Contact Sales
Legal

CQS compliance from home

During our recent compliance update webinar, we referenced a quote heard from a senior CQS assessor, who said, “You fail CQS, and you might as well stop doing residential property!” With that in mind, we thought it would be useful to provide you with our thoughts on how you can comply with key aspects of the Core Practice Management Standards (CPMS) during these difficult times.

Where you are unable to fully meet the CPMS requirements, ensure you make and retain appropriate notes to show what consideration you have given to matters; if no such notes are available then full compliance will be expected.

Legal Sector Training Content and eLearning Risk & Compliance Software Learning Management System Compliance

Posted 16/04/2020

Risk Management

The CPMS require you to maintain an appropriately updated compliance plan, and therefore if your firm is now working remotely these new working arrangements should be reflected within it. Many new risks will emerge as a consequence of the Covid-19 crisis (cash flow, working from home, client confidentiality, supervision, etc.), and these must be reflected in your risk register along with appropriate mitigation plans. Communicating risk information with your staff is a key requirement, especially when they are working away from their normal locations and don’t have immediate access to managers and supervisors.

Money laundering risks have increased as a consequence of Covid-19 and therefore these must be reflected in your firm-wide AML risk assessment; not only because CPMS requires it, but also because the SRA is moving forward remotely with its thematic review of this area and asking to see this assessment and other AML policies and procedures.

Although the property market is currently in a state of flux you must still remain vigilant to the risks of property and mortgage fraud, especially when the market starts to pick up; criminals are taking every advantage they can in the current crisis.

Many lessons are likely to be learned in relation to business continuity planning as a consequence of Covid-19, and these should be incorporated within your plan going forward.

Financial Management

With firms working remotely it will be critical that financial transactions are still appropriately authorised, and evidence retained to show how this has occurred.

You must update your financial plans to reflect the current economic difficulties, for example, cash flow, budgets, etc., and review how your firm will be able to remain viable going forward.

Supervision and operational risk management

Supervision of staff working remotely is likely to create some real problems, so it is important that you review and update your current procedures accordingly and ensure that these are followed.

The provision of competent service to clients can only be achieved by providing appropriate levels of training to all staff, even when they are operating remotely; with the ready availability of eLearning courses it will be difficult to justify why this has not been possible.

With staff working from home it is important that you review your arrangements for the regular monitoring of client files, and that adequate cover is available should staff fall ill from Covid-19; it is also important that you review and update your arrangements for regular, independent risk-based file reviews.

As part of your review of risk, you must ensure you are able to manage risks associated with conveyancing transactions, especially as so many parts of the conveyancing process are now operating in an abnormal way.

Another aspect of risk that needs to be addressed is how you are able to carry out remote conflict checks, and whether your conflict policy needs to be updated to reflect the new arrangements.

Client Care

If you are now working away from your office(s) you must review and change, as appropriate, your procedures for dealing with client enquiries and ensure you are able to comply with relevant client care aspects of the SRA Codes of Conduct.

Although most clients are likely to understand the impact the Covid-19 lock-down will have on the provision of legal services there will still be some clients that will want to lodge complaints, so if you receive a complaint ensure you comply with your internal complaint procedure as appropriate and ensure staff are aware of how complaints should be handled under the current working conditions.

Many property transactions have now been put on hold, but you still need to ensure that matters are reported to lenders where appropriate.

File and case management

As a consequence of Covid-19, the SRA has relaxed the rules relating to the provision of client care information to clients in writing; it has said that this requirement can be met verbally but that notes should be kept of what has been said. It is not clear how the Legal Ombudsman will react should such information not be provided in writing, so the best practice would be to provide the information in writing where this is possible.

Ensure your procedures for progressing matters are updated to take account of current circumstances and that where you give undertakings they are monitored and discharged as appropriate.

One of the key risks with remote working is knowing the location of all client files, so ensure you are able to locate these and that they are being kept confidential when being worked on in staff homes.

Although it is not going to be easy to follow all aspects of your file closing procedures, especially if you use external file storage facilities that are currently closed, you should ensure that appropriate returns are made (HMLR, etc.) and client balances are returned to clients promptly.

Information Management

Due to remote working being a real change to your normal operations you should carry out a Data Protection Impact Assessment (DPIA) to assess the new risks to personal data and take appropriate steps to ensure it is protected accordingly.

Covid-19 has led to an increase in the number of Data Subject Access Requests (DSARs) being made to law firms, so it is important that you respond appropriately; the Information Commissioner’s Office (ICO) has published guidance on how this can be done under current operating conditions.

Ensure you adopt appropriate information and security measures to protect clients from cybercrime; since the Covid-19 crisis started there has been a real increase in cybercrime, including scam emails purporting to come from government agencies in relation to virus testing, tax rebates, etc.

We are here to help

Ensuring compliance with CQS may be the last thing on your mind at present but as an accredited provider of CQS training we have various resources and services that can help, all of which can be accessed remotely, including:

Download our CQS guide for more information.