- A new Code of Conduct came into force on 6 October for all SRA regulated law firms
- The form of the Code of Conduct is now ‘outcome focused’, which is radical departure from the previous set of detailed requirements.
- Firms now have more freedom to design their own compliance regimes to achieve the stated outcomes, but this may have the effect of increasing, rather than decreasing, the regulatory burden.
- Monitoring and reporting of compliance is now required
The New Code
The new SRA Handbook was introduced on 6 October. This was anticipated to be the date on which the Solicitors Regulation Authority would become authorised by the Legal Services Board to be a regulator of alternative business structures or ABSs, as they are known. An ABS allows unlimited non-lawyer ownership of law firms. Limited non-lawyer ownership has been allowed since 2009. There has been a delay in the SRA becoming a regulator of ABSs, which is now expected to take place around the end of the year. Despite this delay, the SRA decided not to delay the introduction of the new regulations.
What has changed?
Much of the new regulations are the same in some form or another as the pre 2011 regime. The way in which the regulations work has changed. The new regime is termed ‘Outcome Focused Regulation’. This has been in part the SRA’s response to criticism from many of the larger law firms that the old regulatory regime was too prescriptive and that many of its detailed requirements were not relevant to large practices. Some have wrongly described the new regime as “soft touch”. The new regime operates by requiring both firms and regulated individuals to comply with requirements known as ‘Outcomes’. In the Code of Conduct alone, there are around 100 Outcomes to be complied with. Outcomes are supported by ‘Indicative Behaviours’, which are examples of behaviour which the SRA suggest would tend to show that a firm is achieving or not achieving the Outcomes. The Indicative Behaviours, unlike the pre 2011 regime, are not requirements so to that extent the prescriptive element of the regulations is much reduced.
Large firms with their dedicated compliance teams can devise the processes and procedures which work for them, if they do not consider that the suggested Indicative Behaviours are appropriate for their particular business. Small firms are in a less comfortable position. The SRA in its road shows this year has said that they do not consider that it is necessary for firms to engage compliance consultants to give guidance as to how to comply with the Outcomes. There is an increased emphasis on formal risk management arrangements in the Code of Conduct and the Authorisation Rules. The Authorisation Rules anticipates that all firms will have a compliance plan. Notes to these rules suggest that in producing a plan firms should consider “a system for monitoring, reviewing and managing risks”.
The key element of these new arrangements will be monitoring. Firms will have to nominate two compliance officers by March 2012, the Compliance Officer for Legal Practice and the Compliance Officer for Finance and Administration. These Officers will need to report to the SRA on an annual basis all failures to comply with the handbook regulations. This will be an easy task if there is a client complaint which shows a failure to comply with one of more of the Outcomes. If there is no external driver such as a client complaint, the report must be generated from internal monitoring results. The handbook gives no guidance as to what kind or frequency of monitoring will be appropriate. It would have been helpful if the SRA had given some suggestions for say, large, medium or small firms, so that firms would have a general idea as to the lengths they must go to.
The SRA know that around 90% of firms commit breaches of the SRA Accounts Rules each year. Many of these breaches are likely to be minor technical breaches. To that extent, the profession has an history of non compliance. If firms do not have monitoring systems and no external event alerts them to non compliance, what will the response of the SRA be to a compliance officer who submits an annual report with no details of any breaches?