Christopher Young from Pinnacle gives guidance on how to be risk-ready for 2021

Within risk and compliance, our observation would be that firms are doing a good job of undertaking the risk assessments as they take on matters – conflicts and anti-money laundering (AML) assessments are getting ever more robust, and while AML evidence-gathering can be tedious and time-consuming, it is being completed. To achieve this, we have a powerful tool – the releasing of the matter number. As risk and compliance specialists, we do have a potential hold over fee-earning teams – don’t issue a matter number until they have done all that they need to do. While this works at matter inception, however, it doesn’t help with ongoing risk management.

We are seeing an increasing number of firms looking to understand and manage risk through the lifecycle of the matter. It has always been an obligation to identify changes, but now it’s about the difference between risk assessment and risk management. Risk assessment is a point-in-time action, whereas risk management means the identification of risks and understanding of changes in parameters over time as things evolve or more information is discovered.

We also know that risk and compliance teams are stretched for resources. This means most flag things they see as high risk at the outset, add them to a list, and monitor the items on that list. The challenge here is that being added to the list for monitoring relies on the quality of the data that is input initially – but matters inevitably change as lawyers are executing them.

It’s why more firms are asking us to use some of the new technologies available to review inflight matters dynamically. We have had one Tiger Team that has been working to ‘silently’ initiate an ‘add party to matter’ process based on the contents of legal documents as they are being drafted. The lawyer does the lawyerly thing, drafting the document in Word and adding parties as they need to. On saving, the document is then assessed to determine whether all parties in the document are already linked to the matter. If there has been an addition, an add-party-to-matter request is automatically and silently created. A new conflict search is run, and only highlighted to the risk team if new hits are generated.

We have also been sharing the outputs of two other Tiger Teams – one that has been developing a risk-reporting content pack, the other, new ‘Actionable Insights’, which means embedding simple instruction forms and action buttons into reports. The user no longer has to go into another system to do whatever the dashboard is highlighting – initiate a bill, perform a risk check, or add a calendar entry. Instead, it allows you to turn reporting from FYI to FYA – ‘for your action’ – and to fundamentally accelerate the speed at which your firm gains and acts on insights.

There are truly exciting developments going on in the technology arena – things appear to be becoming cheaper and quicker to deliver. Risk teams need to capitalise on this movement. Having captured considerable savings in office space use, travel, and other costs, do we now seize this moment to focus on automating the identification of risks within firms? The ultimate prize – reducing the inherent risks of running a professional services advisory business – is surely too big to pass up.

This article was taken from Briefing November/December 2020 – Alert to change. Read the full publication here.