New CQS standard going live on 1 May 2019
From 1 May 2019 all new CQS applications (and reaccreditations) will be assessed against the new Core Practice Management Standards.
Following significant criticism over the scheme, the Law Society will be increasing its spot-checking and desk-based reviews in an attempt to maintain the accreditation’s standing.
Reminder: SRA checking money laundering compliance
The SRA has started its sweep of 400 firms to check compliance with the Money Laundering Regulations 2017 (MLR 2017).
The lucky firms are being written to directly – you may have already received something. Some firms are being asked to supply copies of firm-wide risk assessments to the regulator.
The key things you should have in place to demonstrate AML compliance are:
- A firm-wide risk assessment
- A comprehensive and up to date AML policy
- Training records
- Evidence of client and matter-specific risk assessments
The MLR 2017 do not necessarily affect all law firms. However, where the Regs to apply, you are expected to comply in full.
We have prepared a Compliance Checklist to help you quickly identify what you should have in place.
Data protection: ICO fines London council £145,000
A database of sensitive personal data relating to alleged gang members, known as the Gang Matrix, was unlawfully disclosed to external agencies and then subsequently leaked to the public domain.
The database, which contained the personal details (including addresses and criminal records) of over 200 people, was sent by email by a Newham Council employee to 44 recipients.
At this point, the council lost control of the data.
It is known that rival gang members got hold of this information, and that there was a surge in local gang violence, although the ICO declined to make a causal link.
Why it matters
The ICO treats all data breaches seriously, but sensitive personal data is given special treatment.
Where your firm processes sensitive data (e.g. health, criminal, and HR records) you must ensure that steps are taken to ensure that information is safe.
This case highlights the inherent risk in compiling a database of multiple records, which creates a single point of failure. Where such a database is required for legal work (e.g. group litigation) it must be locked down and subject to strict data policies.
What to do when you have a data breach
We put together a quick one-sheet guide to what to do when you discover a potential data breach.
As soon as you discover the breach, the clock starts ticking, so swift action is required.
Practice notes and guidance
- No-deal Brexit guidance: Practical recommendations for family law
- Cohabitation agreements
- Technical Q&As – Finance (No.2) Act 2017: tax changes for non-UK domiciliaries and trusts
- Former clinical negligence solicitor Andrew Good struck off by the High Court for dishonest overcharging, overturning the SDT’s £30,000 fine of 2018.
- Rodney Whiston-Drew, jailed for 10 years in 2017 for his involvement in a complex tax evasion scheme, struck off. A reminder that the SRA is taking a zero tolerance approach to involvement is such dubious schemes.
- In other recent SDT decisions, solicitors received fines for harming the public’s trust in the profession. And a couple more strike offs for dishonesty.