Thursday September 12th 2013 | 11:25
How legislation introduced by the SRA is affecting law firms
Jonathan Jongkind, Customr Service Manager, Egress Software Technologies Ltd.
Law firm risk management. If that phrase was thrown around in a conversation, you would presume the person talking knows exactly what they’re going on about – but what does ‘law firm risk management’ actually mean?
In general, risk management can be defined as evaluating, and preparing for, potential risks, making sure you have all of the bases covered should the worst come to the worst. This could mean anything from assessing risks in regard to natural disasters, to large investment projects, to data breaches – which is what I would like to primarily focus on.
Having worked in a small law firm in the past, I have an idea of how risk management works for the legal sector. This can be anything from losing a major case that a lot of time and resources had been invested in, to sending out a court bundle to the wrong address (the legal world still loves their paperwork; the printer in that office was always chugging away).
Setting the standards
Luckily, law firms are not left entirely in the dark with regards to risk management. Launched in 2007, the Solicitors Regulation Authority (SRA) is the regulatory body for all solicitors in England and Wales. Although the SRA also focus on other areas, such as setting behavioural standards for entry and ensuring these are constantly complied with, making sure that data is handled appropriately is another one of their goals.
This is where it gets interesting for me, being both a techie and a law graduate. Recently, courts have started to accept summons sent via email, whereas before, evidence and summons were only accepted via paper. In fact, UK court summons can now even be served via Facebook! But imagine if those summons were sent to the wrong person… Although this could also happen via normal post, at least technology provides the power to prevent mistakes like these from happening in the first place.
Introduced in July 2012, section 8.5 of the SRA practice notes states that all their licensed bodies require a Compliance Officer for Legal Practice (handily shortened to COLP). These individuals are required to take reasonable steps to ensure compliance with statutory obligations, in addition to any terms or conditions. COLPs are also the bearers of bad news, as they’re obliged to take reasonable steps to record all failures to comply (classed as a ‘material breach’ or a ‘non-material breach’), as well as reporting these failures to the SRA.
Despite imposing these regulations on law practices, COLPs are left with a certain degree of leniency and flexibility, allowing them to interpret and implement the regulations in a way that will work best for their practice. I have no doubt that regulations will be tightened and definitions made clearer over time, but I suppose, much like the law, the SRA is keen to move away from a tightly regulated body to a more efficiently regulated one. The challenge for the SRA is to relay this information in a way that will not cause confusion.
Staying on top
The introduction of new technology and improved forms of communication with clients and courts is a major opportunity for law firms – if taken advantage of, it will lead to improved information security, enhanced efficiency and cost savings.
Obviously, the SRA has a key role to play in this, and their introduction of greater accountability and regulation can only be a good thing for consumers. Part of this involves creating codes of practice and regulations that increase awareness of potential risks and material breaches, drawing attention to the repercussions that can occur when due care isn’t taken. The challenge for law firms is ensuring they stay on top of these changes.
So, now you should have more of an idea of how risk management works in law firms – enjoy that after-dinner conversation with your local COLP!