Managing risk

With firms facing a new regime in risk management, highlighted by the SRA ramping up its inspection programme, FD Legal asks Annette Fritz-Shanks, of Taylor Wessing, and Fergal Cathie, of Barlow, Lyde & Gilbert, about their perspectives on changing legal attitudes to risk.

By Caroline Poynton

Why and how has the legal profession had to change its attitude to risk management in recent years?

Annette Fritz-Shanks: I think this has been driven by five factors:

Regulatory – the Solicitors Code of Conduct is very clear in Rule five about how law firms (in whatever guise) must run. I wonder whether this was done in anticipation of legal disciplinary practices etc, so that law firms would still retain a distinctive ‘law firm’ look in having requirements about supervision, compliance with client-care regimes etc. Then there is the general anti-money-laundering environment – increased numbers of prosecutions of solicitors and a greater awareness of the role of solicitor as gatekeeper;
There have been some high-profile claims, not just about negligence, in recent years, which were not really about getting the law wrong but about client-care issues (fee estimates, conflicts). I am not sure that this makes law firms necessarily more vigilant (many still have the ‘it will never happen here’ approach, although that is not the case at Taylor Wessing) but it does add to the risk-management climate;
A recognition that better internal business practices do make for a better business. Against the background of more open financial reporting as more firms become LLPs, running the business well is increasingly significant. This means taking necessary steps to lower cost bases (increasing profitability through fewer complaints/claims – although this is notoriously hard to prove); having more responsive business processes and systems to create competitive edge; and evidencing to insurers what risk-management measures are in place, which can impact on premiums. The direct correlation between Lexcel and lowering of premiums, about which insurers are completely open, supports this;
There seems to be a desire to reflect the clients’ own business practices. In a culture where lawyers are under pressure to give advice directed toward the client’s business objectives, being able to demonstrate to clients a tidiness about the way the lawyer’s own business is run also assists with attracting and retaining clients;
A pressing need to recruit and retain good people. Anecdotally, as someone who has been heavily involved in graduate recruitment, I am amazed by the number of candidates who showed a genuine interest in the firm’s business and risk-management systems alongside the general environment, work types and client base.

Fergal Cathie: The world has changed and all professionals, including lawyers, are not only finding themselves working in an increasingly regulated environment but also one in which there is greater potential for very large claims to arise. This, combined with the increasing sophistication of clients as buyers of legal services, means that law firms have had to move with the times – that involves a more rigorous approach to the engagement of clients at the start of the relationship, including dealing properly with conflicts and clearly scoping the client retainer, than might have been the case in the past. It also requires very careful handling of claims when they arise.

Where do you think firms are currently most vulnerable to claims?
FC: We are seeing a clear upturn in the number of claims involving allegations of fraud, particularly in the property sector. With suggestions that some mortgage lenders have overstretched themselves, there is the potential for lenders to start looking more closely at the adequacy of securities arranged during the property boom, so that increases the possibility of claims against law firms involved in property transactions.
On a general level, there has been a great deal of corporate activity over the past few years. An economic downturn is likely to encourage some clients to look more closely at the quality of advice they have received, as they cast a critical eye over deals done during the boom years. In some cases, they may seek to unravel them.

How should firms go about effectively assessing and prioritising the risks they face in their firm?
AFS: This will vary greatly from firm to firm. The easy answer is to start with a status audit, which is often done by an independent ‘outsider’. Obviously a detailed analysis must be undertaken and vested interests should be stripped away so true priorities can be revealed. Areas of concern where the firm is exposed to serious risk (and you need to define and prioritise what the firm regards as serious risk – is it regulatory sanction, claims and complaints etc?) should be targeted first. I am also of the view that some ‘quick wins’ are important. If there is a risk which can easily be managed or eradicated, then it is worthwhile also prioritising that to demonstrate what risk management is about.

What key recommendations would you give to a firm facing a claim?
FC:

Immediately identify and preserve all documents that will have a bearing on the claim;
Don’t create ‘back covering’ documents, which could later become disclosable;
Identify the key witnesses, and keep them separate from the team handling the claim itself;
Accept that claims are inevitable from time to time.

