Responsibilities of COLPs and COFAs

Issued 25 November 2019


This guidance is to help you understand your obligations and how to comply with them. We may have regard to it when exercising our regulatory functions.

Who is this guidance for?

Compliance officers for legal practice (COLPs) and compliance officers for finance and administration (COFAs) in all firms authorised by us.

Firms authorised by us.

Purpose of this guidance

To assist COLPs and COFAs in understanding their duties and responsibilities.

This guidance should be read in the context of decision making at the SRA and other guidance documents listed at the end of this document. It is a living document and we will update it from time to time.


If you are a compliance officer your responsibilities are set out in paragraphs 9.1 and 9.2 of the Code of Conduct for firms and are as follows:

As a COLP, you must take all reasonable steps to:

  • ensure compliance with the terms and conditions of your firm's authorisation;
  • ensure compliance by your firm and its managers, employees or interest holders with the our regulatory arrangements which apply to them (except any obligations imposed under the Accounts Rules);
  • ensure that your firm's managers and interest holders, and those they employ or contract with, do not cause or substantially contribute to a breach of the regulatory arrangements;
  • ensure that a prompt report is made to us of any serious breach of the terms and conditions of your firm's authorisation, or the regulatory arrangements which apply to your firm, managers or employees.

As a COFA, you must take all reasonable steps to:

  • ensure that your firm and its managers and employees comply with any obligations imposed upon them under the Accounts Rules;
  • ensure that a prompt report is made to us of any serious breach of the Accounts Rules which apply to them.

All firms need to decide how the COLP and COFA operate within their business structure.

This involves making sure systems are in place to allow your firm to operate effectively and in compliance with the Standards and Regulations. In larger firms, or where the COLP and COFA are employees, as well as the right governance, the compliance officers must have clear reporting lines that empower them sufficiently to fulfil their roles. This is to make sure the COLP and COFA are able to implement changes or introduce new procedures to ensure compliance and good risk-management.

Irrespective of the size of the firm, it is up to the management of the firm to review the effectiveness of its COLP or COFA. If you are a sole practitioner and also the COLP and the COFA you need to review how well you are undertaking the roles.

Recording and reporting

Your firm has an obligation to keep and maintain records to demonstrate compliance with its obligations (paragraph 2.2 of the Code of Conduct for Firms).

We therefore expect compliance officers to keep a record of all breaches that occur. These records are a key tool for you in understanding the risks in your business: They should help you to identify where things have gone wrong and whether there are any systemic problems inherent to your firm's processes.

We do not prescribe a method of recording breaches, and when implementing recording procedures, you should consider how best to do this in light of the fact they should be a tool in your firm's risk management strategy.

It is mandatory to report some matters to us. We call these 'notifications' and these are set out in our Reporting and Notification Guidance. Other matters will involve you making a judgement about whether you are obliged to report to us. A summary of these reporting obligations are also found in our Reporting and Notification Guidance.

Further help

If you require further assistance, please contact the Professional Ethics helpline.