Examining the benefits of centralized risk management and regulatory compliance

Regulatory compliance. The words alone are enough to induce anxiety in even the most seasoned legal professional, and it's easy to see why. News of large fines being levied against firms of all sizes for failing to comply with regulatory obligations is all too common. The impact firms face extends beyond the financial; affected firms also incur a reputational hit, and they must commit valuable internal resources toward working with regulators.  

Fortunately, regulatory compliance doesn't have to be as onerous a process as one might think. To illustrate that point, we recently joined a webinar with James De Swert, Global Solutions Consultant, iManage, and Charlotte Miner, Director, Risk and Compliance, Frontera (now part of Accelalpha), to discuss systematic approaches firms can take to meet regulatory obligations. Below, we've summarized a few key points from that discussion.   

Unpacking the benefits and risks of a centralized approach to regulatory compliance  

Where feasible, the use of a centralized process to handle regulatory compliance has become a popular choice for law firms. A centralized process is defined as a dedicated organization-wide approach in place responsible for handling risk associated with onboarding new business for the firm – specifically Know Your Customer (KYC) and Customer Due Diligence (CDD), which involves conflict of interest checks and clearance, Anti-money Laundering (AML) and Sanctions compliance, and so on – before it becomes a live matter that is approved and open for billing.  

A centralized approach has many benefits, including:   

• Enhances efficiency by establishing a replicable process across practices
• Meets regulatory requirements by ensuring that all touch points are met
• Ensures consistency of approach and decision making
• Centralizes recording, audit trails, and better monitoring
• Consolidates data and resources 

There are also potential risks for those firms not considering a centralized strategy: 

When asked if their firm had a centralized team dedicated to this purpose, 51% of webinar respondents indicated that they did not presently have one.   

Building a culture of compliance    

When it comes to honoring a firm's regulatory obligations, the best course of action, noted Charlotte Miner, is to implement a holistic, firm-wide culture of compliance. This, she said, can be accomplished by taking a consultative approach.   

"I think what's really important for risk and compliance teams is that we're making sure we really understand our client base, our business, where the pain points are, the nuances the different practice areas may be facing, and how certain clients may like to work," said Miner. "You find out a great deal of things you might not have been aware of before that can then help to inform your requirements, your process in terms of what you're looking for, and how you can benefit the entire firm in terms of a more efficient way of working."  

Other components of fostering a culture of compliance include:   

The state of industry compliance 

When asked how robust attendees believed their policies improving procedures around completing risk assessments for new clients and matters are, 67% of respondents indicated that they are working on improvements to their processes, compared to only 33% of respondents who indicated that they believe their existing policies were very robust.    

These results tracked with findings from a 2021/2022 Solicitors Regulation Authority (SRA) study, which painted a less-than-rosy portrait of industry compliance. Findings included:  

The value of a centralized regulatory compliance approach  

Firms face many regulatory obligations, each requiring a series of processes and policies in place to meet them. Here, the value of a centralized approach in place to streamline regulatory compliance becomes clear.   

For example, firms that perform transactional work — such as those involved in the purchase of properties or assets — must perform the necessary due diligence related to the source of wealth and source of funds, with each requiring the asking of specific questions and collection of the right documentation. In this situation, merely conducting client due diligence is not enough; each matter must come under scrutiny in terms of what a firm is being asked to do, and whether additional information is needed.     

This is where a centralized approach can prove to be indispensable. Everything is reviewed on a matter-by-matter basis, with each matter assigned a series of follow-up steps that must be taken to meet its associated regulatory obligations. A centralized process also greatly streamlines the litany of separate steps that are traditionally involved in ensuring regulatory compliance, including:  

A scalable risk & compliance solution from iManage   

When asked whether they were currently looking at solutions to help centralize their processes, 67% of attendees answered in the affirmative — a finding that speaks to the growing recognition of the need for a more systematic approach to managing ever-complex compliance requirements. Yet, while it's clear that a centralized approach to managing regulatory compliance confers many benefits, some firms may be unsure where or how to begin.  

Rick and compliance from iManage can serve as a helpful resource for instituting a more robust approach to regulatory compliance. iManage offers a complete solution to manage the risks associated with accepting new business and onboarding new clients, from conflicts of interest to client due diligence to compliant matter set-up. Our pre-configured solution reduces the complexity typically associated with conflicts and business intake implementations, empowering organizations, large or small, to get started quickly and tailor the configuration to meet their unique and evolving needs.   

Learn more about how iManage can help your firm more efficiently meet its regulatory compliance needs.