For the first time in three years, I actually got to fly on an aeroplane again! And spent two weeks in a country that is well known for being quite pleasant this time of year (Barbados actually if you are asking). What on earth has this go to do with COFA compliance I hear you say. Well the answer is not a lot. But it was the perfect opportunity to spend some time reflecting on what has been going on since we were all forced to close down our offices and find a new way of working. Specifically remote working and all the pluses and minuses it entails. Whilst in Barbados I read an article that detailed how many Brits had applied for a special digital visa that allowed them to live on the island whilst continuing to work for their employee back in the UK. The example they provided was that of a solicitor working for an English law firm. How lovely I thought – for about a second – and then the risk side of me kicked in. Many solicitors are now demanding to work from home, wherever that home may be. But the SRA is concerned that some of them may not be being adequately supervised. I think this is a legitimate concern and one that will undoubtedly vary from practice to practice.
Technology has advanced so rapidly that just about anything is now possible. But the weakest link will always be around the handling of money and more specifically client money. Prior to the pandemic, most firms had developed robust systems for authorising payments out of client account. But the new way of remote working has led to processes being altered and in some cases bypassed altogether with the use of emails and even WhatsApp messages being used. Very rarely have we seen these processes being incorporated into an Accounting Policy Document so that they can be properly reviewed and tested. The danger of course is that the cyber criminals can now find other means in which to target client money. Or that simple mistakes can more easily be made resulting in wrong amounts being release or monies being sent to the wrong parties. COFA led matter file reviews can go a long way in ensuring that these mistakes are eradicated but unless they are undertaken on a regular basis they will continue to happen and in some cases with disastrous consequences for the firm. Remote working looks like it is here to stay so there has never been a better time for a firm to undertake a thorough review of their processes for making payments to ensure that they do not become the next victims of financial loss.
Whilst being able to demonstrate adequate supervision remains a hot topic for the SRA, so does AML procedures. And they are showing a real appetite for fining those firms that are not taking it seriously. The banks were the first to come under the microscope where they still remain. Only just recently Santander were fined £100m for various breaches of AML processes. But the fines now being dished out to lawyers can be substantial and up to £25K in the most serious of cases. A small firm was recently fined £20K and in an agreed outcome, the SRA said: ‘The conduct showed a disregard for statutory and regulatory obligations and had the potential to cause harm, by facilitating dubious transactions that could have led to money laundering (and/or terrorist financing). This could have been avoided had the firm established an adequate practice-wide (firm-wide) risk assessment.’
And it’s not just the fine that hurts financially, it is all the time that an investigation takes up. Just as with client money, the best way firms can safeguard themselves from coming to the attention of the SRA is to conduct independent firm wide reviews to ensure that the firm has adopted robust AML processes and that they are being followed without exception. Once again – properly documented procedures, regular testing and close supervision are the answers.
Financial Eye continues to meet and speak to firms on a daily basis so everything I have written here is based on what we see out in the field. I’m definitely not making it up! For the past few months, getting in to see and talk to firms has been hampered by unrelenting train strikes but we remain undaunted. My only wish is that the trains are running on the 18th of May – the day the ILFM are holding their first “in person” conference since 2019. Quite frankly I can’t wait to go and meet people I haven’t been able to see for years. It will also be a great opportunity to discuss some of the latest issues that have been raised by the SRA. One of those issues is crypto currency which we have now have some experience of. We have been contacted by a number of firms who have been approached by clients looking to use crypto to purchase property. If this has happened to you recently, my advice would be – be scared, be very scared. There are client account issues here as well as AML and PI concerns. This is not something to go into lightly. Last month the SRA issued its own guidance on this very subject and my advice would be read what they had to say before making any sort of commitment to facilitate your client’s wishes. As I mentioned earlier, technology evolves so quickly and continues to do so at an extraordinary pace. It has changed forever the way law firms will act in the future – but it is fraught with new risks!
David Thorpe
Director – Financial Eye