If you’re running a small law firm in 2025, chances are compliance is keeping you up at night, and for good reason. Elaine Pasini gleans the latest data for this Key Takeaway blog.
The latest Bellwether Report from LexisNexis has confirmed what many in the legal sector already feel: compliance is now the number one concern for small firms. And it’s not just about ticking boxes anymore. Regulators are stepping up enforcement, and firms relying on outdated templates or generic policies are finding themselves in hot water.
At Teal Compliance, the whole team of experts work with law firms every day who are trying to navigate this increasingly complex landscape.
With so many SORTED Programmes to choose from (SMEs versus Big Law for example) there’s really no excuse to find yourself in the firing line of the SRA.
Here’s what we know and why now is the time to act.
Compliance Is No Longer Optional Admin
The Bellwether 2025 report paints a clear picture: small firms are feeling the pressure.
Compliance has overtaken profitability and client acquisition as the top concern. Why? Because the risks are real, and it’s growing.
Firms are waking up to the fact that regulatory expectations have evolved. What passed muster five years ago won’t cut it today. The SRA and Law Society are making it clear: compliance must be embedded, not bolted on.
The Regulators Are Watching and Acting
The Solicitors Regulation Authority (SRA) has been more active than ever in 2025. Already this year:
- 16 out of 50 disciplinary decisions have involved AML failings.
- Fines have topped £61,000, with one firm hit with a £27,813 penalty for systemic issues.
- Common breaches include:
- Missing or outdated firm-wide risk assessments
- Inadequate AML policies
- Poor training records
- Failure to notify the SRA of compliance officer changes
The message is clear: compliance failures are no longer tolerated, especially when they’re avoidable.
New Guidance, Higher Standards
The Legal Sector Affinity Group (LSAG) updated its AML guidance in April 2025, raising the bar for firms. Key changes include:
- More detailed expectations around ownership structures and source of funds.
- Expanded requirements for enhanced due diligence.
- Alignment with the Economic Crime and Corporate Transparency Act, which demands stronger internal controls and governance.
If your firm hasn’t reviewed its policies in light of these changes, now is the time.
Templates Won’t Save You
One of the biggest risks we see? Firms relying on off-the-shelf templates.
Templates can be a helpful starting point, but they’re not a solution. The SRA expects:
- Tailored policies that reflect your firm’s size, services, and risk profile.
- Dynamic risk assessments that are regularly reviewed and updated.
- Ongoing, role-specific training that goes beyond the basics.
If you ever hear our CEO, Amy Bell, talk at conferences and on webinars you’ll know why she’s an advocate for using templates as just that, a template to modify and tailor for your firm and your client base.
In short: compliance must be lived, not laminated.
What Should Firms Be Doing Right Now?
So it might seem obvious, but you’ve got to start somewhere. The audit and risk assessment is where your strengths and weaknesses in your compliance protocols show up. That’s always your first port of call.
Here’s how to get safe and stay safe in the compliance world!
- Audit your current compliance framework, especially around AML.
- Update your risk assessments to reflect today’s threats.
- Invest in meaningful training that’s practical and relevant.
- Engage with compliance experts who can help you go beyond the basics.
At Teal Compliance, we help firms move from reactive to resilient. Whether it’s reviewing your policies, delivering bespoke training, or supporting your COLP, COFA, MLCO or the whole firm who has touch points on client information and accounts, we’re here to help.
Top Compliance Concerns for UK Small & Mid‑Size Law Firms - Key Takeaways
Regulatory Updates & Legal Change Fatigue
- 70% of firms said “keeping up to date with near-constant changes to both the legal industry and the law” is their biggest challenge in the next 12 months.
- This speaks to the relentless pressure on firms to track evolving legislation and regulatory environments, consuming significant time and resources.
Meeting Compliance Requirements
- 69% of firms cited meeting compliance regulations as a major headache.
- This closely mirrors concerns in past years, compliance remains a persistent burden alongside tech adoption and business growth.
Cybersecurity and Data Protection
- 67% of firms flagged cybersecurity as a top concern.
- A 2024 LexisNexis UK Bellwether report also found that 66% of respondents were worried about cyber-risk, including data breaches (78%), phishing (55%), malware/ransomware (62%), and reputational harm (48%).
- These concerns are deeply entangled, cybersecurity forms a key pillar of compliance frameworks.
Professional Indemnity Insurance (PII) Costs & Renewal Risk
- 62% of firms were concerned about the cost and renewal of professional indemnity insurance.
- While slightly adjacent to compliance, it’s fundamentally tied to firms’ ability to meet regulatory requirements and manage liability exposures.
Challenges in implementing ongoing monitoring
Why do we see so many firms struggle with ongoing monitoring? From our experience and training it looks like this:
- Not understanding the purpose of ongoing monitoring
- Doing it but not evidencing it, especially where nothing has changed
- Not sure when it should be done
- Ticking boxes without providing rationale
- Not wanting to bother clients further
- Forgetting about LSAG
We often hear about re-evaluation at appropriate intervals in ongoing monitoring.What does that exactly mean though, because there’s no definition!
“Best practice and with a risk based approach”, it could mean different things to different people and firms. Ultimately, it means there needs to be an update if anything on the matter has changed. For example, if a third party is now providing funds for the transaction, or say you’ve suddenly discovered the client’s got links to a country outside of the UK that would generally prompt you to relook at the risk assessment. This seems obvious right?
However, what about when nothing’s changed? How do you evidence that? How do you prove you’ve done your ongoing monitoring when absolutely nothing’s changed on the matter and you’re still as comfortable with the risk as you were at the very beginning of the matter?
That’s the bit where we often find we don’t have the evidence when we’re running an AML audit; so when we’re doing some of the file reviews, as a minimum, we’d recommend the following guidance via three points.
Other Key Takeaways from Bellwether Report 2025
Organic Growth Over M&A
- Only 5% of firms are considering mergers (down from 10% in 2024, 13% in 2023), while 72% plan to grow organically, up sharply from 40% in 2023.
- Main drivers: financial uncertainty (53%) and difficulty finding suitable merger partners.
Revenue & Hiring Trends
- 58% of lawyers reported revenue growth, up 10% year-on-year.
- 39 – 40% of firms plan to hire more lawyers in the next 12 months, with several already expanding.
Tech & AI Investment
- Tech spending remains “steady and strategic” with 38% driven by positive responses to AI’s early impact.
- 35% of firms intend to increase tech budgets in the next 12 – 18 months, with a further 21% having already done so.
- 34% believe generative AI will boost profitability, though most are currently using basic tools like ChatGPT, acknowledging the need for specialist legal AI tech.
Client Expectations & Pricing
- Clients now expect fast responses, clear upfront pricing, and flexible engagement options (33% demand more ways to interact).
- These marginal improvements (rather than radical shifts) are seen as key to sustainable competitive advantage.
Work Culture & Retention
- Employee satisfaction remains high: 90% rated job satisfaction as average or above; only 10% plan to move to larger firms, with 62% expecting to stay in five years.
- In firms with 11 – 20 fee earners, 67% saw growth in the past year.
Elaine’s Final Thoughts
2025 is shaping up to be a defining year for compliance in the legal sector. The regulators are more powerful, the expectations are higher, and the risks are greater.
But with the right support and a proactive mindset, small firms can not only stay compliant, they can thrive.
Need help reviewing your compliance framework?
Our Gary (Yantin) is the person who can find you and your firm the very best solutions or products. We aren’t off the shelf ourselves, we know one size doesn’t fit all. Give him a call – you can book in time to suit you – here’s his GET IN TOUCH LINK.
Thanks for reading, and remember you are not alone!
