Presentation is loading. Please wait.

Presentation is loading. Please wait.

Current risk and compliance priorities for law firms PETER SCOTT CONSULTING.

Published byDina Banks Modified over 8 years ago

Similar presentations

Presentation on theme: "Current risk and compliance priorities for law firms PETER SCOTT CONSULTING."— Presentation transcript:

1 Current risk and compliance priorities for law firms PETER SCOTT CONSULTING

2 Setting the scene Other speakers today will be dealing with specific risks and key developments including  SRA’s Risk Outlook 2015/16  Cyber security laws and data protection  Money laundering  The new training regime and competency  A new SRA Handbook! PETER SCOTT CONSULTING

3 What do General Counsel see as the biggest risk to their businesses in the next 18 months? Financial threats 30.8% Compliance threats 29.8% Strategic threats 21.8% Operational threats 18.3% Source: Global Legal Post: The Law Department of the Future and General Counsel Excellence Report 2015

4 Which issues most concern General Counsel over the next 18 months? Regulation and compliance 59.5% Creating value for the company 34.5% Data protection / security / cyber issues 31% Managing legal cost 28% Anti – bribery and corruption 25% Issues in emerging markets 24% Risk management 23% Reorganising the legal department 21% Reputational management 20% Governance 20% Health and Safety issues 6.5% Source: Global Legal Post: The Law Department of the Future and General Counsel Excellence Report 2015

5 Changes made by General Counsel in managing regulatory risk Strengthened policies and procedures 70% Increased education and training 60% Engaged outside advisers / consultants 41% Added internal compliance personnel 36% Subjected vendors and suppliers to monitoring and audit 33% Conducted more internal investigations 30% Implemented software tools28% Repurposed internal audit towards regulatory matters21% Utilised data analytics21% Increased actions against violators 9% Source: Grant Thornton 2015

6 Priority challenges for law firms  Knowing your risks  Monitoring the effectiveness of your risk control procedures  Resourcing your risk management in the most cost – effective way / use of IT PETER SCOTT CONSULTING

7 Developing effective control measures Monitoring and reviewing the effectiveness of compliance procedures Knowing and assessing compliance risks PETER SCOTT CONSULTING

8 Knowing your risks There are known knowns. These are things we know we know. There are known unknowns. That is to say, there are things that we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know. Donald Rumsfeld People Regulatory IT Competition /business Economic, political, fiscal Financial Asset Reputation Establishing and evaluating knowledge negligence PETER SCOTT CONSULTING

9 Knowledge of your risks? Has that knowledge been captured? Where does that knowledge reside? Who controls that knowledge? Who has access to that knowledge? Do you have systems to identify, monitor, review and assess your compliance knowledge? PETER SCOTT CONSULTING

10 Developing a knowledge management strategy to capture and share knowledge is a fundamental component of effective risk management Risk Management Knowledge Management PETER SCOTT CONSULTING

11 Developing effective control measures Monitoring and reviewing the effectiveness of compliance procedures Identifying and assessing compliance risks PETER SCOTT CONSULTING

12 The scope and volume of risk management and compliance now requires a different approach  No longer is it sufficient to have an ad hoc or laissez faire approach “We trust our partners in how they run their practices”  A more structured approach to monitoring risks is required which focuses on key compliance risks  The challenge - how to monitor and review the effectiveness of compliance procedures on a continuing basis so you can demonstrate that the firm and everyone in the firm is compliant? PETER SCOTT CONSULTING

13 Monitoring your risks under the SRA Code of Conduct  identify, monitor and manage risks to the achievement of all outcomes, rules, Principles and other requirements in the Handbook if applicable and take steps to address issues identified  have appropriate systems and controls in place to achieve and comply with all Principles, rules and outcomes and other requirements of the Handbook  Indicative behaviour (10.1) says that actively monitoring your achievement of the outcomes may tend to show that you have achieved these outcomes However, that alone is not sufficient ‘If you cannot demonstrate compliance we may take regulatory action’ SRA – OFR at a glance PETER SCOTT CONSULTING

14 Monitoring of what? Some high risk compliance procedures Risk assessment (client and matter) carried out AML complied with Conflict checks carried out – clear results Engagement letters sent Costs information provided No complaints received or indicated File reviews carried out PETER SCOTT CONSULTING

15 Methods to actively monitor compliance Supervision File reviews Positive self certification Voluntary reporting of risk issues Whistle blowing policy [Monthly] Reporting and Review Assessment Matters to be remedied Required controls Responsibilities PETER SCOTT CONSULTING

