Welcome

SRA Code of Conduct in Practice - Compliance and reporting d...

ResourcesSRA Code of Conduct in Practice - Compliance and reporting d...

Learning Outcomes

This article outlines compliance and reporting duties under the SRA Code of Conduct, including:

  • Distinguishing automatic notifications from judgment-based reporting of serious breaches
  • Identifying prescribed events requiring prompt notification (charges, cautions, insolvency, material changes)
  • Assessing seriousness using the SRA Enforcement Strategy (intent, harm, vulnerability, patterns)
  • Selecting the appropriate reporting channel (direct to SRA or via COLP/COFA) and evidencing decisions
  • Fulfilling cooperation duties: full, accurate, and timely information without obstruction
  • Recognising conduct capable of serious breach (dishonesty, misuse of client money, harassment, discrimination)
  • Coordinating parallel duties under AML/POCA and avoiding tipping-off
  • Implementing firm systems: supervision, risk monitoring, breach registers, policies, training, and audits
  • Defining managers’ ultimate accountability and COLP/COFA responsibilities for oversight and prompt reporting
  • Managing client openness, remedial action, insurer notification, and own-interest conflicts
  • Applying whistleblower protections and understanding confidentiality exceptions for regulatory reporting
  • Maintaining clear records and attendance notes to justify compliance decisions
  • Using realistic scenarios to apply these principles effectively in SQE2 problem-solving

SQE2 Syllabus

For SQE2, you are required to understand the practical application of the SRA Code of Conduct’s compliance and reporting obligations, with a focus on the following syllabus points:

  • The requirement to keep up to date with regulatory law and SRA rules.
  • The duty to cooperate with the SRA and promptly respond to regulatory requests.
  • Notification of prescribed events, including criminal charges and insolvency.
  • Immediate and judgment-based reporting of serious regulatory breaches.
  • The functions and responsibilities of compliance officers for legal practice (COLPs) and finance (COFAs).
  • The role of managers in ensuring firm-wide compliance.
  • Record-keeping and documentation to evidence compliance in practice situations.
  • The SRA Enforcement Strategy factors used to assess seriousness and guide reporting decisions.
  • Whistleblower protection and the obligation not to deter or penalise those who report concerns.
  • The obligation to be open and honest with clients when things go wrong and to take remedial action where possible.

Test Your Knowledge

Attempt these questions before reading this article. If you find some difficult or cannot remember the answers, remember to look more closely at that area during your revision.

  1. What must a solicitor do if they receive a police caution for a non-work-related offense?
  2. If a solicitor suspects a serious breach of SRA regulatory arrangements by a colleague, what are their obligations?
  3. Who has the ultimate responsibility for a firm's compliance with SRA regulatory requirements?
  4. What information should a solicitor provide if requested by the SRA during an investigation?

Introduction

Compliance with the SRA Code of Conduct is central to legal practice in England and Wales. Solicitors must meet strict requirements to uphold professional standards and public trust. This article explains solicitors’ compliance and reporting duties under the SRA Code, focusing on statutory and regulatory obligations, notification triggers, judgment-based reporting, and the practical functions of compliance roles. Understanding these rules is essential for SQE2 as they frequently arise in both scenario-based questions and in application to problem-solving tasks.

A core theme is the distinction between automatic notifications (which must be made promptly regardless of personal assessment of seriousness) and judgment-based reporting (which depends on whether the facts are capable of amounting to a serious breach). The SRA’s Enforcement Strategy (updated 2022) sets out the factors used to assess seriousness, including the nature of the conduct, intent, harm, and vulnerability. These considerations inform both line practitioner decisions and firm-level controls through managers, COLPs and COFAs.

Key Term: compliance
Actions, procedures, and systems established to ensure that solicitors and firms meet SRA regulatory requirements at all times.

Key Term: SRA Code of Conduct
The document setting out standards and requirements for solicitors and law firms, including compliance, notifications, and professional obligations.

