Legal Compliance Update

The pace of regulatory change in the legal sector shows no sign of slowing. If anything, February and early March 2026 have been among the most significant weeks in recent memory. From a second formal censure of the SRA to the Mazur appeal, from AI warnings to AML enforcement pressure, the issues converging on the profession right now demand attention.

Here's what you need to know - and what you need to be doing about it.

The LSB formally censures the SRA again

The Legal Services Board has now issued a formal public censure of the SRA for its failure to protect consumers affected by the collapse of the SSB Group. This follows the earlier censure over Axiom Ince, making this the second time the oversight regulator has taken such action against the SRA.

The question that keeps coming back is a simple one: how many censures does it take before something fundamentally changes? The first was described as historic. The second starts to look like a pattern.

With the Ministry of Justice also announcing a long-awaited review of the LSB - the first since 2017 - and a call for evidence asking whether the LSB is sufficiently focused on its statutory obligations, the regulatory framework itself is now under scrutiny. The call for evidence asks pointed questions about how the LSB holds frontline regulators to account and what evidence there is that its oversight has had a positive impact. These are the right questions. Whether they lead to meaningful reform remains to be seen.

A new CEO, a new direction?

Against this backdrop, the SRA's new chief executive Sarah Rapson has pledged a "back to basics" approach, with a focus on core responsibilities and keeping firms compliant without having to take enforcement action. Her stated ambition is for the SRA to be "a modern, proportionate, effective and trusted regulator."

These are welcome words. But each of those four pillars invites scrutiny. Is a regulator operating under a 20-year-old Legal Services Act truly modern? Can an organisation censured twice for failing to protect consumers credibly claim to be effective? And trust - from both the regulated community and the public - will have to be earned through consistent action, not aspiration.

The real test will be in what changes over the coming months. The profession will be watching closely.

Mazur: waiting for the verdict

The Mazur appeal was heard over three days, and having sat through the entire hearing, the strong impression was that the judges were questioning what all the fuss was about. The prevailing sense was that the court viewed the delegation of work from solicitors to non-solicitors as a matter of common sense.

That said, we are still awaiting the judgement, and impressions from the courtroom do not always translate into outcomes. If the appeal is allowed, much of the current uncertainty will dissipate. If Mazur is upheld, the profession faces significant operational disruption.

What firms should be thinking about now is the potential for a Mazur Mark 2 - the same issues arising around rights of audience, conveyancing and probate. These concerns were raised during the appeal hearing itself, and we have already seen a Circuit Judge refuse to grant a highly experienced chartered legal executive an exemption to conduct a family law case. This is not theoretical. It is happening now.

Firms dealing with rights of audience, conveyancing or probate work should be assessing their position and reviewing how work is delegated and supervised.

When the compliance officer IS the problem

A recent SDT case brought into sharp focus what happens when the regulatory safeguards themselves fail. A COLP who was also the COFA practised without authorisation for three and a half years, held £1.3 million in client money, and had not submitted accountant's reports for six years - all while ignoring direct warnings from the SRA.

This case does not exist in isolation. The SRA's own thematic review found that only one COLP in 36 could describe their material obligations. Internal breach reporting rates sit at just 0.65%. Over a three-year period, 1,377 internal reports were made within firms, but only nine reached the SRA. And more than 85% of compliance officers had not submitted a single report to the regulator in three years.

These figures raise serious questions about whether the COLP/COFA model, as currently operating, provides the consumer protection it was designed to deliver.

AI: opportunity and risk in equal measure

The Upper Tribunal has issued a stark warning after a solicitor admitted uploading client documents into ChatGPT. Judge Fiona Lindsley was unequivocal: doing so places information in the public domain, breaches client confidentiality and waives legal privilege. Any regulated lawyer or firm doing this must self-report to their regulator and consult with the ICO.

