Contents
How to ensure a proactive compliance culture within your firm to mitigate risk
In this conversation, David Gilmore – director of the largest provider of strategic and compliance services to the legal sector in England and Wales – shares his decades of experience to help you ensure compliance and mitigate risk throughout your firm.
David Gilmore, founder of DG Legal and member of the Law Society’s leadership and management committee, joined me for episode four of our interview series: Empowering law firm leaders. In this conversation we discuss how SMEs can instil a culture of compliance that helps to ease the pressure of staying compliant and mitigating risk.
In this conversation we cover:
- Common compliance pitfalls to avoid
- Risk management best practices
- Tips for building a compliance culture
- How to keep up to date and enforce changing compliance requirements
Watch the interview with David Gilmore:
David Gilmore’s top tips for running a successful modern law firm
After working with thousands of legal practices, David shares his top three tips for running a successful modern law firm.
- Be contactable – “I find it very odd that in 2023, most law firms are not responsive after 5pm, and some don’t answer the phone at lunchtime. If you cannot answer the phone during certain times then use a telephone answering agency. The costs involved would be more than mitigated by the additional clients you would get.”
- Turn your organisation chart upside down – “Traditionally you’ll have the directors at the top and the support staff at the bottom. But to me, the person answering the phone and on reception is the most important person in the firm – certainly for high street firms because first impressions really do count. The way a potential client is treated makes all the difference in turning them into a paying client.”
- Get ideas from across the business – “I’ve learned from experience that some of the best ideas come from support staff. Some of the more successful firms I’ve worked with get the staff involved in the business and marketing plan.
Key compliance challenges and pitfalls SME law firms face
David sympathises with SME firms who have to keep with all the changes to requirements and legislation. “I think the key challenge has to be keeping up with all of the requirements, especially if you’re a small firm.”
Not only is there the SRA’s standards and code of conduct, but also the multitude of legislation to money laundering, financial sanctions and other regulators such as the ICO and Legal Ombudsman. “I think it’s incredibly difficult to run a law firm and be completely compliant.”
David shares that the biggest compliance pitfalls he often sees is firms not understanding what is expected of them in relation to AML and SRA Transparency Rules. “With AML, many firms have not carried out an adequate, firm-wide risk assessment and/ or independent AML audit. Some firms are doing too little, and oddly some are doing too much.” David explains that too many firms prefer a structure flow chart type approach to AML due diligence, but it needs a risk-based approach per client to also ensure you’re also giving a good client experience.
“The SRA has lost patience with firms in regard to the Transparency Rules. There are many firms out there that believe the rules only apply to certain categories of law; it’s just not the case. Other than the price elements of the rules, there are elements that apply to every firm.”
About David Gilmore
After university, David spent several years as branch manager in high street banks and retail stores before joining the Legal Aid Agency and later starting DG Legal in 2000.
DG Legal is the largest provider of strategic and compliance services operating in England and Wales. They also offer over 180 practice management and compliance training webinars which have been watched by over 70,000 legal professionals.
Three best practices law firms should implement to mitigate risk
David shares his three best practices that help law firms proactively mitigate risk and avoid errors. The best practices also encourage firms to evidence the level of risk management that is taking place to show regulators that you’re prepared and considered.
1.Prioritise training
David believes managing risk starts with training to ensure everyone is clear on what is expected and that no one is assuming tasks are being completed. “The SRA are very keen on what they call outcome focused regulation. They’re not particularly prescriptive, so it’s up to law firms and lawyers to work out a system which is compliant.” David suggests that this should involve maintaining a central, digital record of policies and procedures and creating a series of checklists for the duties of COLP and COFA. “For our clients we ask them to complete checklists for their compliance officers so it’s clear what they’re actually supposed to be doing in practice.”
2. Maintain a Risk Register
As part of the central records, “The most important central record is the Risk Register. It’s not mandatory to have one, but if the SRA asked and you didn’t have one, I think it’ll be quite hard to define your position.” The Risk Register helps not only to identify the risks that impact your firm but importantly, the processes, skills, and tools needed to minimise and avoid the risk all together.
3. Complete file reviews
“File reviews also aren’t mandatory, but if a law firm got in trouble, one of the questions the SRA will ask is ‘do you have a file review process?’ and they’ll consider if the file review process is just a tick box exercise”.
David explains that a file review is a powerful process in mitigating risk because they cover two elements. Firstly, the file review is considering elements of compliance like conflict checks, client care letter information, identity checks etc. and secondly, it should also consider the validity of the legal advice that was given.
Creating a culture that prioritises compliance
Prioritising compliance as part of the culture in a firm helps to instil risk management behaviours and habits as part of the foundation of the business. Ensuring compliance can feel like an uphill battle if it’s not part of the value set and prioritised by everyone, and that’s when compliance becomes a tick box exercise.
“Firms should go wider then simply setting fee earning targets.”
