News and Events

The COFA's hitlist 10 things to do for 25 November 2019

  • Posted

The new SRA Accounts Rules come into force on 25 November 2019 and COFAs need to prepare and take the opportunity to review their role. Richard Hill, ILFM Executive Council member and Practice Director at Stepien Lake LLP provides a few tips of what to consider in overseeing the new rules. All of which lead to the need to provide adequate training and support to the firm in implementing the any change with the new rules.

Click here for: Full copy of Legal Abacus SPECIAL EDITION 


The new SRA Accounts Rules come into force on 25 November 2019 and COFAs need to prepare and take the opportunity to review their role. Here are a few tips of what to consider in overseeing the new rules. All of which lead to the need to provide adequate training and support to the firm in implementing the any change with the new rules.

  1. Review your appointment and consent

COFAs should update their appointment and consent, which should cover details of their role under SRA regulations, the firm’s authority, an indemnity from the firm and management’s commitment to assist the COFA in fulfilling their role. If you don’t have a ‘deputy’ COFA in place you should seriously consider this for internal purposes. With the new account rules coming in it is a perfect opportunity to renew and refresh this agreement which could now be 6 years old (compliance officers were introduced in 2013). This can be done in line with the COLP who will need to cover the new SRA Standards and Regulations. It will refocus minds and be a good reminder to everyone about the role that compliance officers play for the firm’s authorisation to practice. Also don’t forget that Rule 9.2. of the new Code of Conduct for Firms outlines the COFAs responsibilities now (will replace SRA Authorisation Rule 8.5 (e)).

  1. New Rules – learn them and keep up to date

The most obvious one! Whilst the consensus is that the new rules will not mean a huge change for compliant firms, there are a few areas that will need to be considered. Your billing process will need to be reviewed with consideration to rule 2.1 and rule 4.3. Some firms have now also been given the opportunity to avoid having a client account with potential exemptions and there could be an opportunity for firms to reduce their risk of handling client money with Third Party Managed Accounts (TPMA). Much has been made of TPMA and many firms are dismissing them already. I agree it is too early at the moment for many law firms to commit to TPMAs, but this could change with the application of new technology to facilitate TPMAs and secure transaction processes that some lawtech companies are already trialling.  

Some of the new rules have created more questions and uncertainty around the outcomes expected by the SRA who seem to have not considered them properly. COFAs may need to grapple with the perception aspects are not required anymore due to the being ‘silent’ in the new rules which is simply not the case. COFAs should stay alert to new guidance promised by the SRA and also become familiar with the new SRA Regulations and Standards that replaces the SRA Handbook.

  1. Document your policies and accounting systems


With the removal of many of the detailed prescriptive rules, firms will have the flexibility to decide how to comply within the new simplified AR framework and provide clarity in the absence of the detailed old rules. Whilst we still await SRA guidance on many areas you should look to define areas such as ‘promptly’, the time frame for paying in cheques, client to business account transfers, billing processes, return of surplus client balances and retentions. Even if firms decide to adopt and stay very much in line with the ‘old’ 2011 rules COFAs should document this and the policies implemented. Your accountants will ask for it and the firm and staff will need certainty when processing client money and with accounting procedures. You should also include any COFA authority protocols such as signing off client retentions, client to client transfers and certain client withdrawals.  

You should also ensure you accounting software will work with any new rule or policy changes.

  1. Banking facilities and client retentions – be on top of this rule

If there is any rule that you should to play particular attention to this is the one. This evolving rule is high on the SRA’s agenda and the SDT rulings demonstrate this. Key to tackling this rule is awareness and training for fee earners as a preventative measure. Unlike many other rules, where the accounts team or cashier can highlight or correct breaches before they happen, if fee earners accept the client sending funds and receives them into client account, the breach has already occurred. Therefore, the first line of defence must be fee earners communicating to clients why they can’t accept funds if they are not specifically linked to a transaction. The new rule 3.3 removes the sometimes hard to define term ‘underlying transaction’ and replaced with ‘regulated services’.

You need to change behaviour to avoid common arguments like ‘I am not acting as a bank, I am acting as a solicitor’ or ‘but I have clients written instructions to accept the funds’.

