ABSs, cost and audits – fixing regulation after Axiom Ince


Guest post by Crispin Passmore, senior consultant at Stratify. He is a former executive director of both the Legal Services Board and the Solicitors Regulation Authority.

Passmore: ABSs can improve governance

Over the last few weeks, I have met with regulators from more than 20 jurisdictions from around the world. They share common challenges around operational performance, a changing legal market and much-needed public scrutiny.

Many look to England and Wales for leadership and ideas. The size of the market, the successful delivery of liberalisation and the shift towards independent and professional regulation is widely debated.

But, right now, many want to know if the Axiom Ince disaster is a reason not to allow alternative business structures (ABSs). The answer is a resounding ‘no’.

Axiom Ince wasn’t an ABS – it appears to be the more traditional (and rare) story of a dishonest solicitor stealing from under the nose of other partners and auditors. One in a long line that shouldn’t be tolerated, but it is not a new issue.

So how was the alleged fraud spotted and stopped? It wasn’t prevented by the solicitor’s partners and senior managers. Nor by the accountants and auditors. As the independent report commissioned by the Legal Services Board (LSB) acknowledges, it was spotted and stopped by the Solicitors Regulation Authority (SRA).

A reversal of liberalisation wouldn’t prevent the occasional crooked lawyer running off with other people’s money.

Perhaps the opposite is true. More non-lawyers, better governance, stronger corporatisation including systems and controls, and smarter, modern risk management could help prevent these sorts of frauds?

A feature of law firm collapses and frauds has sometimes been the over-concentration of power into outdated and overburdened systems of control. Law firm partners often have limited lines of sight into the finances and the risks of the firm for which they share ownership and responsibility.

All law firms should have clear processes that ensure oversight of the handling of client money. Large law firms should have risk committees that are chaired by an external non-executive, with significant external membership, support and resource. They should report to the board rather than the CEO.

The so-called ‘three lines of defence’ risk management model developed in the audit sector should be deployed (the first line of defence are functions that own and manage risks, the second functions that oversee or specialise in compliance or the management of risk, and the third functions that provide independent assurance).

This could help prevent risks materialising and in so doing improve firms’ ability to take and manage risks – good risk management drives better commercial approaches because it improves controls, lines of sight and decision making. It is much more effective to do this at the firm level than a regulator-led audit which could be untargeted and ineffective.

There are around 10,000 law firms and 200,000 solicitors. Identifying fraud among them – which remains rare even if high impact – is like looking for the proverbial needle. Audits are good for improving compliance but not needle hunting. And they are very expensive.

Audits done by professional auditors to produce corporate accounts take a few months for preparation and delivery – they are not done at one a day or even one a week. That would just be box ticking. They could be undertaken less frequently but that undermines their chance of catching fraud early.

We might imagine an SRA auditor could deliver 10-20 audits per annum at a level of scrutiny and depth likely to spot fraudulent bank statements, false invoices, shadow payments or the many other ways fraud can be perpetrated. That is a prescription for between 450 and 1000 auditors to cover each firm once per year – plus support staff to produce reports, arrange visits, deal with challenges and evidence etc.

The SRA would need more premises, managers and back-office support. Is the LSB really calling for a doubling or trebling of the size of the SRA? That is a cost of perhaps £200m to £300m per annum with only a chance of preventing large-scale frauds that at the highest have cost around £60m every few years.

Perhaps most law firms would rather pay the insurance premium of the compensation fund.

Audits did not prevent or identify what appears to have happened at Axiom Ince. Nor did large-scale, resource-heavy audits pick up Carillion, BHS, Patisserie Valerie, Thomas Cook, Enron, AOL, Bernie Madoff or many other corporate failures. Nor did they prevent the largest law firm failures of recent decades such as Blavo, Robinsons, Dewey, Cobbets, KWM Europe. Audits can look more like compliance theatre than modern regulation.

So, what should the LSB be requiring of the SRA? Evidence tells us that targeting is more effective than scattergun audits.

The SRA could deploy increased audits in a more focused manner based on intelligence and genuine evidence-based risk with smarter use of data and technology, intelligence and market engagement.

The SRA isn’t always great at this – its warning notice on mergers and acquisitions doesn’t even distinguish between different types of acquisition (share purchase versus asset sale, for example), which does not give the market confidence that it can make market wide-risk assessments.

Increasing support for consolidation and corporatisation would be better than seeing risk in every deal.

More significantly, the LSB should be calling for removal of law firm permission to handle client money. If there is no safe, then you don’t need to spend money looking for safe breakers. Some regulators have called for that previously – and the SRA appears to be moving towards it. The LSB should demand it.

There are, of course lessons, for the SRA. But a reaction against ABS that can improve governance makes little sense, and grabbing the comfort blanket of annual inspections would be an expensive distraction.




Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Loading animation