outsourced specialist, providing the day to day auditing function then the Partners retain internal control and save themselves the increased overhead of another senior employee.
The COLP and COFA roles have yet to be defined by the SRA or in commercial practice. There is no fixed right or wrong answer to how their responsibilities should be constructed or conducted. The purpose is to add value through the reduction of risk (and therefore complaints, claims and regulatory enforcement). I would argue that employing an unknown and expensive individual to run this function independently is an unnecessary risk in itself. Better to retain responsibility in house even if that means delegating or outsourcing the audit function itself. Better the Devil you know than the Devil you don’t.
Client Relationship Manager
T: 0113 385 4483
M: 07432 695 289
The Law Society has issued a practice note about the risks to solicitors posed by this new legislation, which came into force on 30 September.
The SRA has urged all practices to check HM Treasury’s consolidated list of asset freeze targets, which lists designated persons subject to financial sanction under EU or UK legislation.
The practising certificate renewal period opened on Monday 2 October.
Sign up for our newsletter
and join our mailing list.
Please click the button to accept our cookies. If you continue to use the site, we'll assume you are happy to accept the cookies anyway.