Law firms ignoring client confidentiality during M&As

3 May 2016News

SRA guidance and EU data protection regulations are being flouted, says consulting law firm

Law firms are showing an 'alarming level of ignorance' by not keeping client information confidential when buying and selling other legal businesses, according to a consultant lawyer.

Citadel Law, a specialist consulting law firm specialising in personal injury work, argues that for a purchasing firm to access client files, in order to complete a merger or acquisition (M&A), would be a breach of client confidentiality.

Ethical guidance issued by the Solicitors Regulation Authority (SRA) in January 2015 recommended that firms should take sufficient steps during M&A negotiations to protect confidential client information and, where appropriate, seek client consent before any disclosures are made.

Lesley Graves, Citadel Law's managing director, said some solicitors were unaware of the SRA guidance while others have chosen to ignore it.

'Many law firms, and those advising them, are operating under the misapprehension that it is necessary to allow access to client files in order to complete deals, this just isn't true,' she said.

'Every week I see examples of this being flouted and when I raise it most solicitors tell me they had no idea, yet ignorance will be no defence if the SRA come knocking.'

Graves suggested that firms are approaching due diligence in the wrong way. 'They should be focused on the firm's financial situation and records, talking to fee-earners and reviewing operations, technical ability and governance, rather than delving into confidential client files.

'Early in our operational due diligence process, significant disclosure of pertinent MI [management information] that impacts on asset value is requested but with client details redacted,' she continued.

'We find that working within SRA guidelines to be a far better approach as it puts the focus on operational issues as a whole rather than individual files - which is hit and miss, costly, and breaches SRA guidelines.'

Firms who engage in the unethical practices also flout the Data Protection Act 1988, advised Graves, who warned M&A practitioners to pay close attention to the EU General Data Protection Regulation.

In April 2016, the European Parliament approved the new regime, which seeks to hold data holders to greater account and give citizens greater control over their data. The new regulation will apply across the EU from May 2018.

'Firms need to get to grips now with what they are doing and how to comply with the new regime,' added Graves.

KPMG partners with Government to employ prison leavers, reducing reoffending and boosting economy

This groundbreaking initiative holds particular significance for the legal profession, as it highlights the vital role that legal entities play in promoting social justice and rehabilitation.

News24 Apr 2024

UK Supreme Court rejects Marks & Clerk's appeal in secret commissions case

Lord Reed, Lady Simler, and Lord Leggatt refused permission “on the ground that the appeal does not raise an arguable question of law”

Interview17 Apr 2024

SJ Interview: James Hartley

James Hartley had an ‘out of body experience’ watching the actor John Hollingworth play him in the ITV drama Mr Bates vs The Post Office. A Partner and National Head of Dispute Resolution at Freeths, James speaks to the Solicitors Journal about the Post Office case, what adequate justice would look like for those impacted, and the reforms that he would like to see as a result of the scandal.