Seven ways SME firms can manage risk more effectively
In a warning shot for law firms to get their compliance in order, the SRA has imposed a near maximum fine of £23,216 on law firm TTS Legal, which failed to check sources of funds for three property transactions and, until January 2020, had no firm-wide risk assessments in place.
The fine isn’t isolated. In the same week, it imposed a £15,000 fine for one partner who failed to conduct proper client due diligence and a total of nearly £50,000 on two law firms and one solicitor for various AML breaches.
Never before has it been more important for SME law firms to prioritise compliance and ensure the ‘basics’ are in place to mitigate risk of fines and reputational damage.
Expert advice on the best practice to avoid compliance pitfalls
In our recent Build Better Habits webinar series, we were joined by compliance experts: Karen Edwards from the ILFM, Amy Bell from Teal Compliance, and Alex Simons from The Law Factory. They shared the tools and best practices firms need to implement to avoid common compliance pitfalls most SMEs face.
Simons said it’s the basics throughout the accounting processes that cause SME law firms the most compliance issues: “When you have a hybrid team, a paper-based system no longer works, especially when you’re dealing with thousands in a conveyancing processes. A scribble on a piece of paper isn’t good enough.
“The firm needs to stay on system and ensure all data and actions are kept on their CMS, as that will provide an audit trail to keep you compliant.”
Edwards agreed that staying on system is important for managing compliance risks as well as security and data breaches: “Everyone needs to be using the systems consistently. Make sure everything is documented in a policy, that people are trained on the processes, and everyone knows where to find the right data.”
Bell highlighted six of the common pitfalls she regularly observes in SME law firms:
- Not analysing why things go wrong
- Data is siloed
- Employees are at maximum capacity
- Ignoring the data
- Responding to non-compliance too late
- Not leveraging client due diligence (CDD) technology.
She shared: “The biggest pitfall I see is assuming that when things go wrong it’s a one-off and firms put it down to human-error. But that’s not the data you need: you want to know why it went wrong and what policy needs to change to stop it happening again.
“Technology can help with doing a root-cause analysis. I like the ‘five whys’ model. For example, the issue is we missed a key date, you then need to ask at least five whys. Why? Because it wasn’t put in the court diary. Why? Because it was supposed to be done by this person. Why? That part of the process wasn’t followed. Why? The training hadn’t been completed. Why? Because that particular person was too busy.
“That’s when you start to uncover the real root cause of the issue. Behind a lot of the analysis, when it’s done, it typically uncovers that no one has enough resource. Poor capacity management is a massive contributing factor to mistakes being made.”
Seven habits to mitigate risk and manage compliance
The panel agreed on the seven habits law firms should adopt to mitigate risk and stay compliant, such as data discipline and the importance of continuous training.
Watch the full episode on-demand now to discover the seven habits, as well as how your risk strategy is impacting your client service and best practices for building a compliance-focused culture.
Being digital-first is one of the four fundamental habits we believe all modern law firms should adopt for long-term success. We’ve covered all four habits in our Build Better Habits webinar series, which are available to watch on-demand now.