Here today, gone tomorrow? By Sponsor Aon
Some smaller firms still hold the mistaken belief that business continuity is only relevant when you die. Of course, if you have no succession plan in place, then dying will pose a serious business continuity issue for whoever you have lined up to handle your affairs but the vast majority of business continuity risks don’t involve death.
Business continuity is defined in ISO 22301.2012 as the “capability of a business to continue delivery of its services at acceptable predefined levels following a disruptive incident”. The standard is very comprehensive. After all, the standard is recognised in almost every country in the world. Whether it is appropriate for your firm will depend on all the circumstances. What is crucial is that you have a plan so that your practice will survive whatever life throws at it.
Your professional obligations are implied rather than explicit. For example, reading between the lines, Principle 4 requires you to act in the best interests of each client even if the ceilings at your offices have collapsed due to a burst pipe. Principle 5 requires you to provide a proper standard of service to your clients even if the person handling the matter is in hospital recovering from a triple heart by-pass. Principle 6 requires you to maintain the public’s trust even when your systems have been hacked by fraudsters.
More generally, Principle 8 requires you to run your business effectively and in accordance with proper governance and sound financial and risk management principles. If you haven’t implemented a plan that is appropriate to the size and nature of your practice, then it is hard to see how the SRA would think you are compliant.
Some of the Indicative Behaviours (IBs) in the SRA Code of Conduct give a clearer indication of what is required, even though they themselves are not mandatory. For example, if you can identify and monitor business continuity risks including matters such as IT failures and damage to offices, the chances are that you have met your obligations in the Code. Likewise, if you have made arrangements for the continuation of your firm in the event of absences and emergencies with minimum interruption to clients’ business, your practice is probably compliant (see IB 7.3 and IB 7.4).
Before you create a new plan or review an existing plan that is a little long in the tooth, reflect on the risks that would have an adverse impact on your ability to deliver your service. Let’s call this process a business impact risk assessment. It makes sense to start by reviewing your risk register to see whether any of the risks on it threaten your business. The register is likely to include Accounts Rules breaches. If any of them indicate a developing trend, failure to address this could result in intervention, perhaps the most serious business continuity threat to your practice - after death.
Most of the risks you face should be well recognised by your COLP (because he or she should have a good understanding of risk and compliance issues) but, at some stage, it is essential to engage with key individuals in each team, practice area, floor or office to establish whether there are other risks that have been completely overlooked.
A high-profile risk that no firm can afford to ignore is cyber risk. If a firm such as DLA Piper can be targeted, you can be too! As most attacks are automated, don’t assume that being small will make you invisible to fraudsters. Even small firms often hold several million pounds in client account.
Obvious risks will include fire and flood, but don’t forget about threats posed by the weather, at different times of year. A summer thunderstorm which takes out your IT. A flash flood following torrential rain which floods the basement where you archive files and wills. A frozen pipe in the premises two floors above yours which brings the ceiling down over a weekend and shorts out all your power.
Looking at external factors, consider the sole practitioner who, some years ago, thought it was a good idea to have his office over a bakery. Bread ovens get very hot. One day it got too hot and caught fire. The bakery went up in smoke – and the law firm with it. His practice never recovered. Contrast him with the London firm that, more recently, faced a serious fire caused by an electrical fault. Its business continuity plan worked very well and the firm continued to operate normally.
Other, less tangible business continuity risks might include over-dependence on one or two specialist lawyers or a trophy client that generates 90% of new business. If either decided to move firms, the impact could be devastating.
For each business continuity risk, be clear about the likely impact on the services you provide. When assessing probable impact, think about all your procedures and the people needed to implement them. Then prioritise resources to the most critical ones. Whilst all your procedures are important, some will be more time critical than others. You need your servers backed up and some PCs but does everyone need a laptop? Identify those who can work from home and those who should just be sent home until further notice.
