Welcome Grant Sanders, our Guest Writer and ILFM Member. Over to you Grant.....
Here’s a little background of who I am and which firm I manage. My name is Grant Sanders and I’m the Practice Manager and Compliance Officer for Legal Practice (COLP) at Stephen Rimmer Solicitors. We are a traditional full-service, high-street practice with three offices and around a hundred staff based in the Southeast of England.
About our Accounts Department
We have a busy finance team made up of three accounts executives dealing with our client and office accounts, purchase ledgers and day to day activities. We have a Head of Finance who prepares the Management Information reporting for the firm and deals with our SRA accounts audits together with our Compliance Officer for Finance and Administration (COFA).
Risk Management
Risk management is not something to shy away from, but neither does it have to be something that keeps you up at night. You don’t need expensive consultants or huge budgets, but you do need a good team around you.
For me, as the PM as well as the COLP, I have open dialogue with our COFA at all times, and all our colleagues know that they, and I, have an open door and can speak freely with full transparency.
Training Our Employees
Training plays a big part in our firm, and especially when it comes to compliance. If you or your team are serious about becoming skilled risk managers, then training should be encouraged. As members of the ILFM we are serious about ensuring our colleagues have consistent training from their skilled tutors, which in turn shows our clients that we care about them. Handing client money and protecting it from an AML, risk and cybersecure perspective is key, which brings me nicely to why we like being members of the ILFM and receiving industry training through them:
- SRA Accounts Rules and on-going updates
- Legal Practice Management Masterclasses
- Billing with VAT in Legal Practices
- Disbursement v Recharges (love the intense one-hour training!)
- Fundamentals of Legal Cashiering
- COFA Masterclasses
Compliance and Risk Management
I work closely with the COFA, and we have regular risk and compliance meetings. Our “Risk Team”, which is made up of the COLP, COFA, AMLRO, DPO and Complaints Partner also meet twice a year to discuss SRA Priority Risks, Financial Crime Risk and specific operational risks within the firm.
When thinking about Financial Crime Risks the three main areas you should be alert to are;
- Property Fraud – despite well-publicised property fraud cases such as Purrunsing v A’Court, P&P Properties v Owen White & Catlin and Dreamvar v Mischcon de Reya and Mary Monson, solicitors’ firms are still falling prey to similar frauds or people impersonating owners and selling the property to a third party.
Through our Case Management System, we carry out risk assessments and ongoing monitoring. By following the initial draft Legal Sector Affinity Group guidance in 2021 (now approved by HM Treasury) we increased our due diligence on CDD with facial recognition software that, when used, conforms to the HMLR Safe Harbour standard adding an additional level of protection.
- Third Party (‘Push Payment’) Fraud – on the rise since 2014 underpinned by cybercrime, data breaches and social engineering.
Payments should be made strictly only to the account nominated and which ties to the client’s identification. This should be a firm-wide policy and you should not be swayed, no matter what urgent, personal, sensitive or distressing reasons are attached to a request. If you feel under pressure because of these reasons, I’d always say, step back, speak to your compliance officers before you go ahead.
Our finance team personnel are the last line of defence and we have tried to empower them to be able to act independently and with authority and not take anything as true without evidence no matter who or at what level of seniority the instruction comes from and what pressures accompany it.
As ILFM members, our finance team including legal cashiers, have that support and training that they need to back them up in this regard. We all know the Friday Afternoon Vishing attacks are targeted our legal firm accounts’ teams.
- Insider Fraud – common types are administering the accounts of individual clients where a single person has sole authority. Unofficial borrowings form client account or billing fraud – inflating time spent and/or fees charged to meet or exceed targets.
If there is a serious breach in the finance function, it can potentially be much more damaging than a breach in any other area of compliance. The senior management team here at Stephen Rimmer Solicitors promote the value in educating fee-earners about the main responsibilities of the accounts function to try and help reduce errors and mistakes.
All breaches need to be recorded with reasoning as to why or why not they are reported directly to the SRA with any material breaches needing to be reported on discovery.
Finally, the SRA also places a huge emphasis on financial stability and has recently reported that there has been a sudden spike in the number of firms reporting that they are facing financial problems. Rule 2.4 of the Code of Conduct for Firms says that firms must “actively monitor financial stability and business viability” and rule 3.6 requires prompt notification of “any indicators of serious financial difficulty”.
Stephen Rimmer Solicitors
Comments