How modern law firms can mitigate risk and stay compliant with legal tech

In the final episode of the Build Better Habits series two, we were joined by Amy Bell, owner of Teal Compliance, Karen Edwards, head of professional development at ILFM, and Alex Simons, new business manager at The Law Factory. Our expert panel shared their practical advice and guidance on how to mitigate risk and make compliance easy with legal technology.  

This episode covered:

  • The impact of being data-driven in mitigating risk
  • The digital-focused habits firms should adopt to stay compliant
  • How to avoid the common compliance pitfalls most SMEs face
  • How your risk strategy impacts your client service
  • Best practices for building a compliance-focused culture

The impact of being data-driven and using the right digital tools in mitigating risk

The panel agreed that having access to the right technology tools and data is crucial in proactively staying compliant as opposed to fighting fires.

Amy emphasised the importance of being proactive with the data you hold: “being digital-focused enables you to access the data that’ll give you confidence that you’re doing everything you should to mitigate risk.

“From a productivity and profitability point of view, the tech reduces waste, but collecting data helps you horizon scan. We tend to react to breaches and law changes rather than proactively review, and that’s our opportunity with tech. Your case management software (CMS) is full of data you can use to get confident that you’re managing risk.”

Karen agreed that data should be used to proactively mitigate risk but emphasises the importance of having accurate, reliable data. “Having accurate data in place helps you understand what the risks are to your firm. Once you understand the risks, you can adapt your tools effectively.

“All risks to your firm can be measured, monitored with tech, but the systems have to be used properly and the right data needs to be captured.”

Alex focused on compliance from an accounts perspective and explains that the SRA will always want access to your data – if there’s a complaint or breach –  to understand the reasons behind it. “My recommendation is to hold on to your data and look after it, because you’re going to need it in the future.”

How to avoid the common compliance pitfalls most SME law firms face

“It’s the basics that are the biggest problems.” Alex shared how it’s the basics throughout the accounting processes that cause SME firms the most compliance issues. “Firstly, when you have a hybrid team, a paper-based system no longer works. Especially when you’re dealing with thousands in a conveyancing processes, a scribbled on piece of paper isn’t good enough.

“The firm needs to stay on system and ensure all data and actions are kept on your CMS as that will provide an audit trail to keep you compliant.”

Karen agreed that staying on system is important for managing compliance risks as well as security and data breaches: “Everyone needs to be using the systems consistently. Make sure everything is documented in a policy, people are trained on the processes, and everyone knows where to find the right data.” Engineer your policies into your legal software to standardise operations and utilise your system to store all your data in a single source of truth.

Amy highlighted six of the common pitfalls she regularly observes in SMEs:

  • Not analysing why things go wrong
  • Data is siloed
  • Employees are at maximum capacity
  • Ignoring the data
  • Responding to non-compliance too late
  • Not leveraging client due diligence (CDD) technology

“The biggest pitfall I see is assuming that when things go wrong it’s a one-off and firms put it down to human-error. But that’s not the data you need: you want to know why it went wrong and what policy needs to change to stop it happening again.

“Technology can help with doing a root cause analysis. I like the Five Whys model. For example, the issue is we missed a key date, you then to ask at least five whys. Why? Because it wasn’t put in the court diary – why? Because it was supposed to be done by this person – why? That part of the process wasn’t followed – why? The training hadn’t been completed – why? Because that particular person was too busy.

“That’s when you start to uncover the real root cause of the issue. Behind a lot of the analysis – when it’s done – it typically uncovers that no one has enough resource. Poor capacity management is a massive contributing factor to mistakes being made.”

Seven habits law firms should adopt to ensure staying compliant  

The panel agreed that modern law firms should focus on the following digital habits to mitigate risk and stay compliant:

1. Implement control mechanisms

Amy explained that firms should “implement control mechanisms in the technology so you’re not relying on people to remember all requirements.” Karen agreed and recommended using workflows to standardise operations: “Controls can be put in place via workflows to monitor file management behaviours.”

2. Be disciplined with your data

Karen recommended firms need to “capture all data digitally on a file including key dates, client details, communications etc so that anyone can pick up the file and progress it.” Amy agreed but warned that firms need to, “have real discipline about where your data is stored. Not just from a GDPR point of view, but if someone is away you need access to all files.”

3. Stay curious

To improve tech utilisation Amy suggested that firms “be curious as to why people are not doing what they were told to do. I’ve seen many cases where people simply don’t like something, so they find workarounds. That’s frustrating but no one tends to ask why and there’s probably a sensible reason. Analyse the tech usage and get a feedback loop so you know why. Perhaps it’s a training issue or the software doesn’t work as you’d expect. Focus on curiosity not blame.”

4. Update little and often

Alex highlighted the benefit of updating your files little and often to avoid compliance errors. “If something goes wrong and you’ve not updated your files, then that’ll be picked up on an audit. If you’re in the habit of leaving things late, that habit will get picked up in an audit and they’ll highlight it as a systematic problem.”

5. Review and report regularly

“Provide visibility to everyone involved.” Alex emphasised the importance of individuals having access to the data they need to proactively monitor compliance. “An issue I see regularly is residual client balances and the SRA are hot on this at the moment. You can simply report on these every week and send the data to fee earners to action. Tech makes that a lot easier; I know Osprey has automated reports.

“This means the problems don’t build up and the report becomes an expected habit by fee earners, who can better plan their tasks and manage resources.”

6. Set up before you start

For any new software project, Alex recommended ensuring you’re set up effectively before rolling out the system to the wider team. “If you want to be compliant and use the tech effectively, you have to set it up properly. Understand what you’re paying for, what features are available and get them set up in the way you want to work. If you provide a blank template to employees they will find workarounds and get into their own bad habits.”

7. Prioritise continuous training

Karen highlighted the importance of continuous training: “Make sure you’re using the digital system effectively and the right data is being inputted. Offer continual training to ensure processes are effective.” Ongoing training on the system will not only improve confidence of users but enable them to better use the tools to their advantage.

Implement digital habits to build a solid foundation for compliance and risk management

Implementing the right digital tools, adopting effective habits, and capturing the right data is crucial to proactively mitigating risk across your business. Being proactive will help you stay one step ahead of detrimental financial or reputational damage that is linked to compliance breaches.

It’s often the basics that are overlooked when managing risk and legal software can provide a consistent and digital foundation for standardising and pre-supervising operations. But the tech tools can only be successful if the culture and mindset of the firm focus on compliance as a client care priority. When the client experience is prioritised, and that’s reflected in the success measures of the firm, compliance becomes an easier task to manage.

For exclusive advice and guidance on mitigating risk with legal tech, watch the full episode on-demand now. In the webinar, Amy, Karen, and Alex share more of their experiences and knowledge in building a successful modern law firm, including the connection between compliance and your client experience, and how to ensure your culture prioritises compliance.

Being digital-first is one of the four fundamental habits we’ve outlined that all modern law firms should adopt for long-term success. We’ve covered all four habits in our Build Better Habits webinar series, which you can watch on-demand now.