Twitter Logo Youtube Circle Icon LinkedIn Icon

EVENTS AND ROUNDTABLES

EVENTS AND ROUNDTABLES > Roundtable > On the brink

EVENTS AND ROUNDTABLES

ROUNDTABLE: Risk management

Risk and return

  • Andrew Cheung, Dentons

    SRA adopted mature approach to regulation of international practices

    Close

  • Richard Harrison, Clyde & Co

    Sees a real change in mindset in firms towards OFR

    Close

  • Juliet Tainui-Hernandez, Addleshaw Goddard

    OFR has brought cost burdens on firms

    Close

  • Kathy Farmer, DAC Beachcroft

    SRA using relationship management programme to learn from law firms and understand best practice

    Close

  • Andrew Carpenter, Marsh

    Regulator is in a honeymoon period in getting to understand firms better

    Close

  • Sandra Neilson-Moore, Marsh

    Many small clients have had trouble getting COLPs approved by the SRA

    Close

  • Roger Butterworth, Bird & Bird

    COFA role only responsible for client money, not firm finances

    Close

  • Angela Robertson, Eversheds

    Smaller firms struggling to cope with increasing risk management burdens

    Close

  • Andrew Coates, Kennedys

    Firms risk losing commercial advantage by sharing best practice information

    Close

  • Emma Dowden, Burges Salmon

    Creating a gold standard of best practice is not equitable

    Close

The sixth Legal Business/Marsh risk round table gathered together risk experts from a diverse mix of firms to assess how handling a much-changed regulatory landscape is progressing so far.

The annual risk round table, hosted by Legal Business and Marsh, is developing a habit for apt timing. Last year, talk focused on alternative business structures after the Solicitors Regulation Authority (SRA) had just handed out the first licences. This time, the discussion took place less than a week after the SRA reversed a policy that has been a bugbear for risk management teams ever since outcomes-focused regulation (OFR) came into effect at the end of 2011.

In mid-March, SRA executive director Samantha Barrass told delegates at the Law Society’s Risk and Compliance Annual Conference that ‘non-material breaches’ of the SRA Handbook would not have to be reported annually to the regulator, stripping out another layer of bureaucracy as part of its recent Red Tape Initiative.

In our risk management report, published at the beginning of March, the issue of reporting non-material breaches was flagged by risk experts at the top 100 firms as an unnecessary headache associated with the switch to OFR. The requirement to report every minor infraction annually did not sit well culturally with many firms, while others were concerned about the administrative burden.

As such, news of this decision was well received among the round table participants. For Sandra Neilson-Moore, European practice leader for law firms’ professional indemnity at Marsh, this was a significant hurdle for law firms in handling the new framework. ‘The main concern with OFR was the requirement to report non-material breaches,’ she says. ‘The SRA has now dispensed with that and I think that was the key thing. Everything else is motherhood and apple pie, is it not?’

Angela Robertson, general counsel (GC) at Eversheds, agrees: ‘It is a good sign that the SRA has said: “Actually, we are going to step back from this previous requirement to report non-material breaches.” Part of the reason for that is because it realises it simply cannot resource it as well. A lot of good will come out of this, because it means the SRA will have to focus on what really matters, rather than the minutiae of how we maintain our registers of breaches.’

But as Juliet Tainui-Hernandez, director of risk and compliance at Addleshaw Goddard, points out, firms still need to record those breaches. ‘It is not that big a departure,’ she says. ‘You still have to record them, assess patterns and materiality arising from patterns, and make them available if the SRA requests them.’

Those around the table feel the SRA is, in all probability, likely to request a list of minor rule breaches if it has any specific concerns. However, a willingness to move away from arbitrary policy is welcomed. It seems that risk managers are appreciative of the efforts by the SRA to be flexible and, most importantly, listen.
 

Positive attitude

Nowhere has this constructive attitude been more apparent than in the SRA’s recent consultation on Handbook amendments relating to international practice, an issue crucial to the top 50 firms in the UK. This is particularly the case for Dentons’ EMEA GC Andrew Cheung, who saw his firm morph into an international giant on 28 March when the merger of Salans, SNR Denton and Fraser Milner Casgrain went live.

‘The SRA’s approach generally in relation to the international consultation was right, in the sense of reducing the burden that applies internationally and recognising the fact that it is going to struggle to regulate effectively practices that are based wholly overseas,’ he says. ‘I thought its approach to this consultation and early engagement with international firms showed a more mature and effective approach, which was very encouraging to see.’

‘The larger law firms are coming round to the view that – once the mindset changes have been gone through – this is actually in many ways a good thing.’

