Risk Based Regulation and Solicitors Regulation Authority

As seen in the case of Timothy Schools, a former director of ATM Solicitors in Preston who was struck off because of breaching various outcomes and principles of the SRA code of conduct. The SDT[1] had made allegations against the involvement of the defendant and his firm acting on behalf of clients who challenged the enforceability of various Consumer Credit Agreements. Mr Schools had been motivated by his own financial gain compared to the interest of his clients, contrary to the O(3.2)(a) and that the misconduct had arisen from the way he had operated the firm. He had failed to provide information to clients which might have been material to their decision to instruct his firm to act for them. Thus he had failed to act with integrity which led to his and the firm’s independence being compromised, hence breaching Principles 2[2] & 3[3] of the SRA. Mr Schools behaviour towards his clients and not acting in their best interests because of his own financial interest, not only breaks the trust of the public in him and his firm but also the legal profession in itself, breaching Principle 6[4] of the SRA. The defendant’s action were deliberate and had continued for a period of time. Hence the SDT ordered for Mr School to be struck off the roll. The SRA agreed and Mr School was struck off the solicitor roll.

Through this approach, the SRA identifies the risks to the regulatory objectives outlined in the LSA and requires the firms to ensure the same. The risk-based approach also ensures that regulatory activities and resources are prioritised and applied proportionately.

For example, you may tend to show that you have met outcome 3.3 if you decline to act for clients whose interests are in direct conflict. The example used is claimant and defendant in litigation (IB 3.2).

A key advantage to taking a risk-based approach to regulation is that it enables us to become much more proactive, identifying and tackling risks before they occur, rather than acting retrospectively once harm has arisen.

2.5 Exceptions to acting in client conflict situations

Outcomes 3.6 and 3.7 in chapter 3 outline two exceptions where it may be possible to act even if there is a client conflict. When deciding whether to act in these situations, the overriding consideration remains as expressed in Principle 4, to ‘act in the best interests of each client’.

You must consider whether in acting for all/both clients the benefits to the clients outweigh the risks. These outcomes reflect the fact that there may be situations where, if the qualifying conditions are met, then despite a conflict of interests, the clients’ separate best interests are served by you acting for two or more clients.

The wording was changed from October 2005 with a new, tougher ‘aggregation rule’, so that claims arising from one act or omission in a series of related matters or transactions, or even similar acts or omissions in a series of related matters or transactions, will, arguably at least, be more likely to be regarded as one claim. This was a particular issue for firms doing volume work. At the same time, the compulsory minimum cover increased to £2m for sole practitioners and partnerships and £3m for LLPs and limited companies.

