A reminder for solicitors and law firms about their regulatory obligations

23 March 2020

Towards the end of last year I commented, as part of our Solicitors Regulation Authority (SRA) Standards and Regulations (StaRs) blog series, that the introduction of the StaRs on 25 November 2019 was an opportunity to take stock and introduce steps to ensure compliance going forward; it was a time to prioritise, not panic.

Little did we know then that Covid-19 was around the corner and set to test our systems and processes yet further. Whilst the uncertainty around Covid-19 inevitably gives rise to a sense of unease, this can be seen as another opportunity to step back and prioritise, to ensure you are complying with your regulatory obligations during these otherwise uncertain times. Reviewing systems and processes now could ensure future work systems that help you achieve optimum standards in terms of business continuity, security, and supervision during unpredictable times. In turn, this could improve not only your firm’s capability in respect of regulatory compliance, but services for clients and, ultimately, client satisfaction. This ever-changing and uncertain climate could, in fact, bring about positive change for law firms.

So what are some of the key regulatory risks law firms face in respect of Covid-19 and how can these be tackled?

Hard copy documents/removable media

The clear message from the government - to avoid all unnecessary travel and to work from home wherever possible - has made remote working more a necessity than an option.

The increased risk of data breaches and the loss of confidential information through hard copy documents being transported and kept at home, rather than in offices with the necessary systems and controls in place, is inevitable.

Colleagues should work digitally wherever possible and be advised against working from hard copy documents and minimising the need to make handwritten notes of calls or virtual meetings they attend – typed notes should be encouraged. This may mean firms need to expand their teams working for particular clients to include administrative support, input from paralegals or individuals with an advanced technological skill-set, should detailed notes of meetings or conferences be needed.

If working digitally is not possible, for whatever reason, transporting and storing documents in a locked receptacle should be made compulsory. You may want to give further thought to suggesting the types of lockable storage you would prefer individuals to try to use, wherever possible. For example, a large lockable filing cabinet or lockable drawer within a desk is likely to be harder to make off with than a portable lockable rucksack. Where this is not possible, you may want to remind colleagues to keep their working environment as secure as possible, by setting a home security alarm and closing windows when they go out. This is about reminding colleagues of basic steps they can take to minimise the chances of confidential information being lost or stolen. Likewise, the use of removable media to transport data should be discouraged and, where such media is used, the importance of the relevant device being encrypted must be clearly communicated.

It may be that you will need to consider reviewing underpinning policies with a view to amending them or, at the very least, reminding colleagues of their existing obligations.

Colleagues should consider notifying parties with whom they have corresponded by post previously / relied on service of documents by post, that correspondence should be electronic-only going forward (wherever possible).  This is in anticipation of any full office closures should isolation measures be ramped up in the UK in the coming days and weeks and to manage the associated risks of missing key documents and communications.


Data security generally

Remote working introduces further risks to data security beyond inadvertent disclosure or loss of hard copy papers/removable media.

Colleagues should be reminded to work, where necessary and indeed where possible, in private environments where conversations of a confidential nature cannot easily be overheard and computer screens cannot be easily seen by third parties. The importance of locking computer screens when unattended (even within one’s home) should be reinforced. Colleagues should be encouraged to avoid predictable passwords and consider using password managers.

Working from home does not always mean literally ‘from home’. Accordingly, colleagues should be reminded that public Wi-Fi hotspots are not secure and vulnerable to hacking, and it is hard to prove that a hotspot belongs to the company or individual it claims. The SRA advises that in most cases, modern websites (using HTTPS) will protect you from risk. Using work mobiles as ‘hot spots’ may be a necessary alternative if another secure network is unavailable, but be aware there can be increased costs associated with this method.

Due to difficulties in contacting individuals on office telephone numbers or limited availability of support staff to contact various individuals on behalf of lawyers, colleagues may need to send more emails than usual. Likewise, sharing a confidential document in person in the office will now most likely be done virtually or via email. Colleagues should be reminded to check and double check email addresses used, to authenticate email addresses by independent means wherever possible, and to password protect attachments to emails (with the password being provided separately) to best protect against any potential breaches.

The ability to ‘share your screen’ through providers such as Skype for Business should also be used with caution and, in some circumstances, limited to internal meetings. Colleagues should be advised to ensure only appropriate material/data is shared with the parties attending a particular meeting or call. Disenabling email pop-ups is one precaution worth considering so that confidential information is not inadvertently displayed to others whilst screen sharing.

Laptops should be encrypted and firms should have a system to track devices and delete data from tablets and phones remotely if they are lost or stolen. The SRA also recommends two-factor authentication for email and log-ins, where possible.

If colleagues think that a data breach has occurred, they should be reminded of whom to report this to within your firm, and how. They should also be reminded of the requirement for this to be done promptly (given the 72 hour deadline under the GDPR to report where there has been a breach of personal data).  



