Management & Supervision Arrangements Guidance



Similar documents
Lexcel England and Wales v6 Guidance notes for legal practices Excellence in practice management and client care The Law Society.

Lexcel England and Wales v6 Guidance notes for in-house legal departments Excellence in practice management and client care The Law Society.

PARALEGAL PRACTITIONERS RULES 2015

CLOSING DOWN OR SELLING A LAW FIRM

Aegon Global Compliance

RISK MANAGEMENT PLAN

SHEFFIELD TEACHING HOSPITALS NHS FOUNDATION TRUST EXECUTIVE SUMMARY REPORT TO THE TRUST HEALTHCARE GOVERNANCE COMMITTEE

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

How To Manage Risk In Ancient Health Trust

Financial Services Regulatory Commission Antigua and Barbuda Division of Gaming Customer Due Diligence Guidelines for

KINGDOM OF SAUDI ARABIA. Capital Market Authority CREDIT RATING AGENCIES REGULATIONS

Hamblin-Martin Financial: Service Charter Mortgage & Insurance

KINGDOM OF SAUDI ARABIA. Capital Market Authority CREDIT RATING AGENCIES REGULATIONS

Lexcel England and Wales v6 Standard for in-house legal departments Excellence in legal practice management and client care

Lexcel England and Wales v6 Standard for legal practices Excellence in legal practice management and client care

Achieve. Performance objectives

CODE GOVERNANCE COMMITTEE CHARTER. 1 Functions and responsibilities of the Code Governance Committee

Standard conditions of purchase

Business Continuity Plan Toolkit

Appendix 1: General regulatory questions

BUSINESS CONTINUITY POLICY RM03

National Occupational Standards. Compliance

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

Bridgend County Borough Council. Corporate Risk Management Policy

GUIDELINES ON COMPLIANCE FUNCTION FOR FUND MANAGEMENT COMPANIES

PM Governance. Executive Team ADCA ADCA

Short title 1. This Act may be cited as the Accountants Act. Interpretation 2. In this Act, unless the context otherwise requires "accounting

EA IAF/ILAC Guidance. on the Application of ISO/IEC 17020:1998

TERMS OF REFERENCE OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Clearing and Settlement Procedures. New Zealand Clearing Limited. Clearing and Settlement Procedures

How to revalidate with the NMC Requirements for renewing your registration

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

SAFETY and HEALTH MANAGEMENT STANDARDS

ESKISP Conduct security testing, under supervision

Risk Management of Outsourced Technology Services. November 28, 2000

INFORMATION TECHNOLOGY SECURITY STANDARDS

How to revalidate with the NMC Requirements for renewing your registration

Title: Rio Tinto management system

SCHEDULE 3 Generalist Claims 2015

Code of Practice Revised Edition 2014

ENTERPRISE RISK MANAGEMENT FRAMEWORK

FINAL DOCUMENT. Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Manufacturers Part 1: General Requirements

Grievance, Whistle blowing and Disciplinary, including Dismissals

Submission to the Review of the General Insurance Code of Practice

Foort Tayler Terms of business for probate and wills

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management

Business Continuity Policy

How To Inspect A Blood Bank

How To Manage A Disruption Event

Auditing data protection a guide to ICO data protection audits

An NMC guide for students of nursing and midwifery

INTRODUCTION 1 STRUCTURE AND APPROACH 1 CONTEXT AND PURPOSE 2 STATEMENT OF PURPOSE 3

Code of Ethics for Pharmacists and Pharmacy Technicians

Quality Assurance of Medical Appraisers

Disciplinary Policy and Procedure

APB ETHICAL STANDARD 5 (REVISED) NON-AUDIT SERVICES PROVIDED TO AUDITED ENTITIES

WORK HEALTH AND SAFETY

Care Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management

Compliance Management Systems

Training, Support and Development Standards for Foster Care

Bedford Group of Drainage Boards

How To Reform Social Work

COAG National Legal Profession Reform Discussion Paper: Trust money and trust accounting

