In April, we shared “a tip a day” to assist firms to get ahead with risk and compliance. Just when you think you’ve got a handle on compliance – the goal posts move. Take this month – the Money Laundering Regulations 2017 are set to be enacted into UK law to ensure that the UK complies with the fourth money laundering directive!
We haven’t listed all 30 tips – just the ones that you can easily action yourselves and which will assist you in taking a step closer to compliance. Take a look:[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
Cyber Crime Tips:
- • Friday afternoon fraud. Take action now to prevent it. The SRA report that email hacks of conveyancing transactions are the most common type of cybercrime in the legal sector with £7 million client losses reported in the last year. 75% of these cybercrimes were committed by hackers modifying emails directly, often on a Friday afternoon when most completions take place. Don’t be complacent about cyber-security. The Codes under which lawyers work require firms to have proper risk management procedures in place (including in relation to cybercrime) and to protect client monies and assets. It is all too easy to fall into the trap of thinking that it won’t happen to you. It could! Educating your staff is a key step in the fight against cybercrime. For tips on preventing cybercrime click on the following link https://www.legal-eye.co.uk/cybercrime-and-law-firms/
- • Do you have a Cyber-Incident Response Plan and Business Continuity Plan? Have you tested those plans in the last 6 months and, if so, updated them to take account of the results? Having robust and up-to-date plans in place is key to good risk management.
- • Cybersecurity remains a priority risk. It is not an IT risk but a business risk which requires ownership and engagement at senior levels within firms. Read our article on cyber-security https://www.legal-eye.co.uk/cybercrime-and-law-firms/ for some tips on how to be cyber-wise.
- • The nights are getting lighter, daylight hours are increasing and Spring – well Summer now – is definitely in the air! The SRA released their Spring Update to the Risk Outlook in early April highlighting their key priority risks. It won’t be long before the Risk Outlook 2017 / 2018 is released. There’s no time like the present to give your firm’s Risk & Compliance policies, procedures and plans their annual dust off! Email [email protected] to book an appointment for Legal Eye to undertake a full day’s Risk & Compliance Spring Clean!
- • Have you completed your Annual Risk Review? Just a few hours spent analysing the data you have collected during the year and updating policies, procedures and processes as a result could ensure a more efficient and effective workforce with a strong client base and increased profitability – setting you apart from your competitors in an increasingly demanding market. Work smarter not harder and reap the rewards.
- • We do more than just tick the box! At Legal Eye compliance isn’t just about ticking the box – it’s about working with you and your team to identify and overcome problems, help improve your business and, in turn, increase profits whilst ensuring that you are compliant with the ever changing regulatory landscape. Our experienced associates work with all sizes of law firms to provide a compliance package which is unique to each firm.
- • There’s little more satisfying before a holiday period than ticking off something that’s been bugging you on your to-do list but that you just keep avoiding. We’ve all been there! So, with just 6 weeks to go before “School’s out for Summer” do just one thing that’s been sitting on your to-do list for a while. For many lawyers – it’s file reviews that slip to the bottom of the to do list – there’s always something more pressing! Outsourcing your file reviews costs less than you think and ensures that they are done in a timely and objective manner.
- • Do you complete a concluding risk assessment and determine whether the client’s objectives have been achieved? Section 5.12 of Lexcel v6 requires you to do so. We work with firms to tailor their opening, mid-transactional and concluding risk assessments.
- • The Code of Conduct requires that clients’ complaints are dealt with promptly, fairly, openly and effectively. Does your complaints handling comply with these requirements?
- • Your Code of Conduct requires that your Complaints Handling procedure is responsive to the needs of individual clients, including those who are vulnerable. A recent independent report into consumers who may be vulnerable and family law found that clients who were dis-satisfied with the service they received were unlikely to complain either because they didn’t know how to, they felt it would increase an already stressful situation or they felt it would cause delays in their case. Have you reviewed your complaints handling procedure recently to ensure it is responsive to the needs of all clients?
- • If you send or receive contracts or client care information via email then, for the purposes of the EU Regulation on Consumer Online Disputes, you are an on-line trader which means that if you have a website then you must have a link to the EU ODR platform on your website together with the email address of your complaints partner
- • Did you know that if your client has exhausted the first-tier complaints process and you have been unable to settle the complaint, then you are must provide the client with information of the Legal Ombudsman but also advise the client, on a durable medium, that you cannot settle the complaint, the name and address of an approved ADR body competent to consider the issue should you and the client agree to ADR and whether you intend to use ADR.
- • With the Legal Ombudsman’s case fees set at £400 per case, it is in your interests, financially and reputationally, to ensure you have a robust and effective Complaints Handling Procedure in place to deal with complaints, coupled with a regular and detailed analysis of complaints data to identify issues and trends and ensure remedial action is taken. Dealing with the complaint itself is only the start of the process.
- • If you have employees that work from home – either full time or part time or on an ad-hoc basis – then you must have processes and procedures in place to ensure that you effectively manage all the risks that this poses.
- • When reviewing the steps you take to ensure you have robust systems in place to protect client money and assets, cybercrime security is key … but remember that ensuring robust systems relating to non-cyber matters is just as important. When did you last review those systems and provide training to staff?
- • Gender Pay Award Reporting legislation came into effect on 6th April 2017. It requires private and voluntary sector employers with 250 or more employees on 5th April each year to publish various statutory calculations showing the pay gap between male and female employees on their own website and a government website. Are you an employer with 250 or more employees? What steps have you taken to ensure you comply? Don’t have 250 employees? You can still participate and demonstrate your proactive approach to equality and diversity.
- • Marry in haste, repent at leisure! In an increasingly competitive legal market, a merger might appear to be an attractive proposition and the answer to all your problems. Undertaking thorough due diligence on your proposed partner is one of the most important preliminary steps you can take.
- • In less than 6 months, solicitors will be required to make their first annual declaration of competence. To do this, solicitors must reflect on their practice and identify any learning and development needs and, having done so, plan how to address those needs and any knowledge gaps and then record and evaluate their activities. We are working with many firms to prepare fee earners for the annual declaration and many firms are adopting the system across their workforce. Don’t bury your head in the sand, take action now whilst there is still time to put your plan in place.
- • Your staff ARE your greatest asset … when correctly trained for the job that they are employed to do. Ensure all staff are regularly trained in data protection, cyber-security, conflict of interest, equality and diversity, vulnerable clients and money laundering issues. Your staff are your front line and your front line must be strong.