So it's been back to the coal face for a month now since the Christmas festivities. How are you getting on with your resolutions?
Like a lot of people you may have made resolutions to mark the New Year. Research (credit a quick google search) suggests only 8% of people keep them.
Why is that? Opinions vary from they are unattainable (lose 70lbs by March), unrealistic (give up wine) or hard work (run 1000 miles this year). I kept one for a while, in 1987 I became a vegetarian and lasted until 2006!
Let's take this resolution - I will take steps to ensure that the firm is compliant (if you're the COLP that one is in the authorisation rules).
It hopefully isn't unattainable or unrealistic, but it might seem hard work. By now your firm should have:
A. Have noted the changes to CPD and implemented new processes for continuing competence
B. Have amended policies controls and procedures to ensure they are compliant with the 2017 Money Laundering Regulations
C. Have started preparing for GDPR with a review of your policies and procedures (and most likely a data audit)
D. Have developed reasonable prevention procedure to prevent the criminal facilitation of tax evasion
E. Considered the need for an independent audit of your AML policies, controls and procedures
That's a fair bit of work, so how do you get it done?
1. Make a list of what you need to do. The list above is a good start but step back, think about compliance generally, when was the Office Manual last reviewed, when did you last train your staff.
2. Prioritise the items on the list based on risk. In fairness they are now all pretty urgent, with the HMRC and SRA expecting compliance with the Criminal Finances Act (Tax evasion offence) and the Money Laundering Regulations as soon as possible. There is the risk of considerable consequences for failure to implement or breach including regulatory, financial and criminal sanctions.
3. Learn the detail - what has changed, what does it mean for your firm, how do you deal with it in practice. Since the changes to CPD this doesn't necessarily mean days out of the office on training courses, some people prefer reading, or webinars or podcasts and all of that can now count towards your CPD. For example if you are trying to get to grips with the Continuing Competence, the SRA have great resources on their website.
4. Delegate, that's a lot of work for one person, who in most firms, probably also has a day job of fee earning. Many firms I know have formed working parties to spread to load, all reporting into the COLP but ultimately getting the job done quicker. For example, for GDPR I often see a team with IT, HR, Operations as well as risk and compliance. All those functions deal with data and therefore they will need understand the legislation and how it affects their areas and input into the policies and procedures
5. Consider bringing in some help. When there is so much going on, external support, like our consultants, can help you save time and get back to fee earning as quickly as possible. That might be reviewing and amending policies and procedures, audits, or training.
6. Set some realistic targets to get there, don’t set yourself up to fail, but do allocate some quality time to make progress.
7. And finally be accountable, add compliance to the partners meeting agenda and give a report on progress. I find this is a good way to keep everyone focused and to gain support from the rest of the management
Broken down into small achievable chunks, it hopefully won't seem like too big a job. But if it does, get in touch and let's talk through how we can help