By Bill Healey
During more than 20 years of working in the world of professional liability insurance for lawyers, I have witnessed many changes in how law firms run their businesses, manage risk and handle the challenges they face in their day-to-day operations.
Back in 2000, it was not uncommon for smaller law firms to have only a passing familiarity with the kinds of risk management policies and procedures that are ubiquitous today. Practice management was far less present than it is today, and it was rare to find a firm of fewer than several hundred attorneys with a full-time risk manager or general counsel.
The way things were
- Back then, institutional knowledge typically resided exclusively in the minds of the most senior firm personnel.
- Checking for conflicts was often done without the aid of technology beyond an email (or just a memo) circulated among partners advising of a proposed new client. Individual attorneys frequently tracked their own docketing deadlines without firm-wide automation or centralized oversight.
- Engagement letters may only have been used where required under relevant law, and it was relatively uncommon to find firms with a standard practice of sending letters to prospective clients declining engagements or advising clients at the conclusion of an engagement.
- Firms would think nothing of suing a client for the smallest balance of outstanding fees.
Law firm risk management has come a long way
Today, the following mechanisms are routinely in place in most firms, regardless of size:
- Risk management has become institutional; most firms create comprehensive manuals of policies and procedures and circulate them to all personnel, including paralegals and support staff.
- Risk management education is a standard and essential part of the process of on-boarding associates and lateral partners. The job of an underwriter used to include educating law firms about best risk management practices. Today, the underwriter’s challenge is to determine whether risk management is embedded in the culture of the firm.
- One of the most striking developments in how law firms manage their risk is the growing presence of full-time risk managers and general counsel at firms of relatively moderate size. It is not uncommon to see firms of 50 or fewer attorneys with these important resources.
Law firms have become more entrepreneurial in the past two decades, with greater emphasis on the generation and measurement of profit in their operations. Growth has become more explosive over time, with robust merger and acquisition activity, geographic expansion and the development of broader practice offerings. Each of these developments has unique risk management implications, especially when it comes to the assimilation of lateral partners, which requires greater attention on the part of law firm management to meticulous scrutiny of potential client-based and positional/business interest conflicts of interest.
Tech advances generate both LPL risk concerns and risk management innovation
Advances in technology in recent decades have in turn advanced law firms’ practice of risk management. Sophisticated software programs capable of capturing and organizing client-based data are now omnipresent. The same software packages that firms use to streamline billing and accounting also can be efficiently employed for all aspects of client intake, docket and deadline control, and many more functions essential to effective risk management.
Interestingly, as much as technology has improved law firm risk management, it also has created some of the greatest risk concerns for firms. All firms store confidential client information in their systems, and many firms store data that may be highly sensitive, such as personal health information, proprietary/trade secrets, and even information that may cause meaningful shifts in publicly traded stock prices if improperly disseminated.
For that reason, it is imperative for firms to have reliable systems in place to guard against external threats to their electronic platforms. Similarly, even the smallest firms must remain vigilant against social-engineering threats, which can drain client funds and operating accounts in a heartbeat. Cyber security is a concern that wasn’t on our radar screens 20 years ago, or at least not nearly to the same extent as it is today. These days, LPL underwriters must pay close attention to how a proposed insured safeguards against these threats.
No matter how much the liability landscape for law firms has changed, the most common cause of legal malpractice remains the same: plain and simple “bad lawyering.” This includes attorneys who provide deficient advice or make careless mistakes that, when combined with a bad result in litigation or an ill-conceived transaction, harm a client financially. Sophisticated policies and systems are important, and underwriters must take note of these safeguards in their risk assessment. But in the realm of loss prevention, there is no substitute for hiring capable people, developing professional competencies and, most importantly, implementing structures that encourage and reward collaboration, oversight and accountability.
Learn more about Argo Pro’s Lawyers PROtectSM.
Bill Healey is vice president, Underwriting, Risk Management, at Argo Pro.