This is not a theoretical risk. Cases involving AI-generated fictitious case citations continue to emerge. The SRA's latest Lawtech update examines how AI is reshaping recruitment and training. The technology is moving fast, and firms need clear policies, staff training, and robust governance around its use.

The message is straightforward: use AI wisely, but make sure everyone in the firm understands the boundaries.

AML: the pressure is building

OPBAS has warned that some legal and accountancy regulators are not taking sufficiently dissuasive disciplinary measures over AML non-compliance, finding that some are "overly relying on assisted compliance" rather than enforcement. This directly challenges the approach of working with firms rather than holding them to account.

Meanwhile, the FATF has updated its grey list, adding Kuwait and Papua New Guinea to increased monitoring. Firms need to update their firm-wide risk assessments to reflect this change.

On the due diligence front, HM Treasury and DSIT have released new guidance on digital identity verification, aimed at building trust in digital verification services and streamlining CDD processes. Firms can check the reliability of digital ID providers through the DVS Register. However, clarity is still needed on whether this new route constitutes outsourcing or reliance under the Money Laundering Regulations - the distinction matters and the obligations are different.

And the question of accountant's reports is back on the table. The ACCA has backed the SRA's proposal to reintroduce the requirement that all reports - qualified and unqualified - be submitted to the regulator. But it has drawn a firm line against shifting the responsibility for submission from firms to accountants. This is a space to watch.

Conveyancing: multiple moving parts

Conveyancers are dealing with several concurrent developments. The government has held firm on requiring conveyancers to register as tax advisers with HMRC, despite lobbying from the Law Society and the wider profession. Registration opens from May 2026, with a minimum three-month window, and HMRC guidance is expected in the coming weeks.

UK Finance has paused the launch of its new-look lender instructions handbook, just days after dropping the controversial £50 access fee. A revised launch date is expected by the end of June 2026.

Nationwide has become the first lender to allow electronic mortgage deed signing without a witness, using qualified electronic signatures that HM Land Registry has been accepting since August 2025. When one major lender moves, others tend to follow.

And the CLC has launched a review of referral fees, while suggesting that regulating estate agents would better address the underlying concerns. This could well prompt the SRA to follow suit. If referral agreements are examined closely, many are likely to be found wanting - non-compliant clauses, compromised independence, and referral fees dressed up as upfront legal fees are not uncommon.

The SRA's legal battles continue

The Axiom Ince fallout continues, with the firm's insurer launching two sets of proceedings against the SRA, and the regulator filing its own counter-claim. Meanwhile, a solicitor whose tribunal decision over a "without prejudice" email was overturned on appeal has been granted a costs order of £400,000 against the SRA. These costs are ultimately borne by the regulated community through practising fees.

Data Protection: new obligations from June

The ICO has published final guidance on handling data protection complaints under the Data (Use and Access) Act. From 19 June 2026, organisations must have a formal complaints process in place. Complaints must be acknowledged within 30 days - failure to do so will be a statutory breach, not merely a procedural misstep. The ICO will track complaint volumes by organisation, and patterns may trigger regulatory scrutiny.

Most of the remaining DUAA data protection provisions are already in force. ICO governance provisions will follow at a later date.

Cyber security: stay alert

The National Cyber Security Centre has issued a new alert advising UK organisations to remain vigilant to the potential risk of cyber compromise linked to evolving events in the Middle East. Firms should be reviewing their cyber security posture, ensuring staff training is up to date, and checking that incident response plans are in place.

What you should be doing now

The volume of regulatory change is significant, but the key compliance actions are clear:

1. Use AI wisely - and make sure all staff understand the boundaries around confidentiality and privilege.
2. Ensure compliance with AML obligations - the pressure from OPBAS, the LSB and the incoming FCA regime means non-compliance carries increasing risk.
3. Assess your Mazur Mark 2 position - if your firm deals with rights of audience, conveyancing or probate, review how work is delegated.
4. Review property referral agreements - if the CLC is asking for copies, the SRA may not be far behind.
5. Register with HMRC for tax advice - conveyancing firms need to be monitoring the guidance and acting at the appropriate time.

