Outsource business functions with confidence
Outsourcing is an area that is growing within the legal industry and requirements of Outsourcing are now included in the Code of Conduct and Lexcel 5.
It is often more flexible and efficient for firms to outsource certain business functions. You may not be looking to adopt legal process outsourcing but it is very likely that you could outsource certain business and operational functions – e.g. IT and Compliance.
There is an obvious operational risk in ensuring this work is of sufficient quality to not damage the firm’s reputation.
Outcome 4.1 of SRA Code of Conduct requires you to keep the affairs of clients confidential. Chapter 4 emphasises that protection of confidential information is a fundamental feature of the relationship with clients. All members of the Firm, including support staff, consultants and temporary workers, owe a duty of confidentiality to its clients. This also extends to any outsourcing arrangements, such that the Firm should only outsource services where it is satisfied that the outsourcing provider has taken all appropriate steps to ensure clients’ confidential information will be protected. It is a required outcome that the Firm has effective systems and controls in place to enable it to identify risks to client confidentiality and to mitigate those risks.
Chapter 7 of the Code of Conduct sets out the outcomes a Firm needs to achieve if it outsources services.
You will therefore need an Outsourcing Policy covering the procedure for new outsourcing agreements. This may cover details of outsourced activities, methods of monitoring the impact and risk of outsourcing in an particular function, a due diligence approval process for potential companies you outsource to plus a provision for a Confidentiality Agreement signed by the person accepting work from the firm or business.Any agreement will need to incorporate consent for the Regulator to enter the outsourced supplier’s premises and review any material connected with the outsourcing. An example of this paragraph to include in your Outsourcing Agreement is as follows:
“We confirm that the Solicitors Regulation Authority or their agents, can contact us to obtain information in respect of our records, including electronic records, and enter our premises with notice to conduct a review of the outsourced activity / function.”
You will need to have accountability procedures to check and control the outsourced function, which will also be covered in your policy. These include procedures for supervision and review e.g. an annual review to verify the quality of the company you outsource to and to identify a person responsible for the policy within the firm.
The new requirements for Outsourcing under Lexcel 5 are as follows:
Practices will have a policy in relation to outsourced activities, which must include:
a: Details of all outsourced activities
b: Procedures to check the quality of outsourced work
c: Steps to ensure providers have taken appropriate precautions to ensure information will be protected.
d: A list of all providers of services
e: The person responsible for the policy
f: A procedure for an annual review of the policy, to verify it is in effective operation across the practice
Questions to ask? Do you Outsource any business or operational function? Does your firm currently have an Outsourcing Policy as required? Are you confident it meets the needs and responsibilities of your firm?
Contact Jaunita Gobby at Legal Eye today for a free copy of an Outsourcing Policy – email@example.com