Back to top

Setting your priorities

13 December 10

Approaches to establishing risk management priorities, and enabling firms to devote resources where they are most needed or will have greatest impact

by Alistair Sim

Risk prioritisation can be a complex and challenging task. We’re often asked “what risk management issues should we currently be focusing on?” Often the appropriate response is: “it depends”.

Different firms will need to take different approaches. The newly-appointed risk management partner in an established practice is likely to have different risk priorities from a partner at a newly-established practice.

Similarly, a firm with a longstanding specialism in a particular type of work may well be facing different risk issues to a practice contemplating diversification into a new area of work. Likewise, for understandable reasons, the risk management priorities of a practice with well-developed procedures and systems and a claims-free record is likely to be noticeably different compared with a practice struggling to improve an adverse record of claims and complaints.

In order to establish the relevant priorities, then, firms should start by addressing some of the following questions:

Where are we now?

For a newly established practice or equally for a newly appointed risk management partner, one way of quickly identifying gaps and therefore priorities for attention is by referring to a self-assessment checklist or questionnaire such as the example on the Marsh website for Scottish Solicitors lawsociety (userID and password available by email: alistair.j.sim@ Figure 1 is an extract from the questionnaire.

This sort of approach could potentially be adopted for each of the practice’s departments, teams or offices or could be used by colleagues individually.

How are we doing?

In a file audit or quality assurance process, do any non-compliances in recent audit results indicate unacceptable exposure to risks that we ought to be taking action to address? Are there any non-compliances that ought to be tackled more urgently than others? Prioritising on the basis of assessment of likelihood, frequency and/or severity would be a sound approach. See Russell Lang’s article “What’s on file?” (Journal, February 2009, 36) on conducting file audits.

What are the current “top” risk issues?

What are the areas of risk or categories of claim most often featured in risk management reports, articles and events? Could the practice be at risk of exposure to these categories of claim? The preceding months’ Journal articles and the latest Risk Management Roadshow materials are perhaps the best reference point. Through 2009 and 2010, Journal articles profiled categories of claim targeted by the Society’s insurance committee. These included late recording of deeds and non-compliance with the CML Handbook. In choosing to prioritise and target these particular categories of claim, the committee’s selection criteria were a combination of frequency, severity and avoidability of claims.

Identifying a claims pattern

Firms should examine their record of complaints or claims to see whether there is any pattern that suggests a need to tighten up controls in particular areas. Example of this could include managing critical dates, client vetting and engagement or reporting to clients. “Learning experience” (Journal, March 2009, 38) describes an approach to learning from experience of claims and implementing a preventive action plan.

Meeting training needs

Colleagues should be trained in risk awareness, reflecting identified development needs of different categories of colleague (by practice area or by level of experience). This training should support a firm’s action plan for addressing unsatisfactory aspects of the claims experience or areas of risk for the profession generally. Calum MacLean’s article, “Training for success” (Journal, February 2010, 37), suggests how to source and deliver an effective awareness training plan.

Tackling high value claims

Minor errors and oversights are capable of causing substantial claims. High value claims can have a significant financial impact in terms of premium loading. In the current claims environment, an example of costly claims are those arising out of notices exercising break options in commercial leases. The risk is of notices being ineffective if served too late, served on the wrong party or otherwise failing to comply with the conditions for exercising the break option.

Recent experience shows that there is a greater risk of this type of claim arising because of the heightened reluctance of landlords to let tenants exit and therefore subjecting break notices to intense scrutiny. There have been sufficient instances to justify extra diligence in the various stages of the notice process, from taking the client’s instructions through to ensuring the correct methods of serving the notice.

This is not the only type of claim that has been identified in recent months as potentially very costly. Claims by lenders tend to be among the more costly, particularly those arising from a failure or delay in recording a lender’s security or from a failure to achieve the expected ranking of the lender’s security. There is potential for a “total loss”, and the level of borrowings in recent years has been such that there is a greater than ever incentive to avoid such claims.

Strategic business risks

The risks to be prioritised and managed aren’t necessarily always related to potential claims and complaints. Business or strategic risks clearly justify consideration too. The process of strategic risk assessment and the construction of a risk register is all about establishing priorities by identifying and assessing significant risks to the business.

Set risk tolerance thresholds – how much risk is the business prepared to take? What would be catastrophic? What would the triggers be for a major risk to impact on your organisation?

Rank your risks according to their perceived likelihood and severity.

By assessing significant risks in terms of likelihood and severity, and by measuring financial or reputational impact, significant risks to the continuity, profitability and reputation of the business can be ranked in terms of priority for preventive action.

Changing priorities

Inevitably, priorities will need to change from time to time. Changes in the practice’s activities and claims record as well as progress in the practice’s risk management development will all result in changes in the order of importance and urgency of different risk management challenges.

Consider the responses of participants in the panel “What the surveys say”. There was a marked difference between the key risks and concerns identified in the 2010 survey compared to the previous year’s. It is hardly surprising that the changing business and economic environment results in a changing risk environment.

In adverse economic conditions, when people are under greater financial pressures, insurers expect to see an increase in the incidence of fraud and dishonesty. This applies to both internal fraud on the part of colleagues and external on the part of clients and other third parties. In “Constant foe” (Journal, June 2009, 44), Calum MacLean addresses the many and varied exposures solicitors have to fraud and dishonesty, internal and external. A pressing issue is data; firms should be aware that for most people data is much easier to steal than cash and more difficult to trace and monitor, making it the latest target for organised crime and opportunistic criminals.

There is always more that can be done to enhance a practice’s risk management performance. But with finite time and resources and many other challenges to be addressed, it is a case of deciding on priorities. What are your firm’s risk management priorities going to be for 2011?

Frequently recurring types and causes of intimation

  • Non-compliance with reporting requirements of CML Handbook
  • Title errors and omissions, e.g. issues with title boundaries and title conditions
  • Under-settlement of industrial diseases claims
  • Lender claims resulting from late recording or failure to record their security
  • Time bar – missed critical dates in respect of clients’ personal injury, debt recovery, professional negligence or other claims
  • Error in ranking of lender’s security/failure to secure first ranking security
  • Delay in trust and executry matters, resulting in loss to the estate/beneficiaries
  • Failure to notice/address adverse entries in title search reports
  • Failure to address survivorship destination on separation/divorce or when preparing will.

What the surveys say

The following lists of key risks and risk factors are taken from a 2010 survey of top 150 practices in the UK. A similar survey in 2009 indicated that client bankruptcy, credit problems and other recession-related fears dominated risk managers’ agendas; this year some of those fears may have abated.

What are the risks currently facing your practice?*

  • Conflicts of interest
  • Increased claims as a result of pressure on fees and the need for “instant” advice
  • Errors made by staff/lawyers on complex, high-value transactions
  • IT security.

What are the biggest causes of claims?*

  • Staff turnover
  • Lack of communication with client and/or internally
  • Poor record keeping
  • Quality of staff
  • Failure to keep enough evidence to defend claims.

* Source: Marsh/Legal Business RM Survey 2010

Alistair Sim and Marsh

Alistair Sim is a former solicitor in private practice who works in the FinPro (Financial and Professional Risks) National Practice at Marsh, the world’s leading risk and insurance services firm. To contact Alistair, email:
The information contained in this article provides only a general overview of subjects covered, is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. Insureds should consult their insurance and legal advisers regarding specific coverage issues.
Marsh Ltd is authorised and regulated by the Financial Services Authority.

Have your say