An assessment pilot was carried out between November 2019 and March 2020, but as a consequence of Covid-19 and the lockdowns that were imposed these assessments were put on hold, however, they are now back on track so firms that may have let their guard down over the last few years need to ensure they are now fully compliant with the updated core practice management standards.
Our recent webinar looked at the changes introduced on 1 May 2022, which firms need to address if they haven’t already:
- Business continuity planning – plans should address the following new areas:
- Hacking, cyber-attacks and data theft or loss
- Loss of unavailability of key role holders (MLRO, MLCO, SRO, COLP, COFA, etc.)
- Pandemics and their consequences (working from home, technology, supervision, etc.)
- Information management
- Firms need to consider what secure communication procedures are needed with their bankers
- Firms need to consider what secure communication procedures are needed with their bankers
- People management – this is a completely new section and covers areas including:
- Learning and development
- Awareness of the core practice management standards and CQS Protocol
- Mandatory training being undertaken on time
- Risk management – significant changes have been made in this including:
- The provision of enhanced SDLT information
- Completion and maintenance of an AML firm wide risk assessment
- Checking and analysing source of funds/wealth
- Enhanced mortgage fraud checks
- A requirement to provide enhanced leasehold information
- Analysis of suspicious activity reports with other risk assessment data
- Client care
- Requirement to have a policy for dealing with lenders
- A firm’s complaints procedure must be published on its website
- File and case management
- Enhanced procedures for dealing with HMLR requisitions
In addition to the changes made to the core practice management standards, the CQS training courses have also seen a number of enhancements, for example:
- Risk, compliance and client care - awareness and understanding of different fraud warnings issued by the National Economic Crime Centre, Action Fraud, the Law Society, Solicitors Regulation Authority and the National Crime Agency
- Conveyancing practice – understanding around SDLT reclaims, leasehold provisions, raising enquiries, Capital Gains Tax, and the HMLR digital applications process
Common breaches of the core practice management standards
The onsite and desk-based assessments carried out against the 2019 version of the Standards found a number of common breaches:
- Lack of, or poorly detailed:
- risk management policy (compliance plan, risk register, roles & responsibilities, communicating risk information
- policy in relation to Stamp Duty Land Tax
- policy, approved by senior management, to mitigate and manage money laundering and terrorist financing risks and to ensure compliance with AML legislation
- policy in relation to the avoidance of involvement in property and mortgage fraud
- policy in relation to acting in a purchase of a leasehold property
- procedure to ensure that, at the end of a matter, the practice carries out prescribed actions
- Failure to:
- provide information to clients in writing, unless an alternative form of communication is deemed more appropriate, at the outset of the matter
- confirm instructions
Of the desk-based assessments carried out (Nov 2019 - Mar 2020), 90.9% of firms were issued with corrective actions.
Next steps
Maintaining CQS accreditation is key if firms wish to remain on lender panels, so the following will help to achieve this:
- Work in line with the CQS Core Values
- Update all CQS staff on Scheme enhancements
- Ensure compliance, at all time, with CQS
- Be prepared for assessments