Mastering client matter risk assessments: Your shield against financial crime

Are your client and matter risk assessments (CMRAs) up to SRA standards?

SRA research reveals that nearly 1 in 5 files still fail to document client and matter risk assessments properly – putting law firms at risk of financial crime exposure and regulatory action.

In our latest blog, we provide a practical checklist, and share best practices for risk documentation that will keep your firm compliant and protected. Plus, read how one firm avoided an SRA fine by having airtight risk assessments in place.

Don’t leave compliance to chance—read the full guide now!

The fraud prevention tightrope: Navigating the UK’s new failure to prevent fraud offence

From 1 September 2025, the UK’s new “failure to prevent fraud” offence puts large organisations – including many law firms – under stricter scrutiny. If an employee commits fraud that benefits the firm, the firm itself could be held liable unless it can prove it had “reasonable procedures” in place to prevent fraud.

This isn’t just a theoretical risk. Think about inflated billing figures or supplier fraud – your firm could be caught. The stakes? Huge fines and reputational fallout.

But there’s good news: a strong compliance programme is your best defence. This means embedding fraud prevention into your risk assessments, training, and oversight—just as you already do for AML.

Read the full article to find out how to protect your firm.

Why solicitors file reviews are more than just a box-ticking exercise

Let’s be honest – file reviews aren’t exactly the most exciting part of being a solicitor. They take time, require attention to detail, and can feel like yet another compliance burden. That’s almost certainly why most firms struggle to keep up with their file review schedule.

But while they may not be the most thrilling task, regular file reviews are essential. More than just a regulatory requirement, they can help safeguard your practice, maintain high standards, and improve client satisfaction.

Reminder: Take Part in LawCare’s “Life in the Law” survey

LawCare Life in the law 2025

By Samantha Bray

LawCare, the leading mental health charity for the legal sector, is conducting an important study to gain insights into what working in law is truly like. The Life in the Law 2025 research is an opportunity for everyone in the legal profession to have their voices heard, with separate surveys for both individuals and organisations.

This research delves into critical issues facing those working in the legal field, including:

long working hours
job-related stress
burnout
mental health in the workplace
bullying
harassment
discrimination
the support systems provided by employers to promote wellbeing

By participating in the survey, you’ll help LawCare better understand why mental health challenges are prevalent in the legal sector and contribute to identifying practical solutions to mitigate these issues. The findings from this research will provide valuable evidence-based recommendations for individuals and organisations to help create healthier and more supportive working environments.

The surveys are anonymous and confidential, and should only take around 10 to 15 minutes to complete. You can take part by filling out the appropriate survey for either individuals or organisations:

The surveys will remain open until Friday, 21 March. Results, along with evidence-based recommendations, will be published in October 2025.

Don’t miss the chance to shape the future of mental health support in the legal profession – take part today!

ICYMI: COLPs and COFAs: Have you thought about your personal liability?

By Sophie Cisler

When the COLP and COFA regime was introduced in 2011, questions were raised about how much personal liability such individuals would bear.

The SRA at the time was quick to reassure the profession, stating that compliance officers would not be “sacrificial lambs”. Over the intervening years, it was popular to refer to compliance officers as the conduit between the firm and the SRA.

But are things fundamentally shifting?

