Legal Business

Burning platforms

While firms have been talking tough on developing effective risk management teams, the preparation ends now. With fundamental changes to the profession around the corner, risk teams need to be primed for action

While the first Legal Business and Marsh risk management survey two years ago examined the need for a risk management function, and last year’s report looked at the very specific challenges facing firms in the teeth of a global recession, this year finds firms very much needing to get in shape. Talk is cheap, and the emphasis now is on getting risk management and compliance teams ready to tackle the fresh structures and regulatory pressures in a new decade.

As firms catch their breath as we emerge from recession in 2010, the temptation may be to sit back and relax. But now is the time to implement those lessons learned in the downturn. Two major developments that cannot be ignored or avoided are just around the corner: the arrival of legal process outsourcing (LPO) into the mainstream, and the fact that alternative business structures (ABSs) will be a possibility from next year.

The next two years could see more upheavals for law firms. On 1 January 2010, the Legal Services Board (LSB) formally went live with its remit as oversight regulator of all the approved regulators of the profession, including the Solicitors Regulation Authority (SRA). This means it will have ultimate responsibility for regulating both ABSs and legal disciplinary practices in the new era, and the profession as a whole within that structure.

Emma Dowden, director of best practice and operations at Burges Salmon, argues that for some the fact that fundamental changes are on law firms’ doorsteps means that risk teams can use them as a catalyst internally. ‘What I always talk about in terms of change management is burning platforms, and for me all these things are great catalysts for change,’ she says. ‘I’m very lucky here, as risk is widely accepted and permeates every level of the firm. But for those risk directors who perhaps struggle to sit on their firm’s leadership board, and struggle for visibility, this must be an opportunity to leverage from that.’

Firms could now be said to be in a second stage of ramping up their risk management capabilities. A new regulatory era was heralded by the Legal Services Act and the creation of the SRA in 2007. Now, with the LSB, ABSs and LPO, and deeper regulatory scrutiny firmly on the agenda, the pressure is on risk teams to ensure that their role within the firm is sufficiently acknowledged.

Despite the hype that surrounds ABSs, evidence from our 2010 survey suggests that it remains low on the top 150 firms’ agendas, particularly when viewed in the context of permitting third-party investment (see pie chart 2, above). It seems unlikely that many of the top 150 firms will seek outside capital (just over one-third say that they will consider it). Multi-disciplinary practices look more healthy, with over half of respondents saying they would entertain this idea (see pie chart 4, above).

1) Do you believe that there will be greater consolidation in the legal market in the next 12-24 months?

2) Would your firm consider allowing external capital?

3) How likely is your firm to incorporate professional services into its practice that were previously not permitted?

4) How likely is your firm to allow individual non-lawyers to become owners/partners?

Outsourcing risk

One area of specific interest is LPO. Since Rio Tinto announced a deal with legal outsourcing firm CPA Global in June 2009 that will see a team of lawyers handling research, contract drafting and document review in Delhi, law firms have been following suit. Outsourcing has been around for years, but 2009 was certainly the year big names took notice of the benefits LPO can deliver, with the likes of Simmons & Simmons and Allen & Overy signing major contracts since Rio Tinto’s announcement.

Rio Tinto’s legal team saw savings of $14m in seven months of outsourcing, so the advantages are clear. But the mining giant had been looking into the deal for over a year. For law firms jumping on the LPO bandwagon, or being pushed onto it by their clients in a bid to deliver value, there are risks. Sandra Neilson-Moore, European practice leader for solicitors’ professional indemnity at Marsh, says that US firms in particular are nervous about the increase in use of LPO. This is not surprising. One big concern is that firms are putting their names to work below their usual standards. They are also worried about confidentiality.

‘US firms wish, and I believe a lot of English firms feel this too, that they hadn’t been forced into doing this by clients,’ Neilson-Moore says. ‘They have really been pressured into this because clients have said “we won’t pay to have this type of work done at higher prices”.’

However, the top-end outsourcing providers are keen to point out that there is real rigour in testing the process, and contractual guarantees of quality. As former Rio Tinto managing attorney Leah Cooper told LB last month: ‘I’ve had inferior work from every law firm we’ve worked with – it just happens. What’s interesting is what you don’t get from law firms and what you do get from LPO providers: we have contracts with them that include key performance indicators that are all about quality. I depend on quality from Linklaters; I depend on it from Baker & McKenzie; I expect it from Freshfields; but I have it in writing from CPA. There are also penalties if that quality doesn’t come through – so it’s a different way of looking at it.’

But risk specialist John Verry of TLT is more sceptical. He feels the pitfalls of outsourcing from a risk management perspective haven’t been fully covered.

‘Outsourcing slightly concerns me. The legal profession has a habit of doing things just because someone else is doing it. LLPs was one example, and a number of firms appointed risk managers as the ‘must-have’ accessory. With outsourcing I wonder if people sit down and really think about what they are doing. They need to look at both the inherent and residual risk of any scheme. I’m not knocking it, I just don’t think it’s a nirvana and the answer to everyone’s problems.’

