Compliance health checks

Does your practice accurately reflect your policy?

Don't wait for a regulator's audit to find your weak spots. Our comprehensive health check provides a true picture of your compliance framework, giving you an actionable roadmap to reduce risk across the board.

Get in touch

Who is it for?

Get a clearer view of your firm’s compliance profile

We review your firm’s regulatory, financial, operational, and conduct risks, and provide expert analysis of your governance and compliance policies and processes. Where we identify gaps or shortcomings, we’ll provide a clear roadmap for change, enabling you to make proactive improvements and reduce operational risk.

Law firms

We’ll provide independent validation to evidence your improvements to clients and insurers.

Talk to us about your requirements

Key deliverables

Whatʼs included in the health check?

We conduct firm-wide gap analyses to assess policies, procedures, and operational practices against regulatory, governance, and risk management standards. Choose from our Core, Advanced, or Complete reviews, depending on your needs.

Core

A baseline regulatory risk assessment. For small firms with low-risk practices.

What’s included?
Everything below:

  • Review of key policies and documented procedures
  • AML systems and controls review 
  • Review of standard terms of business 
  • Review of staff competence and professional development records
  • Limited review of registers and key risks
  • Website, email footers and letterhead audit
  • Targeted sample matter review

Advanced

A full operational & cultural compliance review. For small to mid-sized firms with moderate-risk practices.

What’s included?

Everything in Core, plus:


  • Staff questionnaire to identify training and development needs
  • Assessment of staff capacity and operational safeguards
  • Review of complaints, client feedback, & online commentary to identify risk areas
  • Review of client care letters across all practice areas
  • Full review of registers and key risks
  • Review of PII, ATE, and employerʼs liability insurance arrangements

Complete

An extensive regulatory assurance and resilience review. For large, multi-office firms with higher-risk practices.

What’s included?
Everything in Core/Advanced, plus:

  • Review of organisational structure and supervisory arrangements
  • Review of recruitment processes and candidate due diligence
  • Stress testing of risk registers and business continuity plans
  • Comparison of documented policies against operational practice
  • Review of online marketing materials for SRA Transparency and ASA compliance
  • Due diligence assessment for outsourcing, third-party funding, and introducers 
  • Targeted sample matter review (50)

All plans include an introductory consultation to tailor our review to your firmʼs specific needs and risk profile. You’ll receive a comprehensive report on completion, highlighting key risk areas and offering practical

recommendations for improvement, as well as support in filling any documentation gaps identified.

What to expect

Actionable outcomes

Analysis of training and policy gaps

Identification and mitigation of risks

Assurance on operational frameworks

Guidance on strengthening controls

Actionable recommendations

Need a clearer picture of your compliance health?

Speak to Complex Risk today. We’ll work with you to plan and execute a comprehensive health check that provides granular insight into the health of your policies, procedures, and operational practices.

Book an introductory call

Frequently asked questions

If you don’t find the answer to your question here, get in touch with us and we’ll be happy to help.

How do we choose the right tier (Core, Advanced, or Complete) for our firm?

The right choice will depend on the size of your firm, the level of risk in your practice and your experience with compliance auditing. For example, smaller firms that haven’t undergone formal compliance auditing often start with the Core plan, which provides a useful baseline assessment. Larger, more complex firms working in high-risk practice areas should consider the Advanced or Complete plans, which offer greater assurance. We are happy to discuss your specific situation to help you choose – just get in touch with one of the team.

We believe our compliance is already in good shape. What is the value of a health check?

Even for firms confident in their compliance status, engaging independent experts to provide a health check adds value on two fronts. Firstly, it provides objective validation of the strength of your compliance culture, which is useful for building trust with insurers and regulators, and secondly, it can offer a fresh perspective – identifying new efficiencies, or spotlighting latent risks that internal teams may have missed. 

How much time and involvement is required from our staff?

We aim to minimise demands on your internal teams – we’re aware that fee-earning work is the priority, and we have designed our health check process to flex around your workflows. While some time investment is necessary, particularly from the COLP/COFA and senior management, we provide clear data requests in advance, and schedule short, structured interviews to make the most of the time we have with your staff. 

Is the staff questionnaire genuinely confidential?

Yes, entirely. Responses to the staff questionnaire are submitted directly to Complex Risk and are not visible to client personnel. This is a purposeful decision to encourage full transparency from staff, so that we can build an honest picture of compliance at your firm. The responses are completely anonymised before being analysed – the data is used in aggregate to identify systemic trends in training, culture, and supervision, not to scrutinise individuals.

Can this health check report be shared with our PII insurer?

Yes – that’s a common use of this type of health check. Sharing a favourable health check report, along with a clear plan to address any recommendations, helps demonstrate proactive risk management to your insurer and can be a significant positive factor during your PII renewal negotiations.