Rebuilding your email, document management, accounts and banking systems are likely to be at the top of your agenda. Do consider, however, whether every aspect of each function is required immediately. Unless money is no object, resist the temptation to say that you need everything back up just as soon as possible. Think instead of timescales such as half a day, a full day, 3 days, a week. What do you absolutely need straight away, as soon as possible? What could you park for a week or longer? Each firm will be different but examples might include client billing, the latest round of file reviews or your bank reconciliation statement (so long as you are still within the 5-week window). You needn’t spend a lot of money on your business recovery as long as you’re realistic about what you need and by when.
When collating all your thoughts into a plan, try to avoid writing a book. Some firms end up with a document that is 30 pages long. Remember that this is something you need ready access to in an emergency, without any advance notice. If the size of the document makes it less portable, it may be next to useless. Your plan should be accessible via the internet, on your phone or perhaps at home, if you live near work.
Aim for practicality, rather than a reference manual. Aim to reduce the plan to one or two pages, which is feasible. Neatly folded, it can be carried it in a purse or wallet, and it’ll be with you whenever you need it. If you save it online, you may be able to download it but as you’re likely to be on the phone all day, having a paper document might be easier.
Finally, the acid test. Your plan should be tested at least annually. The testing can be undertaken out of hours, perhaps over a weekend. Another option is to announce a business continuity scenario during a team meeting and see how it plays out.
A law firm is like any other business. To succeed, it needs to be well managed and there is no more crucial time to be in control than when in the middle of a crisis. Crises can occur at any time and, typically, they occur at the least opportune moment. With a well thought out plan, you should be able to weather the storm.
For more information on this article, please contact: Marco D’Ovidio, Associate Director, Aon UK Limited
On 0117 9485116
Whilst care has been taken in the production of this article and the information contained within it has been obtained from sources that Aon UK Limited believes to be reliable, Aon UK Limited does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the article or any part of it and can accept no liability for any loss incurred in any way whatsoever by any person who may rely on it. In any case any recipient shall be entirely responsible for the use to which it puts this article. This article has been compiled using information available to us up to 19 October 2017.
Alternatively, you can subscribe via RSS‹ Return to
We never share or sell your email address to anyone.
President of Bristol Law Society, Becky Moyce at their Annual Dinner and Awards Ceremony Since my last review, the shops are full of ghoulish masks, fireworks and Christmas cards. It is difficult to believe that I am now over halfway through my year as your President. Business has certainly picked up a fast pace since the summer break and over the last few weeks the focus has been very much on the promotion of our 2018 Dinner and Legal Awards. We held our launch event at Somerset County Cricket Club which was attended by sponsors, and potential sponsors, nominators and nominees and our media partners Trinity Mirror South West. Mark Ollier, Partner at Beviss & Beckingsale, last year’s winners of the Law Firm of the Year Award (1-10 partners) spoke with passion and enthusiasm about the positive impact of their award on their firm, its staff and current and new clients. Following his hugely motivational words, I’m sure everyone in the room was inspired to submit an awards entry. Thank you Mark. The launch event was a great platform to highlight the extensive coverage that those associated with the Awards have received, and will continue to receive, in the run up to the evening on Thursday 1st March 2018. With a flood of high calibre entrants this year, I am sure the judges will face a challenging time in shortlisting those nominated. I wish you all success and am certain that those shortlisted will be thoroughly deserving of their selection. As the Brexit talks and processes progress and continue to divide opinion, it remains important to show the rest of Europe that we are open for business. Whatever your view, the changing times we live in make our profession’s reputation, its integrity, fairness and independence as crucial as ever. I hope that the “Pride in the Profession” promoted by The Law Society will continue to be a key theme for you as we move towards our exit from the European Union and that our relationships with our European professional colleagues will not be diminished. We continue to work hard to promote what solicitors do, raising the profile of solicitors, and DASLS members in particular, to members of the public. As well as promoting the Awards we have also now launched our new look website. I hope you have had an opportunity to visit it, but if not please take a look at https://www.dasls.com/. We will also be shortly reviewing our Strategic Plan to ensure