  • Ethics involves making a commitment to acting with integrity and honesty in accordance with widely recognised moral principles.
  • Ethics will guide a professional towards an appropriate way to behave in relation to moral dilemmas that arise in practice.
  • Ethics is based on the principles of serving the interests of consumers of legal services and of acting in the interests of the administration of justice, in which, in the event of a conflict, acting in the interests of the administration of justice prevails.
  • A firm which has a low or medium risk will have the outcomes of the SRA in a different way compared to the one which is considered high-risk like a huge corporate law firm. For example, a larger firm may need to put in place, or upgrade, a database system to collect information required under the reporting requirements. A smaller firm may be able to collate the information by the use of paper returns and a spreadsheet.
  • why is SRA risk -based?
  • The SRA plans to shift the supervisory emphasis towards assessing a firm’s risk management systems and identifying whether they are achieving the outcomes rather than a detailed consideration of a firm’s processes. The level of supervision a firm will experience will depend on the perceived risk that it poses to the regulatory objectives. Supervision will also be tailored to take account of factors such as firm size and risk management systems, as well as the firm’s previous compliance history and positive engagement with the SRA. The SRA’s vision24 is to: „ Concentrate on dealing with firms which pose serious risk; „ Encourage firms to assess and tackle the risks themselves; and „ Concentrate on those which cannot – or will not – put things right.
  • The task can be made harder when management are confronted with people who are over-confident in their own abilities and believe risk management does not apply to them. As Captain E J Smith, later the captain of the Titanic, said in 1907, “…in all my experience, I have never been in any accident … of any sort worth speaking about. I have seen but one vessel in distress in all my years at sea. I never saw a wreck and have never been wrecked nor was ever in any predicament that threatened to end in disaster of any sort.” The Titanic sank in 1912.
  • As well as professional obligations to protect their independence and promote the best interest of the client, there are obligations to uphold the rule of law and the proper administration of justice. A solicitor’s professional obligations give primacy to the public interest and the public interest in the administration of justice.2 This raises the interesting question of how legal risk management, which tolerates, normalises, and sometimes promotes the desirability of taking risks with law fits with these broader professional obligations. It is not a question that we have seen addressed. There needs to be a full and frank discussion that begins the process of articulating what such obligations mean in the context of commercial law practice generally and in-house practice specifically.
  • Confidentiality and conflict of interest breach case –
  • http://globelawandbusiness.co.uk/RML/sample.pdf
  • 1.4 Liability for breach A lawyer who acts for a client when there is a conflict of interest, whether with the interests of another client or with the lawyer’s own interest, may be liable to compensate the client. That may mean an award of damages, or in some jurisdictions, an account of profits. By way of illustration, an example in the English courts was the case of Hilton v Barker Booth & Eastwood. 1 The defendant solicitors acted for both a seller (Mr Hilton) and a buyer (Mr Bromage) on a commercial property transaction, contrary to the conduct rules then in force. The solicitors failed to disclose to the seller that they knew that the buyer had a criminal record for bankruptcy offences which had resulted in imprisonment. They also failed to disclose that they were lending money to the buyer to complete on part of the transaction. After the contract was completed, the buyer defaulted and Mr Hilton was left with substantial losses, which led to his bankruptcy.
  • Attempts at recovery from the buyer failed. The solicitors defended the claim on two bases. First, the conviction was a matter of public record. Secondly, had the claimant instructed other solicitors, those other solicitors would not have known of the conviction and, they said, their breach therefore caused no loss. The defence succeeded initially but the claimant won on appeal. Put simply, the solicitors were in breach of duty to Mr Hilton, and could not complain if they had put themselves in that position by their own actions.
  • Note the comments of one of the judges on appeal, Lord Scott of Foscote: The reason why it would have been a breach of the solicitors’ duty to Mr Bromage to inform the appellant of Mr Bromage’s bankruptcy and criminal conviction was not because the information was “confidential” but because it was their duty as Mr Bromage’s solicitors to do their best to further Mr Bromage’s interests in the transaction in respect of which Mr Bromage had instructed them. 2 The firm was found liable to compensate the claimant.
  • Firms are also required to “have effective systems and controls in place to enable [them] to identify and assess potential conflicts of interests”. They must have systems and controls for identifying both client and own interest conflicts appropriate to the size and complexity of the firm and these must also extend to the identification of commercial conflicts.  If in the above examples, the firm would have carried out the effective systems set out in the chapter 3 on the SRA and the risk assessment process, then they would have not been in breach of the SRA outcomes and would have successfully mitigated the risks.
Read also  Analysis of Prest v Petrodel Resources Ltd

“Outcomes-focused regulation concentrates on providing positive outcomes which when achieved will benefit and protect clients and the public. The SRA Code of Conduct sets out our outcomes-focused conduct requirements so that you can consider how best to achieve the right outcomes for your clients taking into account the way that your firm works and its client base. The Code is underpinned by effective, risk-based supervision and enforcement.” Introduction to the SRA Code


Sir David Clementi recommended that the professional bodies should separate their roles of holding both regulatory and representative responsibilities. This led to the formation of Solicitors Regulation Authority (SRA) by the LSA[5] to act as the regulatory body for solicitors in England and Wales. The main aim of the SRA is to work compatibly with the objectives set out in the LSA. In 2011, the SRA moved from a rules-based approach to an outcome-focused regulation (OFR). This approach introduced high-level Principles[6] and Outcomes that had to be observed by firms and individuals to operate independently, with integrity and in their client’s and wider public interest. Even with the principles, outcomes and indicative behaviours set in place, risks towards a duty owed by a lawyer to a client can arise. Hence the SRA also needs to take a risk-based approachby identifying the potential risks of not meeting the mandatory outcomes and principles, through a risk management process. The SRA approach to regulation i.e. authorisation, supervision and enforcement is therefore outcomes-focused and risk-based.