News and Guidance

News for solicitors

Legal Futures | Lawyers worried by over-reliance on SRA discretion post Dentons – Specialist regulatory lawyers have raised concerns that a recent High Court ruling in the Dentons case – which overturned the SDT’s dismissal of an AML prosecution on the basis that such breaches are effectively strict liability offences, requiring only a finding of seriousness – places too much reliance on the SRA’s discretion in determining the severity of rule breaches. They argue that this diminishes the SDT’s role in deciding whether minor breaches amount to professional misconduct, potentially leading to unfair future outcomes. In response, there have been calls for the SRA to provide clearer guidance on what level of misconduct warrants an SDT prosecution.
Gazette | Tribunal rules solicitor cannot pursue victimisation claim based on firm’s report to the SRA – An employment tribunal has dismissed a solicitor’s victimisation claim against her employer after the firm reported her to the SRA. The tribunal ruled that the report was legitimate, based on a serious matter, and protected by absolute privilege, reinforcing the obligation to report potential misconduct to the SRA.
Legal Futures | LSB tells regulators to improve lawyers’ ethical standards – The Legal Services Board (LSB) has proposed new requirements for legal regulators to enhance ethical standards among lawyers from the outset of their careers. This initiative responds to evidence of conduct falling short of public expectations, including misleading courts and compromised independence. The LSB’s draft policy outlines five outcomes, such as ensuring lawyers possess the necessary knowledge and skills regarding ethical duties and fostering workplace cultures that support ethical decision-making.
SRA | Work continues around high-volume claims – The SRA has announced ongoing investigations into over 60 firms involved in high-volume claims and no-win no-fee arrangements, encompassing more than 150,000 cases. The regulator says these investigations have uncovered issues such as unexpected costs and unresolved claims, raising concerns about consumer protection and trust in legal services.
SRA | Anti-money laundering: Get the basics right https://www.sra.org.uk/home/hot-topics/anti-money-laundering-get-the-basics-right/ – The SRA has published guidance on AML compliance basics, making it a useful starting point for anyone new to AML or launching a compliance project. It highlights common weaknesses found in law firms, such as inadequate firm-wide risk assessments, poorly implemented client due diligence, and a lack of staff training. We can expect additional guidance and warnings, possibly even rule changes – coming out of this project.
Law Society | Practice note| Protection for client accounts – The Law Society has issued a practice note on deposit protection for client accounts, offering best practice advice in the event of a bank or building society failure. It clarifies that solicitors are unlikely to be liable for client money losses if funds are placed in accordance with SRA Accounts Rules, but any express undertakings must still be honoured. The Financial Services Compensation Scheme (FSCS) provides up to £85,000 protection per client per banking licence, meaning firms should be aware of how client money is distributed across financial institutions. The guidance also covers the process for making FSCS claims, client communication, and considerations around temporary high balances.
Law Society | Practice note | Freelance solicitors – The Law Society has issued a practice note detailing the framework for freelance solicitors introduced by the SRA Standards and Regulations 2019. This model allows solicitors to offer legal services independently, outside traditional legal entities. Important restrictions and requirements apply if the freelancer conducts reserved legal activities. The rules are more relaxed for non-reserved work.
FATF | Jurisdictions under Increased Monitoring – The Financial Action Task Force (FATF) has updated its list of jurisdictions under increased monitoring as of 21 February 2025. Notably, the Philippines has been removed from this list following significant progress in addressing strategic deficiencies. Conversely, Nepal and Lao PDR have been added due to identified shortcomings in their anti-money laundering and counter-terrorist financing frameworks. Solicitors are advised to review and update their internal monitoring and CDD policies to reflect these changes. Current jurisdictions under increased monitoring are:
- Algeria
- Angola
- Bulgaria
- Burkina Faso
- Cameroon
- Côte d’Ivoire
- Croatia
- Democratic Republic of the Congo
- Haiti
- Kenya
- Lao PDR
- Lebanon
- Mali
- Monaco
- Mozambique
- Namibia
- Nepal
- Nigeria
- South Africa
- South Sudan
- Syria
- Tanzania
- Venezuela
- Vietnam
- Yemen

Compliance corner – real life Q&As

Compliance Q&A for solicitors

Q: What are the main things I need to know about keeping data in our law firm?

A: Under the UK GDPR, law firms must not keep personal data for longer than necessary. While there’s no set retention period, firms must justify why they keep data and have clear policies in place. Law firms must:

Know what data you hold and why – Identify the categories of personal data you process and document the reasons for retention. This is often part of the “data mapping” exercise.
Set retention periods – Base these on legal, regulatory, or business needs, but avoid keeping data indefinitely “just in case”.
Review and delete or anonymise data – Regularly assess whether you still need the data. If not, securely erase it.
Respond to data subject requests – Clients and employees have the right to request deletion of their data unless there’s a legal reason to retain it.
Ensure security – Retained data must be kept securely, with appropriate access controls and safeguards.

What does this mean in practice?

For most client files, the standard retention period is typically six years after the matter concludes, in line with Limitation Act claims periods. However, some files (e.g. conveyancing or wills and probate) may need longer retention due to professional obligations. If you keep data for regulatory or legal reasons, make sure your privacy notice reflects this.

Having a clear retention policy is important – staff should know how long to keep different types of records and when (and when not) to dispose of them.

Try our Two-page data retention policy template.

