The Demise of the Regulatory Ostrich?
It may be over-simplifying matters but, over the past few years there appears to have developed amongst many law firms a degree of complacency towards regulatory issues. An undercurrent, perhaps, of scepticism as to the need for regulatory policies and procedures reinforced by a belief that, provided the firm kept itself below the radar, then they would not be troubled by regulatory checks and inspections.
Clearly this has not been the case in all firms. Many larger practices, those involved in tenders for public or other similar contracts, or those who have Lexcel or ISO 9001 accreditation, have tended to take regulatory compliance more seriously. Why wouldn’t they, given that there is a strong business case for ensuring that all the necessary boxes are ticked?
The true regulatory sceptics have largely been found amongst the smaller practices or those undertaking traditional high street type services. These are the firms who will happily confess to not having a money laundering policy or who cannot see the point in having a diversity policy. They are the ones who will not document processes because “we know what we do, we don’t need to waste time writing it down”. They are the ones who don’t regularly undertake training because they “probably know more than the trainer” and “anyway, the SRA never checks up on training, does it?”
They are, in other words, the regulatory ostriches who simply stick their heads in the sand and hope that regulatory requirements will go away or that things will return to those halcyon days of yore (yes, that is a bird metaphor mix up) when the rules and regulations were something given to you when you qualified and ignored from that point onwards.
The times, they are a changin’ – or are they?
Unfortunately, or perhaps fortunately, depending upon your point of view, this could be all about to change. There is, it would seem, a growing move towards getting tougher with firms in relation to compliance. The question is, however, are things going to get tough enough?
The past few months have seen at least three indications of this potential increase in the tough approach. These have been:
- The SRA’s publication of its new Enforcement Strategy,
- the Law Society’s announcement that it intends to introduce desk-based assessments and on-site visits in relation to its Conveyancing Quality Scheme (CQS) and,
- most recently, and for many firms most worryingly, the SRA’s announcement that will be carrying out rigorous checks on law firms to make sure they are meeting their anti-money laundering obligations.
Inevitably more will follow as regulators, who themselves are becoming increasingly accountable, struggle to prove that they are competent and able to regulate in the public interest.
But is what is being planned sufficient to change habits and practices? Is it the case, as Bob Dylan said, that “times they are a changin’” or is it merely, to continue a 60’s song theme, a “Storm in a Teacup”?
The problem for many is that they are being given mixed messages.
Outcomes focused regulation was one of the first of the wrongly interpreted messages – where many saw less prescriptive rules as being rules that could more easily be ignored. If you were judging a firm on its outcomes then, if client’s weren’t complaining surely the firm was getting it right – even if it didn’t follow the accounts rules to the letter and occasionally acted for both parties in a conflict situation.
Then there was the move away from CPD in the training arena. For many firms this was taken as evidence that training was less important. Add to that the fact that no one had ever heard of the SRA checking up on a firm’s training regime, and this simply reinforced the view that training could largely be ignored.
In recent weeks, a similarly mixed message has been sent out by the SRA in relation to its new rule book. In fact, reading the SRA’s announcement of the launch of the new regulations, it would seem that they are actively encouraging firms not to comply. The second paragraph from the press release of the 20th March states:
“Shorter and more targeted than the existing rules, the new SRA Standards and Regulations focus on what really matters – the issues most important to protecting the public and their money. The removal of many prescriptive rules will reduce the burden on solicitors and law firms and allow solicitors greater freedom to use their professional judgement in considering how they meet the standards.”
How else is one to interpret “The removal of many prescriptive rules will reduce the burden on solicitors and law firms and allow solicitors greater freedom to use their professional judgement in considering how they meet the standards” other than as “it doesn’t really matter what we do as long as we don’t get complaints.”
In reality a shorter, less prescriptive rule book is very much a two-edged sword. If solicitors are not being told what they must do and are being allowed to “use their professional judgment” then it also becomes much easier for the SRA to allege that firms have not done what they should have done. Regulatory compliance becomes, therefore, a case of have you done what the SRA think you should have done at a given moment in time?
Lack of wide-scale checking and verification
The other key factor that lead many firms to believe that what they did in terms of regulatory compliance was less than important was the lack of rigorous checking of regulatory standards such as that adopted by the Law Society in relation to standards such as CQS.
In fact, the disparity between what the Law Society claimed as the quality level for members of CQS, compared with the reality of the situation lead, in 2017, to the Advertising Standards Authority’s ruling that the advertising for CQS “misleadingly exaggerated the membership requirements” and was done in a way which made the process of acquisition sound more rigorous than it actually was. The ASA pointed to the fact that during the four years ending in 2016, no more than 12 firms had received visits regarding the CQS despite there being about 3,000 firms who held the accreditation.
Many firms, inevitably, take a pragmatic approach to their business and that which they are expected to do. Given the regulatory and legal compliance pressures faced by many firms, especially smaller ones, this is not surprising. For many firms, the fact that they would be unlikely to be selected for checking was a sufficient reason for them to take the risk and not be as thorough in their compliance as they might have been. That has certainly proved to be the case with CQS.
Even the latest proposals that have been put forward for CQS checking by the Law Society and money laundering checks by the SRA have not greatly altered the view of all firms, many of whom are willing to take the risk or simply wait until they are caught out and then put in place the systems only when they forced to do so.
What are checks in the future likely to be?
So, are the checks and the likely penalties going to be enough to compel law firms to do more by way of regulatory compliance? Even if it is, are those checks and penalties going to have any impact upon the new breed of lawyers providing services from within unregulated businesses – which is to be a feature of the new regulations?
