Using IT to keep regulators from the door!

Brian Rogers, Regulatory Director and Head of Content & Thought Leadership, The Riliance Group (an Access Group company

Brian Rogers, Regulatory Director and Head of Content & Thought Leadership, The Riliance Group (an Access Group company

I have worked in the regulated sector (military and legal) for over 40 years and during that time have seen the seismic shift from paper-based risk and compliance processes to fully integrated cloud-based risk management systems; but it was only about seven years ago that the legal sector I was working in at that time started to see the advantages of centralised risk management systems.

Starting from Scratch!
In late 2006, I was asked to help create a new law firm and on top of having to find a home for 60 people in two major cities, install a computer and telephone system, and more. I had to think about how we would be able to ensure we met the regulatory requirements of our regulator, the Solicitors Regulation Authority, who I knew would be coming to see us some 18 months later to ensure we were doing all the right things!

Having managed risk and compliance in my previous firms using paper files, Excel, Outlook, Word, and more, I saw a new opportunity to completely re-design our compliance processes with the aim of centralising risk management and keeping our compliance costs down. My intention was to find a software system for the legal market that would enable us to achieve all the aims and objectives I had set.

Assessing the Market
As part of the sourcing process I started to look at what systems were available in the software market that would meet our needs; to my great surprise I found there was nothing out there!

There were plenty of software providers in the legal market at that time that were supplying law firms with case management and accounts systems but none of

them had a specific system that managed all the risk and compliance requirements of law firms.

Filling the Gap
Having found no existing risk and compliance software solution I decided to develop one myself with the help of our in-house IT team; we had worked together previously to create a bespoke HR management system that suited our own individual business needs.

With the advent of AI, we just need to keep thinking about what we can do with it to make what we do better

It was the experience of designing the HR system that made me think that similar methodologies could be used in the design of a risk and compliance system, especially the ability to control matters centrally, to restrict access to certain areas, and allow tasks to be delegated to and completed by others in the business.

Over a period of about 12 months we worked on developing the system until it was in a fully workable form; lucky for us this was in time for the regulator’s visit at the 14-month point!

The Regulator’s Visit!
When the regulator walked through the door to check on our progress as a new business we were expecting to have them around us for the full planned two days, however, having had an initial meeting with the officer and showing him how our system allowed us to manage risk and compliance he left after five hours having done a small amount of sense checking against the system records.

The “Wow” Moment!
It was having listened to the officer’s praise of the system and being able to get him out of the business early (none of us get it right all of the time so the shorter the amount of time a regulator is with you to find problems the better!), that I then thought of the potential market opportunity that had been presented. A distinct need to be met and no one currently meeting it!

What Happened Next?
Having realised the potential for a marketable system I set about speaking with various parties to see if I could get their support; I spoke with other law firms, indemnity insurers and software companies, all of whom thought the idea was great but could not see a need for it due to the legal regulatory market at that time and as a consequence a lack of return on investment. This did not deter me, as having been invited by the regulator to discuss the system and how it could assist with potential changes that were coming to the regulation of the profession, I knew the market would be there at some point.

It was in 2012 when law firms had to look at appointing a lawyer to act as a compliance officer that the market really took off!

The rest as they say is history!

The Lessons Learnt
Don’t think that just because you are not an IT professional you can’t turn your business ideas into reality; I have already been thinking about how AI can be used in reducing risks even further!

Involve regulators as they could help you develop your thinking.

Don’t be put off by rejection (internal/external).

The Future
The future for IT within the business world is looking bright, especially with the advent of AI, we just need to keep thinking about what we can do with it to make what we do better!