Outcomes-focused Regulation

SRA’s aim is to ensure that all firms and individuals should achieve the right outcomes in delivering their legal services therefore benefiting and protecting the clients and the public at large. These outcomes are mandatory and are found in the SRA Code of Conduct. When lawyers deliver the right outcomes, it will help ensure compliance with the Principles and mitigate the risk of lawyers being in breach to professional conduct.

Risk-based Regulation

A risk is considered to be a combination of impact, which is the potential harm that could be caused and probability, which is the likelihood of a particular risk occurring. There are risks attached with the firms and individuals acting compatibly with the regulatory principles and outcomes outlined in the SRA. For example the risk of conflict of interest arising between the lawyer and the client or between two current clients if proper systems were not in place to identify potential conflicts of interest in the first place as per O(3.1), the risk of failing to protect clients’ confidential information and many more such risks can arise when the lawyers cannot achieve the best outcomes for their clients.

A case where risk of conflict of interest and breach of duty of confidentiality arises is Hilton v BBE[7]. Hilton instructed BBE to act as his solicitors in him selling a developed piece of land to one of their other clients, Bromage. BBE did not tell Hilton that they had previously acted for Bromage when he was imprisoned for fraud; nor did they tell him that they were acting for Bromage in this same transaction and lent money to Bromage for the deposit hence breaching O(3.4)[8]. Outcome(3.5) clearly states that a firm or individual should not act if there is a client conflict or a risk of a client conflict unless all the risks have been explained to both clients and they understand them; both parties should give their consent for the firm to act for them and many more objectives set out in O(3.6) and O(3.7) need to be satisfied. Although neither of these outcomes were achieved.

Bromage failed to complete the transaction therefore Hilton incurred a huge loss. The House of Lords found that it was unacceptable to breach the conflict of interest principle as it will override the duty of disclosure and confidentiality owed to their client Bromage. BBE already had a contract with Bromage and due to an implied term in this contract, BBE could not reveal any confidential information about him to Hilton. Hence BBE should have asked Hilton to seek independent legal advice as professional ethics meant that they could not act for him. But instead proceeded to act for him as well as their client since they were only interested in their own financial gain therefore breaching O(3.2)(a). This definitely was a breach of duty owed by BBE to Hilton in failing to act in his best interest.

Read also  Judicial Review problem question essay

Timothy Schools[9], former director of ATM Solicitors was struck off because of his own financial interest contrary to O(3.2)(a). His misconduct had arisen from the way he operated the firm, he failed to act with integrity and the firm’s independence was compromised, hence breaching Principles 2[10] & 3[11] of the SRA. Professional conduct as such would break the trust of the public in Mr Schools, his firm and the legal profession, thus also breaching Principle 6[12] of the SRA.

The above cases show the consequences of failure by the firms to comply with the principles and outcomes of the SRA. Hence the SRA needs to regulate a risk-based approach so that the clients receive a proper standard of service which best suits them as per Principles 4[13], 5[14] and 8[15]of the SRA.

Risks are typically considered at an individual, firm, thematic or market level. The identification and management of these various risks is operated through a risk management and governance process, outlined in the SRA’s Regulatory Risk Framework. The Regulatory Risk Index sets out a list of risks that are managed under the Risk Framework. This is important for the risk management process as it gives a universal index which ensures that each risk is accurately identified. This index is comprised of 38 risks: 28 are firm risks[16] and 10 are market risks[17]. Impact[18], Operational[19], and Viability[20] are all firm risks. Breach of confidentiality and conflict of interest are both Impact risks and are always caused by Operational risks. For example, impact risks can arise due to ineffective systems in place like sensitive client information was inadequately encrypted or due to lack of integrity or professional ethics like a member of staff deliberately breached confidentiality for one’s financial interest.  Firms use informational barriers[21]  as per O(4.4)(b)(ii)[22]to mitigate these impact risks though courts are not always supportive of them and may take some convincing.