Information Security Team

Business Continuity Policy & Plans

DNV GL Assessment Checklist ISO 9001:2015

Shepway District Council Risk Management Policy

Fraud Risk Management Procedures

RISK MANAGEMENT STRATEGY

ROYAL COLLEGE OF CHIROPRACTORS (RCC) PHD STUDENTSHIP GRANTS TERMS & CONDITIONS OF AWARD

University of Sunderland Business Assurance Information Security Policy

Version: 3.0. Effective From: 19/06/2014

Mitigating and managing cyber risk: ten issues to consider

Operational Risk Management Policy

MEMBERS IN PRACTICE GUIDE

Delivering Excellence in Insurance Claims Handling

A guide for members APES 325 Risk Management for Firms

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

Appendix A. Call-off Terms and Conditions for the Provision of Services

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

Thompson Jenner LLP Last revised April 2013 Standard Terms of Business

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

Awarding body monitoring report for: English Speaking Board (International) Ltd (ESB) May Ofqual/09/4637

TELEFÓNICA UK LTD. Introduction to Security Policy

Risk Management guide

GUIDANCE NOTE OUTSOURCING OF FUNCTIONS BY ENTITIES LICENSED UNDER THE PROTECTION OF INVESTORS (BAILIWICK OF GUERNSEY) LAW, 1987

SIR THOMAS RICH S Staff Sickness Absence Policy

Continuity of practice requirements

ISO27001 Controls and Objectives

Outsourcing Risk Guidance Note for Banks

Code of Ethics & Practice

GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES

STEP Code for Will Preparation in England & Wales

GUIDELINE ON THE APPLICATION OF THE OUTSOURCING REQUIREMENTS UNDER THE FSA RULES IMPLEMENTING MIFID AND THE CRD IN THE UK

Transcription:

Management & Supervision Arrangements Guidance 1. The way in which arrangements ensure compliance with the Code of Conduct (and thereby, all regulatory arrangements) is a matter for the individual entity However, each entity must be able to show that arrangements are in place and are operating to a level which satisfies the CLC it is compliant. 2. Proportionate arrangements are likely to be the most effective (e.g. arrangements which are unnecessarily convoluted, or are judged ineffective or untargeted, may mean they aren t used). Factors in determining the appropriateness of the entity s arrangements will include its size and structure; the number, experience and qualifications of staff; and the nature of work undertaken; and the mechanism for periodic review of their effectiveness. Business Arrangements good practice examples 3. Supervision and quality assurance arrangements are in place across the organisation. Examples of these include (but are not limited to): misconduct; regulatory responsibilities and failures; and risk management (see elsewhere in this Code). The arrangements are recorded, published, reviewed and communicated to staff. NB. See also the Accounts, Complaints, Conflicts of Interest, Transactions Files, and Undertakings Codes and Guidance. 4. The recruitment, selection and employment arrangements are periodically reviewed to help ensure an unfit and improper person (who could compromise the interests of the public and clients) is not employed. 5. Training arrangements, including Continuous Professional Development provisions, enable all employees to maintain a level of competence appropriate to their work and level of responsibility. Content of training is responsive to business objectives, regulatory responsibilities and skills gaps. Consideration is given to which training format (e.g. training course attendance or delivery, work shadowing) is best suited to both the subject matter and the target audience. 6. Published Compliance policies promote ethical practise, encourage the body and its staff to act in a way which is compatible with the regulatory requirements.