it meets the needs of our members for the future. If you have any feedback on any areas of our marketing or suggestions for the review, please get in touch with Tony Steiner. I have attended a number of representative engagements during the past couple of months including the Joint Professions' Networking Group event when we heard a very interesting talk by the Chief Executive of Exeter Airport. I was privileged to represent DASLS at the Plymouth Law Society’s Annual Dinner and Bristol Law Society’s Awards and Dinner. I feel it would be remiss of me not to mention a very touching tribute at the Bristol Dinner to Bristol District Judge Julie Exton who died at the age of 59. Julie was described in the Law Society Gazette as “without doubt a stellar example of how we lawyers should conduct ourselves. She was a great asset to the judiciary and is now a great loss to the profession”. I attended for the first time the Past Presidents’ dinner (in training for next year!) and enjoyed a very pleasant evening at the Ilsington Country House Hotel. It is a tribute to DASLS that Past Presidents continue to remain interested in its activities and reassuring for Presidents that they continue to read and enjoy our reviews! I have also attended the Contentious Business and International Relations Sub-Committees and seen first-hand the incredible work that is undertaken by members of those Sub-Committees on behalf of our members. Further meetings of the Vice-President’s and Non-Contentious Business Sub-Committe...
It is again the time of year when we invite members of the Society to help DASLS by seeking to join the main Committee and help with the Committee’s work. The main Committee is at the heart of the work and decision making of the Society and also helps to co-ordinate the important work of the many Sub-Committees. As a result membership of the main Committee can make a real difference to the Society and to the working life of solicitors across our two counties. The Committee is made up of the Officers of the Society together with (according to the Articles) “not less than 10 or more than 40 elected members”. In order to continue the effective work of the Committee new members are needed, and therefore nominations are requested. If you would like any further information please do not hesitate to contact me. If you would like to either be nominated or nominate someone for election please complete the form below. This form should please be returned to me by no later than 5.30pm on 31 January 2018. The election will take place at the 24th April 2018 AGM. TO: Chris Hart DASLS Honorary Secretary Aston Court, Pynes Hill, Exeter EX2 5AZ [DX 8361 Exeter] I wish to nominate Full name …………………………………………………………………… of …………………………………………………………………… for election to the main Committee and I confirm that the nominee is willing for his/her name to go forward. Signed …………………………………………………………….. Address …………………………………………………………… ………………………………………………………………………… Year of Admission of Nominee ……………………….. Please return this form by 31 January 2018....
Photograph courtesy of Bridget Batchelor Photography, bridgetbatchelor.com 20 recently qualified solicitors were welcomed into the Solicitors’ Profession on Monday 9 October at the Guildhall in Exeter. ...
Dear All, This year really is flying by. I have just had my birthday. After updating you previously on the excellent catch up I had with the Law Society CEO Paul Tennant on his visit to the south west last November, I had not expected to be back in touch with him quite so soon. Sadly, this time it was in less happy circumstances. I was, like many of you, shocked and saddened in January to hear the news and see the pictures of the substantial fire at Chancery Lane in London. I have emailed Paul Tennant and James Shepherd, our Law Society Relationship Management Executive, to send our best wishes and we are hoping that the building will be back to full use very soon. As I write this report, preparations are in full swing for the 2020 DASLS Legal Awards & Dinner. As you know the Annual Dinner is being held again this year at Exeter Cathedral. The event is to take place on the 30th April 2020. After the success of last year, we are hoping that once again the event is sold out which would mean we will have around 480 people attending. If you have not done so already, please contact Llew Nicholls and the team at our Awards partners ‘Grow Marketing’ who have worked very hard alongside our very own Tony and Monique to achieve full sponsorship of this event. You can contact Llew to book the remaining places by emailing Llew directly at Llew@growmarketinguk.com. There have been more nominations than ever before with more entries making the short list. Please do not miss this dazzling occasion. You will all have received DASLS latest 2020 training courses programme. Tony Steiner and the team have worked hard to arrange these events. You will see that as members you get preferential rates and if appropriate reduced rates for multiple attendees from your firms. Please take advantage of these services as a proportion of the monies do go to support our Society’s broad continuing education offering. If I do not see you individually before I look forward to catching up with you at the 2020 DASLS Legal Awards and Annual Dinner in April. With very best wishes Nigel Lyons President 2019-2020...
