The SRA will shortly be changing the Code of Conduct. That will be the fourth time the SRA has changed the Code in 12 years. COLPs may well feel aggrieved that the changes lead to unnecessary cost as firms try to change their practices to ensure compliance with ever changing rules.
On the face of it, there are some dramatic changes. At present there is one Code for individuals and firms. Under the new rules, there will be two separate Codes for individuals and firms. The Outcomes of the 2011 Code have been abandoned. Indicative behaviours have disappeared completely. New rules, which are now called “Standards”, take their place.
Despite those changes the SRA informed the LSB when applying for approval that:-
“Firms and individuals who do not want to make changes to their current arrangements will in the main not have, or need, to do so”
COLPs should be wary of relying on that statement. There are in fact a number of changes to the Codes which COLPs need to take into account to ensure that their firms do not inadvertently breach the new Codes.
This article identifies the new standard which sets out the COLPs duties and then summarises eight of the main changes to the extent of the COLP’s duties.
The COLP’s duties are set out in standard 9.1 of the SRA Code of Conduct for Firms 2019 (“the Firm Code”). Standard 9.1 states:
“If you are a COLP you take all reasonable steps to:
(a) ensure compliance with the terms and conditions of your firm’s authorisation;
(b) ensure compliance by your firm and its managers, employees or interest holders with the SRA’s regulatory arrangements which apply to them;
(c) ensure that your firm’s managers and interest holders and those they employ or contract with do not cause or substantially contribute to a breach of the SRA’s regulatory arrangements;
(d) ensure that a prompt report is made to the SRA of any serious breach of the terms and conditions of your firm’s authorisation, or the SRA’s regulatory arrangements which apply to your firm, managers or employees,
save in relation to the matters which are the responsibility of the COFA as set out in paragraph 9.2 below.”
Behaviour outside the office
Standard 9.1(b) places COLPs under a duty to take reasonable steps to ensure managers and employees do not breach any of the regulatory arrangements relating to them. Managers and employees who are solicitors are under a duty to comply with the Principles, and a number of the Principles (such as the duties to uphold the law and encourage equality diversity and inclusion) extend to an individual’s private life.
That means that the COLP’s duty to ensure managers and employees do not breach the Principles extends to behaviour outside the office. It may require (for example) new provisions in employment contracts and firm manuals on behaviour outside the office, including behaviour such as drink driving and comments on social media which offend the principles of equality diversity and inclusion.
It is a common misconception that the COFA is the only compliance officer responsible for monitoring and controlling financial stability. Under the 2011 rules, the COLP and the COFA are jointly responsible (the COLP’s responsibility arises under Outcome 7.2 of the 2011 Code).
The position will change under the 2019 regulatory arrangements, as there will not be an obligation on the COFA to monitor and control financial stability. There is an obligation to “actively monitor” financial stability under Standard 2.4 of the Firm Code, and the obligation to police that monitoring falls on the COLP alone under Standard 9.1(b) of the Firm Code.
Contracts with third parties
Standard 9.1(c) of the Firm Code places an obligation on COLPs to monitor contractual arrangements with third parties to ensure they do not cause or substantially contribute to a breach of the SRA’s regulatory arrangements.
Surprisingly, the obligation in Standard 9.1(c) relates to third parties with whom the managers and interest holders contract, rather than third parties with whom the firm contracts. However the rule is likely to be treated as a rule which encompasses contracts between the firm and third parties. It is likely to place COLPs in a position where they need systems to monitor the firm’s outsourcing arrangements, as well as arrangements with for example claims management companies and medical agencies in personal injury work. The monitoring may need to encompass issues such as data protection, confidentiality, the need for solicitors to maintain their independence, the need to act in the client’s best interests and cold calling.
Standard 7.1 of the SRA Code of Conduct for Solicitors, RELs and RFLs 2019 (“the Individual’s Code”) introduces a new standard requiring solicitors to keep up to date with the law. An identical provision has been added to the Firm Code (standard 3.1), and that means that the SRA expects firms to make sure that all the solicitors in the firm keep up to date with the law. COLPs are likely to need to introduce new systems to monitor continuing competence.
Standard 3.6 of the Individual’s Code and standard 4.3 of the Firm Code impose a similar obligation on COLPs to make sure that all employees and managers understand their “legal, ethical and regulatory obligations.” It is not clear what is meant by “ethical” obligations, or whether the ethical obligations are wider than the obligations under the Principles.
The scope of the work carried out by the firm
Rule 6.1 of the SRA Authorisation of Firms Rules 2019 restricts the scope of work which can be carried out by all regulated firms (apart from ABSs) and will therefore place a duty on the COLP to monitor and control the scope of the work carried out by all members of the firm.
Rule 6.1 states that the business of recognised bodies and recognised sole practices “may consist only of the provision of (a) professional services of the sort provided by individuals practising as solicitors and/or lawyers of other jurisdictions, (b) the services set out in annex 2 (whether or not they are also included in paragraph (a)) and (c) if the firm has a notary… professional services of the sort carried out by notaries public.”
Annex 2 lists twelve categories of business which can be carried on: ADR; financial services; estate agency; management consultancy; company secretarial services; other professional and specialist business support services including human resources, recruitment, systems support, outsourcing, transcription and translating; accountancy services; acting as a Parliamentary agent; acting as a bailiff; education and training activities; authorship, journalism and publishing.
The COLP will have to take reasonable steps to ensure that none of the firm’s business activities fall outside the scope of rule 6.1 and Annex 2.
As stated above, Rule 6.1 does not apply to ABSs. There is no need for it to do so because an ABS is already under a comparable obligation to comply with the terms of its licence and any conditions or waivers attached to the licence. By standard 9.1(a) of the Firm Rules, the COLP of an ABS will be under a duty to take all reasonable steps to ensure that the ABS complies with the terms of its authorisation.
Rule 8.5(c) of the SRA Authorisation Rules 2011 states that the COLP must take all reasonable steps to record any failure to comply with any obligations imposed under the Handbook (apart from the Accounts Rules) and make such records available on request to the SRA. That express duty has been removed from the new standards (see standard 9.1 of the Firm Code). However that does not mean that there is no longer a need to keep records of breaches. The SRA has often said that records of breaches are needed to monitor a firm’s systems and to identify any patterns of breaches which, when viewed cumulatively, constitute a material or serious reportable breach.
Cybercrime and client instructions during the course of the retainer
Standard 3.1 of the Individual’s Code introduces a new standard requiring solicitors to only act on instructions from the client, or someone with authority to provide instructions on the client’s behalf. An identical standard has been added to the Firm Code. In the SRA’s application to the LSB for approval of the new regulatory arrangements the SRA said that it is introducing those standards to combat the increasing prevalence of cybercrime and identity fraud. Cybercrime scams continually change, because businesses become aware of the old scams and rogues have to find new ways of scamming victims. To comply with the new standards it may be advisable for COLPs to introduce a system for keeping up to date with published reports on new cybercrime scams affecting law firms (the SRA and the Law Society for example publish information on scams affecting Law Firms), to review the firm’s systems on a frequent basis to ensure they provide protection against the new scams and to train staff on a regular basis on the ever changing nature of cybercrime fraud.
Reporting serious breaches
Under rule 8.5(c) of the SRA Authorisation Rules 2011 the COLP is under an obligation to “as soon as reasonably practicable report to the SRA any material failure… to comply…[with the rules]”. The wording of that obligation changes under the new standard 9.1(d) of the Firm Code to an obligation to “ensure that a prompt report is made… of any serious breach”. That new wording probably makes no practical difference to the reporting obligations.