7. Staff are aware how, and to which named individual, they can raise concerns of noncompliance or wrong doing. They are encouraged to raise concerns, feel able to do so, and they are confident these will be acted upon appropriately and they will not be victimised for raising them. 8. An anti-bribery and corruption policy sets out what isn t acceptable and makes clear whom staff should contact if they are suspicious of an activity, conduct or gift. 9. Regular reviews of financial management reports at both department and firm level. 10. A client care policy sets out what clients have the right to expect. It includes timeframes within which a response to a query or approach needs to be made. Training is given on the policy. 11. Feedback, both proactively gathered and otherwise procured, informs the development of the business. 12. A communications policy sets out how the entity ensures all communications, including emails, of a high standard. 13. A firewall program, and/or other device helps to keep the network secure. Supervision arrangements Considerations 14. Depending on the nature and structure of the entity, factors in determining whether work is being effectively supervised are likely to include the:- (a) size of the business and the number of offices; (b) number of Authorised Persons available to supervise each office/ ratio of Authorised Persons to non-authorised Persons; (c) volume and nature of the work undertaken (e.g. more intensive supervision given to those who provide substantive advice rather than routine or administrative work); (d) number, competence, training and duties of unqualified staff; (e) arrangements for an Authorised Person to monitor incoming and outgoing communications; and (f) different working practices of both teams and individuals. 15. The Social Mobility Toolkit for the Professions provides case studies and good practice examples regarding mentoring, careers advice and internships. Supervision Good practice examples 16. An organisational chart is published to staff. This clearly sets out the governance structure, identifies decision makers, their responsibilities, and reporting lines.

17. Protocols/guidance set out how formal supervision and appraisal sessions are scheduled, recorded and reviewed; and roles, responsibilities and training requirements are identified. 18. Supervision sessions enable both supervisor and supervised to give feedback. Supervised individuals are enabled to take some responsibility for their own development. The entity may also operate a mentoring scheme. Risk Management 19. Risks can take many forms and may be regulatory, strategic, operational or other. Categorisation of identified risks is likely to assume a form of the following: a) those which can be tolerated, or transferred; b) those which need to be treated; and c) those which must be terminated. 20. Effective risk management is likely to require a risk register and action plan. Risk assessment processes often employ both a probability (or likelihood) and impact rating which looks at the likelihood of the risk occurring; and the arrangements currently in place, or those needed, to prevent or reduce this. A red, amber and yellow ranking (or other) may then be applied, which prioritises the termination of the highest (red) risks. Good practice examples 21. Risks to the achievement of regulatory responsibilities in particular the delivery of the positive outcomes identified in the Code of Conduct - are systematically identified, centrally recorded, evaluated, monitored and managed. These arrangements are periodically reviewed to: a) verify that all risks to critical activities and supporting resources have been identified; and b) the arrangements continue to reflect the organisation s objectives, are fit for purpose and appropriate to the types and levels of risk the organisation faces. 22. A senior manager is responsible for the risk management arrangements. A quarterly risk assessment, which contains risk reports from all teams, is submitted to the senior management team. See also the risks guidance accompanying the Transaction Files Code. 23. Staff receive training on the entity s risk management arrangements. This includes information on risk types and how to identify, capture, assess and mitigate them. 24. A senior person is designated as the data protection lead. The entity s information security provisions are periodically reviewed to ensure compliance with the Data Protection Act 1998. Outsourcing

25. It is up to you how you ensure the provider is made aware of your regulatory responsibilities and their duty to support them. This might take the form of a contract which specifies this and which includes explicit arrangements for providing us with inspection access (if needed), as well as how the agent will ensure client information security, confidentiality and quality provisions are of a high quality standard. The outsourcing arrangements are likely to benefit from periodic review and consideration within both the risk matrix and the Business Continuity Plan. Business Continuity 26. There are multiple, often interconnected ways in which external disruptions can affect the critical activities required to deliver your key services. Business continuity risks include (but are not limited to): contagious illness; disruption to office (e.g. fire, flood, evacuation of building); legal requirements (and penalties) loss of key staff or data; loss of utilities (e.g. water, gas and electricity); market changes; negligence claims; key suppliers/outsourcing agent risks (e.g. financial vulnerability, service quality threats, office disruption); prolonged power loss; random failure of critical systems; regulatory requirements (and penalties); sabotage (insider or external threat); special/tailored software or other unique purchase; systems (e.g. IT or communications) failures; and theft (this might pertain to material items, vital information, or other). Those new to business continuity risk management may find the Direct Gov Business Continuity Management Toolkit a useful starting point. Good Practice examples 27. A hard copy list of, and contact details for, persons to be contacted in the event of an emergency is kept both on-site and off.

