Why Law Firms Need Risk Management

Higher standards, more exposure

How law firms are managing increased levels of accountability 

Risk management standards in law firms have improved over the years. While this has been a positive development, regulatory changes and rising client expectations, among other challenges for law firms, have also led to firms and lawyers being held more accountable for perceived missteps.

In one recent example, the Solicitors Regulation Authority (SRA) tried to prosecute Dentons, alleging the firm had breached money laundering regulations in respect of its retainer with one particular client from 2013 to 2017. Dentons argued that the SRA was not basing its prosecution on regulations that were in effect at that time. While the case was dismissed, it underlined the concerns law firms have about protecting and defending themselves in the current business environment, as well as raising concerns as to which standards are being applied when viewing a firm’s conduct, those in force at the time of the alleged misdemeanor, or those currently in force.¹

Indeed, as scrutiny of firms has increased, there has been a corresponding rise in the resources firms are devoting to responding to potential risks. At offshore law firms in particular, the intensity of scrutiny through organisations including the anti-money laundering body MONEYVAL and the Financial Action Task Force, is such that law firms are dedicating whole teams to respond to audits, inspections and requests for information.  Firms with a presence in England and Wales will also have to add the SRA to that list.  This places law firms in the delicate position of having to protect themselves from increased exposure to risk (and the financial and reputational consequences those risks generate), all while they strive to create cultures in which employees feel more comfortable owning up to mistakes before they become full-blown problems.

“Law firms feel pressure to manage their risks carefully enough so they can successfully defend themselves against scrutiny, yet they also feel the need to create judgment-free working environments in which employees feel comfortable making mistakes and taking responsibility for their actions,” said Sharon Glynn, managing director at Travelers Europe. “This can feel like an impossible line to walk, but when a law firm succeeds in encouraging employees to get mistakes out in the open early, they give themselves far better opportunities to manage and mitigate their risks.”

Striking the right balance

The steps that firms and individual lawyers take before accepting a client, as well as throughout the life of the retainer with that client, impact their ability to manage risks and defend themselves against potential criticism. For example, a firm’s risk management committee – or, in the absence of a committee, its senior management – can participate in early discussions to determine which clients they can accept from a risk and compliance perspective. They can carry out due diligence on potential clients using a risk management framework to anticipate possible exposures, as well as conflicts with their culture and values. Once a firm begins working with a client, individual solicitors can record details of their day-to-day work with the client so they can more capably defend themselves in the event of an audit.

Taking these steps in conjunction with recommendations from regulators and other advisory bodies can further ensure that a firm is operating in a manner that helps it avoid being surprised by risks later. Such efforts have succeeded in a number of offshore firms. In Jersey, for example, MONEYVAL has praised the jurisdiction’s progress in improving measures to prevent money laundering and the financing of terrorism, according to a recent report from the Council of Europe.²

“Solid risk management structures serve as safety nets – and they can provide both security and freedom within a law firm,” said Glynn. “They protect firms from the consequences of business risk and raise awareness among employees about the risks they decide to take on. This gives firms more room to manoeuvre. When employees have protective structures in place, they can operate more confidently within them, knowing they have taken the steps needed to guard against their exposures.”

This article is provided for general informational purposes only. It does not, and it is not intended to, provide legal, technical, or other professional advice, nor does it amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. Travelers does not warrant that adherence to, or compliance with, any recommendations, best practices, checklists, or guidelines will result in a particular outcome. Furthermore, laws, regulations, standards, guidance and codes may change from time to time, and you should always refer to the most current requirements and take specific advice when dealing with specific situations. In no event will Travelers be liable in tort, contract or otherwise to anyone who has access to or uses this information.

Travelers operates through several underwriting entities in the UK and Europe. Please consult your policy documentation or visit the websites below for full information.

Sources:
¹ https://www.lawgazette.co.uk/news/sdt-dismisses-case-against-dentons-as-sra-left-with-massive-costs-bill/5119021.article
² https://www.coe.int/en/web/moneyval/-/moneyval-acknowledges-jersey-s-progress-in-improving-measures-to-combat-money-laundering-and-financing-of-terrorism