We have already touched upon the Law Society’s plans for checking in relation to CQS. They state in their details about the new scheme that they will be “introducing a small number of on-site visits each year and increasing the number of desk-based assessments” and they are “in the process of appointing an independent assessment body to carry out the on-site visits.” The extent to which this will impact upon individual firms is open to some debate.
With around 3,000 accredited firms, even if the Law Society is able to carry out 500 audits a year that is still only 1 in 6 firms that will be checked. Will that be sufficient to encourage compliance?
A similar issue applies in relation to the money laundering checks. The SRA have indicated that they will shortly be writing to an initial sample of 400 firms asking them to demonstrate compliance with the Government’s 2017 Money Laundering Regulations. With around 7,000 SRA-regulated law firms who fall under the scope of these Regulations that amounts to fewer than 1 in 17 firms being checked.
It is, as is ever the case, mainly a question of resources. Neither the SRA nor the Law Society have sufficient people or resources to be able to carry out all of the checks they need to in order to ensure compliance at all times. Take, for example, compliance with the recently introduced Transparency Regulations. The SRA in its Enforcement Strategy document states that it will “use a range of tools to identify non-compliance with the rules in addition to dealing with reports received” including reviews and random web sweeps. They will also, however, be relying upon others to report non-compliant firms.
Possibly it is the reliance on reports about non-compliant firms that may prove, at the end of the day, to be the secret weapon in the compliance armoury. If everyone is a potential informant, then perhaps no one will be safe. What the SRA will not be able to do is to scrutinise each and every law firm web site, check whether the details listed are adequate on the face of it, and then compare those details to the prices actually charged by firms or the genuine management structure within a department.
The benefits of compliance
Complying just because you will be penalised if you do not is, however, a very negative way of approaching the whole area of regulatory compliance.
Having an effective regulatory compliance programme can bring substantial positive benefits to firms and ensure not only that the business is run in an efficient and cost-effective way but also that the interests of clients are protected. However, and it is an important qualification, the compliance programme must be one that is tailored to the needs of the individual firm and not one that has been simply imported from a standard template. In other words, it is vital that policies and procedures reflect what is actually done in the firm rather than being a document written purely because a policy is needed. Policies and procedures that exist only in the firm’s manual that no one references are useless and might as well not have been written.
So, what are the benefits of compliance?
- Improved Efficiency – firms that are profitable are, in general, those that are efficient – those where services are delivered promptly and, in a client-friendly way. Having in place policies and procedures which address the regulatory requirements that impact upon the firm can help to become more efficient and can help to protect the firm from unpleasant feedback from clients or enforcement consequences from regulatory and accrediting bodies, which could damage the firm’s reputation and have a consequent impact upon profitability.
- Employee Consistency – linked to business efficiency is the issue of consistency of performance. If the firm has policies and procedures which set out what should be done, how it should be done and when it should be done then, provided that staff are made aware of these requirements, then the firm will be able to ensure greater consistency of service. That, in turn, makes it easier for managers within the firm to ensure that everyone is delivering services in a way that address the needs of the firm and the needs of the client.
- Familiarity with Requirements – firms that take compliance seriously and out in place regulatory and compliance policies and procedures will find it easier to ensure that all staff are aware of that which is expected of them. Training can be based around procedures and policies so that everyone can be made aware of the legal and regulatory framework within which the business operates and thus giving the firm the security of knowing that its service meets the regulatory requirements.
- Increased Quality – much time and effort can be expended by firms in planning what they need to do in order to develop business for the firm. This is especially so in this age of social media obsession where it is easy to believe that it is what the firm posts about itself online that makes the difference to the number of clients it receives. Whilst social media and other forms of marketing are an element of how a firm attracts business, one of the most persuasive marketing tools remains doing a good job so that clients come back in the future and tell others that the work you did was good. Having in place good regulatory policies and procedures can help the firm ensure that everyone in the firm does that good job at all times.
- Trust and Branding – consistency in following a well communicated and effective regulatory compliance framework allows a firm to demonstrate to its clients, potential clients and other relevant third parties that it takes itself seriously. A commitment to regulatory requirements is, therefore, good for the firm’s reputation and branding, helps clients and employees trust the firm which will hopefully turn into greater loyalty.
- Competition – regulations are not simply about ensuring that firms do as they are told or that they only do things that are in the interests of clients. They are also about level playing fields and ensuring that competition is fair. Firms that flout regulation may be able to lower overheads and thus enable them to offer services more cheaply. Whilst this may not bring long-term benefits to the firm flouting regulations, it will in the short -term give them an unfair advantage which will have a detrimental effect upon competitors. It is therefore in the interests of all firms to ensure that competitors play by the same rules – which in part is something that the SRA may be relying upon when they say – as they have in relation to price transparency – that they will rely on reports.
The benefits of compliance is not, however, an easy sell. Faced with a choice between putting in place procedures or carrying out client work, most firms would choose the latter and in smaller firms it quite often is an either/or situation.
Regulation is never going to be popular. Whatever the benefits to the firm, it is time consuming to do, gets in the way of fee-earning, potentially expensive and leaves firms who either do not do it, or do it badly, at risk of having regulatory proceedings taken against it.
The days of trusting firms to regulate themselves adequately may, however, be coming to an end and those who have succeeded in getting away with minimal self-regulation may find that new regimes will catch them out. For a firm that is reliant, for example, upon being on a lender’s panel then actual, as opposed to lip-service, compliance with CQS will become an essential – simply because the risks to the firm from getting caught out exceed the benefits of doing nothing.
Developments in technology are such that it will not be long before systems can be put in place which will ensure that firms are compliant with regulations. So perhaps the days of the ostrich are over once and for all.