David recommends that leadership must emphasise and model an open culture: “Staff should be praised for raising problems rather than burying them.” Workplace culture is built from the motivations and passion of every employee. It requires management to communicate and role model the ideal behaviour, but for all employees to buy-in and invest in the brand values. This is why David believes the hierarchy within a firm should be challenged: “It’s better now, but I still notice a two-tier culture in firms where you have the lawyer up there, then the support staff down there, and that’s poor. The support staff are so valuable; I believe they should be given the same status as a fee earner.”
When errors or mistakes are made, it’s not only important to flag them, but to also learn from them to avoid the same mistake happening twice. David explains that, if mistakes are discovered, the SRA like to have evidence that measures have been implemented to prevent the same problem happening again.
How to effectively communicate and enforce compliance policies across the firm
David’s primary best practice for mitigating risk is to prioritise training, but that won’t become part of the culture unless it’s encouraged by management. Taking time for training needs to be modelled by leadership in order for it to be prioritised: “One thing I learnt from my first job experience was the importance of having regular group training. In the bank I worked for, they opened 30 minutes later, a day a week, to have a weekly training morning. This was great for the staff because it showed them that the business was taking training seriously. We do this now at DG Legal every Monday morning.”
Aligning success measures to the behaviours and habits you want to instil also helps to emphasise the importance of compliance processes. “Firms should go wider then simply setting fee earning targets. When appraising staff it’s good to include other metrics, for example good file review results, responsiveness to clients, client feedback scores or ReviewSolicitors scores.”
How legal tech can help solicitors stay compliant with the SRA Accounts Rules
This guide provides advice and guidance on how your legal tech – primarily case management and legal accounts software – can assist in meeting the requirements of the SRA Accounts Rules. Reduce errors, improve visibility, and gain control of your client and office accounts with ease.
Find out moreWhat’s the impact of non-legal employees in the performance of a law firm?
“Hiring experienced operational managers from other sectors can be really helpful.” David believes that ABS firms have helped to progress the sector forward quicker, because non-legal leaders are innovating away from tradition and pushing the boundaries as to what is possible.
“I think the impact of ABS has been positive. ABS firms often have an experienced business leader, entrepreneur, or accountant on the senior management team and this adds to the diversity of experience.
“I’ve always found it quite odd that almost every senior partner of a traditional firm has known nothing else but law and so have had no business experience outside the sector. I think that is why the sector isn’t at the same [innovation] level like the tech, finance or insurance sector, but ABS has helped to move that towards a much better direction.”
“Hiring experienced operational managers from other sectors can be really helpful.” David believes that ABS firms have helped to progress the sector forward quicker, because non-legal leaders are innovating away from tradition and pushing the boundaries as to what is possible.
“I think the impact of ABS has been positive. ABS firms often have an experienced business leader, entrepreneur, or accountant on the senior management team and this adds to the diversity of experience.
“I’ve always found it quite odd that almost every senior partner of a traditional firm has known nothing else but law and so have had no business experience outside the sector. I think that is why the sector isn’t at the same [innovation] level like the tech, finance or insurance sector, but ABS has helped to move that towards a much better direction.”
How to keep up to date with evolving compliance requirements
David shares his three top tips for staying on top of the evolving compliance changes and requirements:
1.Subscribe to newsletters
“I would start by subscribing to the various bulletins. Some are free, such as the SRA’s compliance bulletin, which is very good. There’s also the Law Society’s Practice Notes service.” DG Legal also offer hundreds of free compliance and practice management webinars.
2. Buddy up with other firms
“I would consider buddying up with other firms to share experiences and best practices.” You don’t have to go it alone and sharing knowledge – whether that’s successes or failures – is a great way to ease the burden of learning every update.
3. Have a system
“Unless you’re a large firm, keeping on top of compliance doesn’t need to be a full-time job. Once you have a compliance system in place, it really shouldn’t take much of your time to maintain.” Spending time up front to define, document, and create a central system to maintain your records and policies creates a foundation for easier ongoing maintenance. Couple this with regular files reviews to stay proactive in mitigating risk.
Mitigating risk in SME law firms requires a proactive compliance culture
No matter the digital tools, policies, or procedures you have in place, mitigating risk and staying compliant will only become easier if you instil a culture of proactive compliance.
David emphasises the importance of team training and aligning success measure in building a compliance-focused culture. When management are seen to prioritise and model behaviours of compliance, this is inevitably reflected in the behaviours and habits of the whole team.
Watch the full interview with David Gilmore now to discover more advice and guidance on mitigating risk in your law firm. You’ll also hear David’s exclusive advice on what SMEs should be looking out and preparing for in regard to the future of compliance.
Related Articles
How to be CQS compliant part 1: A guide to the new updates to the CQS Practice Management Standards
Understand the latest changes to the CQS Core Practice Management Standards to ensure your firm stays compliant.
Find Out More
How modern law firms can mitigate risk and stay compliant with legal tech
For the final episode of series 2 of Build Better Habits, our expert panel shared their practical advice on how to mitigate risk and stay compliant with legal tech.
Find Out More
AML update: How to avoid common compliance pitfalls and fines
The SRA found that almost a third of firms are failing to get the basics of AML compliance right. Discover the tools and best practices you need to avoid financial penalties.
Find Out More