An outlook for risk: identifying

and managing the risks ahead

SARAH MUMFORD, SOLICITOR AND LEGAL RISK &
COMPLIANCE SPECIALIST

Sponsored by
#legalriskconf
 About the Speaker
Sarah Mumford, Solicitor and Legal Risk & Compliance Specialist
Sarah Mumford has, consecutively, been Best Practice Partner at two
commercial law firms (TLT LLP and Bevan Brittan LLP). In those roles she was
responsible for guidance, quality standards (ISO 9001 and 27001),
compliance, risk, complaints, claims, practice governance and Stuff (from
‘mundane to merger’). Since September 2013 she has been running her own
risk management consultancy for lawyers offering confidential advice,
training, AML audit and interim management services. She is currently
working as an interim risk consultant at Norton Rose Fulbright LLP but is
speaking in a personal capacity.

#legalriskconf
 Sarah Mumford
sjm@sarah-mumford.com
078 1807 5433

29 January 2019
 Reflect on the role that Risk has to play in the
starter process (and, by reverse engineering, the
leaver process too)
 Consider lateral partner risk in detail
 Take back to the business, the question ‘are we
doing enough’?
We are delighted to announce the arrival of……..

Credit: Unsplash user Ahmed Odeh

 This is not just an HR process – Trust but Verify
 Out is just as important as In
 Just because they are senior doesn’t mean that due
rigour shouldn’t be applied – however it is often the
opposite
 The disparity between internal and external promotion
 Ensure you have a ‘pitstop’ process with everyone clear
about their role. Who can call a halt?
 If I had told you I had a 2:2, you wouldn’t have made
me the offer
 I didn’t tell you because I was entitled to be treated as
innocent until the SRA proved otherwise
 It’ll blow over – she just has no sense of humour…
 Don’t worry, I have already loaded all the client files
up to Dropbox, so my old firm can’t do anything now
 I don’t need to get consent – my clients have moved
with me before, and will move again [and again?]
 Pre-employment screening (yourself or outsourced)

◦ Experience in the room?

◦ MLR 2017 considerations (and other jurisdictions) – next
slide
◦ Requirements on outsourced providers (legal and
business support)
◦ References (Clients? Old firm? Former partners?)
◦ Academic qualifications?
◦ SRA checks?
◦ Good old Google
◦ CONFLICT SEARCH – person not just clients
◦ Beware a ‘conspiracy of optimism’
 Internal controls
 21.—(1) Where appropriate with regard to the size
and nature of its business, a relevant person
must—
 (a) …………
 (b) carry out screening of relevant employees
appointed by the relevant person, both before the
appointment is made and during the course of the
appointment;
During employment
 Compliance statements
◦ Do you send them
◦ To everyone (and if not, to whom?)
◦ What do you ask? How often do you ask it?
◦ Do you ask laterals a cut down version? Why not? Do you
ask about disciplinary history, including pending internal
or external issues? Claims?
 Information from the RF1 (bulk renewal) integrity
questions
 Information requested by insurers
 Confirmation re e.g.
◦ Training
◦ All claims/complaints/breaches reported
◦ Knowledge of office procedures
◦ Confirmation re Chapter 1 compliance
◦ Data breaches/information security
◦ External appointments including arbitration/mediation
 If a member of another profession, any disciplinary
history
 Departure – do you know what happens? Is there
a cosy chat with risk? If not how do you address
data movement, client consents, client documents,
precedents, etc

 Again, a cut down compliance statement?

 Last chance to pick up on claims and problems

Moving data from and to the
firm

Credit: Unsplash user Sanwal Deen

 Does Risk review the business plan?
 (all) Client consents in writing
◦ Do a conflict search/sanity check before they are asked to
consent

 Undertakings to old firm – who negotiates these?

 Is it helpful if they bring/send in advance a PA or

Associate?

 Welcome and integration – Risk has a part to play

◦ My standard questions ‘what do you miss?’, ‘what could we do
better?’ ask for feedback about the joining process
 Client files
◦ Deeds and originals
◦ Bibles
◦ Paper files including archive
◦ E-files – will they transfer easily?
◦ Ensure no shortcuts are taken (Dropbox etc)
◦ Position on historic due diligence (if any)
◦ Reassurance to old firm about retention and practical
issues such as moving the information whether real or
virtual

◦ What is position on taking on archived and non active

files?
 Are contracts/members agreement up to date? Do the
restrictive covenants work in the 21st Century?
 Watch out for a carefully crafted DSAR
 Can you monitor email and internet use safely? What
do your policies say?
 Don’t burn bridges – clients won’t like it
 Encourage NP to do as much housekeeping as
possible, including personal emails
 Linked In (sure sign of someone moving) instead of
contacts?
 Have a standard plan In and Out – and share it so that
there are no surprises. A Mutt & Jeff approach may
help
• Ark – Smarter Lateral Hiring

• Clyde & Co briefing note

August 2013 ‘Lateral Hiring:
be prepared’

• Law Society Practice Note

‘Who owns the file’
Updated 16 January 2019

• Many US precedents on the

internet
sjm@sarah-mumford.com
078 1807 5433