Eilish Cullen, Teal Compliance’s Head of the Partnerships and our Data Protection Subject Matter Expert attended the Law Society Risk and Compliance Conference on 12 March 2025, here are her takeaways.
As ever, the sector is shifting big time, and we all need to be ready for it – whether managing complex and evolving regulations, ensuring data security, adapting to the rise of AI, and navigating economic pressures, all while building a positive culture and driving new business.
So this is something we all need to keep a close eye on, especially for COLPs and MLROs as the challenges we in AML and risk management are facing is going to dramatically ramp up with more and more complexities to navigate.
Here are Amy Bell’s Handy Hints for those new to the role of COLP & MLRO – READ HERE
The agenda for the rest of the day looked like this, and each delegate was offered 2 out of the 4 workshops:
- TED talk: Is the legal profession fit for the 21st century?
- SRA: Regulatory priorities in a changing legal landscape
- Plenary 1: AI on trial This session delves into the risks and opportunities of AI in legal practice.
- Workshop A1: Cybersecurity for small and medium-sized firms (run under Chatham House Rule)
- Workshop A2: Social conflict and reputational risk
- Plenary 2: Economic crime concerns
- Workshop B1: Handling client money Post Axiom Ince the SRA proposes
- Workshop B2: Risk management 101 Essential risk management strategies and best practices for process mapping and policy development.
- Plenary 3: Code of conduct and culture What is your role as a compliance officer in shaping conduct and culture?
- Reputational risk in law: Defending your reputation Join Jacqueline McKenzie, human rights and immigration lawyer, for an insightful keynote on managing reputational risk.
Is the Legal Profession Fit For the 21st Century?
Kirin Kalsi, General Counsel, Compliance Officer and Data Protection Officer at E.ON UK, gave us a Ted Talk on the subject.
With the focus on law firms and their lawyers being focused on the billable hour and money, the potential for risk is high, to the client, to the reputation of the law firm, and of course to the law firm employees.
Kirin went on to talk about how the training of juniors/trainees hasn’t really changed in 20 years. The same methods are being used, but how do we come together as a legal sector to change that approach for training our new generation.
From training new generations coming into the profession and how the culture of the sector as a whole, as well as firmwide, is key to long term growth. New entrants to the profession say work/life balance is really important, their outlook on what’s important is different and Kirin said that potentially the profession is still way behind on this.
As attendees, we were asked is it within our power to change this? A conversation that I am taking back to the team at Teal and asking ourselves how we can support change.
As the Post Office Scandal, ‘Biggest Miscarriage of Justice’, is still very much in our front of minds, seeing Lee Castleton speak at various events, and knowing that 900 Post Masters were prosecuted, Kirin asked what can we learn from it in our risk and compliance efforts, both as consumers of law and of practitioners.
On a side note away from Kirin’s talk, the SRA confirmed it has more than 20 live investigations into solicitors and law firms who were working on behalf of the Post Office/Royal Mail Group. In a statement it says “We will take action where we find evidence that solicitors have fallen short of the standards the public expects”.
If you haven’t already read this, I urge you to: Post Office Horizon Inquiry – human stories
The need to ‘speak up’ and remind ourselves of our professional obligations. Attendees were asked if we have carried out our own firm’s internal training/briefings when it came to ensuring there will never be another Post Office Scandal (in terms of aggressive litigation, dehumanisation, bullying).
If you haven’t, then it’s time to have the conversation as to why we and/or our bosses feel it’s irrelevant?
It didn’t take long for the talk to turn to the use of AI and technology. As a profession we need to be forward thinking and proactive, especially when it increases efficiency and time. For example, our Teal Tracker, is built for efficiency and risk management. It’s accessible and easy to use. Amy Bell wrote this software and had it built specifically for the holes that appear in a firm’s AML compliance, data protection and regulatory processes.
TEAL TRACKER – you can read more about our software by clicking on the link HERE.
The takeaways on the subject of AI from Kirin’s Ted Talk for me were that in 2025, lawyers and colleagues in firms are more efficient and self-sufficient, arguably due to the software firms currently have in place.
As with technology and change, with AI there is an element of firms being both delighted at what AI can assist with in tandem with fear that it will replace their jobs.
There is still a concern regarding the reliability of AI (still in experimental phase) but the stark reality is that it is improving every day. We can’t afford to be dinosaurs.
When it comes to law firm risk and compliance, human risk has always been present (ask any insurer!), and therefore accuracy and reliability has always been a concern even without the use of AI.
