New Year's resolutions for COLPs
Key priorities for compliance officers include preparing for the new data protection regulation and conducting an audit of their firm's training needs, advises Michelle Garlick
While personal New Year’s resolutions for healthy living in 2017 may already be faltering in the face of the January blues, it’s nonetheless an important time of year for COLPs to take stock of what should be on their ‘must do’ lists for the year ahead.
In particular, a number of recent and upcoming regulatory changes will require compliance officers to take steps to ensure their organisations are fit for purpose and compliant.
Here are my suggestions for three New Year’s resolutions every COLP should commit to:
1. Ensure your organisation has a plan for the introduction of the General Data Protection Regulation (GDPR)
The much-trailed GDPR will finally be introduced in 2018. Despite this being EU legislation, it remains a major consideration for UK firms irrespective of Brexit. The regulations will apply to any data controller or processor which offers goods or services to, or monitors the behaviour of, data subjects in any EU member state.
The GDPR will bring about significant changes, including making it compulsory to notify the Information Commissioner’s Office (ICO) of all data breaches within 72 hours of becoming aware of them, and opening up a range of new sanctions options to the ICO for enforcement purposes.
Among the early actions COLPs should consider is ensuring a review of commercial contracts is undertaken for any matters which may involve collecting or outsourcing personal data – particularly where employees’ data is held, as this will likely include sensitive personal data. Also, raising awareness through training of the obligations to report breaches will be key, as will ensuring your recording and reporting procedures can effectively identify breaches and trends.
2. Audit your firm’s training needs to comply with the SRA’s continuing competence
In November 2016, the SRA officially replaced the established inputs-based system of continuing professional development (CPD) with a new model: continuing competence. Gone is the requirement to log a certain amount of hours of training; in its place is an obligation for lawyers to ‘reflect on the quality of their practice and identify any learning and development needs’ which can then be addressed through CPD activities.
While losing the requirement to fill a quota of training hours will, no doubt, allow lawyers to focus on the quality and relevance of the training they commit to, it does create the risk that training needs could be overlooked in busy periods. Currently, I suspect many firms are not up to speed with the implementation of the changes and they will need to be.
For COLPs – particularly in firms without an in-house learning and development resource – that creates a need for a robust system to be in place to ensure staff are complying and, crucially, have access to the appropriate training.
Conducting an audit of training needs, and refreshing and seeking out appropriate e-learning opportunities (to ensure training is administratively efficient and accessible) should be an early priority this year.
3. Prepare yourself for change
As the SRA considers the feedback from its wide-ranging consultation ahead of the proposed launch of two new separate codes of conduct for solicitors and firms in 2018, we can expect this year to bring details of how COLPs will be affected.
A request for specific feedback on COLPs’ duties was included in the consultation and, while the Legal Services Act 2007 prevents the role from being abolished (at least for ABSs), it doesn’t mean the requirements of the post won’t be subject to significant change – at the very least, the role could potentially become more difficult or time intensive to perform.
With that in mind, COLPs would be wise to conduct a health check of their current role and responsibilities, as well as the firm’s current level of compliance. Ensuring you are compliant now will provide a solid foundation for being compliant under the new regime and make any transition to a new system as smooth as possible.
Michelle Garlick is a partner at Weightmans and head of the Compli team