CPD changes- Are you Prepared?

The SRA’s new scheme increases the need for a centralised compliance management system.

On 9 June 2014, the Legal Services Board (LSB) approved changes, proposed by the SRA, to the current CPD scheme, removing the requirement for solicitors to complete a compulsory 16 hours’ training per year.

CPD is not going away:

There have been fears that the proposed changes will be interpreted as an end to the regulatory burden of training, and that firms will discontinue existing training programmes. That is not so. When announcing the proposal, the SRA underscored the value that it places on training and on “training systems” by saying:

“We consider it highly unlikely that an individual or entity would be able to deliver competent services over time without undergoing appropriate professional development. We would hold entities and individuals to account for ensuring the competence of the services they provide…

Where we engaged with an entity or individual regarding a regulatory matter, or where we had evidence of incompetence, the fact that the entity did not have sound education and training systems in place or that the individual could not demonstrate that they had undertaken regular development planning or activity, could be a factor in any supervisory or enforcement action.”

The SRA recognised, in its proposal, that this change could result in some firms failing to offer appropriate training. To alleviate this concern the SRA Board decided to delay the implementation of the proposals until November 2016 with a transition period beginning in February 2015. This will help to ensure that appropriate advice and guidance is provided, and all firms understand how to instil the correct culture of training and focus on competence across their practices.

The SRA has already stated that a new declaration will be added into the individual and firm practising certificate, requiring each individual and firm to confirm that they have considered their CPD needs.

New CPD frameworks for OFR:

It is clear that firms will still need to record and have evidence that appropriate professional training has been provided to all relevant staff, and that the training has been completed in a satisfactory manner. The proposed changes will also have no impact on other mandatory training required by legislative or regulatory bodies; nor will it affect industry best practice.

The new Enterprise edition of VinciWorks’ Learning Management System has been developed with a framework capable of: accommodating the rules of any continuing education system; evidencing that an effective training plan is in place; demonstrating that training activities are providing a satisfactory level of comprehension; and dynamically delivering training completions and compliance.

Many firms we work with already enforce their own internal training requirements and regulatory training frameworks. For example, a firm might require all staff to complete 24 hours of training, including 12 hours of compliance courses — such as AML, ABC and data protection — and 12 hours in each solicitor’s field of practice. These internal CPD schemes and frameworks can easily be developed and monitored with the Enterprise LMS.

Evidencing compliance:

The SRA’s promise of “risk based audits and supervision of compliance” means that electronic monitoring of training compliance becomes more important than ever. The SRA will expect firms to demonstrate that their staff are knowledgeable in relevant areas of practice and law. Scored and tracked exercises in courses, that demonstrate mastery of the area in question, may prove to be an invaluable tool in satisfying the regulator in this regard.

Recently the SRA surveyed 750 law firms to examine how firms train their staff. According to the survey over four-fifths (81%) of respondents reported that staff are required to keep their own records of CPD. Under the new CPD scheme, firms will have a greater responsibility to evidence firm-wide competence, via centralised training systems.

It is clear that firms will still need to record and evidence the fact that appropriate professional
training has been provided to all relevant staff, and that the training has been completed in a satisfactory manner.Screen Shot 2015-06-22 at 10.49.23 AM

Preparing for November 2016:

Recognising that the SRA’s new regime will not be fully introduced until November 2016 at the earliest, we have begun to design processes that will allow firms to easily migrate from their existing CPD system to alternative frameworks. With the support of leading UK firms in the OCC, we are confident that once the SRA’s competence statement is released, we will be first to market with solutions fully aligned with the SRA’s continuing competence framework.

One idea we are working on is a system to track and analyse the effectiveness of learning and development frameworks. In its position paper, the SRA highlighted that “effectiveness” will be a primary focus when evaluating compliance with the requirement to train staff.

VinciWorks prides itself on its strong history of working closely and collaboratively with leading firms, and providing solutions to your needs as they arise.

Contact us at info@vinciworks.com, or find out more about LMS Enterprise at
www.vinciworks.com/enterprise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.