All of us in the legal sector need to consider human risk -v- risk of AI getting it wrong.
Concern regarding whether a firm’s insurance covers the risk surrounding using AI – a reminder to firms to have that open conversation with their PII provider.
Aileen Armstrong, Executive Director, Strategy Innovation and External Affairs at the SRA, focused on their priorities when it came to client money, high volume claims, and governance & regulation of AI.
Client Money Consultation
The SRA received hundreds of written responses from the legal profession on this as well as insights and opinions from their round table and focus groups.
In terms of alternatives to firms holding client money, some firms did agree that third party managed accounts (TPMAs) may present less risk.
However, firms had concerns that using TPMAs could increase the risk of cyber crime due to the amount of funds in them. Costs of their use and visibility were also a key concern in this respect. Other firms thought that changes to the current regulations surrounding accountant reports should be strengthened, perhaps in favour of annual declarations.
The SRA knows that any change won’t happen immediately and no decisions have been made at present. An executive speaker for the SRA stated that it may be a case that a tech solution may be the answer, something which may not even be in existence yet.
It’s a case of watching this space.
Handling Client Money - Residual Balances
We talked to Karen Edwards, Head of Professional Development at the ILFM, who found the conversation on residual balances intriguing.
Jayne Willetts, solicitor advocate, said that there is likely to be tightening up by the SRA on the issue of residual balances in the form of warning notices or additional guidance notes, but in her view she didn’t think the SRA will amend the Accounts Rules.
If you need Residual Balance Training – look no further – CLICK HERE.
High Volume Consumer Claims
The SRA currently has 60 live cases regarding law firms on this issue. They have published
guidance to consumers on this point, which you can READ HERE.
The SRA realise that these types of funding (no win no fee as an example) are a vital access to justice for so many, especially when other funding methods are not available.
The flip side is that there simply has to be better consumer protection overall. There have been significant problems and failings in this area, namely unstable funding models, lack of supervision, how ‘no win no fee’ models are sold/marketed to clients, as well as cold-calling and failings surrounding ATE/keeping clients up to date.
The SRA however does recognise that there are many claims’ firms doing a grand job, but the continued risks to consumers must be monitored and controlled.
Governance & Regulation of AI
The SRA recognises the importance of innovation in general.
In many ways we are still at the bottom of the hill however in terms of our understanding of this fast evolving landscape. In terms of what the SRA is doing in this area, it was said that it is producing guidance to help, whilst working with tech providers. The SRA is conscious that different firms/departments will have different AI needs.
The regulator says it has also been working with the Law Society on legal tools and the need for regulation surrounding this.
Question to SRA: What can the SRA do to win hearts and minds?
Answer: They recognise that the regulator must play its part and it recognises the need to engage with the sector… “talking and hearing”. This is why they wanted to do the Client Money Consultation differently rather than just set out proposals. They wanted to look at all of the evidence.
Question to SRA: Supervision. Is the SRA just concerned about supervision on high volume claims or in general?
Answer: Obligation to supervise must happen across the board.
On a side point, I read a post from John Hyde, Reporter at the Law Society Gazette.
He reported that the SRA insisted, on his questioning, that no decisions had been made on the future of the client account. He went on with his opinion post saying when asked how much money is held in law firm client accounts, the response was that the SRA didn’t know off the top of their head right now.
Hyde said that given that it was fundamental to the whole topic of client accounts, he might have imagined that the figure would be a key one. He concluded his short LinkedIn post saying,
“The SRA is acting without truly understanding the profession or acquiring sufficient evidence”.
Plenary 1: AI On Trial: Felix Zimmerman from Simmons & Simons (and others)
Felix specialises in negligence claims in firms, specifically surrounding AI use.
Conveyancing & Artificial Intelligence
The data came first in this talk.
There were 1.2 million property transactions in the UK last year and an increase is anticipated.
There is a drop in conveyancers so this means less people doing more work. The conveyancing industry has a reputation for doing things slowly. However, exciting for this area of property transactional law is development with the use of AI Agents to assist (multi models) which can control the mouse and key board, log into peoples inboxes, draft emails and then put them in their draft inbox ready for the staff member to check and send out.
This is designed to improve efficiency, Teal Compliance will be keeping its ear and eyes open with regard to risk in this regard.
Litigation & AI
There is now the ability to look at pleadings and review the prospects of success, thus reducing fee earners time on this.
