DECEMBER 2023 – ARTICLES & ITEMS OF INTEREST

THE LEGAL QUALITY STANDARD OF IRELAND

THE LEGAL QUALITY STANDARD OF IRELAND

DECEMBER 2023 – ARTICLES & ITEMS OF INTEREST

2024 CPD REQUIREMENT NOW INCREASED TO 25 HOURS

A new CPD Scheme and amending CPD Regulations (Solicitors (Continuing Professional Development) (Amendment) Regulations 2023) (S.I. No. 419 of 2023) (which amend the Solicitors (Continuing Professional Development) Regulations 2017 (S.I No. 529 of 2017)) come into effect on 1 January 2024. The 2024 CPD cycle runs from 1 January 2024 to 31 December 2024.

The new CPD scheme requires 25 hours of CPD during 2024, of which at least five hours must focus on professional development and solicitor wellbeing and at least three hours must focus on client care and professional standards.

The increase also applies to senior practitioners, who will have to complete at least eight hours of CPD in 2024, up from just three hours under current regulations.

The Law Society of Ireland has published a booklet and record card for the 2024 CPD cycle, to view these see https://www.lawsociety.ie/Solicitors/rules-legislation/CPD-Scheme

ONLINE ONLY PRACTISING CERTIFICATE RENEWAL FOR 2024

The December edition of the Law Society Gazette reminds practitioners that all PC applications for the practice year 2024 must be submitted online through the Law Society’s website.

To view this article in full see https://www.lawsociety.ie/globalassets/documents/gazette/gazette-pdfs/gazette-2023/december-2023-gazette.pdf#page=15

CYBERSECURITY RESOLUTIONS – DO’s AND DON’Ts

The December issue of the Law Society Gazette publishes the final article of the cybersecurity series produced by Tanya Moeller, Nicola Kiely and Deborah Leonard.  This article ties all of the lessons learned into a practical blueprint for assisting with the next steps in channelling effective cybersecurity protection in your law firm.

This article references the key points set out in the earlier articles of the cybersecurity series and also clearly sets out – Cybersecurity resolutions – DO’s and DON’Ts

‘DO

• Agree on governance structures and appoint decision-makers and project leads,
• Consider how you document your cybersecurity project,
• Run a cybersecurity risk assessment and obtain recommendations on risk-mitigation measures,
• Review your safe-banking practices,
• Talk to your broker about your precise cover of specialised cybersecurity insurance,
• Find out how your insurance company can help you before, during, and after incidents,
• Enhance your technical security measures, depending on your project goals,
• Improve your organisational measures, such as using strong passwords as recommended by the Data Protection Commission,
• Prepare for attempted or successful breaches, and consider doing a dry run of handling an incident,
• Adopt a ‘no-blame’ culture in your office – ensure that staff feel able to report suspected incidents in a prompt manner, to allow steps to be taken,
• Report any successful breaches to the Law Society of Ireland in the anonymous reporting tool to provide updates on the latest scams. Only when we all remain vigilant for each other can we protect the profession as a whole.

 

DON’T

• Don’t use suppliers without considering how they support you in your cybersecurity protections,
• Don’t ‘work on the road’ unless you understand what ‘cybersecurity potholes’ you must avoid,
• Don’t employ staff without appropriate on-boarding, training, and off-boarding,
• Don’t let your guard down – regularly review your own cybersecurity defences by repeating your security risk assessments,
• Don’t forget to evidence your efforts, which may offer some protection to you if an incident does occur,
• Don’t despair: this is about risk mitigation, not risk elimination. All you can do is reduce your risks on a continuous basis, taking the unique environment of your law firm into account – and have this positive story of your ongoing successes to tell by way of mitigation if something does occur.’

To view this article in full see https://www.lawsociety.ie/globalassets/documents/gazette/gazette-pdfs/gazette-2023/december-2023-gazette.pdf#page=49

CYBER INSURANCE – PRACTICE MANAGEMENT NOTE

In the winter edition of the Parchment Eamonn Carney, Solicitor at Carney McCarthy Solicitors and member of the DSBA Practice Management Committee has written a Practice Management Note on Cyber Insurance.