The legal compliance landscape continues to evolve at pace, with several critical developments demanding immediate attention from law firms. Here are the key highlights from this month's update and the actions you need to take.

Major firm collapse raises serious questions

The sudden closure of the PM Law network on Monday has sent shockwaves through the profession. With approximately 600 employees affected across 20+ practices in Yorkshire and Cumbria, this collapse raises fundamental questions about regulatory oversight.

The troubling timeline: The firm didn’t open its doors on Monday morning, yet the SRA didn't intervene until Wednesday evening. This three-day gap is deeply concerning, particularly given the supposed lessons learned from Metamorph, Axiom Ince, and SSB Group collapses.

Where were the warning signs? Notices on office doors cited "regulatory issues," yet no intervention had occurred. Were there financial instability reports? Was professional indemnity insurance the problem? Most critically - where were the COLPs and their duty to report issues that could lead to closure?

The sophistication of intergroup loans and financial structures within the PM Group suggests this wasn't an overnight crisis. People at the top must have known. The failure of early warning systems represents yet another systemic regulatory failure that the Legal Services Board may need to investigate.

SRA enforcement costs spiral with poor results

Enforcement spending has increased 61% over six years, yet cost recovery remains dismal. The six most expensive recent prosecutions cost the SRA nearly £1 million, but recovered only £300,000 in costs—with three cases recovering nothing.

Recent examples of poorly investigated cases continue to mount:

• £50,000 cost order against the SRA for a "poorly investigated" matter with an "evasive" forensic investigator
• Three Daily Mail "sting" solicitors completely exonerated after interventions, closed firms, and ruined careers
• Nadeem Zahawi's solicitor's misconduct finding overturned by the High Court

This matters to you: Every penny of this wasted expenditure comes from your practising certificate fees. The profession is funding prosecutions that shouldn't have been brought.

AML compliance failures - including CQS firms, again

Eight firms have been sanctioned for AML breaches with penalties totaling £84,000. The longest breach period? Eight years.

The shocking detail: all the sanctioned firms were CQS accredited. Firms holding quality marks failed to maintain:

• Firm-wide risk assessments
• Adequate policies and controls
• Client matter risk assessments
• Proper source of funds checks

This raises serious questions about the value of CQS accreditation. When firms can hold quality marks for up to eight years while fundamentally breaching core AML requirements, what does that accreditation actually certify?

I've been pushing the Law Society to review its assessment processes. Currently, the CQS portal asks whether you have a firm-wide risk assessment audited in the last 15 months - a simple yes/no question. Unless you answer "no" (and who would?), you won't be asked for supporting evidence. One self-certified question around approximately 15 core CQS standards.

These cases prove people are simply ticking "yes" when the answer should be "no."

LSB criticises regulators over Mazur confusion

The Legal Services Board has confirmed what many practitioners suspected: regulators and representative bodies were not clear enough on the definition of conducting litigation around the Mazur case.

The defence opportunity: If regulators weren't clear, and firms acted on the guidance they received from those regulators, how can they then be penalised? Any firm facing SRA action over Mazur-related issues should cite the LSB report as their defence.

The Legal Services Board, Association of Personal Injury Lawyers, and Law Centres Federation have all been granted permission to intervene in next month's Mazur appeal. The outcome will be significant.

Good news: UK Finance backs down on handbook charges

After a significant backlash, UK Finance has withdrawn its plan to charge conveyancers £50 per user plus VAT for annual access to the Mortgage Lenders' Handbook.

The new platform goes live on 2 March 2026. Conveyancers using the handbook daily for virtually every transaction need to be ready. Note that the system now requires individual user accounts rather than generic firm logins.

ILCA consultation deadline extended

The government's controversial proposal to tax law firms via client account interest has been extended to 9 March. If your firm uses interest to offset costs or support finances, you must respond to this consultation.

