CRCS Legal October 2024 Newsletter
Barbara Spoor LL.B (Hons)
Managing Director @ CRCS Legal | Complaints and Compliance Handling
Complaint Resolutions Compliance Solutions
Welcome to our October 2024 newsletter.? The clocks have gone back and the nights are drawing in.? Autumn is now in swing.?
Update on SRA Investigation into Axiom, the Post Office and SSB Law.
Slow going!
It is reported that Paul Phillip, Chief Executive of the SRA, was surprised when the Solicitors Disciplinary Tribunal said that prosecutions arising out of the Axiom and the Post Office Scandal could be filed mid-2025.
?
In fact, the SRA has agreed to pause regulatory action against Axiom while the Serious Fraud Office carries out its investigation.
?
The SDT has requested a 25% increase in its budget for next year because of the 50% increase in cases referred by the SRA in the last eight months.?? The SRA have said that they are clearing their backlog.
?
The SRA has met recently with the SSB Victims Support Group. Mr Phillip said the former clients of SSB Law were assured that if the solicitors are guilty of misconduct, they would be prosecuted.
?
He did confirm that there was “not a lot we can do” about former clients being pursued by insurers to pay adverse legal costs in relation to discontinued cavity wall insulation claims.
Data Breaches. Do you have a plan?
Southend-on-Sea Council reported itself to the Information Commissioner’s Office (ICO), after a spreadsheet containing details of employees and former employees was accidently included in an answer to a Freedom of Information Request.? The list of employees included a significant amount of personal information such as contact details, pay details, health, gender and ethnicity information.
?
The Local Democracy Reporting services said that the Council has avoided a six-figure fine but instead the ICO ordered that staff received additional training.? The Council say that have updated their protocols.
If you need to report a breach to the ICO, you must do so within 72 hours of first finding out – even if this is outside working hours.
How to report a data breach
When there’s no need to report
If you decide the breach is unlikely to result in a risk to people, you don’t need to report it to the ICO.
You’ll still need to keep a record of details of the breach.
When you need to report to the ICO
You should report to the ICO if the potential impact on people includes a risk to their rights and freedoms. Is the breach likely to cause any harm?
When you also need to tell the people affected
If you decide that there’s likely to be a high risk to the people affected you’ll need to tell the data subject as soon as possible as well as the ICO. This will give them a chance to protect themselves from any negative impacts.
Fines
You could be fined up to 2% of your global turnover if you don’t report a breach when you should and a further 4% for the breach itself.
Recording a data breach
You should keep your own record of all personal data breaches in an inventory or log. It must contain:
·??????? the facts about the breach
·??????? the effects of the breach
·??????? action taken
SRA
The breach could also be a breach of confidentiality.? You will also need to consider reporting to the SRA if there if detriment to the client and or if there is a pattern of data breaches.
Do you know your obligations concerning Data Breaches?
Do you have a response plan in place?
Don’t hesitate to contact CRCS Legal for help and practical solutions.
AML – Client and Matter assessments
A Midlands firm has been fined £13,000 by the SRA after a check of a small selection of its files found none complying with all anti-money laundering regulations.
?
No client and matter risk assessments were found on any of the inspected files. The SRA directed that a compliance plan was put in place for risk assessments and review all open matters to ensure they were compliant.
?
The financial penalty was reduced to give credit for the early admission of rule breaches, with the sanction set at 2% of the firm’s annual domestic turnover. The firm must also pay costs of £1,350.
?
The Law Society Gazette reports that the SRA has increased firm site inspection visits by 34% and desk-based reviews by 350% in the past year.
Wil this increase further, following the data collection exercise in August and September, requesting data from all firms on AML, sanctions and suspicious activity reports?
Contact CRCS Legal to review your polices today?
SRA Fines and more Fines
Ross & Co Solicitors, based in Mayfair, have been intervened by the SRA on the grounds of suspected dishonesty by its manager.
?