Compliance Duties Under the SRA Code

Solicitors are personally and collectively responsible for compliance with the SRA Code and regulatory framework. The primary duties include:

  • Maintaining up-to-date knowledge of law and SRA requirements.
  • Cooperating fully with the SRA, ombudsmen, and other regulators.
  • Responding promptly to regulatory requests for information, documents, and explanations.
  • Ensuring their firm operates proper systems to meet ongoing SRA compliance standards.
  • Being able to justify decisions and actions to demonstrate compliance with regulatory arrangements (robust attendance notes and clear rationales are expected).
  • Being open and honest with clients if things go wrong, explaining what happened and the likely impact, and taking remedial action where possible.

The duty to cooperate includes ensuring relevant information is available for inspection, not obstructing regulatory inquiries, and acting promptly on any remedial steps requested. Under the Solicitors Act 1974, the SRA can compel delivery of files and documents. Failing to respond or providing incomplete or misleading information is itself a breach.

Notification Requirements

Certain events require automatic notification to the SRA. These occur regardless of the solicitor’s personal view on the seriousness of the situation.

  • Criminal charges, convictions, or cautions (including those unrelated to practice).
  • Personal bankruptcy or insolvency (including IVAs and debt relief orders).
  • Material change to information previously given to the SRA (e.g., change in practising arrangements).
  • Discovery that previously supplied information was inaccurate or misleading.

Failure to notify such events is regarded as a significant breach. Notifications must be made promptly and should be accurate, complete and supported, where appropriate, by brief contextual information (e.g., the date of the caution, offence category, and immediate steps taken).

Key Term: notification requirement
The duty to proactively inform the SRA about specific events, regardless of a personal assessment of seriousness.

Reporting Obligations

Not every possible breach of regulatory obligations requires reporting. Solicitors must use judgment to determine whether a matter constitutes a “serious breach” that should be reported. Key considerations:

  • Acts of dishonesty, abuse of trust, or discrimination.
  • Repeated or widespread poor conduct.
  • Conduct causing or risking significant harm to clients or public confidence.
  • Evidence of criminal activity or regulatory evasion.
  • Sexual misconduct, offensive communications, or conduct causing harassment or distress.
  • Patterns of non-compliance, such as recurring failures to meet undertakings or deadlines.

The SRA’s Enforcement Strategy highlights intent/motivation (deliberate, reckless or premeditated conduct), harm and impact (including client vulnerability), and aggravating/mitigating factors. This framework assists in deciding whether a prompt report is required. If in doubt, solicitors should err on the side of reporting.

Key Term: serious breach
A violation of SRA regulatory arrangements that poses a significant risk to clients, the public, or the integrity of the profession and so must be reported to the SRA.

Reporting does not displace other statutory duties. For example, money laundering suspicions must be handled under POCA/MLR through prescribed channels. Where different regimes apply, treat them as parallel obligations and avoid tipping-off.

Fulfilling Reporting Duties

There are two main reporting channels:

  • Direct to the SRA (recommended when urgency or seriousness is clear, or if unsure that anyone else will make the report).
  • Via the firm’s designated compliance officer (for example, reporting to the COLP or COFA if the internal systems ensure onward reporting to the SRA).

When a solicitor becomes aware of a fact or incident that might require reporting, they must keep records of the facts, their decision process, and the steps they take. Where reporting internally, state expressly that the information is provided for onward notification to the SRA; follow up if confirmation is not received.

Whistleblower protection applies. No solicitor or firm may attempt to prevent reporting or subject any person to detrimental treatment for making (or proposing to make) a report. Confidentiality duties to clients and colleagues do not prevent disclosures required for regulatory reports.

Worked Example 1.1

A solicitor is notified that a colleague has repeatedly borrowed money from a client account to cover personal expenses, intending to repay the sums soon. The solicitor is unsure if this is theft, but knows it is unauthorised.

Answer:
The solicitor must recognize this as a serious breach concerning client money and trust, requiring a prompt report to the SRA. They may also report to the firm's COFA, but must ensure the information is passed to the regulator. Proper documentation is needed to evidence their action.

Cooperation and Documentation

Solicitors are required to:

  • Cooperate with SRA investigations or requests.
  • Provide full, accurate, and timely information, explanations, and relevant documents.
  • Never mislead, conceal, or destroy documents relevant to an SRA investigation.

Failure to answer SRA requests or to mislead the regulator is itself a separate disciplinary breach.