Richard Harrison, Clyde & Co

Bird & Bird is another firm that has experienced significant cross-border expansion over the last decade. It has agreed a co-operation agreement with Swiss firm BCCC Avocats, an alliance with Australian firm Truman Hoyle and secured a merger with Danish practice Bender von Haller Dragsted, all since the turn of the year. GC Roger Butterworth says he was pleasantly surprised by the SRA’s approach.

‘It is one of its better consultations,’ he says. ‘It is also side-by-side with it going back on reporting non material breaches. So it is finally listening. It has just taken two years of banging at the door to get that.’

Generally speaking, the reaction of the assembled risk specialists to 18 months of OFR is positive. Butterworth argues that the move by the SRA to principles-based regulation has helped him fulfil his role in certain respects.

‘OFR is actually very positive, because it helps me do my job better,’ he argues. ‘Previously it was rule-based, and you would debate with a partner over a sentence: “If it does not say I cannot do it then I am doing it.” It is more subtle. And you can now argue from principle, as it ought to be. That is where it has been a positive move.’

As a Clyde & Co partner advising law firms on risk and professional liabilities, Richard Harrison says he can see a real change in mentality within firms. ‘The larger law firms are coming round to the view that – once the mindset changes have been gone through – this is actually in many ways a good thing,’ he comments. ‘A year ago the law firms were a long way from that, but I think the SRA threw up a massive amount of confusion and uncertainty, which caused a large amount of unhappiness, not just with the UK law firms but also with the increasingly large number of overseas law firms with practices here.’

‘OFR has brought key issues to the fore and given us a little bit more strength to push through what we needed to do anyway,’ says Tainui-Hernandez. ‘I do have residual concerns about the additional cost that it causes, and I also think our experience in relationship management so far has really suggested more of a one-way relationship, which we are hoping will develop over time.’
 

Charm offensive

Relationship management has been a key plank of the SRA’s move into OFR. Its relationship management programme was piloted at the end of 2010 and eventually rolled out to the UK’s largest law firms a year later. More than 70% of firms responding to our risk management survey in March said they had received at least one visit from a SRA relationship manager (RM).

Feedback around the table to the SRA visits is mixed. Some have enjoyed the consistency
of having the same RMs throughout the process, while others have had up to six different managers.

‘The SRA wants to be assured that the London operation of a bigger US firm is insulated from financial calamities elsewhere. That is a big responsibility.’

Roger Butterworth, Bird & Bird

Says Eversheds’ Robertson: ‘As soon as we get an established relationship management team and you think “this is really good”, you suddenly get an e-mail saying, “Sorry, he has moved on”, so now we have got somebody new.’

Andrew Coates, professional practice partner at Kennedys, says his experience has been the complete opposite, with his firm having the same RMs from the SRA from the start. Emma Dowden, director of best practice and operations at Burges Salmon, concurs: ‘Our experience has been a positive one, as we have had the same team of three RMs from day one and have completed two relationship management visits so far. So obviously they are operating at both ends of the spectrum.’

Kathy Farmer is deputy head of practice governance and risk at DAC Beachcroft and says that the feedback she has been getting from peers on RMs varies tremendously. ‘We have actually been quite lucky with ours. They seem to be a lot more sensible and a lot more commercial. We’ve had quite a constructive relationship to date but I think the experience for others has been mixed.’

However, residual concerns persist over the motives of the SRA through the relationship management meetings. Firms are wary of the SRA being so accommodating.

‘The SRA relationship management process is useful and the SRA is doing its best to be helpful and understanding,’ comments Dentons’ Cheung. ‘However, I am concerned that, notwithstanding this charm offensive, at some point in the near future the SRA will decide it is time to bare its teeth and tackle a particular issue or set of issues it perceives as a problem. There are a number of areas of ambiguity and gaps in our regulatory regime, which to a large extent goodwill with the regulator and relationship management cover over, and firms will be exposed if they become complacent because of the approach we have seen to date.’

Andrew Carpenter, managing director at Marsh, echoes this viewpoint. ‘What I am hearing is that this is the honeymoon period of getting to know your regulator, but they are informing themselves as to what best practice might look like.’

‘I think the SRA has run the relationship management programme on the basis that it can learn from us and get an understanding of what is best practice,’ says DAC’s Farmer.

This idea of using the relationship management process to get up to speed with best practice has some of the risk specialists around the table nervous. Dowden, for example, is concerned about the SRA cherry-picking from each firm when developing its new regulatory regime.

‘One of the concerns that remains for me on best practice is that there will naturally be a temptation for the SRA to “cherry-pick” the best examples from the leading firms,’ she says. ‘However, we all do things differently with a wide variety of systems and structures and cultural approaches to managing risk.

