Let my firm open the file (with apologies to Pete Townshend)
Why is opening new files so easy for some law firms and so hard for others? And what are the regulatory requirements?
In this column, Paul Longhurst of 3Kites Consulting starts by discussing the practicalities of file opening challenges, whilst Richard Kemp of Kemp IT Law follows this by covering the regulatory requirements that firms have to navigate
In our experience, the file-opening process varies greatly from firm to firm. These variations may reflect the ways that regulations relate to different work types or differing levels of comfort with the exposure that new matters bring.
Whatever the reason, the common thread that we see time and again is lawyers simply wanting their matters opened as quickly as possible in order to record time and create documents against the right matter number. The fact is that many lawyers work on new matters before they are fully opened, so how can we help them to do the form filling, the due diligence and conflict checking that firms need?
When we are working on a client and matter inception project, either as part of a PMS deployment or as a stand-alone initiative, we first seek to understand what policies firms have defined and how well understood and observed these are. We will often ask consultees to tell us not what people are supposed to do but what they actually do – it is the gap between these two states where problems lie.
By acknowledging the reality, it is easier to define an approach that helps lawyers to do the right things. Even when firms are complying with their obligations to deliver anti-money laundering training, we often find that lawyers who have been in practice for many years don’t fully appreciate how far the regulatory environment has changed and what this means in terms of the risk assessments required at client and matter inception. Without that appreciation, the lawyers can often end up being the delaying factor themselves.
If lawyers are going to record time and create documents, we would recommend doing so with a permanent client and matter number, with appropriate limitations as to what can be done on the file, particularly in relation to financial transactions (taking money into client account, billing etc).
The alternative is either using temporary files or making a note of time spent and keeping documents on local drives, both of which risk leaking time and losing documents when transferring to permanently assigned numbers at a future point.
By moving to a permanent matter number as quickly as possible, the time and documents are in the right place from the outset and if a conflict is found or KYC checks fail, the matter can be closed down in an orderly fashion.
This also carries the benefit that such files can be analysed to show how much time is spent on matters that fail your file opening checks… a task which ranges from non-trivial to impossible when using temporary files or no files at all.
The role of lawyers
Lawyers have their part to play here and the deal has to be that there is a minimum amount of information (which will vary by firm and work type depending on risk levels) which must be collected before opening the file. In addition, all remaining information that is required for file opening (as opposed to optional details that may be collected at any point) must be provided within an agreed timeframe before which no client monies can be accepted and no bills issued along with a limit, in hours and minutes or to a financial value, on the amount of time that can be recorded.
If the timeframe is reached without all information being provided and checked by the matter partner, the file should be locked and no further time captured until file opening is completed.
The lawyer could always continue to work off grid as happens now, so how is this different? It is only different if it is easier to go along with the system than it is to fight it, and part of this must be a shift in culture whereby those that don’t follow the policy are held to account by a leadership that understands the positive impact of having risk policies that are fair in recognising the needs of the lawyers whilst protecting the business.
At which point, over to Richard….
Richard Kemp writes
The firm’s file opening policy will bind together a number of strands – the overriding legal requirements; the nature, breadth/scope of the firm’s business; and the people - and IT-based assessments, processes and governance that the firm applies.
The background rules on client onboarding and matter opening continue to get more stringent (see below for a jargon buster table):
- firms’ AML/CTF duties under 5MLD, in effect since January 2020, have become more granular and extensive across the board from CDD to training requirements to risk assessments;
- MLRO and MLCO roles have become more consequential;
- targeted sanctions have hit the headlines recently affecting firms with Russia-related business;
- the SCCF/S rules may impact which clients a firm may take on, the service to be provided, when money needs to be paid into client, rather than office, account, etc;
- the fiduciary position of solicitors puts them under strict conflict of interest rules (these are broader than generally recognised);
- clients may have requirements about when, how and by whom new matters are opened;
- UK GDPR rules apply to personal data the firm receives at client onboarding time and may make it at least desirable to carry out a DPIA when a new IT system is implemented; and
- in a challenging insurance market, firms’ PII providers are seeking more and more information about firms’ onboarding policies.
Growing rule book
This rule book has grown markedly in recent years, meaning there’s a lot that system providers need to keep up with, and on top of, for their law firm clients.
Balancing the black letter law rules with the needs of the business puts significant – and growing – responsibility on to the shoulders of firm management to operate client onboarding and file opening compliantly, effectively and efficiently. And although firms have invested heavily in recent years in people and technology resources to achieve this, getting compliance and business needs pointing in the same direction can be a challenge.
In practical terms, effective governance is critical: the firm’s policy should take into account all stakeholders’ interests and provide effective escalation to mediate between the different interests that naturally arise in a law firm setting – from the partner who ‘wants to get my guys billing on this great new client right now’ to the team who have to make sure the ‘great new client’ isn’t on a proscribed list or conflicted out somewhere.
Above all the policy and the way it operates should be trusted across the firm to remove the need to go off grid or underground.
Paul Longhurst is a director of 3Kites consulting and Richard Kemp is a partner at Kemp IT Law. This is the fourth article in the series Navigating Legaltech.
|5 MLD||The fifth Money Laundering Directive|
|CDD||Client Due Diligence|
|CTF||Counter Terrorist Financing|
|DPIA||Data Protection Impact Assessment|
|GDPR||The EU’s General Data Protection Regulation|
|MLCO||Money Laundering Compliance Officer|
|MLRO||Money Laundering Reporting Officer|
|PII||Professional Indemnity Insurance|
|SCCF/S||SRA Code of Conduct for Firms/Solicitors|
|SRA||Solicitors Regulation Authority|
|UK GDPR||GDPR as it applies in the UK post-Brexit|
About 3Kites and Kemp IT Law
3Kites is an independent consultancy, which is to say that we have no ties or arrangements with any suppliers so that we can provide our clients with unfettered advice. We have been operating since 2006 and our consultants include former law firm partners (one a managing partner), a GC, two law firm IT Directors and an owner of a practice management company. This blend of skills and experience puts us in a unique position when providing advice on IT strategy, fractional IT management, knowledge management, product selections, process review (including the legal process) and more besides. 3Kites often works closely with Kemp IT Law (KITL), a boutique law firm offering its clients advice on IT services and related areas such as GDPR. Where relevant (eg when discussing cloud computing in a future article) this column may include content from the team at KITL to provide readers with a broader perspective including any regulatory considerations.