He states ‘obtaining a quote/renewal for cyber insurance cover now requires interaction with your IT consultants’ and ‘whilst pricing has softened to make such policies slightly more attractive, this apparently good news comes with a warning’.

This guidance note is a reminder to practitioners that all cyber insurance policies are not the same and practitioners must carefully check and consider what cover is offered and exclusions in the policy document itself, firm’s should not rely merely on assumptions, last year’s cover/policy document, or broker assurances.

When Practitioners are shopping around, get specific details of the policy in particular be aware that not all cybercrime policies will pay out for an incident of cybercrime without any requirement for a claim to have been made against the Professional Indemnity Policy, albeit there is such cover effectively as shield to the PII Policy on the market.  Many policies will include a clause, which reads along the lines of “Other Insurance. We will not make any payment under this Policy unless and until any other insurance, including any self-insured retention or deductible portion, has been exhausted”. (Effectively, such a policy does not shield the PII policy, but operates only as cyber-crime excess layer)

When considering cyber cover, practitioners should also bear in mind that PII policies generally only provide cover for claims relating to losses to client funds [rather than office account funds or social engineering, funds transfer fraud etc, which are not typically covered under a PII policy].

Tailored apps/web portals, funds transfer policies and cyber-crime training for every employee and partners including record keeping of the date/completion of the training are now the norm to avoid a policy becoming voidable.

To view this practice note in full see https://issuu.com/256media/docs/parchment_winter_2023-flipbook?e=16581915/97855617

WHAT EMPLOYERS CAN DO TO ADDRESS WELLBEING ISSUES

On the 19 December 2023, the Law Society of Scotland published a blog on their website by John McElligott, Chief Operating Officer of Kara Connect, which discusses mental health in the Scottish legal profession, why wellbeing matters and what employers can do address wellbeing issues.

John McElligott states ‘within the legal sector, the demanding nature of the profession coupled with long hours, high workloads, and intense pressure, significantly impacts mental wellbeing.  Legal professionals need to deal with high conflict situations and are required to make high stakes decisions, which all contribute to an elevated level of stress.’

It was also reported in the Law Society of Scotland’s Profile of the Profession 2023 survey, nearly two thirds of respondents reported a mental health issue in the past five years.

He also states ‘investing in mental health support for legal professionals is not only a moral imperative but also a strategic decision for the legal sector.  By prioritising mental wellbeing, legal firms can foster a healthier work environment, improve employee retention, and enhance overall productivity.  Recent research shows that poor mental health costs Scottish employers over £2 billion every year and data shows that for every £1 spend on mental health interventions, employers get back £5 in reduced sick days and increased productivity.’

He concludes his article by setting out how employers can address these issues under the following headings:-

• Educate and advocate
• Provide proactive support
• The ability to choose the right provider for support
• High quality care across diverse backgrounds
• Secure and private access

To view this wellbeing article in full see https://www.lawscot.org.uk/news-and-events/blogs-opinions/we-need-to-talk-about-mental-health-in-the-scottish-legal-sector/

BAR COUNCIL IN ENGLAND AND WALES TO ADDRESS BULLYING, HARASSMENT AND DISCRIMINATION

On the 8 December 2023, the Irish Legal News published an article stating that nearly half of barristers in England and Wales have experienced or witnessed bullying, harassment and discrimination in their legal work, according to new research by the Bar Council.

 

The article states ‘In the most recent survey, 44 per cent of respondents said they had experienced or observed this behaviour while working either in-person or online – an increase from 38 per cent in 2021 and 31 per cent in 2017.

Those who are more at risk of experiencing bullying, harassment and discrimination are women, people of colour, younger and more junior members of the bar.  Barristers with caring responsibilities or a disability also reported being disproportionately affected.

