iCann Index: Risk

The iCann index on risk is a simple ready reckoner 20 question checklist based around the fundamentals of best practice. Every six months or so, bring it out and run through it, treat it as an informal audit of your current risk position. Ideally, you should be able to consistently answer ‘yes’ to all 20 questions. The odd ënoí is permissible as long as you can rationalise why, but any more than 6-8 negatives and you should be considering early action to tackle the areas of non-compliance.

  1. Do you have an up to date formal management organisation chart?
  2. Do you have an annual financial forecast, including cashflow?
  3. Does your website contain the minimum information required by the Code of Conduct 2007?
  4. Do you have a written risk management policy?
  5. Do you have a formal Disaster Recovery/Business Continuity plan?
  6. Do you have a written data protection policy?
  7. Do you have a written complaints policy available upon request by a Client?
  8. Do your referrers, (even if you don’t pay referral fees) know their obligations under rules 7 & 9 of the Code of Conduct? (Publicity & Referrals of Business)
  9. Do you have a policy and precedent for non-engagement letters?
  10. Can every fee earner demonstrate that all of the matters required by rule 2 of the Code of Conduct were raised with every new Client?
  11. Has every Client received the Client Care Terms required for Rule 2?
  12. Do your bills and completion statements make clear which disbursements have been paid, and which are still outstanding?
  13. Do your staff know what to do if there is a cause for concern regarding money laundering, or acceptable ID? (AML)
  14. Is your Money Laundering Policy up to date? (AML)
  15. Can you prove AML training has been provided for every employee on a regular basis? (AML)
  16. Do you have a written policy for accepting new business?
  17. Do you have a written conflicts of interest policy?
  18. Are all your Clients updated every 6 months upon the current costs of their matter?
  19. Do you have arrangements for effective supervision of staff?
  20. Do you have a written Email & Internet use Policy?