This is taxation of law firms through the backdoor. The extended deadline shows the government has taken concerns on board - now make sure your voice is heard.

Crypto money laundering surge

Cryptocurrency money laundering has exploded from $10 billion in 2020 to $82 billion in 2025 - an 8x increase. Chinese-language networks are processing $40 million per day.

Your due diligence must go deeper. If a client says funds came from crypto, that's not the end of your inquiry - it's the beginning. You must trace back to the original source before the money was invested in cryptocurrency. Go as far back as necessary to understand the true origin of funds.

Critical actions required now

1. Reply to the ILCA consultation (Deadline: 9 March)

If you use client interest to offset costs, respond now.

2. Prepare for the new UK Finance Handbook (Launch: 2 March)

Conveyancers: set up individual user accounts and prepare your teams.

3. Check AML systems actually work

The recent cases show firms had policies but they weren't embedded, policed, or updated. Don't just have procedures - ensure they work in practice.

4. Verify you're using the new UK Sanctions List

Transition occurred 28 January 2026. Update your firm-wide risk assessment to reflect this change.

5. Monitor crypto-funded transactions closely

Enhanced due diligence is essential given the money laundering surge.

Other important updates

SRA withdraws complaints rule changes (for now): New rules requiring end-of-transaction complaint notifications are shelved, likely returning later when the SRA has capacity. CILEx has adopted the new rules which has caused confusion for members who work in SRA regulated firms – see my Linkedin article on this - https://www.linkedin.com/posts/brian-rogers-access-group_how-does-this-work-perhaps-the-solicitors-activity-7425188120037515265-ZgS_?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAMSnE8Bk0tVKr9dI1CalITb6isYuVcJQ6w

Warning notices issued: The SRA has issued warnings on no win, no fee agreements in high-volume consumer claims. Read these - the SRA has previously criticised firms for not reading its warning notices.

Updated sanctions guidance: Review and document in your firm-wide risk assessment, even if sanctions don't apply to your practice area.

Law Society in-house guidance criticised: The Eagle Club says guidance "fails to understand the in-house sector" and "risks exacerbating current problems."

CILEX practice rights progress: 67 Chartered Legal Executives now have litigation practice rights, with 52 approved since December. Progress continues despite Mazur confusion.

The bigger picture

This month's developments point to systemic regulatory dysfunction:

• Major firm collapses with no early warning
• Enforcement spending spiralling with poor outcomes
• Quality assurance schemes failing to assure quality
• Unclear guidance penalising the regulated
• Wasted profession funds on poorly investigated cases

The profession deserves better. These aren't isolated incidents - they're evidence of fundamental regulatory failure requiring comprehensive reform.

Get involved

If you're a COLP, COFA, or involved in data protection, AML, or other compliance areas, we're looking for practitioners to contribute to our training videos and course content. Email me at [email protected] if you're interested in helping ensure our courses remain practical and relevant.

Connect with me on LinkedIn for daily updates and analysis of regulatory developments: linkedin.com/in/brian-rogers-access-group

Stay safe and stay compliant.

A New Year brings significant challenges for law firms

As we enter 2026, the legal services regulatory landscape continues to evolve at pace, presenting law firms with numerous challenges and compliance obligations. Our latest monthly update highlights several critical developments that demand immediate attention from compliance officers and firm leadership.

The COLP Crisis: a wake-up call for the profession

Perhaps the most striking revelation this month comes from the SRA's thematic review of Compliance Officers for Legal Practice (COLPs). The findings are deeply concerning: 54% of officers reported feeling undervalued, whilst only one officer from those interviewed could adequately describe the material requirements of their role. Most alarmingly, 20% couldn't explain their record-keeping obligations, and half hadn't read the SRA's reporting and notification guidance.