16 Developing effective control measures Monitoring and reviewing the effectiveness of compliance procedures Identifying and assessing compliance risks Resources? PETER SCOTT CONSULTING

17 A financially stable law firm is intrinsic to good risk management Financial instability is a risk on a number of levels  Financial failure  An underlying causal driver of other risks  A major factor contributing to inadequate risk management The problem? “We can’t afford it!” PETER SCOTT CONSULTING

18 Resourcing challenges  How much time will need to be devoted to this?  Is there a budget (including a training budget)?  What will the team look like?  Internal or external resource?  Part time partners or professionals?  Paper records or use of IT? PETER SCOTT CONSULTING

19 Resourcing solutions  Carry out a cost / benefit analysis to establish the most cost effective method to resource your compliance  Develop processes to do this by changing the way people view compliance and how technology is used. PETER SCOTT CONSULTING

20 Managing risk and compliance is about managing processes  How can these processes be systemised to provide a cost effective method to manage compliance?  Processes which enable everything to be recorded because the challenge is not merely to ensure a firm is compliant but is also able to demonstrate compliance on an on-going basis PETER SCOTT CONSULTING

21 Top 10 priorities for management of IT in law firms over the next decade Balancing security with mobility 68% Aligning IT solutions to business needs 64% Supporting a mobile workforce 57% Educating stakeholders on changes to the technology landscape 49% Educating the business on the strategic potential of IT 49% Increasing focus on risk management and security concerns 49% Facilitating business innovation38% Delivering value – adding applications35% Rapid identification and assessment of emerging technologies 29% Integrating with client systems 28% Source: International Legal Technology Association (ILTA) 2014

22 Embed compliance procedures and monitoring methods into IT systems Risk assessment Supervision AML File reviews Conflict checks Positive self certification Engagement letters Voluntary reporting of risk issues Costs information Whistle blowing policy [Monthly] Reporting and Review Assessment Matters to be remedied Required controls Responsibilities PETER SCOTT CONSULTING

23 Put in place an integrated system to cost effectively manage risk – embed compliance and monitoring procedures – – create and maintain one central, up to date compliance and risk database – provide information access to all who need it in relation to exposure to risk – streamlining identification, monitoring, assessment and mitigation of risks PETER SCOTT CONSULTING

24 Advantages of a systemised compliance and risk management process? Structured approach can focus on key compliance and risk areas Can demonstrate how a firm is complying and the effectiveness of compliance and achievement of outcomes Continuous monitoring ensures management of compliance and risk is “lived” on a day to day basis Universal application to all compliance and risk areas, e.g. training Comfort / assurance to PI insurers [and SRA]? PETER SCOTT CONSULTING

25 What do you see as your biggest risks? What priority steps are you going to take to manage them?

26 Questions? PETER SCOTT CONSULTING

Download ppt "Current risk and compliance priorities for law firms PETER SCOTT CONSULTING."

Similar presentations

How to put in place a compliance plan

How to put in place a compliance plan
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
Outcomes focused regulation and compliance in practice Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk.

Outcomes focused regulation and compliance in practice Peter Scott Peter Scott Consulting
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
Presentation By: Chris Wade, P Eng. Finally … a best practice for selecting an engineering firm.

Presentation By: Chris Wade, P Eng. Finally … a best practice for selecting an engineering firm.
IS Audit Function Knowledge

IS Audit Function Knowledge
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs
SAFA- IFAC Regional SMP Forum

SAFA- IFAC Regional SMP Forum
PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk.

PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting
Systemise your compliance management Peter Scott Consulting www.peterscottconsult.co.uk.

Systemise your compliance management Peter Scott Consulting
Effective Identification and Management of Compliance Risks Peter Scott, 1 Peter Scott Consulting.

Effective Identification and Management of Compliance Risks Peter Scott, 1 Peter Scott Consulting.
Corporate Ethics Compliance *

Corporate Ethics Compliance *
Managing your client risks in difficult times Peter Scott PETER SCOTT CONSULTING.

Managing your client risks in difficult times Peter Scott PETER SCOTT CONSULTING.
Implementing an effective risk management strategy based upon knowledge Peter Scott.

Implementing an effective risk management strategy based upon knowledge Peter Scott.
Implementing an effective risk management strategy in a law firm

Implementing an effective risk management strategy in a law firm
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Vendor Risk: Effective Management is Essential

Vendor Risk: Effective Management is Essential

Similar presentations

Ads by Google