Skip to main content Skip to footer

Regulatory compliance. The words alone are enough to induce anxiety in even the most seasoned legal professional, and it's easy to see why. News of large fines being levied against firms of all sizes for failing to comply with regulatory obligations is all too common. The impact firms face extends beyond the financial; affected firms also incur a reputational hit, and they must commit valuable internal resources toward working with regulators.  

Fortunately, regulatory compliance doesn't have to be as onerous a process as one might think. To illustrate that point, we recently joined a webinar with James De Swert, Global Solutions Consultant, iManage, and Charlotte Miner, Director, Risk and Compliance, Frontera (now part of Accelalpha), to discuss systematic approaches firms can take to meet regulatory obligations. Below, we've summarized a few key points from that discussion.   

Unpacking the benefits and risks of a centralized approach to regulatory compliance 

Where feasible, the use of a centralized process to handle regulatory compliance has become a popular choice for law firms. A centralized process is defined as a dedicated organization-wide approach in place responsible for handling risk associated with onboarding new business for the firm – specifically Know Your Customer (KYC) and Customer Due Diligence (CDD), which involves conflict of interest checks and clearance, Anti-money Laundering (AML) and Sanctions compliance, and so on – before it becomes a live matter that is approved and open for billing.  

A centralized approach has many benefits, including:   

  • Enhances efficiency by establishing a replicable process across practices
  • Meets regulatory requirements by ensuring that all touch points are met
  • Ensures consistency of approach and decision making
  • Centralizes recording, audit trails, and better monitoring
  • Consolidates data and resources 

There are also potential risks for those firms not considering a centralized strategy: 

  • Reduced engagement from fee-earning teams 
  • Loss of competitive advantage as systems are too rigid to respond to market changes 

When asked if their firm had a centralized team dedicated to this purpose, 51% of webinar respondents indicated that they did not presently have one.   

Building a culture of compliance    

When it comes to honoring a firm's regulatory obligations, the best course of action, noted Charlotte Miner, is to implement a holistic, firm-wide culture of compliance. This, she said, can be accomplished by taking a consultative approach.   

"I think what's really important for risk and compliance teams is that we're making sure we really understand our client base, our business, where the pain points are, the nuances the different practice areas may be facing, and how certain clients may like to work," said Miner. "You find out a great deal of things you might not have been aware of before that can then help to inform your requirements, your process in terms of what you're looking for, and how you can benefit the entire firm in terms of a more efficient way of working."  

Other components of fostering a culture of compliance include:   

  • Conducting regular training sessions 
  • Attending departmental meetings to understand practice areas and their specific pain points
  • Fostering a culture of transparency and encouraging employees to promptly report suspicious activities
  • Ensuring that policies and procedures are both understood and embedded   

The state of industry compliance

When asked how robust attendees believed their policies improving procedures around completing risk assessments for new clients and matters are, 67% of respondents indicated that they are working on improvements to their processes, compared to only 33% of respondents who indicated that they believe their existing policies were very robust.    

These results tracked with findings from a 2021/2022 Solicitors Regulation Authority (SRA) study, which painted a less-than-rosy portrait of industry compliance. Findings included:  

  • Nearly 20% of respondents did not refer to areas SRA identified by their sectoral risk assessment 
  • Firms struggled to use the sectoral risk assessment to help inform their client and matter risk assessments 
  • 10% of firms failed to properly consider the potential money laundering risks associated with how their services are delivered 
  • Close to a third of firms used either templates or templated text which had not been tailored to the firm  

The value of a centralized regulatory compliance approach 

Firms face many regulatory obligations, each requiring a series of processes and policies in place to meet them. Here, the value of a centralized approach in place to streamline regulatory compliance becomes clear.   

For example, firms that perform transactional work such as those involved in the purchase of properties or assets must perform the necessary due diligence related to the source of wealth and source of funds, with each requiring the asking of specific questions and collection of the right documentation. In this situation, merely conducting client due diligence is not enough; each matter must come under scrutiny in terms of what a firm is being asked to do, and whether additional information is needed.     

This is where a centralized approach can prove to be indispensable. Everything is reviewed on a matter-by-matter basis, with each matter assigned a series of follow-up steps that must be taken to meet its associated regulatory obligations. A centralized process also greatly streamlines the litany of separate steps that are traditionally involved in ensuring regulatory compliance, including:  

  • Communicating updates on the review process  
  • Quickly finding captured information  
  • Identifying decision makers  
  • Determining the single sources of truth in cases where multiple versions of documentation exist  

A scalable risk & compliance solution from iManage  

When asked whether they were currently looking at solutions to help centralize their processes, 67% of attendees answered in the affirmative — a finding that speaks to the growing recognition of the need for a more systematic approach to managing ever-complex compliance requirements. Yet, while it's clear that a centralized approach to managing regulatory compliance confers many benefits, some firms may be unsure where or how to begin.  

Risk and compliance from iManage can serve as a helpful resource for instituting a more robust approach to regulatory compliance. iManage offers a complete solution to manage the risks associated with accepting new business and onboarding new clients, from conflicts of interest to client due diligence to compliant matter set-up. Our pre-configured solution reduces the complexity typically associated with conflicts and business intake implementations, empowering organizations, large or small, to get started quickly and tailor the configuration to meet their unique and evolving needs.   

Learn more about how iManage can help your firm more efficiently meet its regulatory compliance needs. 

About the author

Manuel Sanchez

Manuel Sanchez is Information Security & Compliance Specialist at iManage with extensive professional experience in information security, governance, and compliance.

Making Knowledge Work

Request a demo

Ready to see how iManage can make a difference to your organization?