As part of our StaRs blog series, my colleagues Shannett Thompson and Charlie Roe commented on how the twin themes of accountability and exercising judgement pervade the StaRs. The introduction to the Code for Individuals stresses, ‘[y]ou must exercise your judgement in applying these standards to the situations you are in and deciding on a course of action, bearing in mind your role and responsibilities, areas of practice and the nature of your clients.’ It goes on to state, [y]ou are personally accountable for compliance with this Code – and our other regulatory requirements that apply to you – and must always be prepared to justify your decisions and actions.”

The Code for Firms further emphasises the breadth of accountability for a firm and its staff. Whilst noting that any serious failure to meet the standards or serious breach(es) may lead to regulatory action being taken against the firm, its managers or compliance officers, the code also notes: ‘[w]e may also take action against employees working within the firm for any breaches for which they are responsible.’

A reminder to colleagues of their obligations under the respective Codes is recommended. Being away from the office should not lead to a relaxed attitude to the importance of one’s regulatory obligations. Individuals should be aware that they are responsible for the professional judgement they exercise when working at home and that the various discussions and decisions taken on a particular case, for example around disclosure or potential conflict points, should be carefully recorded. This should include reasoning for why they have chosen to act in a certain way, so that they can justify decisions, should they need to, in the future. The SRA’s Enforcement Strategy recognises, however, that mistakes do happen; clear record keeping will help the SRA decipher between honest mistakes and those that are less excusable.


Further record keeping considerations 

Colleagues will need to keep records/evidence of expenses (for example, duty solicitors having to get taxis to police stations to avoid public transport during the outbreak) perhaps by taking photographs of them and emailing them to their administrative support teams so that they can be processed in accordance with the firm’s expenses policy (and/or billed promptly to the client as a disbursement, as opposed to when normality resumes which may well be months away). For those individuals without a work phone, they will want to keep a record of work calls made using their personal phone package. Likewise, colleagues may wish to buy computer screens or office supplies to enable them to work more comfortably from home. Firms will need to consider whether their existing policies cover such eventualities or whether interim policies will need to be introduced to ensure fair and efficient work patterns at home. 



The Code for Individuals at paragraph 3.5 makes clear that when supervising others in the provision of legal services, practitioners remain accountable for any work conducted on their behalf. Delegating work does not, therefore, break the chain of personal accountability. Practitioners must exercise their professional judgement as to whether the individual to whom they have delegated is sufficiently experienced and able to complete the work in question. When working remotely, it is important that regular supervision meetings still continue to ensure close monitoring of work and workloads to act as a check on standards and the quality of output. Although not in the office, partner visibility is important to ensure juniors feel able to raise questions and concerns and to encourage open and frequent communication channels.


Electronic signatures

The need for electronic signatures for, amongst other things, letters, court documents, and bills (to ensure they are enforceable) is something to add to the checklist; whilst there is not a one size fits all solution, firms should consider their own approaches and policies on the signing of documents, to ensure they are workable and adequate for remote working and amend these if necessary.



With the announced closure of schools for most children, and the inability to rely on older family members to assist with childcare, the demands on working parents is a consideration that should be high on the agenda for firms. Encouraging colleagues to communicate any particular stresses on their time and working environment will be key. Discussing flexible ways of working and the ability to share work and personal commitments during the day will help colleagues feel supported and ensure efficient work patterns. 

Any existing policies on working from home/flexible working may need to be revisited.  


Policies and procedures generally 

A comprehensive, and ongoing, review of all existing policies and procedures to ensure their adequacy in dealing with the various issues arising from the current situation as they occur should be considered. Additionally, clear internal communications should be issued, reminding colleagues of the existence and availability of a firm’s policies and procedures and any amendments made to them.



Many firms will have established tried and tested procedures to enable remote working for their employees as the push for agile working in the legal sector has intensified over recent years. Whilst firms are likely well equipped for this large-scale change in working practices for, what seems to be, the foreseeable, the importance of reviewing and improving systems in this context to ensure continued compliance with regulatory obligations will help achieve one of the ultimate aims during this difficult time; to ensure, as far as possible, that it is ‘business as usual’.

A shorter form version of this blog was published by Legal Week on Friday 20 March.

About the authors

Jessica Clay is a Senior Associate in the Regulatory department and specialises in legal services regulation, with a focus on regulatory compliance, legal ethics, investigations and public law matters. 

Charlotte Judd is an Associate in Regulatory  department and assists and advises on matters including defending regulated individuals, organisations and corporates; advice for regulators and public bodies and legal services regulation.


