Law Firm Compliance Update 2025 - The Essentials

Introduction

Updated for 2025, this modular webinar will provide you with an update and refresher on the key aspects of law firm compliance including AML, data protection and the SRA Accounts Rules.

Presented by expert speakers Jo Morris and Trevor Hellawell, this series of bite-sized 30-minute webinars is an ideal way to ensure you and your firm remain compliant.

Agenda

The modules covered are as follows:

Module 1 - AML Essentials - Trevor Hellawell

As the SRA maintain their unremitting pressure on law firms to enter into Regulatory Settlement Agreements (RSAs) and to pay substantial fines even for more minor transgressions, we must ensure that we are doing all we can to counter money laundering, terrorism and proliferation financing.

With increased attention focused not only on practice-wide risk assessments, client and matter risk assessments with an explanatory rationale, source of wealth and source of funds enquiries (and increasingly the obligation to get corroborative proof of what we are told) as well as paying special regard to the sanctions position generally, the burdens on us all continue to mount.

How can law firms best avoid meeting substantial fines - and maybe worse - head on?

This module will cover the following:

• Regulators’ investigations - key enquiries and things to focus on
• Outcomes - RSAs and more - negotiations and appeals
• Risk assessments of Clients and Matters - key inclusions - we need a ‘rationale’
• CDD - the key aspects
• Getting the key documentation
• Vetting the key documentation
• Source of wealth and funds investigations
• Other considerations - high-risk countries, PEPs & ongoing monitoring

Module 2 - SRA Accounts Rules Update & Refresher - Jo Morris

The SRA Accounts Rules were changed in 2019 with the release of the SRA Standards and Regulations. The number of rules were drastically cut - from 52 to 13 - but what did this mean in practice?

This module will explore the most important of the 13 rules in more detail and will look at how fee earners and finance staff can work together to ensure compliance with the rules.

This module will cover the following:

• Why the rules were changed in 2019
• What does that mean in practice for law firms
• Which of the rules are breached the most
• Why it is so important to be compliant with the rules
• What’s in the news in relation to the accounts rules

Module 3 - Conflicts of Interest - Trevor Hellawell

The SRA Codes of Conduct underwent much simplification as part of the SRA’s 2019 review of its rules and regulations, reducing the number of words used to describe some knotty problems that continue to exist and haunt us. The Rules still exhort us to have systems in place to enable us to identify all kinds of conflicts of interest, but the difficulty of doing so - and then dealing with the fallout - remains.

However, what do the Rules allow? What do they mean? What is the current state of the law and the ethical position, now the Rules hardly say anything?

This module will cover the following:

• Conflicts of Interest: Rule 6
• The Rule
• The exemptions
• When dare we act for more than one client?
• What does ‘informed consent’ really mean?
• Other ‘conflict’ situations

Module 4 - Cybercrime in Law Firms - Jo Morris

A recent report undertaken on cybercrime in law firms revealed that law firm employee passwords are widely available on the Dark Web.

That criminals may use them to enter our firms IT systems and do untold damage is a scary thought, especially as only 1 in 7 firms have the government’s Cyber Essentials certificate, which is recommended as part of the Lexcel accreditation and is a requirement for all public sector case work.

This module will explore why law firms are so attractive to the cyber criminals and will examine some facts, figures and information from the National Cyber Security Centre (NCSC).

This module will cover the following:

• How things have changed in the last five years
• Who is our enemy in the world of cyber attacks?
• The main types of cyber attack we may encounter
• Reporting of cyber attacks
• Live case studies and guidance

Module 5 - Equality, Diversity, Inclusion & Wellbeing - Trevor Hellawell

Despite many recent endeavours it appears we are still not doing enough to embrace our fellows as equals.

Law firms would appear to be as bad as any other in the patriarchal assumptions that underly our day-to-day transactions and our social intercourse. What effect have our new Rules had on this, what perceptions are there still about working in the law and how are we supposed to offer our services to clients who may not have the desire to work with us, for whatever reason.

This module will examine the current rules and the philosophy behind them, the Equality Act protected characteristics and will explore how far we have come - and how far we may still have to travel - in our attempts to treat all people as equals.

This module will cover the following:

• The basic legal obligations, now including wellbeing
• The Equality Act 2010 definitions of harassment, victimisation and discrimination
• SRA definition of bullying
• The ethical rules - the Standards & Regulations 2019 and the Codes of Conduct
• Examples of good and bad conduct in the workplace
• Recent examples of SRA enforcement action
• The use of NDAs - drafting, content and advice

Module 6 - Data Protection & the GDPR Refresher - Jo Morris

This module will offer a refresher on the Data Protection Act 2018 and the UK GDPR and detail what we should have in place to ensure we are compliant.

This module will cover the following:

• The legislation - Data Protection Act 2018 and the UK GDPR
• A little about the regulator - the Information Commissioners’ Office (ICO)
• The data protection principles and what we need to have in place
• Principle 6 - what technical and organisational measure we need to have in place
• Working from home - what does that mean in terms of Data Protection and GDPR
• What is a data breach and what do staff need to do when a breach occurs
• What documents our firm should have in place - privacy notice, breach registers

This pre-recorded webinar will be available to view from Friday 2nd May 2025

Alternatively, you can gain access to this webinar and 1,700+ others via the MBL Webinar Subscription. Please email webinarsubscription@mblseminars.com for more details.