Presentation is loading. Please wait.

Presentation is loading. Please wait.

PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk.

Similar presentations


Presentation on theme: "PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk."— Presentation transcript:

1 PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk

2 - and with an eye on outcomes focussed regulation in relation to business management … how to plan at the same time to comply with: The new SRA Code The Principles The outcomes PETER SCOTT CONSULTING

3 Who currently has a compliance / risk manager?

4 The future … “The management and supervision of firms is covered by chapter 7 of the new handbook. Firms will be required to have a compliance officer for legal practice to oversee and embed adherence to the principles, rules and outcomes, and a compliance officer for finance and administration to ensure compliance with the Accounts Rules. You might wish to start considering who within your firm might fulfil these roles and how they will carry them out.” Charles Plant – chair of the board of the SRA Law Society Gazette 8 July 2010

5 Rule 5 aims to set out… Responsibility for the overall supervision and management framework of a firm Minimum requirements to be ‘qualified to supervise’ Minimum standards for supervision of client matters Minimum requirements for business arrangements essential to good practice and integral to compliance with supervision and other duties to clients PETER SCOTT CONSULTING

6 The scope of Rule 5 Supervision Management of risk Key regulatory requirements certificationP I accountants reports registration recognition conflicts Rule 2 – client relations Financial management and controls SARs Control of undertakings safe keeping of documents and assets Rule 6 – equality and diversity Training - Competence - CPD -Qualified to supervise Practice continuation

7 Are you in control of your risks? People Operational Regulatory IT Competition /business Economic, political, fiscal Financial Asset Reputational Management

8 Who believes they are currently fully compliant with Rule 5?

9 How do you know you are compliant?

10 PETER SCOTT CONSULTING The challenge of Rule 5…. How to manage compliance with Rule 5 in a way which will enable you to evidence, even with limited resources, that appropriate arrangements are in place and operating, so you can demonstrate: compliance the effectiveness of that compliance

11 The challenge of Chapter 7 of the new SRA Code? Is about the management and supervision of a firm Provides that 10 listed outcomes must be achieved In particular …. PETER SCOTT CONSULTING

12 firms must have.... - have appropriate systems and controls in place to achieve and comply with all Principles, rules and outcomes and other requirements of the Handbook - identify, monitor and manage risks to the achievement of all outcomes, rules, Principles and other requirements in the Handbook if applicable and take steps to address issues identified Who already has appropriate systems and controls in place …to currently comply with Rule 5?

13 PETER SCOTT CONSULTING What is required? A need to manage your: Resources Knowledge

14 PETER SCOTT CONSULTING Resources? People and Money Internal or external? Part time partners or professionals? Bespoke or ‘off the peg’? Carry out a cost / benefit analysis to establish the most resource effective method for your firm to manage compliance and risks

15 Knowledge? - Failure to manage knowledge involves widespread risk Compliance / Risk Management Knowledge Management

16 Compliance and risk – do you know your risk areas? Where does the knowledge of your compliance and risk areas reside? Can you access it? Do you have systems to maintain and upgrade your knowledge?

17 PETER SCOTT CONSULTING Where to start? A systematic approach is needed Management driven, with top level buy-in Zero tolerance is required Managing risk and compliance needs to be seen as ‘everyone’s job’ – a mindset change is needed Need a ‘no guilt’ culture to encourage disclosure Approach compliance and risk management from a knowledge management viewpoint and vice versa

18 PETER SCOTT CONSULTING A systematic approach is required Put in place a formal compliance and risk management process to identify and manage every area of compliance and risk for Rule 5 compliance and for the new SRA Code Establish a comprehensive database covering all compliance and risk areas Standards such as Lexel and ISO 9000 are likely to help Use of IT systems?