However, it is interesting to note that the firm has been fined on a number of occasions in the past 12 months for breaches of the Code. There is no suggestion these breaches are linked to the intervention.
?
Last November, it was issued with a £750 fine for failing to promptly notify the SRA of a change of its compliance officer.
?
The fine was increased to £1,500 two months later after the firm continued to breach this requirement.
?
In June this year, the SRA fined them failing to submit its annual return of data about the practice within the allowed time. Again the fine was upped to £1,500 when the firm failed to remedy the breach.
The cost of non-compliance!
?
Immigration Work – a timely reminder
?
Immigration is a unique practice area in that it is not a reserved legal activity but is subject to statutory regulation.
?
Between June 2020 and June 2021, Sukhwinder Singh Kang, purported to be a qualified immigration adviser, defrauding vulnerable people.
?
He pleaded guilty to four counts of fraud. He received a concurrent sentence of 16 months’ imprisonment, suspended for 18 months, along with 150 hours of unpaid community work and 20 rehabilitation activity requirement days. Additionally, the court imposed a compensation order of £8,832, along with a victim surcharge of £156, with no order for costs.
?
It is a criminal offence for a person to provide immigration advice or services in the UK unless their organisation is regulated by the Office of the Immigration Services Commissioner (OISC) or is otherwise covered by the Immigration and Asylum Act 1999. Members of certain professional bodies can give Advice without being registered with the OISC.
?
The SRA have provided specific guidance: SRA | Immigration work | Solicitors Regulation Authority
There are Toxic Workplaces and Toxic Workplaces……
Domenico (Dominic) Pisaro’was struck off? by the SDT for “appalling conduct” that involved violence, bullying and harassment aimed at junior colleagues.? He used inappropriate language and showed a female member of staff inappropriate images on his phone.
His co-owner eventually told staff to work from home because his behaviour had made the office environment “unsafe and toxic”.
?
Law students who were undertaking work experience at the firm were told by their university to leave at once after it learnt what had been happening.
?
The SRA issued guidance last year on the responsibilities of firm to protect and support their staff
Mr Pisaro was fined also fined £42,000.
Contact CRCS Legal to review your policies today!
Hot off the Press
The long awaited LSB report into the SRA was published 28 October.? They have invoked their powers under S32 of the LSA and started enforcement action against the SRA as the independent report found:
?
?
Whilst there is a way to go if the directions are imposed this would require the SRA to make changes to better achieve their regulatory objectives.? You can read the report here:
?
We have written about this before and of course all firms have had their fees increased to cover the costs that have been incurred in regard to this case, and others like it.?
We will have to see what happens and will update you accordingly.?
?
How can CRCS Legal Ltd help?
The risk of non-compliance is real, serious, and costly.? We can provide:
A comprehensive compliance and web-site health check. A thorough look at your policies and procedures with solutions for any non-compliance.
Technical compliance support on an ad hoc or retainer basis. This will give you direct access to compliance professionals.
Complaint handling and assistance with the Legal Ombudsman (LeO) We can investigate the complaints, make recommendations, and draft your complaint response. We have years of experience of dealing with Le0.
Compliance training – one off training courses and comprehensive training programmes.? We can help you comply with the SRA’s continuing competence requirements.
File reviews and audits – detailed and in-depth reviews in accordance with the SRA supervision requirements.
Bespoke Compliance policies, procedures and templates.?
Assistance with Lexcel accreditation and visits
Anti-Money Laundering (AML) – a review of procedures and policies update
Transparency rules – Are you publishing the correct costs and complaints information?
GDPR and the ICO – including managing data breaches and SARs.
Advice on PII renewal
Assistance with SRA investigations and prosecutions
Merger and Acquisitions- assessment of regulatory compliance issues and due diligence.
Take control of your risk and contact CRCS Legal for a free no obligation confidential discussion about how we can help you mitigate your risk and remain compliant: 03302210511 or [email protected]