Latest blogs & news

Mythbusting: Motivation in Starting a Private Prosecution

Private prosecutions provide an effective way to seek justice; and particularly in circumstances when the traditional prosecuting agencies are unable or unwilling to act. Conducted appropriately they can be a useful, efficient and cost-effective tool to secure punishment of the guilty.  Conducted badly they can be an expensive mistake with far reaching consequences. 

In this blog series we draw on our experience of both bringing and defending private prosecutions to help clarify some of the common myths and misunderstandings about private prosecutions. In this blog we look at whether having an ulterior motive in starting a private prosecution can lead to problems down the line.

Mythbusting: Recovery of Costs in Private Prosecutions

Private prosecutions provide an effective way to seek justice; and particularly in circumstances when the traditional prosecuting agencies are unable or unwilling to act.   Conducted appropriately they can be a useful, efficient and cost-effective tool to secure punishment of the guilty.  Conducted badly they can be an expensive mistake with far reaching consequences. 

In this blog series we draw on our experience of both bringing and defending private prosecutions to help clarify some of the common myths and misunderstandings about private prosecutions.  In this blog we look at whether the private prosecutor is entitled to recover their full investigation and legal fees at the end of the case.

Returning to the office? MeToo

As the legal profession returns to the office after many months ensconced in home offices, many will be looking forward to the increase in social interaction and in-person activities which will inevitably follow. Alongside this, legal services regulators appear to be gearing up for a commensurate rise in bullying and harassment complaints. With developments apace in this area among the UK regulators and further afield, what are we likely to see next from the Solicitors Regulatory Authority (SRA)?

Harcus Sinclair v Your Lawyers - Another nail in the coffin of solicitors’ undertakings?

Every solicitor knows that an undertaking is serious stuff.   Arguably it is the greatest power available to a solicitor.  A promise, if broken, that will lead to immediate and serious consequences for the giver.  As such it can be relied upon to the ends of the earth.  The power of undertakings has meant that they sit at the heart of every property transaction, bridging the time gap between the sending of money and the receiving of title.  They are also used in other areas of commercial life and as part of litigation.  The “brand” of a solicitor’s undertaking is so powerful that little thought is given as to where their power comes from. 

Mandatory Covid-19 Vaccinations for Care Home Workers

This week, the Government announced that Covid-19 vaccinations will be made compulsory for care home staff, raising strong emotions on both sides of the argument.

Ethical imperatives

Julie Norris and Jessica Clay consider SRA entity regulation and the imperative to create an ethical (ergo, compliant) legal workplace.

All well and good

The pandemic has highlighted the importance of good mental health and resilience both in and out of the office. Bronwen Still and Lucinda Soon consider your obligations

eSports vs. the Law

Gone are the days of computer gaming being viewed as a secluded activity; gaming is now a thoroughly social experience that attracts a global audience of millions and players can compete for large sums of money and celebrity. This burgeoning industry is largely in a virtual world and has developed in a blockchain, decentralised fashion. Often the UK government talks up the UK gaming industry and how keen the government is to support this sector, and there have been instances that show support, but when it comes to playing games competitively, law and regulations have not yet caught up.

More clarity needed from the SRA on boundaries concerning sexual misconduct and harassment in law firms

The solicitors’ watchdog is right to take charge of misconduct cases but it needs firmer guidance to succeed 

Coaching, Teaching and Support Work in Lockdown: Safeguarding and Data Protection considerations when working with children online

The COVID-19 crisis has forced sports clubs, schools, universities and charities to rapidly change their approaches to coaching, teaching and support work. The regulations on social distancing have forced organisations to innovate; services which had previously been offered mostly or wholly in person were rapidly shifted online during “lockdown 1” and will return online at least for the duration of “lockdown 3”.  If the vaccine rollout has the desired effect there will no doubt be some return to “traditional” methods, but it seems very unlikely that the changes brought about by the pandemic will be completely reversed.  In this blog, Claire Parry from Kingsley Napley’s Regulatory team and Fred Allen from the Public Law team look at the challenges organisations face engaging with children online.

Beckwith v SRA – are there implications for the regulation of professional accountants who face sexual misconduct allegations?

In our fourth blog in our series on Beckwith v Solicitors Regulation Authority [2020] EWHC 3231 (Admin), we turn our attention to consider what impact, if any, this landmark decision might have on the regulation of professional accountants. While the case turned on some very specific features relating to the regulation of solicitors as contained in the Solicitors Regulation Authority’s (SRA) Principles and Code of conduct, some parts of the judgment may have more general application.

Post-Beckwith – where to now for sexual misconduct cases?

In the two years preceding Ryan Beckwith’s appeal to the High Court, the SRA pursued a handful of other sexual misconduct cases before the Solicitors Disciplinary Tribunal (Tribunal). These cases are varied and fact-specific and include sexual misconduct in and relating to the workplace and conduct outside of work.

Where have we reached on costs in proceedings before the Solicitors Disciplinary Tribunal post Beckwith?