Those who are complained about are generally those in a position of power or influence and include judges, more senior barristers, senior clerks, and practice managers.

The main reason given for not reporting incidents of bullying, harassment or discrimination is fear of repercussions.

In response to the findings, the Bar Council has committed to address inappropriate and abusive behaviour by commissioning a review, established by spring 2024 and to report by spring 2025, that will consider and identify solutions, specifically to identify prevention and mitigating strategies.’

To view this article in full see https://www.irishlegal.com/articles/england-nearly-half-of-barristers-see-bullying-or-discrimination-at-work

AML – HOLISITIC CUSTOMER DUE DILIGENCE

On the 5 December 2024 on Scotland’s Law Society Website as part of their AML blog series, AML Risk Manager Jenni Rodgers looks at holistic customer due diligence: what it is, why it’s important and the steps and risk factors to consider.

She discusses ‘What is the “holistic approach to customer due diligence”?, Client & Matter Risk Assessments (CMRAs), Source of funds/wealth and Screening

Under Customer Due Diligence she states ‘You should be able to build a picture through the documents collected and evidence that this picture makes sense to you and an auditor when a file is reviewed for due diligence.’

 

The article sets out some key factors to think about when assessing due diligence:

• ‘Does this transaction make sense?
• Is the documentation consistent with what I am being told about the background, nature, and circumstances of the client?
• Is the client excessively obstructive, secretive, or unwilling to cooperate?
• Is the transaction corresponding with the client’s normal activities?
• Are there frequent changes to funding or the client’s details?
• Is the client rushing the transaction?

 

Due diligence is never the same for all clients. Whilst you have PCPs in place to assist with standardising your CDD process, you must apply a risk-based approach to the collection of due diligence that is tailored to the inherent risks present.’

Jenni Rodgers concludes ‘What is important is that risk assessments/due diligence are adequately documented, all relevant factors are considered, and decision-making/rationale is recorded.  We emphasise that the file must be able to be reconstructed and, if it is not written down, then it did not happen.

Document and evidence everything.’

To view this article in full see https://www.lawscot.org.uk/news-and-events/blogs-opinions/aml-spotlight-holistic-customer-due-diligence/

2024 CPD REQUIREMENT NOW INCREASED TO 25 HOURS

A new CPD Scheme and amending CPD Regulations (Solicitors (Continuing Professional Development) (Amendment) Regulations 2023) (S.I. No. 419 of 2023) (which amend the Solicitors (Continuing Professional Development) Regulations 2017 (S.I No. 529 of 2017)) come into effect on 1 January 2024. The 2024 CPD cycle runs from 1 January 2024 to 31 December 2024.

The new CPD scheme requires 25 hours of CPD during 2024, of which at least five hours must focus on professional development and solicitor wellbeing and at least three hours must focus on client care and professional standards.

The increase also applies to senior practitioners, who will have to complete at least eight hours of CPD in 2024, up from just three hours under current regulations.

The Law Society of Ireland has published a booklet and record card for the 2024 CPD cycle, to view these see https://www.lawsociety.ie/Solicitors/rules-legislation/CPD-Scheme

ONLINE ONLY PRACTISING CERTIFICATE RENEWAL FOR 2024

The December edition of the Law Society Gazette reminds practitioners that all PC applications for the practice year 2024 must be submitted online through the Law Society’s website.

To view this article in full see https://www.lawsociety.ie/globalassets/documents/gazette/gazette-pdfs/gazette-2023/december-2023-gazette.pdf#page=15

CYBERSECURITY RESOLUTIONS – DO’s AND DON’Ts

The December issue of the Law Society Gazette publishes the final article of the cybersecurity series produced by Tanya Moeller, Nicola Kiely and Deborah Leonard.  This article ties all of the lessons learned into a practical blueprint for assisting with the next steps in channelling effective cybersecurity protection in your law firm.