Key Term: cooperation
The obligation to respond honestly, fully, and promptly to requests from the SRA or other regulators.

Under the Code, solicitors must not deter others from providing information to regulators, and must act promptly to take any remedial action requested. Well-kept contemporaneous attendance notes, clear decision rationales, and breach registers become important if the regulator scrutinises actions months or years later.

Worked Example 1.2

A firm’s COFA discovers that the firm’s reporting accountant found evidence of improperly handled client funds. However, the COFA feels the firm has made good the breach and is considering whether to report.

Answer:
The COFA must report any serious breach regarding client money to the SRA, even if the sums have been replaced, as the fact of the original breach is itself a notifiable event. Records of the breach and remedial action must be kept.

Worked Example 1.3

A solicitor receives a police caution for common assault after a party. It was a personal incident unrelated to practice. The solicitor wonders if notification is necessary and when to do it.

Answer:
A caution is a prescribed notification event. The solicitor must notify the SRA promptly, providing basic details and any immediate mitigation (e.g., there is no ongoing risk to clients). Delay or non-notification is itself a breach.

Worked Example 1.4

A junior fee-earner reports to the COLP that a partner has been sending offensive social media posts from a personal account. The partner says it is private life and “none of the SRA’s business.”

Answer:
Private conduct can engage Principles and the Code where it risks public trust. Offensive communications are capable of amounting to a serious breach. The COLP should assess seriousness against Enforcement Strategy factors and, if reasonably believed to amount to a serious breach or warrant investigation, report promptly to the SRA. The junior must be protected from detrimental treatment.

Worked Example 1.5

A solicitor learns in confidence that a colleague has been inflating time records for billing. The colleague begs the solicitor to “keep it between us.”

Answer:
Dishonest billing is a serious breach involving abuse of trust. The Code’s confidentiality obligations do not prevent reports required to protect the public interest and meet regulatory duties. The solicitor should record the facts and promptly report, either directly to the SRA or via the COLP, and avoid any attempt to cover up or delay.

Compliance Roles and Responsibilities

Managers’ Duties

Managers (e.g. partners, directors, or sole principals) hold ultimate responsibility for a firm’s compliance. They must ensure all SRA rules are followed, put effective supervisory systems in place, monitor risks, and keep appropriate records. This includes:

  • Establishing and maintaining systems and controls to ensure compliance with regulatory and legislative requirements.
  • Monitoring financial stability and viability and identifying firm-wide risks (e.g., client-money risks, AML exposure, undertakings risk).
  • Keeping records that demonstrate compliance (including a breach register and remedial action logs).
  • Ensuring staff understand complaints procedures and client protection mechanisms (e.g., indemnity insurance and the Compensation Fund).

Key Term: manager
A person with governance responsibilities for the operation of a law firm, including partners, directors, and sole principals.

Managers remain accountable even where compliance officers implement day-to-day controls. A manager is not automatically liable for every breach but must be able to show appropriate oversight and intervention where risks materialised.

Compliance Officers (COLP/COFA)

Every authorised firm must have at least:

  • A Compliance Officer for Legal Practice (COLP)—oversees legal practice compliance and SRA rules.
  • A Compliance Officer for Finance and Administration (COFA)—oversees compliance with SRA Accounts Rules.

Key Term: COLP
The senior individual responsible for a law firm’s compliance with SRA rules, including governance, client confidentiality, and reporting breaches.

Key Term: COFA
The individual responsible for ensuring compliance with rules concerning client money and financial administration, including prompt reporting to the SRA about finances.

The COLP/COFA must take all reasonable steps to ensure compliance and make prompt reports to the SRA of facts reasonably believed to be capable of amounting to serious breaches, and of matters that should be brought to the SRA’s attention for investigation. Both must ensure that managers and staff do not cause or substantially contribute to breaches. They should maintain a breach register recording all breaches (serious and non-serious), the assessment outcome, and remedial measures.

Compliance officers are not scapegoats for firm-wide failures; ultimate responsibility remains with managers. However, COLPs and COFAs can be personally liable if they fail to discharge their own reporting and oversight responsibilities.