Compliance & AI
There is a plethora of data online Felix said, and reviewing all of this can take time. AML compliance, risk management etc, can cause frustration for everyone, with fee earners and lawyers who just want to get on with their own client work, as well as partner feedback explaining they are worried about their firm’s bottom line, time constraints, fees and the possible impact on client relations due to delays.
All of these stresses around compliance can significantly impact job satisfaction.
Replacing Staff?
The average demographic of junior lawyers is 30 years and up now. There are concerns that they might be replaced by AI.
Ultimately, AI is being built to empower and assist with the “heavy lifting” in a law firm. It’s important for the legal sector as a whole to understand that AI should not be delegated tasks which are not appropriate for it, and that will negatively impact their clients and the firm’s reputation whilst keeping the insurer satisfied.
The reality is that the next set of laptops being bought will have AI chips built into them, it’s a language model training tool.
It was suggested that if we are having to double check the work of AI assistance, is it worth it in the first place?
Arguably yes, as it will still cut down a lot of time.
Question: Could firms face negligence claims for their failure to use AI?
Answer: Felix says yes potentially- for example in commercial litigation. ‘Relatively’ software is commonly used in these departments to review disclosure and can provide much better selection than any team of paralegals would.
Question: Environmental Consequences -v- Commitment to Net Zero.
Answer: Yes, recognise that there is a big environmental impact regarding use of AI e.g. use of water coolers for hard drives.
Question: What Training Should Firms Put in Place for AI Safety?
Answer: An overview of solutions, limitations etc.
Economic Crime Concerns.
The panel consisted of Colette Best (Kingsley Napley), Anita Clifford (Red Lion Chambers) Andy Donovan (Vinci Works), Harriet Holmes (Thirdfort) and Nicola Kirby (Latham and Watkins).
The Dentons case was one of the first topics discussed. Let’s face it, it wasn’t a great result for the legal profession. HOWEVER, the saving grace is that it highlighted only serious breaches will result in the SDT getting involved.
The headline from the Law Society Gazette (article dated 11 March 2025) is:
“SRA overturns Dentons acquittal in AML case”
You can read the article written by Bianca Castro HERE. The judgment from the High Court, said the ‘only evaluation’ required by the SDT ‘was whether or not the firm had complied with regulation 14 of the MLRs 2007’.
Source of Funds (SOF) and Source of Wealth (SOW):
There are no anticipated changes to the legislation for source of funds / source of wealth.
The legislation states get it from the source “where necessary” so we are left to look at the LSAG Guidance.
SOW is needed where a client is a PEP or in high risk jurisdiction. The difficulty with SOF/SOW is that a lot of it is a judgement call, making it a tricky area. Similarly, the legal profession is using terms interchangeably, which isn’t helpful.
Generally speaking, getting six months of documentation, as a starting point, but with the possibility of having to go back several years for higher risk areas. Teal and the team will update any changes and of course we always have updates and webinars on this subject.
The panel said that documenting decision making is important with decision making, information considered and action taken as a result.
Law Society’s 2025 focus on Risk and Compliance
The Law Society outlined their Formal Response to the SRA Consultation on Client Money with the following points:
Government considerations were discussed including the question, should we dispose of Enhanced Due Diligence (EDD) for high risk jurisdictions i.e. make it more risk based? Should we have lower risk factors?
The SRA has said that sanctions need to be in FWRA, either within the AML one or a separate one.
Trade sanctions should also be considered, especially if firms are at risk.
The SRA is carrying out sanction visits on law firms it regulates. This is mostly following on from its earlier sanctions questionnaires. It’s usually a 1 day visit, with policies and interviews taking place. Do check with the SRA on this point if you have any concerns.
Accountants’ Reports – there was talk about asking firms to submit these every 3 years (at present law firms need to obtain an accountant’s report within six months of the end of each accounting period if they hold or receive client money; and this report should only be submitted to the SRA if it is qualified, meaning it identifies issues with compliance regarding client fund).
Enforcements – we should expect SRA enforcements to continue and don’t think the ‘change of guard (Paul Philip leaving) will change this!
SRA Thematic Review on AML Training October 2024 Findings:
There is a distinct and direct link between the quality of AML training and findings on files. Firms and the legal sector as a whole must move beyond “Tick-Box” training, something that Teal Compliance has been passionately focused on for a long time now.
The SRA is concerned that some firms treat AML training as a mere formality, rather than a crucial tool for preventing financial crime. The regulator stresses the need for training to be relevant, engaging, and tailored to the specific risks faced by each firm.
