Skip to content

October 2012 - COLP and COFA - suitable focal points, rather than sacrificial lambs?

Insurance for compliance officers


The deadline for all firms and recognised sole practitioners to nominate a Compliance Officer for Legal Practice (COLP) and a Compliance Officer for Finance and Administration (COFA) was 31 July 2012.

The Solicitors Regulation Authority (SRA) is now reviewing all nominations and will complete the approval process by 31 December 2012. COLPs and COFAs are then due to take up their responsibilities by 1 January 2013.

You may be one of the select few (around 150) randomly chosen by the SRA to be scrutinised over your self-declarations of suitability for purpose of your nominated compliance officers.

Failure to nominate and have an approved COLP and COFA by 1 January 2013 is a breach of regulation and the SRA can seek to revoke the licence of the whole firm to practice, plus take disciplinary action. This may be a material issue for some firms as, according to the SRA at mid-September 2012 some 600 firms had missed the nomination deadline of 31 July 2012 - surprising given that the original nomination deadline announced by the SRA well in advance was 31 March 2012.

Whilst the SRA explained that they were busy resolving the renewal process for Practising Certificates this year, they are now in sharp focus to work with firms on the new Compliance regimes. Whilst maintaining a constructive relationship with firms, the future SRA stance promises to be more robust, taking enforcement action against lawyers - including the imposition of fines and penalties.

Focal points?

The language used by the SRA is that the persons nominated (presumably with their consent) to be the COLP and COFA will be the "focal point" to ensure that the law firm has in place appropriate systems and controls to comply with the regulatory requirements.

Your COLP and COFA are personally accountable for failures of your firm to comply with Principle 8: "you must run your business or carry out your role in the business effectively and in accordance with proper governance and sound financial and risk management principles".  The potential for personal regulatory penalties accompanies that personal accountability.

As a COLP, you are required to take all reasonable steps for compliance within the handbook, to report failures to the SRA and to keep a compliance record which is to be available to the SRA on request.

You have to report non-compliance by your colleagues to the SRA:
  • annually for non-material non-compliance; and
  • as soon as reasonably practical for material non-compliance - even if you have taken steps to remedy the failure.
Active risk management and insurance

Whilst the SRA planned to communicate approval of nominations from 1 August, you may well be one of the firms that still await that news. If you hear close to (or indeed on) New Years Eve, you will be hoping that all your ducks are in a row.
In the world of Outcomes-Focused Regulation (OFR) it is up to you to determine what is material and non-material, in order to decide whether you report now or in your annual review. This is a neat example of the type of active risk management that must become part of the embedded culture and values of the business. 

For those (increasingly rare) firms that operate in silos as a collection of sole practitioners, this will be a revelation; for most firms it emphasises that all members of the firm swim in the same direction in terms of behaviours and compliance. Space for mavericks will vanish. 

The financial sector provides an interesting parallel model of management of risks and outcomes - and penalties - under the regulation of the Financial Services Authority (FSA). The FSA trend, with popular support, is to stronger interventions and increasingly severe fines.

Being the "focal point" reminds everyone that the COLP and COFA are personally responsible for key aspects of your business - this is outside the Minimum Terms and Conditions of your Solicitors Professional Indemnity cover.

This, however, does not remove all responsibilities from the partners and other firm managers - the SRA earlier this year was keen to stress that the Compliance Officers were not to be treated by the owners of the business as sacrificial lambs. SRA fines and penalties can be levied upon the firms and partners as well as the COLP and COFA.

What is critical is to support the COLP and COFA in developing and embedding a firm-wide, active risk management strategy. The strategy must be comprehensive in scope, integrated, and everyone in the firm must be aware of its requirements and implications.

Tactically, one way to lend practical support to your COLP and COFA is to put in place an insurance programme akin to Directors and Officers liability cover in the corporate world, and to consider extending the cover to include regulatory and other civil fines and penalties against the COLP, COFA or other individual firm manager.

Whilst brought into current focus by the new regulatory regime, insurances available are not limited to SRA related incidents and provide vaulable additional coverage beyond that of the PII contract. It is vital, however, to recognise that COLP/COFA insurance is not an alternative to implementing a properly constituted risk management strategy - it is upon which the reputation and sustainability of the firm will rest.

If you haven't already addressed the insurance option alongside your 1 October PII renewal, or require advice on Risk Management, contact Ged Wood today and see how Wesleyan Professional Indemnity for Lawyers can help.


Mindful of the open way in which the regulator works, it is entirely possible that the performance of COLPs and COFAs (and their role in the outcomes of some law firms) could attract the SRA's adverse attention - getting your risk management strategy in place should help avoid  coverage in pages of the Gazette that were not in the business plan!

As part of that Risk Management programme, taking out insurance to guard against the personal risks of your Compliance Officers is a prudent step.

For further information on this or for a discussion on how Wesleyan Active Risk Management can help your specific business:

Phone: 0800 107 8171

This article is a general guide and is not a substitute for professional advice. No responsibility can be taken for any loss incurred by anyone acting or failing to act on the basis of this article.

'WESLEYAN’ is a trading name of the Wesleyan Group of companies.

Wesleyan Assurance Society and Wesleyan Bank Ltd are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Wesleyan Financial Services Ltd, Wesleyan Unit Trust Managers Ltd, Practice Plan Ltd and DPAS Ltd are authorised and regulated by the Financial Conduct Authority.  Advice about investments, insurance and mortgages is provided by Wesleyan Financial Services Ltd.

Click for more information about the Wesleyan group of companies.

© 2019 Wesleyan Assurance Society