While in the short-term there may be substantial perceived savings through LPO, Verry points out that if a firm outsources work and then needs to bring it back in-house further down the line, that could be very expensive. ‘The problem with outsourcing is that the savings can be slowly chipped away to the extent where you realise it’s costing more to outsource than to do it in-house,’ he adds.

Security concerns are also an issue, particularly data protection. While we discuss the issue of data security in part II of this survey (see page 54), risk managers will need to work very hard with their IT teams and outsourcing providers to ensure that security is as tight as possible. Problems do happen: in 2008, The Bank of New York Mellon was a victim of data security breaches while using an outsourcing company.

However, it is fair to say that in many cases the security concerns have largely been addressed. Pinsent Masons uses LPO company Exigent to operate a data room in Cape Town that does not have any photocopiers or printers and has secure access. This is typical of the measures taken to prevent breaches of confidentiality.

‘I think it would be absolutely wrong to say that any firm of any size is jumping into this without considering the risks,’ Neilson-Moore contends. ‘There are risks, but firms are probably doing the best they can in terms of the choice of the outsourcing people they use and the indemnities they get to try to keep the risk under control. I have never met a major firm that is not concerned about risk, and that’s from the management down.’

Image management

Two inherent risks that were identified by firms responding to the 2010 survey as only a moderate threat include infringement of regulations and unwittingly becoming involved in client fraud (see ‘Legal risk profile: what are the risks currently facing your firm?’, on page 55). But the increasingly regulated market and more lawyers being caught out may change all this. Misbehaving fee-earners also lead into a much more pressing risk for law firms: damage to their reputation.

Examples of this are increasingly common. In late 2009, former Dorsey & Whitney partner Andrew Rimmington and former McDermott Will & Emery partner Michael McFall were committed to face trial on eight counts of insider trading at Southwark Crown Court following a contested committal hearing. The charges relate to Novartis’ 2006 takeover of NeuTec Pharma and the trial will begin on 19 April 2010. If convicted, the pair face up to seven years in prison. Although both Dorsey & Whitney and McDermott stated that the charges related to matters unrelated to the firms’ businesses, the association with their former partners has been very unwelcome.

‘Outsourcing savings can be slowly chipped away to the extent where you realise it’s costing more to outsource than to do it in-house.’
John Verry, TLT

The issue of a firm’s reputation being threatened by one lawyer acting ultra vires was evident again in 2009 in Nayyar v Denton Wilde Sapte. In this failed claim against DWS, a lawyer, Gauri Advani, was found to have been acting outside the scope of her employment in arranging a deal in India with a £400,000 bribe. The case against both DWS and Advani was dismissed. DWS was able to show that Advani did not follow the firm’s client engagement procedures, demonstrating that a firm that didn’t have its house in order to the same extent as DWS could have been more exposed to such rogue activities. This case, and also the much-publicised one of former Berwin Leighton Paisner partner Vinay Veneik, who was struck off the roll of solicitors at the end of 2009 (see LB201, page 13), can cause a great deal of embarrassment to a firm even when it is in no way culpable for the actions of its partners.

Regulatory woes

While disciplinary action is one element, the regulatory scrutiny that firms will be subject to looks set to get tougher yet. Under the watchful gaze of the LSB, the SRA released a strategy paper, ‘Achieving the right outcomes’, in January 2010, which sets out its plans to transform the regulation of solicitors and firms over the next two years. This includes a significant overhaul of the Solicitors’ Code of Conduct 2007, which will herald another period of transition and more for risk management teams to contend with.

And, as we reported in June last year (see ‘Crime and punishment’, LB195, page 42), the Financial Services Authority is putting much more pressure on law firms not only to have their own houses in order as regards client engagement, fraud and conflicts, but also to blow the whistle on suspicious client behaviour. The FSA will come down particularly hard on any firm or individual suspected of misusing inside information. The McFall and Rimmington cases are good examples of that, as is the McQuoid case, which saw the former general counsel of TTP Communications, Christopher McQuoid, receive an eight-month prison sentence for insider trading in March 2009.

The conclusions of Nick Smedley’s report for The Law Society, which looked specifically at the regulation of commercial law firms, were published in March 2009. Its findings were unequivocal: more stringent, hard-hitting regulation of law firms is required. An interim report by Lord Hunt on the much wider review of regulation of the legal profession, published in the autumn of 2009, supported many of Smedley’s points. Firms will have to demonstrate not only that the services they provide are up to a certain standard, but also that the firm governs itself in a robust and watertight manner.

‘I think law firms have got to really walk the talk and be as squeaky-clean as they can internally,’ Neilson-Moore says. ‘There is also the ugly reality of the current market. There are hundreds of practising solicitors inside many firms who have seen their income go down. Some are teetering on the edge of losing their jobs through redundancy because they are not bringing in the amount of income the firm expects.’

‘It is a truism that there will be people who will crack and commit crime, such as fraud and theft,’ she adds. ‘Those people are out there and they need to be spotted at an early stage. You can’t be too relaxed, thinking “we hire really good people, all our people are great, none of them would do those things”.’

The ante has been upped: risk management and compliance teams need to be on their toes now more than ever. LB

Legal Business would like to thank Marsh for its sponsorship of this survey.