The first big social event of the year was the annual DASLS Quiz which is the grand finale of the Challenge Cup. It is an event I thoroughly enjoy and I make no apology for making it a bit challenging. This year did not disappoint there being just ½ point between first and second place and resulting in joint winners of the Challenge Cup. Congratulations to Ashfords and Michelmores both of whom knew that the study of birds’ eggs is Oology. The next Challenge Cup kicks off with the usual Skittles match in Dawlish when the magnificent Skittles Cup will be contested. The latest meeting of the County Societies Group took place in February when we were guests of the SRA in Birmingham. DASLS Deputy Vice-President Adrian Richards and I attended. We were welcomed by their Chief Executive Paul Philip who set out some key messages around SRA activity emphasising their desire for light touch engagement with solicitors and good channels of communication. He said that the SRA was working well with The Law Society and was focused on creating an environment where solicitors could be innovative and use the latest in technology. AML is a key area of activity and following the appointment of the new Chair, Anna Bradley, they are working to provide better customer care. He also explained that until now the SRA had not taken any position on issues such as Access to Justice, Rule of Law and Advice Deserts. They were considering looking at, and taking a position on, one or two of these issues each year. There followed several presentations by senior staff at the SRA dealing with Enforcement Strategy and reporting concerns; Customer information – Transparency Rules and clickable logo.; the SQE and Anti-Money Laundering. Comprehensive slides were produced to accompany each presentation which I will forward together with my notes to any member who wishes to see them. Just email me —email@example.com. There followed an interesting tour of the building. SRA have around 600 staff members with the majority based over three floors at the Cube. The next meeting of the County Societies Group will be in the summer and we also plan a Parliamentary Liaison event at Westminster later in the year. I am pleased to announce that DASLS has two new Partners; Moneypenny who look after your telephone calls when you are not available and Dictate Now who offer Dictation Systems and outsourced document preparation. They join our current Partners: Alchemy; PKF Francis Clark; Landmark; Lockton; Unoccupied Direct; WebBoss and Wessex Searches. We are thankful for the support our partners give us and encourage you to use them where you can. Depending when you read this our joint event with the Legal Sustainability Alliance on 5th March will be about to take place or will have passed. Regular readers will know that the Society has formed a small working party to encourage and identify how firms can improve their sustainability. The main Committee have suggested that this forms a Sub-Committee. We will arrange a meeting of the working party after the event on the 5th March with a view to progressing this. Anyone who is interested in this please let me know. Tony Steiner, Executive Director DASLS....