19 Advantages of a formal compliance and risk management process for Rule 5 and under the new SRA Code? Structured approach focuses on key compliance and risk areas Can demonstrate how a firm is complying and the effectiveness of compliance / outcomes Continuous monitoring ensures management of compliance and risk is “lived” day to day Universal application to all compliance and risk areas Comfort / assurance to PI insurers

20 Use of IT systems for compliance and risk management? Use an integrated compliance and risk management system to cost effectively manage compliance and risk areas by: creating and maintaining one central, up to date compliance and risk database providing information access to all who need it in relation to exposure to risk embedding compliance and risk management procedures – e.g. client inception procedures streamlining identification, assessment, mitigation and monitoring

21 Implementing a compliance and risk management strategy Diagnosis Identification and assessment Implementation of compliance procedures and Mitigation of risk Avoidance, control or transfer Monitoring Auditing, tracking and reporting Limitation Minimising the effects of crystallised risks

22 PETER SCOTT CONSULTING Identification of compliance and risk areas? Needs to be management- driven ‘Top down – bottom up’ brainstorming sessions to: - to identify every compliance and risk area - are we compliant in every area? - do we have gaps? - what will be required to comply? - to what standards should we comply? - how should we prioritise our efforts? Assignment of responsibilities and lines of accountability

23 Compliance and risk assessment Incidence - probability Impact - severity

24 Risk Mapping- where to focus resource?

25 Try this out on your... Supervision arrangements Financial controls Business continuity planning Client care letters AML procedures etc

26 PETER SCOTT CONSULTING Assessment of non-compliance and other risks Consider the impact of, inter alia: Disciplinary action Bad publicity and loss of reputation Lost clients Complaints and claims Increased P.I. premiums

27 Assessment of compliance and risks Assess severity of high-level risks Identify high level risks of non compliance Set criteria for assessing compliance and risks Identify detailed risks Assess severity of detailed risks Compliance and risk map Compliance and risk summary

28 Compliance and Risk Mitigation Designed to:- Ensure effective compliance Avoid / reduce non compliance Avoid / reduce incidence of risks Transfer some risks

29 Risk mitigation compliance and risk map Compliance and risk summary Consider impact/probability correlation Required controls summary Insurance requirements summary Contingency plan requirements Residual risk summary Consider available mitigation techniques

30 PETER SCOTT CONSULTING Some techniques to put in place compliance and mitigate risks Top level buy-in – management must not only drive compliance but also live it Zero tolerance – just do it! Training and education programmes to build awareness and change mindsets Continuous and systematic monitoring and reporting A need to continuously challenge the effectiveness of compliance and risk management

31 Compliance and risk monitoring involves… Auditing, tracking and reporting Comparing actual outcomes to preset indicators Confirming effectiveness of risk responses Reporting compliance and exceptions Annual compliance and risk management report

32 Compliance and risk monitoring Required controls summary Contingency plan requirements Insurance requirements summary Set compliance and risk indicators and methods to monitor them Annual Compliance and Risk Report

33 How are you going to demonstrate the effectiveness of your firm’s compliance with Rule 5? Supervision Management of risk Key regulatory requirements certificationP I accountants reports registration recognition conflicts Rule 2 – client relations Financial management and controls SARs Control of undertakings safe keeping of documents and assets Rule 6 – equality and diversity Training - Competence - CPD -Qualified to supervise Practice continuation Finncial Finncial

34 In the future how are you going to demonstrate achievement of outcomes under the new SRA Code?

35 Start now – systemise your compliance and risk management

36 PETER SCOTT CONSULTING The future? How will law firms be able to provide the increasing resource needed to be fully and effectively compliant? - by consolidation? - by pooling of resources? - by other means?

37 Outsourcing your compliance and risk management? Outcome 10) of Chapter 7 – Management of your business Where legal activities or operational functions are outsourced you ensure such outsourcing does not: (i) jeopardise the quality of your legal activities nor impair the quality of your internal controls; and (ii) impact on the SRA’s ability to monitor your compliance with all obligations in the Handbook.

38 Any questions?


Download ppt "PETER SCOTT CONSULTING Business Management Systemize your compliance with Rule 5 Peter Scott Peter Scott Consulting www.peterscottconsult.co.uk."

Similar presentations


Ads by Google