These statistics, though based on a relatively small sample of around 30 officers from approximately 9,000 law firms, expose fundamental weaknesses in the current regulatory model. The report reveals compliance officers struggling under the weight of complex obligations whilst juggling fee-earning and other responsibilities. Many questioned whether they possessed adequate time or resources to fulfil their duties effectively.

This raises a fundamental question about the viability of the COLP regime introduced in 2013. When compliance officers cannot effectively police their employers or fellow owners - particularly junior partners reluctant to challenge senior equity partners - the system's structural flaws become apparent. Perhaps it's time to revisit arrangements such as the old Practice Standards Unit, which conducted regular firm visits every three to five years.

AML supervision transfer: preparing for potential change

The government has announced its intention to transfer anti-money laundering supervision from legal regulators to the Financial Conduct Authority. Whilst officials suggest implementation will take "a number of years," firms should begin monitoring developments closely.

This proposed shift raises concerns about fragmented regulation. Will firms face dual jeopardy - prosecution by the FCA for AML breaches, then referral back to the SRA for professional conduct issues? Several major law societies have already voiced opposition to these proposals, questioning whether the approach serves the profession or consumers effectively.

It's crucial to note that scaremongering has already begun, with some consultancies suggesting urgent action is required. The FCA has been clear: firms compliant under current arrangements will remain compliant during any transition. Don't be pressured into unnecessary expenditure based on unsubstantiated timelines.

SRA's costly prosecution failure

The SRA faces significant embarrassment after being ordered to pay £160,000 in costs following a "fatally flawed" prosecution. The Solicitors Disciplinary Tribunal dismissed the case, a rare outcome that highlights serious concerns about the regulator's approach to enforcement.

This follows two other recent high-profile prosecution failures involving alleged misconduct by libel lawyers. These cases underscore questions about the SRA's investigative standards and decision-making processes. Whilst the regulator ultimately bears these costs, the profession pays through practice fees - making accountability even more crucial.

The Government's money grab: ILCA Consultation

Perhaps the most controversial development is the Ministry of Justice's urgent consultation on the Interest on Lawyers' Client Accounts (ILCA) scheme. The government proposes levying 75% of interest from general client accounts and 50% from designated deposits - even extending to third-party managed accounts.

Firms have just one month to respond to this consultation, which closes on 20th February. The proposals raise numerous technical questions: How will firms calculate "reasonable" client interest when 75% has already been claimed by government? Will new compliant accounting systems be required? What are the implications for firms using interest to subsidise pro bono work or other client services?

The Law Society has mounted a vigorous challenge to these proposals, and individual firms must add their voices to ensure government understands the practical implications.

Other key developments requiring attention

First-Tier Complaints: The Legal Services Board's decision on the SRA's proposed changes to complaints handling arrangements is expected imminently (by 11th January). Firms should prepare to update policies and procedures accordingly.

SSB Group Enforcement: The SRA has disqualified two non-solicitor directors of SSB Group for dishonesty and lack of integrity, whilst investigations continue into four solicitor directors. This action stands in stark contrast to the apparent inaction regarding lawyers involved in the Post Office scandal.

Digital Communications: A recent Senior Costs Judge ruling confirms that WhatsApp messages and other digital communications form part of a firm's file when charges are based upon them. Firms must maintain proper records of all billable digital communications.

Essential Actions for January 2026

1. Respond to the ILCA consultation by 20th February if your firm holds interest-bearing client accounts
2. Review your COLP arrangements in light of the thematic review findings
3. Monitor the LSB decision on first-tier complaints handling
4. Update firm-wide risk assessments following publication of the latest SARs Annual Report
5. Watch developments on AML supervision transfer whilst avoiding premature action

The regulatory environment continues to present significant challenges for law firms. Staying informed and taking timely action on these developments will be essential for maintaining compliance throughout 2026. Our next update will follow in February, but don't hesitate to reach out if you need specific guidance on any of these issues.

For more detailed analysis of these developments, including links to source materials, please refer to our webinar recording and supporting slides.