The Law Society’s Practice Advice Service answers questions relating to compliance, finance and administration
The Law Society’s Practice Advice Service is a dedicated team of solicitors who help and support members and their employees by answering questions on a wide variety of subjects, including anti-money laundering (AML), costs, conveyancing, client care and complaints handling. For more information, please visit our Help for Solicitors page .
You can call our team of experienced solicitors any practice related issue. We offer free, confidential advice on 020 7320 5675 Monday to Friday 09:00 to 17:00 or via email.
Below are a selection of recent questions posed to our team relating to compliance, finance and administration which you might find useful.
I am setting up a firm and want to know if my compliance officer for finance and administration (COFA) has to be a lawyer. My intention is to appoint a non-lawyer colleague who has long experience of running companies and of business generally.
No, a COFA does not have to be a lawyer. If your colleague fulfils all the criteria set by the SRA, including that he is an employee or manager of the practice, and obtains SRA approval, he may be your COFA. By way of contrast, a compliance officer for legal practice (COLP) does need to be a lawyer of England and Wales, registered European lawyer (REL), or European lawyer regulated by the Bar Standards Board, as defined in Rule 8.5 (g) of the SRA Authorisation Rules 2011, at sra.org.uk/solicitors/handbook/authorisationrules/content.page
For further information, please see the Law Society’s Practice Note on Compliance Officers and FAQs on Compliance Officers.
I am a newly appointed compliance officer for a small firm and wondered if there are any insurance products to cover for personal liability for compliance officers for legal practice (COLPs) and compliance officers for finance and administration (COFAs)?
When considering the issue of insurance for COLPs and COFAs, it is also important to consider your potential exposure and examine the coverage already offered by the practice’s insurance. Every practice must obtain professional indemnity insurance (PII policy), in accordance with the SRA’s minimum terms and conditions (MTC).
As a compliance officer for the practice, you will be an ‘insured’ under the MTC policy and therefore will be covered for any civil liability (e.g. professional negligence) arising from your work in private legal practice to the extent that any such liability is covered by the MTC.
The MTC provides a broad range of cover, however, there are a number of significant exclusions that may expose compliance officers to liability. For example, defence costs for disciplinary proceedings by the SRA or Solicitors Disciplinary Tribunal (SDT) are not covered by the MTC.
Some insurers are prepared to include cover for these defence costs in addition to the MTC policy. Therefore, compliance officers should check, firstly, whether their practice has this additional cover either as an endorsement on its PII policy or as part of its directors and officers’ (D&O) insurance policy; and, secondly, whether your role as compliance officer is covered under that policy.
Additionally, there are a number of specific insurance products that target compliance officers. You should read carefully the terms of any insurance policy and satisfy yourself that the policy will cover a potential risk to which you are exposed that is not covered by any indemnity agreement or other insurance policy provided by your practice.
There is an open question as to the extent to which any of the above options will be able to protect a compliance officer against fines and penalties to which they may be exposed. There is a general legal principle that no person should recover an indemnity against liability resulting from their own unlawful conduct (Holman et al v Johnson, alias Newland  1 Cowper 341).
There is no simple way to determine whether a particular fine or penalty will be covered by an insurance policy or indemnity agreement as each case will turn on its own facts. You may want to bear this principle in mind when considering whether a fine or penalty is insurable under law.
For further information, please see the Law Society’s Practice Note on Compliance officers.
My firm’s COLP has asked me to consent to being named as the firm’s insurance mediation officer. What qualifications do I need for the role?
The firm’s insurance mediation officer is the member of staff named on the Exempt Professional Firms (EPF) register held by the Financial Conduct Authority (FCA). Registration of solicitors’ firms on this register is handled by the Solicitors Regulation Authority, who will make known the insurance mediation officer’s details to the FCA.
The requirement for a firm to be on the EPF Register and to appoint an insurance mediation officer is set out in rule 5(6) of the SRA Financial Services (Scope) Rules 2011 (Scope Rules).
5.6 Insurance mediation activities
(a) Unless a firm is registered in the Financial Services Register it must not carry on any insurance mediation activities;
(b) Any firm undertaking insurance mediation activities must appoint an insurance mediation officer whose details will be made known to the FCA and who will be responsible for the firm’s insurance mediation activities.
‘Insurance mediation officer’ is defined in the Glossary to the SRA Handbook as ‘the individual within the management structure of the firm who is responsible for an insurance mediation activity.’
Although insurance mediation officers can be employees, they need to be individuals with sufficient seniority within a firm to ensure that they have the authority to carry out the role properly. This includes having access to management and other relevant information such as client files and business information.
The existence of the insurance mediation officer does not remove ultimate responsibility for regulatory obligations from the principals in a firm. Whoever is appointed to the role, the ultimate responsibility for the firm’s compliance with the Scope Rules and the SRA Financial Services (Conduct of Business Rules) 2001 rests with the principals, who among other things should bear in mind the need to achieve Outcome O(7.3) of the SRA Code of Conduct 2011: ‘you identify, monitor and manage risks to compliance with all the Principles, rules and outcomes and other requirements of the Handbook, if applicable to you, and take steps to address issues identified.’
For further advice, please contact the Professional Ethics team at the SRA by calling them on 0370 606 2577, or email firstname.lastname@example.org
While every effort has been made to ensure the accuracy of the information in this article, it does not constitute legal advice and cannot be relied upon as such. The Law Society does not accept any responsibility for liabilities arising as a result of reliance upon the information given.
This article is compiled by the Law Society’s Practice Advice Service. Comments relating to the questions should be sent to Mrs Anjali Mouelhi, solicitor and technical lead, Practice Advice, The Law Society, 113 Chancery Lane, London WC2A 1PL