This is not legal advice. If you have a question you would like us to answer in this section, feel free to send it to info@jonathonbray.com

Free CPD

free CPD for solicitors

Next session: TPMAs – what you need to know

With potential regulatory change on the horizon, following the now-closed SRA consultation on managing client money, law firms are increasingly asking about third-party managed accounts (TPMAs). Are they the right solution? What are the risks? How do they compare to traditional client accounts?

To answer these questions, we’re hosting a free webinar with Daniel Dunne from Interpolitan Money, who will share expert insights and take your questions live.

Date: Wednesday 26th March 2025

Time: 12:00 PM

Where: Online (Zoom)

What we’ll cover:

The benefits and risks of TPMAs
How TPMAs work in practice
The impact of potential SRA changes
Practical considerations for law firms (including what needs to be communicated to the SRA)

This session is ideal for COLPs, COFAs, MLROs, and anyone interested in the potential future of client money.

Places are limited, so register now to secure your spot.

We look forward to seeing you there!

SRA and SDT disciplinary decisions

solicitors disciplinary tribunal SDT SRA

Birketts LLP – firm rebuked for failure to discharge undertakings when working for a developer client. This is a good example of being mindful of taking steps in good faith, which can unintentionally make satisfying an undertaking almost impossible.
Emma Allchurch – solicitor fined £4,229 for failing to provide correct information about property work to her insurers, resulting in the policy being cancelled, to the detriment of clients.
Grimsby Solicitors Limited – AML fine of £23,596.
LCF Residential Limited – AML fine of £3,263.
Edward Taylor – IT Supervisor barred from the profession following ABH conviction.
Peter Maughan & Co Limited – AML fine of £8,947.
John Fletcher Solicitors Limited – AML fine of £11,860.
Natasha Edwards – GBH conviction results in a removal from the legal profession for this non-lawyer.
Christofi Wells & Co – firm rebuked for failing to file accountant’s reports and having unresolved residual client balances.
Acute Conveyancing Ltd – AML fine of £3,425.
Law Abroad Ltd (Underwoods Solicitors) – AML fine of £5,468.
Poppy Phipps – Mental Health Executive (not a lawyer) removed from the profession, after having been found to mislead her employer about her Law Society accreditation status.

Friendly reminder: Staying on the roll

If you’re a non-practising solicitor and want to remain on the roll, you must actively apply via mySRA – it’s not automatic. The SRA’s annual process requires you to confirm your status and pay a £20 fee. Failure to apply means removal from the roll, so if you wish to keep your status, make sure to complete the process before the deadline. The application window is 3 April to 28 May 2025. For full details and to apply, visit the SRA website.

Training your team: Anti-money laundering

The SRA expects that all ‘relevant employees’ practicing within the scope of the Money Laundering Regulations (MLRs) must receive robust anti-money laundering (AML) training. Now is the time to ensure your firm is compliant. Failure to meet these obligations can result in significant fines and regulatory action.

Our comprehensive AML training is designed to equip your team with the knowledge and practical skills needed to identify, prevent, and report suspicious activities, safeguarding your firm from risk. Ensure your firm stays ahead of regulatory requirements and avoids potential pitfalls by enrolling your team today.

Formats available: Online | In person | On-demand

Don’t miss out—request a free quote today!

Safeguard your practice: Independent AML Audit

In line with the SRA’s guidance, law firms must not only train their staff but also ensure the effectiveness of their AML controls through regular audits. An independent AML audit is crucial for identifying gaps in your firm’s anti-money laundering controls and ensuring adherence to regulatory standards.

Our expert team conducts thorough reviews of your AML systems and processes, providing actionable insights and recommendations to strengthen your firm’s compliance framework. Stay compliant, avoid regulatory penalties, and maintain the trust of your clients.

Included in the fixed fee:

In-depth analysis of AML policies and controls
Team interviews
File reviews
Customised report and recommendations
Debrief

Formats Available: Online | In person

Act Now: Contact us for a free consultation and safeguard your firm against AML risks

What we do – contact us for further information about our services

Outsourced COLP and COFA support
Compliance audits
New firm and ABS applications
Independent AML audits (Regulation 21)
Training (online, remote, on demand)
AML and GDPR workshops
PII cost reduction
Remote file reviews
TPMAs
Escrow accounts
AML and sanctions searches

Start typing and press Enter to search