If the SRA starts to develop a minimum standard based on what the most capable of the top 50 are doing, for example, this simply may not be achievable for others – either due to cost or resource constraints. Clearly expectations need to flex according to each individual organisation, but as an industry need to avoid aspiring to an impossible, “gold-plated” model.’

Kennedys’ Coates warns that firms could lose out if they share information with the SRA that it then shares with other firms. ‘To what extent can it share things, if you share with it, without giving away any commercial advantage about the way you do things? Some things you would be naïve to share with the SRA, so perhaps we need to be on our guard. As a result, it is going to get far less from us than it intends in terms of what the real differentiating factors are.’
 

COLP ability

The nomination and approval of the compliance officer for legal practice (COLP) and the compliance officer for finance and administration (COFA) have dominated the agendas of risk teams for the past year. The new roles were introduced as part of the SRA’s push into OFR and a number of the round table participants report delays and bureaucracy that chime with the wider findings of our risk management report.

Says Neilson-Moore: ‘I have heard, not from larger clients but from smaller clients, that they have had problems with getting a COLP approved; for example: they say there have been hoops that have to be gone through and that these were insulting hoops, in many
cases, ie long-term residents and senior practitioners having to involve the Home Office and UK Border Control to prove suitability and so forth.’

‘I have been told many times by firms that they feel the SRA is “learning its trade” on them, rather than dealing with the real problems of regulation.’

Sandra Neilson-Moore, Marsh

One of the key issues was selecting the right person to be the COLP, which is arguably a more important and contentious role than the COFA. There were issues in appointing the head of compliance and risk to the role, as the COLP has to be a qualified lawyer.

Tainui-Hernandez sums up the rigmarole associated with getting approval from the SRA for the COLP: ‘Essentially we were going to appoint our managing partner but we got a reasonably strong steer from the SRA that was not what they wanted. So actually we had to change our structure because we did not have anyone from risk on the board. Again, it might have been better if it had started with getting the structure of the rules right and then it might have achieved what it wanted from
the beginning, which I think was a bigger role for compliance.’

‘We saw the SRA change its thinking about this concept on each iteration of the consultation process,’ recalls Cheung. ‘It is something that has never really been resolved and this is a pity because it has led to an inconsistency of approach and confusion about the nature and purpose of what is a very serious role.’

In the end, Cheung says the firm nominated its chief executive officer as the COLP because the SRA insisted the COLP have the power and status to enforce regulatory compliance and be personally liable if they fail to do so.

‘This decision initially reflected the conventional wisdom of the SRA but at some later point it decided it wanted the COLP to primarily be its contact for risk and compliance issues,’ he adds. ‘I fulfil that role now but when asked by the SRA if I would be the COLP I responded: “I would be happy to, just as soon as you remove the personal liability requirement.”’

The fact that the COLP or the COFA could be personally liable for breaches of the SRA rules has deterred some eligible candidates from assuming the COLP role. Most firms have found ways to deal with this, such as obtaining directors and officers’ liability insurance for the individual COLP and COFA, amending employment contracts to impose a duty on other managers to disclose breaches, or even introducing specific sanctions on managers for breaches of regulatory duties. However, the personal liability aspect has been a real issue, according to those present. Clyde’s Harrison wonders what would have happened if there had been a COLP at Dewey & LeBoeuf last year.

‘How many firms have actually thought about, in regards to the COLP role, the need for further insurance?’ he says. ‘If Dewey had gone down a year later there would have been an English-qualified lawyer in situ at the firm as the COLP.

‘So you’ve got this poor innocent sitting in London, having taken on the COLP role, perhaps with some pride, at a big, high-status US law firm, unaware until it’s too late that the firm was heading for the rocks with massive bank debt, bond indebtedness and God knows what else back at head office. You can imagine that person, if it had been a year later, would have been very worried indeed, or would be rushing off to check his policy, and there would be a very worried insurer potentially.’

Butterworth says any UK-based COLP being kept in the dark in an international business is a real issue. ‘I heard very recently that as part of the international regulation the SRA wants to be assured that the London operation of a bigger US firm is insulated from financial calamities elsewhere. Now, if that responsibility is settled on the COLP that is going to be a big responsibility, because how does he know?’

Coates, who is the COLP at Kennedys, says he was very clear with his firm on the basis on which he would assume the role. ‘I did a paper to the partnership: “Here are the conditions of me becoming the COLP. I would like the following indemnity; here is the insurance policy we are going to buy, and this is how the members’ agreement is going to be changed to make it a requirement for partners to report to me and all the rest of it.” So that was voted through in a partners’ meeting, I signed the agreement and then Sandra and Andrew [Neilson-Moore and Carpenter] wrote the policy for us,’ he says.

