Legal Practice Notes

This Practice Note offers practical direction on making applications to the Solicitors Regulation Authority ( SRA) for approval as a recognised sole practice, recognised body, or licensed body (including multi-disciplinary practices), and on filling in the SRA’s firm authorisation application ( Form FA1). It further points to precedents in Practice Compliance and Practice Management you can deploy or tailor to back your SRA submission, and signposts subtopics you might consult for added detail on the important parts of the form as necessary. Does my business need to be authorised by the SRA? ......

This Practice Note outlines SRA regulatory expectations concerning supervision. For guidance on particular scenarios, see Practice Note: How to supervise effectively—law firms. The SRA’s principal supervision duties are set out in the two Codes of Conduct (the SRA Code of Conduct for Solicitors, RELs, RFLs and RSLs ( Code for Solicitors) and the SRA Code of Conduct for Firms ( Code for Firms)), which should be read alongside the SRA Principles. Further obligations also appear in the SRA Authorisation of Firms Rules, SRA Education, Training and Assessment Provider Regulations, SRA Transparency Rules, and SRA Authorisation of Individuals Regulations. SRA and other requirements Together, SRA and other regulatory requirements relating to supervision address these themes: management oversight service delivery and competence information obligations additional Lexcel standards file reviews and auditing education and training oversight of registered foreign lawyers ( RFLs) ...

This Practice Note is aimed at UK private sector commercial organisations. It outlines the measures you should adopt to fulfil your duty under the UK General Data Protection Regulation ( UK GDPR) to safeguard third party rights and freedoms when answering a data subject access request (a DSAR), with particular focus on trade secrets, intellectual property and copyright. It excludes processing for policing purposes or the intelligence services. A separate Practice Note addresses situations where handling a DSAR might require revealing information that identifies another person—see Practice Note: Responding to a data subject access request—information identifying other individuals. This Practice Note cites European Data Protection Board ( EDPB) guidance. While EDPB materials are no longer directly applicable to, or binding under, the UK GDPR, the ICO has stated they can still offer useful direction on certain matters. The right of access The right of access is among the...

This Practice Note is aimed at general commercial organisations in the UK. It offers guidance on handling data subject access requests ( DSARs) that could require sharing material that identifies other individuals. It reflects the UK General Data Protection Regulation ( UK GDPR) and ICO guidance on the right of access. This Practice Note does not address processing for law enforcement purposes or the intelligence services. There is a separate Practice Note covering other third party rights, including trade secrets and intellectual property—see Practice Note: Responding to a data subject access request—protecting third party rights. The right of access The right of access is one of the data subject rights set out in the UK GDPR. DSARs are relatively frequent and are regarded as the gateway right, enabling individuals to use other rights such as rectification or erasure. They can be...

This Practice Note outlines the reporting duties arising under key UK sanctions frameworks and other reporting requirements linked to sanctions compliance. These cover obligations in regulations made under the Sanctions and Anti- Money Laundering Act 2018 ( SAMLA 2018), conditions attached to licences, other sanctions regimes, professional reporting duties and additional reporting requirements... Financial sanctions mandatory reporting obligations in regulations made under SAMLA 2018 Financial sanctions reporting duties are contained in the specific sanctions regulations issued under SAMLA 2018. These generally apply to ‘relevant firms’ as defined in the relevant statutory instrument. Obligations can extend beyond those entities, so you should review the applicable legislation for precise requirements, for example: ‘relevant institutions’ face extra reporting duties in relation to frozen accounts there are particular reporting duties for designated persons—see section: Other reporting requirements For information on the sanctions regimes established under SAMLA 2018, see...

From 1 September 2021, a new pathway to qualification for prospective solicitors was introduced—the Solicitors Qualifying Examination ( SQE). During a transitional period, candidates can still qualify via a training contract, an apprenticeship, or the SQE. In due course, the SQE will replace the training contract route, and apprenticeship qualification will proceed through the SQE. To qualify as a solicitor under the SQE, a candidate must: hold a UK degree in any subject (or equivalent qualification or experience—this can include a solicitor apprenticeship) pass both SQE assessments complete two years’ full-time (or full-time equivalent) qualifying work experience ( QWE) The candidate must also meet the SRA’s character and suitability requirements. This Practice Note sets out the SRA’s rules for QWE and practical points for employers providing training and work experience to aspiring solicitors. For broader information on the SQE, see Practice Note: The...