TEAL COMPLIANCE TRAINING – find out more of how our tailored, relevant and engaging training can support your law firm policies and procedures.
As mentioned a few times throughout the day, ‘Off the shelf’ training probably isn’t going to cut it. The SRA wants to see that the training is tailored to real life scenarios. AML training should be at the very least carried out annually.
It was said that there needs to be systems in place for when someone misses AML training, including seniors management and partners.
In terms of specific training, there was a recommendation for training that is interactive such as ‘have a look at this” examples and “ who do you think is the beneficial owner?”’ i.e. pin the tail on the beneficial owner type of situation. Great to know that Teal Compliance is doing this and more in all our training sessions.
Someone came out with this statement, which I loved: “If it has a heart beat, train it’.
It was concluded that treating templates as a final solution is wholly inadequate. Use them as a base, yes, and then meticulously adapt them to your firm’s specific requirements. This is one of the themes we see at Teal Compliance, a firm’s assumption that a template is enough. It’s not.
Have a look at our Policy Review and Writing HERE.
Regarding ongoing monitoring, Harriet Holmes said there was a necessity to document ongoing monitoring, even if there have been no changes to client or matter risk, and to make sure everyone understood the tools and technology they are using. She pointed out that if you get alerts, look at them in a timely fashion and solve any issues as otherwise it leaves you and your firm exposed.
Have you downloaded your TEAL TRACKER?
Code of Conduct and Culture in Law Firms
This session had panel speakers, Paul Bennett (Partner at Bennett Briegal LLP), Clare Hughes-Williams (Partner at DAC Beachcroft), Pearl Mosses (Head of Regulatory Compliance at Setfords Law Ltd), and Elizabeth Rimmer (CEO at LawCare).
Between the above speakers, it was agreed that firms need to have strong HR support and buy in to the employees, not just their employers
Great leadership means leading by example, ensuring your team has trust in you, whilst having a transparent organisation that has the ability for staff to call out poor behaviour. HR and supportive teams must communicate throughout the firm what your culture is and embed it firmly. This should never be just a website policy saying how great you are with your culture and DEI, you have to show it through actions.
The following were suggested to manage risk as well as look after your staff and colleagues:
- Anti-Bullying and Harassment training.
- Performance reviews should be part of your culture.
- Survey staff to find out what is the drive and motivations within your culture.
Elizabeth Rimmer, CEO of Lawcare, reminded us that the charity was there for everyone in the legal sector. It’s a place of confidentiality and no judgement.
Lawcare has been in place since 1997 and 2024 was their busiest year apart from 2020 (lock down).
The charity findings say that a review of your hierarchy behaviours could flag up some vital change requirements as they are seeing a culture in many firms on the premise that “it’s how things are done round here” which isn’t sustainable for retaining great staff or business growth.
With the topic of psychological safety at work, questions that you might ask yourself are:
- Do you and your colleagues feel valued?
- Is constructive criticism in place?
- Is there a fear of raising mistakes (i.e., if I own up to a mistake, might I lose my job or be judged?)
- How do we learn from this as a culture (when mistakes happen – because they will happen!)?
- Is there a subtle blame culture?
- What are our inherent risks that might hinder our staff’s mental health?
- Is there a lack of supervision when it comes to bullying and harassment?
Overall, this was a really great session to bring the day to a close. ·
Eilish Cullen’s Conclusion of Risk & Compliance Conference Talks
For me, I found the conversations and topics around the evolving risk and compliance landscape to be as follows:
There is an increasing complexity of risk and compliance for law firms, not only traditional AML and regulatory risks, but also reputational risks, which are now receiving greater scrutiny.
The role of risk and compliance professionals is evolving to encompass a wider range of responsibilities.
When it came to culture and legal ethics it was very evident that the SRA is placing greater emphasis on firm culture and well-being. We know from speaking with our friends in insurance that this is a big factor for protecting firms against risks because having a strong moral and ethical culture is seen as essential for reducing errors and improving client outcomes.
Discussions also focused on the need to balance regulatory priorities with lawyers’ ability to advocate for their clients.
The conference underscored the insufficiency of generic compliance templates. Law firms must recognise this and develop tailored AML strategies to meet the demands of the current regulatory environment.
If you’d like to chat with me directly or find out how my colleagues can support you, please
do get in touch with me: eilish@tealcompliance.com or you can get hold of any of us HERE.