Bolkiah v KPMG[23], where a firm of accountants who owe the same duties as solicitors, wanted to act for BIA[24] .They wanted KPMG to carry out investigation on Bolkiah who was the former chair of the agency. Bolkiah was a former client of KPMG hence they had confidential information about him. Conflict of interest existed and so the firm created an information barrier in which they made sure that the staff working for the agency was completely separate from those who worked with Bolkiah. However the House of Lords granted an injunction in favour of Bolkiah to prevent KPMG working for the agency. They agreed that KPMG could have acted for the agency given that they took Bolkiah’s consent first as per O(4.1)[25] ,O(4.3)[26]  and O(4.4)(b)(i)[27] . According to the courts the information barrier did not prevent the possible outflow of confidential information thus breaching the fiduciary duty of confidentiality. Lord Millett emphasised that the duty was to ‘keep the information confidential, not merely to take all reasonable steps to do so’. This decision was followed in M&S v Freshfields[28] .

Even after creating an information barrier, firms can’t escape the above risks. Therefore firms need to strictly carry out effective systems and risk management processes in order to mitigate risks and achieve SRA outcomes and principles.

Relationship between Ethics and Risk

Legal ethics requires solicitors to be honest and act with integrity with their clients, profession, courts and the general public. A solicitor’s commitment to behave ethically can be put at risk as seen in the above cases. Thus a lawyer in order to be ethical needs to produce the best outcomes for the clients, which can be achieved by following the SRA principles and code of conduct. A risk of conflict or confidentiality arises when a firm or individual fails to achieve the outcomes set out in the SRA thus making them behave in an unethical manner.

The central principle of legal ethics is the conflicts of interest principle which requires the lawyers to avoid situations in which their duties to one client conflict with their duties to another client or their own interests as seen in the case of SRA v Dennison[29]. Here a firm of solicitors used a company to provide medical reports for clients. Dennison was a partner in the law firm and also owned a third of shares in that company. However he did not inform other partners of the firm and his clients about this arrangement because of his own financial gain. He did make significant profit hence breaching Outcome(3.2)(a) of the SRA code of conduct. The SRA then decided to strike him off the roll because of his dishonest and unethical professional conduct towards his clients and firm.

Therefore making a commitment to acting ethically is intrinsically linked with meeting the standards and requirements set out in the SRA Code of Conduct. Hence failure to comply with the risks that obstruct the firms and individuals to achieve the outcomes and principles set out in the SRA code would make their professional conduct unethical. As being ethical towards the profession and the clients is positively correlated with complying risks that affect the SRA regulation of the firms.

Risks faced by huge corporate firms compared to high street firms.

SRA codes work differently for firms depending on the perceived risk that it poses to the regulatory objectives, firm size, previous compliance history and their risk management systems in place. For example internet crashing or employee absences would be a low risk for a large firm as they have enough staff to mitigate this risk because of higher client base. But for a small firm, an absence of one employee would cause a lot of trouble since they might not have anyone else who could do the work instead and so would suffer financially as the clientele would be of a smaller cohort.

Read also  Fiduciary Duties

However some risks are same for both high street and large law firms like the lack of access to legal services. Only a third of people with a legal problem, seek legal advice and this risk is faced by the entire profession. There are various reasons as to why people do not seek legal advice and one of the main reasons is cost and practicality. As legal proceedings are expensive and one might not see any benefit in taking any legal action in terms of cost and time spent. Another reason is the lack of trust in seeking professional advice as seen in the above cases that if lawyers prefer their own interest compared to the client then clients will no longer trust the advice they are receiving.

Compliance with anti-money laundering is another risk that is faced by the law firms and in some aspects it is more challenging for small firms. For example, succession planning and providing relevant training to staff are both mandatory under the MLR[30] and if not carried out effectively can potentially pose a higher risk to small firms. Since their staffing capacity and resources to deal with issues like due diligence, storage of archived files are less compared to that of a larger firm.

Maintaining diversity in the legal profession is one of the other risks seen today. Large firms are less diverse compared to small ones as data shows that BAME solicitors, women, people with disabilities and those over 55 are less likely to be partners in large firms. This might be reasons due to personal choice, recruitment and promotion practice and flexible working options being not easily available.