The Proceeds of Crime Act 2002 ( POCA 2002) took effect on 24 February 2003. It captures money laundering carried out after that date, regardless of when the predicate offence occurred. The timing of the underlying criminal conduct is immaterial, as the Act targets the laundering activity itself. This Practice Note discusses key details of POCA 2002 as they relate to money laundering and is intended for law firms. Offences POCA 2002 sets out a number of money laundering offences, including: three principal money laundering offences comprising: concealing arranging acquiring failure to disclose tipping-off and prejudicing an investigation The principal offences apply to everyone. Certain failure to disclose and tipping-off offences only apply to persons engaged in the...

This Practice Note offers guidance for law firms on the advantages of adopting a business plan and on the approach to preparing and implementing one that succeeds. It outlines why a plan matters and explains practical steps for putting it in place. See also Precedents: Strategic business plan—consumer and Strategic business plan—commercial. What is a business plan? A business plan sets out how a firm intends to achieve its objectives. For some practices, it underpins every action they take across the business and guides day-to-day operations. Such firms commit substantial time and effort to agreeing a rigorous, defensible plan, which is then reviewed at regular intervals so that progress towards the firm’s aims is maintained. Others prefer a lighter document that broadly states their aims, and they may revisit it less frequently—often once a year. Why have a business...

If you agree a retainer with a consumer client away from your office, or without meeting in person, it is probable that the Consumer Contracts ( Information, Cancellation and Additional Charges) Regulations 2013, SI 2013/3134 will apply. This Practice Note helps you decide whether the Regulations are engaged and, if they are, to determine: whether you must comply with the rules for distance contracts or off‑premises contracts how those obligations differ The flowchart below offers a high-level snapshot of when the Regulations apply. Which clients do the regulations apply to? Cancellation rights under the Regulations are available where your client is an individual acting wholly or mainly outside their trade, business, craft or profession. Which contracts do the regulations apply to? For these purposes, a client retainer is a contract for services. The Regulations will apply if your retainer amounts to either: an...

This Practice Note is aimed at general commercial organisations operating in the UK. It sets out the rules that apply to retaining personal data and offers practical steps for complying with those obligations, in a clear and workable manner. It reflects the UK General Data Protection Regulation ( UK GDPR), Assimilated Regulation ( EU) 2016/679. Retention duties stem from the UK GDPR’s storage limitation principle, which requires discipline over how long information is held. You must not retain personal data beyond what you genuinely require. Once it is no longer needed, personal data should be deleted or anonymised. Sound storage limitation practices also ease the workload of handling retention queries and individual erasure requests. They further reduce the chance of personal data being misused or applied mistakenly in ways that could harm individuals’ rights and freedoms under the UK GDPR....

Conflicts of interest Conflicts of interest can present serious and complex challenges for solicitors and law firms, affecting both compliance obligations and your client relationships. If a conflict, or the possibility of one, emerges during your work, it is essential to: put in place systems and controls that allow the conflict to be spotted determine whether you may act or continue to act for the client(s) concerned identify the safeguards required to handle the conflict The SRA Codes of Conduct (the SRA Code for Solicitors, RELs, RFLs and RSLs ( Code for Solicitors) and the SRA Code for Firms) recognise two categories of conflict of interest: Own interest conflict (term used by SRA: Own interest conflict) — where your duty to act in any client’s best interests clashes, or may clash, with your own interests in that matter or a related matter Client conflict (term used by SRA: Conflict of...

Why you need to manage this risk Confidential information ranks among a company’s most prized assets. Keeping matters confidential is often the most effective way to shield trade secrets and valuable know-how when intellectual property rights do not provide sufficient protection, or when relying on those rights is commercially unattractive. A breach of confidence can deprive a business of key assets and cause serious disruption. Commercial records such as price lists, customer lists, details of customers, suppliers, business partners, and relationships with regulators or other third parties Unpublished copyright works Mathematical formulae and manufacturing techniques, processes, designs, drawings and engineering Secure codes and algorithms Personal employee information such as compensation arrangements, benefits, hours of work Confidential information about employees (e.g. performance review information and sickness records) Hardware configuration information Plans, sketches and diagrams ...

Conflicts arise in two categories: own interest conflicts (also termed solicitor–client conflicts) and client conflicts of interest. This Practice Note outlines when you may proceed where an actual or possible client conflict exists between two or more clients in a conveyancing or property context. It reflects the SRA Standards and Regulations. For broader regulatory guidance on conflicts, see the Practice Notes: Conflicts of interest—law firms and solicitors and Conflicts of interest—systems and controls. What is a client conflict of interest? A client conflict of interest occurs where your distinct duties to promote the best interests of two or more clients clash in the same matter or a related matter. The SRA describes this simply as a ‘conflict of interest’. You must not act on a matter, or any particular aspect of it, if such a conflict exists or there is a...