This article references the key points set out in the earlier articles of the cybersecurity series and also clearly sets out – Cybersecurity resolutions – DO’s and DON’Ts

‘DO

• Agree on governance structures and appoint decision-makers and project leads,
• Consider how you document your cybersecurity project,
• Run a cybersecurity risk assessment and obtain recommendations on risk-mitigation measures,
• Review your safe-banking practices,
• Talk to your broker about your precise cover of specialised cybersecurity insurance,
• Find out how your insurance company can help you before, during, and after incidents,
• Enhance your technical security measures, depending on your project goals,
• Improve your organisational measures, such as using strong passwords as recommended by the Data Protection Commission,
• Prepare for attempted or successful breaches, and consider doing a dry run of handling an incident,
• Adopt a ‘no-blame’ culture in your office – ensure that staff feel able to report suspected incidents in a prompt manner, to allow steps to be taken,
• Report any successful breaches to the Law Society of Ireland in the anonymous reporting tool to provide updates on the latest scams. Only when we all remain vigilant for each other can we protect the profession as a whole.

 

DON’T

• Don’t use suppliers without considering how they support you in your cybersecurity protections,
• Don’t ‘work on the road’ unless you understand what ‘cybersecurity potholes’ you must avoid,
• Don’t employ staff without appropriate on-boarding, training, and off-boarding,
• Don’t let your guard down – regularly review your own cybersecurity defences by repeating your security risk assessments,
• Don’t forget to evidence your efforts, which may offer some protection to you if an incident does occur,
• Don’t despair: this is about risk mitigation, not risk elimination. All you can do is reduce your risks on a continuous basis, taking the unique environment of your law firm into account – and have this positive story of your ongoing successes to tell by way of mitigation if something does occur.’

To view this article in full see https://www.lawsociety.ie/globalassets/documents/gazette/gazette-pdfs/gazette-2023/december-2023-gazette.pdf#page=49

CYBER INSURANCE – PRACTICE MANAGEMENT NOTE

In the winter edition of the Parchment Eamonn Carney, Solicitor at Carney McCarthy Solicitors and member of the DSBA Practice Management Committee has written a Practice Management Note on Cyber Insurance.

He states ‘obtaining a quote/renewal for cyber insurance cover now requires interaction with your IT consultants’ and ‘whilst pricing has softened to make such policies slightly more attractive, this apparently good news comes with a warning’.

This guidance note is a reminder to practitioners that all cyber insurance policies are not the same and practitioners must carefully check and consider what cover is offered and exclusions in the policy document itself, firm’s should not rely merely on assumptions, last year’s cover/policy document, or broker assurances.

When Practitioners are shopping around, get specific details of the policy in particular be aware that not all cybercrime policies will pay out for an incident of cybercrime without any requirement for a claim to have been made against the Professional Indemnity Policy, albeit there is such cover effectively as shield to the PII Policy on the market.  Many policies will include a clause, which reads along the lines of “Other Insurance. We will not make any payment under this Policy unless and until any other insurance, including any self-insured retention or deductible portion, has been exhausted”. (Effectively, such a policy does not shield the PII policy, but operates only as cyber-crime excess layer)

When considering cyber cover, practitioners should also bear in mind that PII policies generally only provide cover for claims relating to losses to client funds [rather than office account funds or social engineering, funds transfer fraud etc, which are not typically covered under a PII policy].

Tailored apps/web portals, funds transfer policies and cyber-crime training for every employee and partners including record keeping of the date/completion of the training are now the norm to avoid a policy becoming voidable.

To view this practice note in full see https://issuu.com/256media/docs/parchment_winter_2023-flipbook?e=16581915/97855617

WHAT EMPLOYERS CAN DO TO ADDRESS WELLBEING ISSUES

On the 19 December 2023, the Law Society of Scotland published a blog on their website by John McElligott, Chief Operating Officer of Kara Connect, which discusses mental health in the Scottish legal profession, why wellbeing matters and what employers can do address wellbeing issues.