What key challenges do firms face in making risk management and compliance part of their firm’s day-to-day working culture?
AFS: From the feedback that I have heard from others in this area, the biggest challenge is ensuring genuine senior buy-in. This means partners who are senior and/or those regarded as ‘successful’ within the firm’s cultural context and the firm’s management not just paying lip service to professional standards and risk-management initiatives but actually leading by example. This needs to be supported by the firm’s values and a demonstration of what really is valued. Bad behaviour must not be tolerated or seem to be sanctioned.
My own view has always been that risk management is a rather negative way to cast the whole function and processes. The wide-ranging Code of Conduct covers all of these ‘risk’ issues (even including reputational risk which is covered by one of the Rule 1 core duties, as well as, for example, Rule 7). I therefore prefer a more positive approach based not on fear (the ‘big stick’ and sanctions) but based on the fact that we are members of a profession that has a guide to what professional standards are required of us. In those circumstances one has to ask what further incentivisation should be needed for us to be professional?
Another challenge is finding good, competent support, which is required to implement, manage and audit good risk-management systems and processes. These people need not be specialists, but members of the support teams, however large or small they may be, need to be able to support risk-management initiatives.
Finally I think there are some serious ‘cradle to grave’ training challenges, which begin at the tertiary education stage. Do we teach our lawyers to value certain attributes and behave in ways that support a compliance culture?

Where do clients fit into a firm’s risk-management framework?
AFS: From my perspective this has always been a difficult issue to crack. If the links between good risk management and client-getting and keeping could be made clear there would be a much cleaner path to compliance. Here at Taylor Wessing we work with business development on professional-standards initiatives (for example, engagement letters) to ensure the client-facing aspects are considered, and properly developed and maximised. Obviously for those in risk management, good risk management/compliance with professional standards obligations and good client care are two sides of the same coin. If client-facing staff could be persuaded of this it would make the risk manager’s role much easier.

How should a firm should set up its risk-management team?
AFS: This again depends on your firm’s culture and size. A sensible starting point would be to gather those who are responsible for managing risk aspects of their work, which would mean a team of client-facing and support staff. Having managed to conduct an audit, the team would then be able to identify who would have responsibility for managing which risks, but having an inter-disciplinary team would then create an environment in which proper ‘joined-up’ thinking could occur. Ultimately it is essential that there is a senior, and well-regarded and trusted person on the client-facing side (for example, a partner or member) who can take a lead role. And, for firms where the size will support it, I would definitely recommend that there is at least one non-client-facing person (preferably with a professional/legal/compliance background) who can take responsibility for co-ordination, implementation and, if necessary, audit.

How should this team interact with other functions of the firm?
AFS: The thinking about risk management has to be fully integrated across client-facing and support groups in order to be effective. This inevitably means input on IT (systems to ensure that procedures are most effective); HR (for example, looking at how the appraisal/development-planning systems can support risk-management initiatives); information/library services (for databases and other research sources and dissemination of information); learning and development (for training, which I regard as critical); business development (making risk management a client-facing/client-care issue and making a virtue of it); and facilities (disaster recovery, filing systems, records management); as well as involvement from client-facing staff, those involved in the insurance renewals and professional support lawyers. The risk-management partner/member must report directly to the firm’s management board. It is essential that the management board endorse and actively support risk-management strategies and the risk-management team.

How do you think the Legal Services Act might impact a firm’s risk-management processes?
FC: The Legal Services Act establishes a new ombudsman scheme, which will operate through the Office for Legal Complaints, and this is likely to result in a well-publicised and user-friendly route through which clients can raise complaints, and be awarded financial redress, albeit this will be limited in extent for present purposes.
One of the particular challenges for law firms will be that the ombudsman will be required to determine complaints by what he or she considers to be ‘fair and reasonable’, rather than by reference to established principles of negligence, so there is a risk of two separate standards of duty operating in tandem with each other.

What key issues do you think risk-management teams will be facing in the months/years ahead?
AFS: I remain of the view that getting proper buy-in, especially from client-facing staff, will continue to be a key issue, which will be dealt with, at least in part, by growing credibility in professional standards/risk-management functions (there is nothing like a 15 per cent drop in insurance premium to grab the attention of the owners). Creating a culture where the ‘admin’ part of the job (client and matter inception, risk assessment, engagement letters, fee estimates and updates, good billing practices etc) are seen as critical parts of good client care and service provision is also a huge challenge. For some firms there will additionally be the issue of trying to bring cohesion to the standards applicable in different jurisdictions and different offices when working on cross-border transactions. As the SRA ramps up its inspection programme some firms will be faced with the harsh reality of the new regime.

FC: As law firms become increasingly global in reach, I think firms are going have to adopt an innovative approach to issues such as financial regulation, conflicts and the like. Establishing an ethical culture in emerging legal markets where bribery and corruption are rife is likely to be a particular challenge.

Annett Fritz-Shank is professional standards and compliance partner at Taylor Wessing LLP, and Fergal Cathie is a partner at Barlow, Lyde & Gilbert LLP. They can be contacted at a.fritze-shanks@taylorwessing.com and fcathie@blg.co.uk respectively.