The SRA regulates in the public interest and in the interests of the consumers of legal services.
The SRA is an outcomes-focused, risk-based regulator.
• Our goal is to ensure that those we regulate deliver the right outcomes for the public, in line with the intent of the regulatory objectives.
• Risk-based regulation means that risks to the non-achievement of regulatory objectives are assessed in terms of their likelihood and the impact of any harm they cause to desired outcomes, before action is taken. This approach ensures that regulatory activities and resources are prioritised and applied proportionately.
The SRA’s Regulatory Risk Framework outlines how we operate and oversee risk-based regulation through our risk management process, risk governance and the organisational culture required to embed a risk-based approach.’
In December 2012 the SRA published the Regulatory Risk Index (‘RRI’). The RRI provides firms and their compliance officers with a framework within which the SRA intends to measure and assess risk. It also provides us with a clear indication as to the type of information that law firms are likely to have to provide to the SRA in order for them to be able to assess risk.
The risk categories set out in the RRI are:
• Firm viability and structure
• Fraud and dishonesty
• Firm operational risks
• Competence, fitness and propriety
• Market risks
• External risks
The new self-reporting regime was introduced as part of outcomes focussed regulation. The principle of accountability on the part of law firms towards the SRA is not new but the requirement to report information about your firm on annual basis is and it will be that information that the SRA will use to assess the risk that your firm represents to the SRA’s objectives.
Gathering information about the firms that they are seeking to regulate is therefore a key element in the implementation of the SRA’s risk strategy. Whilst at present this appears to be limited to the reporting of complaints and material breaches firms cannot expect this limitation to last for very long. It is therefore very likely that the SRA will begin to require firms of all sizes to report on each of the risk categories set out in the RRI above.
As we have already seen with the SRA’s announcement on their monitoring strategy for the top 600 law firms, the higher the perceived risk the more intrusive will be the monitoring of individual firms.
It is therefore incumbent upon all compliance officers who intend to take their obligations seriously to begin planning for this if they themselves want to avoid being identified as having a higher than normal risk rating - which in turn will result in close monitoring by the SRA.
Most law firms in the UK do not have the resources, expertise or time to plan and implement the changes that are required under OFR. The choices are stark for those who want to ensure compliance: invest the time yourselves, recruit the expertise or engage third party consultants. There is of course another alternative and that is to take a serious look at the emerging software support packages such as Compliance Manager which have been designed specifically to assist you and your colleagues in the implementation and management of OFR throughout the firm.
visit my website