From 1 January 2013, all firms (including ABS's) must have an approved COLP in place, ready to assume responsibility for compliance with their firm's regulatory and statutory obligations. Legal practices are already supposed to be complying with many of the regulatory requirements contained in the new Handbook and it is the COLP who will be directly responsible should the SRA come calling after 1 January.

A quick reminder of the COLP's duties. Under Rule 8 of the SRA Authorisation Rules, the COLP must take reasonable steps to ensure that their firm complies with all terms and conditions of its authorisation (except any obligations imposed under the SRA Accounts Rules); with all relevant statutory obligations; record any failure to comply and make such records available to the SRA. The COLP must also report any failures to comply to the SRA. The questions of "what" and "when" to report are beyond the scope of this article but reporting is a potentially thorny issue for the COLP, who must make the final decision over reporting. Such decisions are best documented in case of future questioning by a regulator.

As COLPs must assume their responsibilities from 1 January, the time between now and then should be used to plan more than just Christmas celebrations as it is not too late to take effective steps towards ensuring compliance. Taking some rudimentary steps now will put all COLPs in good stead to assess their obligations come 1 January and that is as good place to start.

Just as each firm is different, some firms will have in place more mature systems for compliance than others. Some may not have any. What is needed to be done to ensure the Rule 8 requirements are met will therefore vary from firm to firm and there may be a lot to do. But, there are a few universal steps that all COLPs can be thinking about prior to 1 January. These are, in no particular order, as follows.

  1. Prepare a risk register, which documents the risks facing the firm and assesses the impact on clients and the firm of those risks;
  2. Use the risk register to spot any gaps in the firm's existing policies and procedures and make the necessary changes;
  3. Introduce a system for prompt internal reporting to the COLP of breaches of the Handbook;
  4. Collate and maintain a database of breaches of the Handbook;
  5. Decide who will carry out internal "spot" audits of client files and put in place a system of grading compliance and risk awareness, looking for indicators of good risk awareness such as documenting important decisions, and the prompt use of the firm's approved letters of engagement and terms of business; and
  6. Introduce and monitor a system to ensure that regulatory deadlines are not missed and, in particular, that there are robust processes in place for fulfilling undertakings, conflict checks, business continuity planning, taking on new staff/contractors, outsourcing and obtaining regulatory approval for key personnel.

The aim for any new COLP should be to create and/or nourish a firm-wide culture of compliance. This is achieved by means of effective reporting to the COLP (and on to the SRA), the monitoring of internal structures and how risk is managed, ongoing training and internal support and, above all, sharing out the responsibility for the management of risk within each firm. Making a start now, not from 1 January, will help. Good luck.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.