Record-keeping and Systems

Firms must keep clear records of:

  • Any breach of SRA regulatory arrangements.
  • Notifications and reports made to the SRA or via compliance officers.
  • Steps taken in response to confirmed or suspected breaches.

This documentation is essential evidence of compliance if challenged. Practically, firms should:

  • Maintain a central breach register with unique references, categorisation (e.g., client money, publicity, confidentiality), seriousness assessment and outcomes.
  • Keep attendance notes for compliance decisions (including why a matter did or did not meet the serious breach threshold).
  • Implement policies for undertakings (scope, authority, timescales), confidentiality and disclosure, and reporting lines.
  • Conduct regular training and audits (including Accounts Rules bank reconciliations and file reviews) and capture remedial actions in a central log.
  • Ensure staff know the complaints process and client redress mechanisms and that client care letters explain regulatory protections (e.g., indemnity insurance, SRA regulation).

Worked Example 1.6

A firm’s breach register shows three separate failures over six months to perform undertakings on time in conveyancing files. The COLP has recorded each as “minor” because the documents were ultimately sent.

Answer:
Repetition indicates a pattern capable of being a serious breach of Para 1.3 (undertakings) and wider public trust obligations. The COLP should reassess seriousness, identify root causes, take remedial steps (e.g., policy changes and supervision), and consider prompt reporting to the SRA. Managers must review systems to prevent recurrence.

Worked Example 1.7

Following a significant drafting error, a client suffers financial loss. The firm rectifies the error where possible and refunds fees. The COLP queries whether any further action is required.

Answer:
The Code requires being open and honest with clients, explaining the error and likely impact, and taking remedial action. Where there is a potential claim, the firm should investigate redress and notify its insurer. If the circumstances indicate an own-interest conflict (e.g., potential negligence claim), advise the client to obtain independent legal advice. Reporting to the SRA is not automatic; the seriousness test applies.

Revision Tip

Keep reliable records of all decision-making related to compliance or reporting duties. Detailed attendance notes and breach registers provide essential evidence if the SRA investigates your conduct or the firm’s systems.

Summary

RoleMain Compliance/Reporting Responsibilities
All SolicitorsNotify SRA of prescribed events; report serious breaches; cooperate with regulatory requests.
ManagersTake all reasonable steps to ensure firm-wide compliance; supervise compliance officers; retain ultimate responsibility.
COLPMonitor regulatory compliance; record and report material breaches to the SRA promptly.
COFAEnsure proper management of client money and accounts, report serious financial breaches to the SRA.

Key Point Checklist

This article has covered the following key knowledge points:

  • Solicitors must keep up to date with SRA law and requirements, and comply fully with the SRA Code of Conduct.
  • Automatic notification of certain events (e.g. cautions, insolvency) is required, regardless of the solicitor’s judgment.
  • All solicitors must report serious breaches, usually involving dishonesty, abuse of trust, or widespread problems.
  • Managers have ultimate responsibility for compliance within a firm.
  • Compliance officers (COLP and COFA) must record and report relevant breaches.
  • Cooperating with the SRA—responding to requests for information, documents, and explanations—is mandatory.
  • Accurate records of decisions and actions must be kept to evidence compliance.
  • Failure to fulfill compliance or reporting duties can result in regulatory action or disciplinary sanctions.
  • Whistleblower protection prohibits deterring or penalising those who report concerns.
  • Being open and honest with clients when things go wrong, and taking remedial action where possible, is required.

Key Terms and Concepts

  • compliance
  • SRA Code of Conduct
  • notification requirement
  • serious breach
  • cooperation
  • manager
  • COLP
  • COFA

Assistant

How can I help you?
Expliquer en français
Explicar en español
Объяснить на русском
شرح بالعربية
用中文解释
हिंदी में समझाएं
Give me a quick summary
Break this down step by step
What are the key points?
Study companion mode
Homework helper mode
Loyal friend mode
Academic mentor mode
Expliquer en français
Explicar en español
Объяснить на русском
شرح بالعربية
用中文解释
हिंदी में समझाएं
Give me a quick summary
Break this down step by step
What are the key points?
Study companion mode
Homework helper mode
Loyal friend mode
Academic mentor mode

Responses can be incorrect. Please double check.