When should you self-report to the SRA?
Identifying breaches highlights weaknesses in compliance and is a good opportunity to implement stronger systems and controls, explains Max Masters
One of the key questions facing a law firm’s COFA is: when is it appropriate to self-report breaches to the Solicitors Regulation Authority? This question is particularly pertinent when considering the ongoing changes with the Solicitors Accounts Rules, where there is an increasing emphasis on the role of the COFA.
However, there are certain questions that can aid you when determining whether the breach encountered was ‘material’ and should subsequently be reported to the regulator. Some of the key questions to consider are:
Was client money at risk at any point?
Was the breach identified and corrected promptly?
Is there a suspicion of fraud or dishonesty, whether internal or external?
The reporting accountant can aid the firm in identifying errors and weaknesses when undertaking their client money examination. However, their testing will be undertaken on a sampling basis so they are unlikely to pick up all instances of non-compliance, particularly for large practices. Therefore, it is the responsibility of the members of the firm, and the COFA in particular, to monitor and log all instances of non-compliance.
Guidance is available from the SRA on when breaches should be considered material, but there is still an element of judgement to be applied. When arriving at these decisions, the process should be logged on the ‘COFA record of instances of non-compliance’ and applied consistently. The sum involved may not be the most important factor as it is also essential to consider how and why the breach arose. For best practice, the COFA should also detail what remedial action is to be undertaken to avoid these types of breaches going forward.
It may be possible to justify not reporting borderline serious issues to the SRA if strong remedial actions are taken to avoid similar breaches, so long as these are actioned promptly, adhered to, and prove to be successful. Therefore, it could be seen as a positive to identify breaches as it highlights weaknesses and is a good opportunity to implement stronger systems and controls. In the long run, this will make life easier for all concerned.
Inherent weakness
An example of the type of breach where it could be considered necessary to self-report is where client funds are paid out to an incorrect party, and where this mistake is not identified or corrected in a timely manner. This could be demonstrative of inherent weaknesses within the firm’s systems and controls and the client funds are at risk because they may be problematic to recover.
On identification of this type of breach, the shortfall on the client account should be covered with office funds immediately and the breach should be brought to the attention of the COFA, who will then determine whether it is necessary to self-report.
A further example of a potential ‘serious’ factor would be if it was discovered that a fee earner was in receipt of funds from a client where there is not a clear, underlying legal transaction. This might occur if funds are held in a client account as the client will be purchasing an as yet unknown property in the future, or if the client does not have a UK bank account. This is likely to constitute the provision of banking facilities, which the SRA has been especially interested in recently.
It will not solely be isolated instances of non-compliance that should be self-reported to the SRA; it is more likely to be deemed reportable when there are several instances of the same type of breach. Taken in isolation, these breaches may not be considered material, but cumulatively several instances of residual balances not being dealt with promptly, for example, would demonstrate a weakness so the COFA may consider it necessary to self-report.
Overall, there are numerous points that need to be considered to determine whether to self-report to the SRA, and there are likely to be differing approaches from firm to firm, particularly with the move to a more ‘principles-based’ approach to the rules. However, it is imperative that the process for arriving at these decisions is detailed on the ‘COFA record of non-compliance’ and applied consistently. If the COFA is having difficulty in arriving at a decision, they should consult with their reporting accountant or with the SRA directly.
Max Masters is a member of Kreston Reeves’ professional practices team
@KrestonReeves
www.krestonreeves.com