Regulatory investigations across all sectors are increasing in complexity, with a corresponding increase in the size of the cost applications made by regulators upon successful prosecution. For solicitors facing investigation by the Solicitors Regulation Authority (‘SRA’), the costs associated with prosecutions before the Solicitors Disciplinary Tribunal (‘SDT’) have made the headlines recently for their size. In Beckwith, for example, the Divisional Court referred to the SRA’s costs of c.£340,000 as “alarming.

The SRA’s updated NDA warning notice introduces welcome clarity

On 12 March 2018 the SRA published its warning notice on the use of non-disclosure agreements (NDAs). This was in the wake of the widespread publicity at the time given to NDAs which had been considered too draconian in reach and effect.

The use of artificial intelligence: interesting technological developments in the legal and accountancy sectors

In this second blog in our technology and innovation series, we look at some recent developments in the use of artificial intelligence (AI) in the legal and accountancy sectors.

Technology in the accountancy and legal sectors – what are the regulators doing? The long read…

In the first of our Tech blog series, we take a look at how regulators in the accountancy and legal sectors are supporting technological innovation in their respective professional sectors, and how they themselves might adapt their regulatory approach in the new era of digital technology.

The SRA Standards and Regulations – a year on

It has been a year since the Solicitors Regulation Authority (SRA) launched its Standards and Regulations (StaRs) and even longer since the revised Enforcement Strategy was rolled out.  This time last year, we produced a series of blogs relating to launch of the StaRs and provided our views on what we thought you needed to know.

Victims’ Code set to change

On 18 November 2020, the government confirmed that it is proceeding with planned changes to the  Victims' Code, following a consultation that began on 5 March 2020. The changes mean that when the revised Code comes into force, it will be based on a clearly defined set of rights that set out a minimum level of service that can be expected from criminal justice agencies. It is hoped that the changes will mean victims have a greater awareness of their rights, receive the information and support when then need it and have a greater level of satisfaction with the treatment they receive in the criminal justice system. 

Intractable insight: suspension is not enough

On 19 November 2020, the High Court handed down judgment in the Professional Standards Authority for Health and Social Care’s (“PSA”) challenge to a decision of the Medical Practitioners Tribunal (“MPT”) to suspend a doctor from practice. In her judgment, Mrs Justice Farbey emphasises the significance of lack of insight to the question of sanction.

COVID-19 related insights:

COVID-19 related insights:

Our COVID-19 statement

We recognise that these unique times are presenting unprecedented challenges for our clients and we are here to support you in any way we can.

Click to view

Can you get out of or suspend a contract because of Coronavirus?

Alex Torpey covers the key things to look out for if you are relying on the Force Majeure clause.

Watch the video on LinkedIn

Overcoming the challenges of co-parenting for separated and divorced parents

Rachel Freeman, Partner in our Family Law team, addresses some issues that we are seeing arise for separated parents in the current crisis.

Read the blog

Tech in Two Minutes - Episode 7 - The Coronavirus challenge for tech coworking spaces

Andrew Solomon speaks about the challenge for tech companies and coworking spaces during the current COVID-19 pandemic.

Listen to the podcast

The legal basis for lockdown

Alun Milford, Partner in our Criminal Litigation team, provides an in-depth look at the legal basis behind the current lockdown.

Read the blog

Managing your Migrant workforce in the COVID-19 crisis

On Friday 3 April, immigration partner and head of department, Nick Rollason, hosted a webinar looking at urgent issues employers are facing during the COVID-19 crisis and answered some of the key questions being raised.

Watch the webinar recording

Furlough leave and the Coronavirus Job Retention Scheme: key legal considerations for Employers

On Thursday 9 April, Andreas White, Partner in our Employment Law Team, delivered an overview of the scheme with a focus of the key legal issues for UK employers.

Watch the webinar recording

Coronavirus and the perils of signing your Will

Will instructions have apparently risen by 30% since COVID-19 reached our shores. What effect does COVID-19 have on Will signings? James Ward and Diva Shah in our Private Client team blog.

Read the blog

The juggling act of a single mother, home school teacher and head of a family team

Charlotte Bradley, Head of our Family Law Team, reflects on how the COVID-19 crisis has affected working parents like her.

Read the blog

The future public inquiry into COVID-19

Calls for a public inquiry are continuing to mount and are likely to prove difficult to resist. In this blog, Sophie Kemp considers the framework for such inquiries, and the key issues likely to form the core of its terms of reference.

Read the blog

Share insightLinkedIn Twitter Facebook Email to a friend Print

Email this page to a friend

We welcome views and opinions about the issues raised in this blog. Should you require specific advice in relation to personal circumstances, please use the form on the contact page.

Leave a comment

You may also be interested in:

Skip to content Home About Us Insights Services Contact Accessibility