Courts are reluctant of using Information barriers as a risk mitigating factor as seen in the above cases however it is not impossible to create an effective barrier as seen in Koch Shipping v Richard Butler[31]. This is possible if the barriers are well incorporated in the way a firm operates[32]. Even with risk mitigating factors in place, solicitors still exploit the SRA codes in order to gain their financial benefit. Therefore it is very important that solicitors strictly follow the principles set out in the SRA to achieve the best outcomes for their clients in order to uphold the rule of law and proper administration of justice.[33]



  1. Table of Cases
  1. Hilton v Barker Booth & Eastwood [2005] 1 ALL ER 651
  1. Schools v SRA [2015] EWHC 872 (Admin)
  1. Bolkiah v KPMG [1999] 1 ALL ER 517
  1. Marks & Spencer v Freshfields Bruckhaus Deringer [2004] EWCA Civ 741
  1. Solicitors Regulation Authority v Dennison [2012] EWCA Civ 421
  1. Koch Shipping v Richard Butler [2002] EWCA Civ 1280
  1. Table of Legislation
  1. Legal Services Act 2007
  1. Secondary Sources
  1. Solicitors Regulation Authority Code of Coduct 2011
  2. Andrew boon





  1. Secondary Sources
  1. Solicitors Regulation Authority Code of Coduct 2011
  1. Andrew boon
  2. References
  3. www.westlaw.law.ac.uk
  4. www.swarb.co.uk
  5. http://www.sra.org.uk/consumers/what-sra-about.page
  6. http://www.lawsociety.org.uk/support-services/advice/practice-notes/conflicts-of-interests-in-criminal-cases/ – not used it
  7. https://www.lawgazette.co.uk/law/conflict-of-interest-solicitor-struck-off/5042055.article

[1] Solicitors disciplinary tribunal

[2] act with integrity

[3] not allow your independence to be compromised

[4] behave in a way that maintains the trust the public places in you and in the provision of legal services

[5] Legal Services Act

[6] There are 10 mandatory principles and they define the fundamental ethical and professional standards that the SRA expects of all firms (including owners who may not be lawyers) and individualzzs when providing legal services. In some circumstances they apply outside practice.

[7] Hilton v Barker Booth & Eastwood [2005] 1 ALL ER 651

[8] you do not act if there is an own interest conflict or a significant risk of an own interest conflict

[10] act with integrity

[11] not allow your independence to be compromised

[12] behave in a way that maintains the trust the public places in you and in the provision of legal services

[13] Principle 4 – Act in the best interests of each client;

[14] Principle 5 – Provide a proper standard of service to your clients;

[15] run your business or carry out your role in the business effectively and in accordance with proper governance and sound financial and risk management principles

[16] Risks which arise through the activities of regulated firms, their employees and regulated individuals employed by non-regulated persons, businesses or organisations.

[17] Risks arising from or affecting the operation of the legal services market.

[18] Risk that firm or individual undertakes an action or omits to take an action which impacts negatively on SRA meeting the regulatory outcomes.

[19] Risk arising from a firm’s internal processes, people and systems.

[20] Risks arising from the viability of the firm and the way it is structured

[21] Enables the firm to segregate collections of employees with a guarantee that one part of the firm will not communicate with the other.

[22] where informed consent by a client is not possible, you put in place effective safeguards including information barriers which comply with the common law;

[23] Bolkiah v KPMG [1999] 1 ALL ER 517

[24] Brunei Investment agency

[25] you keep the affairs of clients confidential unless disclosure is required or permitted by law or the clientconsents;

[26] you ensure that where your duty of confidentiality to one client comes into conflict with your duty of disclosure to another client, your duty of confidentiality takes precedence;

[27]O(4.4) -  you do not act for A in a matter where A has an interest adverse to B, and B is a client for whom you hold confidential information which is material to A in that matter, unless the confidential information can be protected by the use of safeguards:-


    (i) B gives informed consent and you agree with B the safeguards to protect B’s information; or

[28] Marks & Spencer v Freshfields Bruckhaus Deringer [2004] EWCA Civ 741

[29]Solicitors Regulation Authority v Dennison [2012] EWCA Civ 421

[30] Money Laundering Regulations

[31] Koch Shipping v Richard Butler [2002] EWCA Civ 1280

[32] As suggested by Lord Millett, information barrier would need to be ‘an established part of the organisational structure of the firm’

[33] Principle 1 of the Solicitor Regulations authority

Order Now

Order Now

Type of Paper
Number of Pages
(275 words)