John McElligott states ‘within the legal sector, the demanding nature of the profession coupled with long hours, high workloads, and intense pressure, significantly impacts mental wellbeing.  Legal professionals need to deal with high conflict situations and are required to make high stakes decisions, which all contribute to an elevated level of stress.’

It was also reported in the Law Society of Scotland’s Profile of the Profession 2023 survey, nearly two thirds of respondents reported a mental health issue in the past five years.

He also states ‘investing in mental health support for legal professionals is not only a moral imperative but also a strategic decision for the legal sector.  By prioritising mental wellbeing, legal firms can foster a healthier work environment, improve employee retention, and enhance overall productivity.  Recent research shows that poor mental health costs Scottish employers over £2 billion every year and data shows that for every £1 spend on mental health interventions, employers get back £5 in reduced sick days and increased productivity.’

He concludes his article by setting out how employers can address these issues under the following headings:-

• Educate and advocate
• Provide proactive support
• The ability to choose the right provider for support
• High quality care across diverse backgrounds
• Secure and private access

To view this wellbeing article in full see https://www.lawscot.org.uk/news-and-events/blogs-opinions/we-need-to-talk-about-mental-health-in-the-scottish-legal-sector/

BAR COUNCIL IN ENGLAND AND WALES TO ADDRESS BULLYING, HARASSMENT AND DISCRIMINATION

On the 8 December 2023, the Irish Legal News published an article stating that nearly half of barristers in England and Wales have experienced or witnessed bullying, harassment and discrimination in their legal work, according to new research by the Bar Council.

 

The article states ‘In the most recent survey, 44 per cent of respondents said they had experienced or observed this behaviour while working either in-person or online – an increase from 38 per cent in 2021 and 31 per cent in 2017.

Those who are more at risk of experiencing bullying, harassment and discrimination are women, people of colour, younger and more junior members of the bar.  Barristers with caring responsibilities or a disability also reported being disproportionately affected.

Those who are complained about are generally those in a position of power or influence and include judges, more senior barristers, senior clerks, and practice managers.

The main reason given for not reporting incidents of bullying, harassment or discrimination is fear of repercussions.

In response to the findings, the Bar Council has committed to address inappropriate and abusive behaviour by commissioning a review, established by spring 2024 and to report by spring 2025, that will consider and identify solutions, specifically to identify prevention and mitigating strategies.’

To view this article in full see https://www.irishlegal.com/articles/england-nearly-half-of-barristers-see-bullying-or-discrimination-at-work

AML – HOLISITIC CUSTOMER DUE DILIGENCE

On the 5 December 2024 on Scotland’s Law Society Website as part of their AML blog series, AML Risk Manager Jenni Rodgers looks at holistic customer due diligence: what it is, why it’s important and the steps and risk factors to consider.

She discusses ‘What is the “holistic approach to customer due diligence”?, Client & Matter Risk Assessments (CMRAs), Source of funds/wealth and Screening

Under Customer Due Diligence she states ‘You should be able to build a picture through the documents collected and evidence that this picture makes sense to you and an auditor when a file is reviewed for due diligence.’

 

The article sets out some key factors to think about when assessing due diligence:

• ‘Does this transaction make sense?
• Is the documentation consistent with what I am being told about the background, nature, and circumstances of the client?
• Is the client excessively obstructive, secretive, or unwilling to cooperate?
• Is the transaction corresponding with the client’s normal activities?
• Are there frequent changes to funding or the client’s details?
• Is the client rushing the transaction?

 

Due diligence is never the same for all clients. Whilst you have PCPs in place to assist with standardising your CDD process, you must apply a risk-based approach to the collection of due diligence that is tailored to the inherent risks present.’

Jenni Rodgers concludes ‘What is important is that risk assessments/due diligence are adequately documented, all relevant factors are considered, and decision-making/rationale is recorded.  We emphasise that the file must be able to be reconstructed and, if it is not written down, then it did not happen.

Document and evidence everything.’

To view this article in full see https://www.lawscot.org.uk/news-and-events/blogs-opinions/aml-spotlight-holistic-customer-due-diligence/