This is not a rule you can simply regurgitate, and the best approach is to use scenario training giving relevant examples of where you can’t accept client funds so the fee earners can understand the rule in the context of their daily legal work. Explain the consequences of breaching this rule with examples of SRA/SDT rulings and use the SRA Warning Notice (including the case studies) on the issue. Strict policies around escrows, rent deposits, client retentions, general files, funds ‘on account’ and also unconnected payments from client account should be in place. A ‘warning list’ for both fee earners and the accounts team could help them avoid breaches. Look out for the ILFM practice note covering banking facilities.

  1. Bank reconciliation – understand it


The first thing the SRA request when visiting or investigating a firm are copies of their bank reconciliations, even if the issue does not specifically relate to client money. Good bank reconciliations are seen as a quick barometer of the handling of client money and systems in the eyes of the SRA. They are usually the quickest way of highlighting any accounting issues, if you know what you are looking for. Rule 8.3 specifically requires COFAs to not only sign the bank rec, but promptly investigate and resolve any differences. Some COFAs have been signing off the bank rec but do not actually understand it. As COFA you should consider that if the SRA were to ask what have I done to review this reconciliation, what would I say? Can I explain what the reconciliation is and does?  Is the client reconciliation a complete three-way reconciliation?


The new AR has also thrown a bit spanner in the works for many firms by now potentially including any client’s own account that you operate into the bank reconciliation requirements with Rule 10.1. Keep an eye out for further SRA guidance due to be released soon.

  1. Breach management - review any breach register patterns

Rule 9.2. of the new Code of Conduct for Firms replaces ‘material’ with ‘serious’ breach. In essence nothing changes but ‘serious’ could be easier to communicate than ‘material’.

Recording breaches takes time. COFAs should take the time to see if there is a more efficient and accurate way of capturing breaches. Identifying breach patterns is one thing but deciding when a pattern becomes a serious breach still remains a challenge for COFAs.

Trends should be considered; including fee earner, individual or department involved, rule, an internal procedure and maybe certain time periods. COFAs could ask themselves; is a lack of process or system causing this issue? Have we done everything to avoid it? Could it lead to a more serious issue? Has it impacted clients? Would you feel comfortable if the SRA investigated it and you had to explain why it is a minor pattern?

COFAS should consider any change the new policies or rules might have on breaches and any patterns.

  1. Disbursements – know the VAT treatment

Treatment of disbursements continues to be a concern for many COFAs. The ILFM helpline and forum (ILFM Answers) still receives more queries on this issue than any other. COFAs should ensure they understand the vatable treatment of disbursements and stay abreast of updates such as the Brabners and British Airways cases. Changes in the new accounts rules (Rule 2.1 and removal of ‘professional’ disbursements) means the treatment of disbursements will be an area COFAs need to oversee.

  1. Refresh and review - how can we do things betters

Managing the time needed for the COFA role can be difficult, so the changing of rules gives an opportunity to step back and think about how you can do things better and improve the management of protecting client money. Questions to consider can include:

  1. Can we use technology better with COFA dashboard, improved reporting and risk data profiling?
  2. Can we improve how we capture, record and follow up breaches to avoid repeats?
  3. Can we improve reporting of compliance issues with fee earners; aiding better communication and interaction between fee earners and accounts staff?
  4. What help and support do the accounting staff need?
  5. Can we better streamline the accounts system and processes?
  6. How do I manage the change with the new rules?
  1. Internal audit function – put one in place

Whether this be in the form of quarterly audits of processes or file reviews, there has to be a system of checking accounting procedures. The SRA Risk Outlook 2018/2019 states that checks are crucial and firms must undertake a good audit of systems. Audits could cover returning of client balances, completion statements, bills, interest postings (in line with interest policy), office credits and ledger transfers. Some COFAs may find comfort in engaging their accountants to carry out an independent review of the accounting procedures. A ‘success rate’ could be implemented to reduce audits on those that remain compliant to encourage best practice.  

The audit results could be amalgamated into a top 10 hitlist to circulate in the firm to illustrate to everyone what issues are priority within the firm.  

  1. Cybercrime and fraud – don’t be complacent

This has rightly been one of the top priorities in protecting client money. COFAs should not let this slip and keep abreast of new threats and best practice. Exploring cyber safety such as safe phishing campaigns and Cyber Essentials certification. COFAs also need to consider employee fraud and using exit interviews and appraisals.