This Practice Note summarises the obligations in the SRA Accounts Rules, effective from 25 November 2019, concerning client accounting procedures and records. It also draws on the SRA’s supporting guidance, Helping you keep accurate client accounting records. Forming part of the SRA Standards and Regulations, the Accounts Rules highlight the core principles of: keeping client money distinct from the firm’s own funds returning client money promptly when a matter concludes using client funds solely for their intended purpose proportionate duties on firms to obtain accountants’ reports The Accounts Rules are succinct—just over six pages of rules with a three‑page glossary—and are supported by a broad range of guidance. See also Precedents: Accounts manual for staff—law firms and Accounts manual for accounts or finance team—law firms. Responsibility for compliance Your firm’s managers are jointly and severally responsible for compliance. A manager includes a sole...

Becoming a registered foreign The Solicitors Regulation Authority ( SRA) runs a registration scheme for overseas lawyers. Once on that register, a registered foreign lawyer ( RFL) may serve as a manager or owner of a practice alongside solicitor managers/owners. The SRA Authorisation of Individuals Regulations set out the SRA’s criteria for RFL status, and the SRA has also issued guidance explaining RFLs’ obligations. This Practice Note outlines the registration framework for foreign lawyers working in SRA‑regulated firms as RFLs, why registration might be required, and how to secure entry. It further highlights the continuing duties for RFLs and the consequences for firms that engage them. Up to 31 December 2024, certain Swiss lawyers were eligible to apply as registered European lawyers ( RELs). From 1 January 2025, new REL applications are no longer possible; however, Swiss lawyers who are not already RELs may seek...

This Practice Note is aimed at law firms. It outlines the main points to weigh up when delivering advice or advocacy on an unbundled basis or under a Pay As You Go ( PAYG) retainer. If you are thinking about splitting legal services to, or from, a separate business, refer as well to Practice Note: Separate business and unbundling legal services 2019. Risks of unbundling services The hazards associated with unbundling, especially in a PAYG model, often arise from confusion between firm and client about what the retainer actually covers. This can heighten the prospect of professional negligence and/or misconduct where the fee earner: lacks adequate understanding of the client’s situation does not make sure the client plainly understands the limits of the service being provided, and/or inadvertently, through what they do or fail to do, establishes a full...

Outsourcing is a staple of many law firms’ operating models, bringing cost and efficiency gains for practices and their clients. This Practice Note sets out and clarifies the main compliance issues that arise for SRA-regulated firms and individuals when outsourcing, including where outsourced services are taken offshore. It reflects the SRA Standards and Regulations and offers guidance on sound practice when outsourcing legal activities or operational functions. What is outsourcing? Put simply, outsourcing means engaging a third party to deliver services that you could otherwise perform yourself. The external provider instead supplies those services using its own people and, often, its own facilities. In principle, you may outsource any activity provided you comply with the law and regulatory obligations. However, you cannot divest yourself of responsibility for meeting the SRA’s requirements, and you remain always accountable to the SRA where work is...

Robust risk control underpins the commercial success of legal practices across the sector, in practice each day. To handle risk effectively, you must first pinpoint the threats that could affect your business. This Practice Note highlights common risks confronting law firms, helping you to craft a risk management policy. See also Practice Note: How to formulate a risk management policy—law firms. What is risk? There is a widely accepted definition of risk, i.e.: Risk = probability x impact Accordingly, for any risk faced by your business, consider two key questions: how likely is it that the risk will materialise, i.e. what is the probability? if the risk does materialise, how severe will it be, i.e. what is the impact?......

No rule expressly obliges firms to operate a file audit or review process. Nonetheless, practices holding, or seeking, Lexcel accreditation must maintain a file review system, and professional indemnity insurers commonly enquire about such systems as an indicator of sound risk management. While the SRA provides no guidance on how to carry out file audits or reviews, the Lexcel standard requires reviews to be regular, the procedure to be independent, and to assess either the management of the file, its substantive legal work, or both, and to include: setting criteria for selecting files specifying the number of reviews and how often they occur keeping a record of each review on the matter file and centrally ensuring any remedial action identified is completed within 28 days and verified by the reviewer requiring the designated supervisor to review and monitor data...

This Practice Note addresses agents and other intermediaries in the sphere of anti-bribery and corruption. It outlines what an agent or intermediary is, how engaging agents and intermediaries could expose a commercial organisation to risk, and the steps you might take to lessen those related risks. What is an agent or intermediary? Agents and intermediaries are third parties appointed to provide services for, or on behalf of, your organisation, or to represent your interests. This may include: business consultants sales agents third parties retained in relation to government business or actions introducers facilitators lawyers and other professional advisers other third parties who provide services for or on behalf of an organisation in any capacity Whether a given third-party arrangement is an agent or intermediary relationship is a factual question in each instance. When deciding which...