You may know that DASLS is fortunate to be twinned with Bilbao, Erlangen, Gdańsk, Leuven, Rennes and Verona. Such twinning arrangements underpin a sense that we belong to one community of values on the basis that these relationships are based on reciprocity. Each year, we meet to discuss and debate important legal issues of the day, whilst discovering the cultures and languages of our partners. 2020 is DASLS turn to host such an event, which will be rounded off with the Sunday Legal Service at Exeter Cathedral on 7 June 2020 and to which DASLS members are cordially invited! The subject of our conference (on 5 June at County Hall in Exeter) will be around the impact of artificial intelligence (AI) in the sphere of human rights. Rather than understanding AI in terms of a terrifying post-apocalyptic vision of a world controlled by robots, AI features in our everyday lives from Alexa and smart home devices to controversial facial recognition technologies and even Uber! AI is built by lines of code called algorithms. Put simply, an algorithm is a step by step method of solving a problem and is commonly used for data processing and calculation. However, the use of automated data processing techniques in public and private sectors, especially by internet platforms and its impact on the exercise of human rights is somewhat of a hot topic. When it comes to AI, there is a focus on the usage of huge datasets. AI bias means when an algorithm produces results that may be prejudiced due to erroneous assumptions in the machine learning process and the data used to train the algorithm by data scientists. Bias runs deep in humans and it can be unconscious in nature. AI systems are created by individuals who have their own unique experiences and blind spots all of which can lead to fundamentally biased systems. This issue is compounded by the fact that those responsible for AI (including its deployment and training) may not be representative of society. Accordingly, unfair treatment of a group can result from the use of an algorithm to support decision making whether that decision relates to criminal sentencing, loan applications or self-driving cars. The language of AI is undoubtedly complex, but it is drastically changing the way we live. Understanding AI and its implications in the context of its growth is important so that we are all better placed to push companies to develop new technologies both ethically and responsibly. If you would like to receive more information once the June 2020 programme is finalised, please contact Monique Bertoni at DASLS office – firstname.lastname@example.org . Emma Mitcham Chair, International Relations Sub-Committee...
New AML Regulations and the pursuit of the beneficial owner. Introduction The new Money Laundering & Terrorist Finance (Amendment) Regulations 2019 which came into force on 10 January have modified a number of aspects of the 2017 AML Regulations, with which we have been complying for some time. However, many firms’ procedures hark back to the earlier days of the 2007 Regulations and have not been modified or updated much over recent years. This article seeks to set out what the new Regulations in fact require, and the steps we should be taking in relevant cases. The Policy It has been true for some time that the ultimate aim of all the regulatory rules is transparency – it has always been the case that the use of artificial structures such as trusts, companies, bearer shares, foundations and charities – whilst perfectly legal – have to some extent also benefitted from the extra anonymity they offer to the true owner and recipient of the funds and services we provide. If we offer services to these types of entity, the Regulations require us to go some way to identifying the individuals who are actually benefitting from our services, and this entails uncovering the true ownership of the organisation. Whilst this would be difficult in many instances – Cayman Island companies with bearer shares, for example – we must nevertheless attempt to get some assurances from the creators of the companies, accountants or registrars as to the ownership of the shares, and have some way of being notified of any change in ownership. We also need to be aware of the PEP and Sanctions status of these individuals. Further, for UK companies, the PSC Regulations 2016 impose an exactly similar obligation on the companies themselves to identify their beneficial owners and notify Companies House of any shareholder with 25% or more of the shares or exercising control over management of the business. The Regulations The Regulations provide that we must, as part of our CDD procedures Identify the client – this means coming to know who they are, by name and some other characteristic, e.g. address, date of birth, date of incorporation Verify that identity – by means of reliable and independent data and documentation Identify the beneficial owner (if the client is an entity) – though not necessarily verifying that identity Identify and verify the identity of the person actually instructing us (if not already done). What this means for us When acting for a COMPANY (that is not a listed company) the Regulations require us to obtain Details of the company as registered (which must be proven by a copy of the register entries available from Companies House or equivalent registry) – name, number, registered office address, principal place of business the law to which it is subject details of its governing documentation (its memorandum) names of the directors. Names of any beneficial owners, and the identity of any individual owners of legal entities which own the client Names and verification of the persons instructing us on behalf of the company, and their authority to do so. Note that we cannot rely on the information provided by the company under the PSC Regulations but we must undertake our own research in order to fulfil our CDD duties. Further, if as part of that research, we discover that the Companies House data on PSC’s is incorrect, then we are now under a further obligation to notify the Registrar of Companies of this fact. We also need to establish that PEPs and Sanctions checks are also undertaken. If genuinely positive entries are revealed in response we should undertake enhanced CDD steps or cease to act, accordingly. Electronic searches are a permissible avenue to use provided the search provider can offer us the necessary assurances that the person actually claiming an identity is IN FACT that person. Check also whether ...
We never share or sell your email address to anyone.
Tel: 01392 366333