The liability issue could get worse, according to reports filtering through to Neilson-Moore. ‘I have heard that the SRA may be considering the idea of saying that you cannot insure yourself against fines and penalties, because the FSA does not allow FSA-regulated organisations or individuals to insure against fines and penalties,’ she comments.

‘I thought to myself, “Okay, not allowing the LLP entity to insure against a fine or penalty I can understand, but not allowing the individual COLP, who is in a very difficult position, to do so I think is very unfair.” That debate is going on underneath the radar, so it will be interesting to see what comes of it.’

Worse still, according to Butterworth, there is a fundamental flaw in the definition of the COFA, previously thought to be the least contentious role, given to the financial director of the firm. But Butterworth says the only thing that the COFA is actually responsible for is the account rules – essentially the handling of client money.

‘They are not actually responsible for finance, and they are not actually responsible for administration, so it is a complete joke,’ he says. ‘In terms of the financial stability of the firm, my reading is that actually falls to the COLP, which is a nonsense, because I am not the finance director, our COFA is!’

This comes as a complete surprise, even to some of the veteran risk specialists gathered around the table. And while everyone agrees that the COLP could delegate some responsibility for the financial hygiene of the firm, they themselves will be ultimately accountable, making the COLP role even less palatable.
 

Going through the motions

The upshot of all this is higher risk standards being imposed on law firms and, consequently, greater cost burdens. Addleshaws’ Tainui-Hernandez says her team has definitely been busier since OFR came into play and that she has a couple of secondees from other areas of the business helping her team currently.

Butterworth argues that costs have increased because his firm has to be more deliberate about recording what it does, what it checks and how it deals with situations. But he argues that the advantage is that the risk team is in essence now providing a service – it is not just about breaches, which are a minority of what his team deals with. ‘Potentially though, OFR enhances the business,’ he says. ‘Yes, it is a bit of a growth industry [but] I actually like avoiding problems rather than investigating situations afterwards.’

Neilson-Moore believes that the real issue for the SRA lies with much smaller firms than the top 50. ‘I do not think there are any problems with the larger firms,’ she says. ‘Therefore I find it strange that the SRA feels it needs to inflict additional costs and burdens on the large firms, giving them something additional to worry about, with a need to do greater internal audits and so forth. I have been told many times by firms that they feel the SRA is “learning its trade” on them, rather than dealing with the real problems of regulation that exist in other areas of the profession.’

‘The profession is going to change its shape quite dramatically over the next few years,’ predicts Eversheds’ Robertson. ‘Perhaps OFR will be one contributory factor – not the only one. But I have certainly spoken to a few practitioners outside London, perhaps in very small firms and they are saying: “We just cannot do this. We cannot actually sustain our practice and combine fee-earning with these additional compliance officer roles. Equally we cannot afford to have a dedicated risk function.” Around this table we all have that advantage.’

That comment illustrates one irony regarding the changing risk environment in the legal industry. For all the (in some cases needless) costs and hassles imposed on larger law firms, in the long-run the new regime is likely to give top 50 firms a distinct commercial edge. This will come in two regards. Firstly, as larger law firms develop more sophisticated risk procedures – as is accepted is currently happening – they are ultimately likely to win more favour with bluechip clients and insurance providers who want the safety factor of dealing with bigger legal advisers. In addition, the cost burdens placed on smaller firms will make the economies of scale for larger law firms even more compelling. An instance of risk providing return.

For the round table participants, it appears that despite a few (and in some cases, fairly considerable) wrinkles, their firms have made a good fist of assimilating OFR and working with the SRA to achieve the desired outcomes. However, it seems as if ultimately the larger firms are not the issue and the SRA potentially faces bigger headaches further down the track. LB

 

Legal Business/Marsh round table

  • Roger Butterworth - General counsel and risk management partner, Bird & Bird
  • Andrew Carpenter - Managing director, Marsh
  • Andrew Cheung - General counsel EMEA, Dentons
  • Andrew Coates - Professional practice partner, Kennedys
  • Emma Dowden - Director of best practice and operations, Burges Salmon
  • Kathy Farmer - Deputy head of practice governance and risk, DAC Beachcroft
  • Richard Harrison - Partner, Clyde & Co
  • Sandra Neilson-Moore - European practice leader for law firms’ professional indemnity, Marsh
  • Angela Robertson - General counsel, Eversheds
  • Juliet Tainui-Hernandez - Director of risk and compliance, Addleshaw Goddard
  • Mark McAteer - National editor, Legal Business