In a recent webinar titled “Fortifying Your Law Firm: Strategies for SRA Visits,” experts delved into the changing landscape of regulatory compliance for UK law firms. The Solicitors Regulation Authority (SRA) recently increased its fining powers from £2,000 to £25,000, a significant change that has put many firms on high alert. This increase has prompted law firms to pay closer attention to their regulatory obligations and to take steps to avoid these potential fines, making it a topic of great interest for legal practitioners and managers alike.

Throughout the session, Kate Burt, founder of HiveRisk, and Gabriel Santos, VP of Sales at Legl, shared insights and anecdotes from UK law firms, with the consensus that the legal community is currently in somewhat of a ‘panic stage.’ This uncertainty stems not only from the increased financial penalties but also from a plethora of unknowns in regulatory requirements and a perceived lack of practical guidance from the SRA.

So, how do you prepare for a visit from the SRA? We’ve included a few highlights from the hour-long session.

Who will be involved and what you need to know

When the SRA selects your law firm for a review, it’s essential to understand the process and be prepared for each step.

  • Pre-Assessment Questionnaire and Documents: The SRA will provide a questionnaire to assess your practice’s risk profile and request certain documents. You typically have between 14 to 21 days to respond, so always be prepared to provide these in a timely manner. You may be asked about your practice-wide risk assessment, including its initial drafting date. Note that firms that falsely declared compliance with the regulations could face disciplinary actions.
  • Selection of Dates: The SRA will offer a selection of dates for the visit. Choose one that allows your firm adequate preparation time.
  • On-Site Interviews: SRA representatives will conduct interviews with key personnel like your MLCO and MLRO, and depending on your firm’s size, a number of fee earners.
  • File Review: The SRA will review between four to eight of your firm’s files, depending on the size and nature of your practice.
  • Policy Document Requests: Expect to provide documents like your practice-wide risk assessment (a Regulation 18 requirement), AML policy and procedure, client matter risk assessments, training logs and materials, details of any matters on your high-risk register, and extracts from your terms of business and client care letter.
  • Audit History: The SRA may also ask about any audits your firm has undergone, who conducted them, and any recommendations or corrective actions that emerged.
  • Data Retention: The SRA will be interested in your data retention policies, particularly around client due diligence documents. You’re required to retain these for five years from the end of the business relationship, but if you’re keeping them longer, you’ll need the client’s consent.

It’s crucial to remember that firms of all sizes and perceived risk levels can be chosen for these reviews. As such, all firms should remain prepared for such reviews and actively maintain their compliance with the ever-evolving legal landscape, including recent expansions in the definition of a ‘tax advisor,’ which may bring more firms into this scope than traditionally expected.

Counterparty checks: balancing risk and requirements

In their guidance, the SRA underscores the importance of assessing risk correctly and stresses the expectation for firms to perform checks on counterparties. While they suggest this process could be as straightforward as a free check on the Office of Financial Sanctions Implementation (OFSI) website, in practice, it may not always be so simple.

The SRA walks a delicate line here. On one hand, they recognise that it’s for firms to decide the correct approach to risk, implying a degree of discretion. On the other hand, they caution firms about the potential consequences of falling foul of the sanctions regime, should they unknowingly interact with a sanctioned individual or entity.

The SRA’s guidance includes a webinar featuring Ross Gillson, Head of AML Policy, and Mandeep Sandhu, Head of AML Proactive Supervision, where they recommend incorporating counterparty checks into the conflict check stage. Despite their assertion that this should be a straightforward process, many law firms may find the reality more complex.

It’s crucial for firms to find a balanced approach, ensuring compliance with the SRA’s expectations while managing their risk levels appropriately.

Want to learn more?

You can watch the on-demand webinar now, or reach out to us for a personalised demo of the Legl platform and how the platform can help you to be prepared for when the SRA comes knocking at your firm’s door.