28. A senior member of staff has responsibility for continuity of the business in emergency (or other extenuating circumstances). Individual persons are named as responsible for particular tasks should such circumstances arise. 29. Periodic continuity risk assessments inform a written Business Continuity Plan (BCP) and improvement plan. The assessments and BCP are updated in light of relevant changes such as organisational restructuring or external environment/market changes. 30. The BCP includes both prevention and recovery provisions (e.g. office relocations, data backups, fire-drills) and quantifies the resources required over time (e.g. 24 hours, 2 days, 1 week, 2 weeks) to maintain critical activities at an acceptable level. Resources are likely to include people, premises, technology, information, supplies and partner businesses. The BCP, and systems (e.g. back-up power, communications equipment, information management, contact list and evacuation processes), are periodically tested. 31. The BCP is communicated to staff through a training and awareness-raising programme. In the event of an emergency, employees and customers are provided with ongoing communications and (safety) briefings. Business Continuity - Sole Practitioners 32. The risk to business continuity and to the interests of both the business and its clients presented by an emergency such as incapacity or death is particularly relevant to sole practitioners. The guidance below is intended to highlight issues which may arise and to provide possible solutions. However, it is up to you to decide what options best suit your own circumstances and which will enable the business to continue to deliver positive Outcomes for Clients even in exceptional circumstances/an emergency. Considerations 33. You may determine that specific Indemnity Insurance arrangements would be beneficial to cover the possibility of continuity being threatened by an unforeseen circumstance. 34. In the event of a planned absence, Clients should be told who will be dealing with their matter. 35. Should you become unable to manage the business, and need to appoint an attorney the agreement is likely to benefit from being proportionate, reciprocal and subject to periodic review. 36. Consideration should be given as to whether the Attorney is an Authorised Person or legally qualified only; and whether they deal with the affairs of the clients, as well as your personal and business affairs, or you appoint different individuals to manage personal affairs and those of the business. 37. Consideration may be given as to whether your family and any employees should know of the arrangement.

38. Arrangements may be made with a bank for named Attorneys to operate specific bank accounts. Power of Attorney may be of general or specific application. Each of these forms of authority ceases to have effect should a donor or their attorney become incapable or die. 39. In the event of incapacity a Lasting Power of Attorney will enable another person(s) to make decisions on your behalf. Two Attorneys may be appointed jointly (i.e. must act unanimously at all times) or jointly and severally (either one will be able to act on his/her own). You may wish to consider including a Charging Clause entitling the Attorney to charge, and be paid, professional fees for managing the business. This form of authority ceases to have effect should a donor/attorney die or become incapacitated. 40. In the event of death, a Will providing for the business to be managed in the short term, could appoint an Authorised Person as Executor or alternatively, give the Executor the authority to appoint an Authorised Person to manage the business. A Charging Clause is likely to be needed. You may wish to provide specific instructions in a side document to the Will which can be changed depending on circumstances. Closing of a practice Considerations 41. Should you decide to sell, due diligence is recommended to help prevent fraudsters from purchasing the entity. Clients would ideally be informed of the ownership transfer prior to the purchase. This will enable them to make an informed decision as to whether they wish to continue with their instruction with the entity. 42. As agreed with the client, arrangements should be made for completion of work scheduled for after the entity s closure or transfer. 43. Where possible, client monies, such as disbursements, should be transferred out of the client account. 44. The planned closure should be discussed with your indemnity insurer (and run-off cover obtained as per OP3)o). 45. Legitimate ownership of original documents and papers should be identified and client files suitably stored. 46. Closure is often foreseeable so it is likely that you can plan well ahead, making arrangements to close or sell the practice before this happens. An ill-prepared closure is likely to result in the CLC arranging a formal intervention which is likely to be disruptive to both staff and clients. The cost of the intervention will be charged to you.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information