The Compliance Officer for Finance and Administration (COFA) is central to a law firm’s adherence to the Solicitors Regulation Authority (SRA) Accounts Rules. While the COFA is not expected to scrutinise every financial transaction, they must ensure that the firm’s systems, staff training, and oversight are robust enough to safeguard client funds throughout the year. This guide provides a practical, action-oriented perspective on the COFA’s role, outlining the evidence an annual SRA audit will require and suggesting a routine that keeps the firm prepared for audit without generating unnecessary paperwork.
What the COFA is responsible for
The COFA’s role is to ensure the firm complies with all legal and regulatory requirements under the SRA Accounts Rules. This responsibility involves maintaining accurate financial documents, promptly reconciling client accounts, managing client account interest in line with a clear written policy, swiftly addressing residual client balances, logging breaches, and reporting any material breaches when necessary. The COFA should be able to explain the firm’s approach, provide evidence that controls are adequate, and demonstrate that any issues are promptly identified and resolved. This responsibility is crucial for all law firms, including large law firms, smaller firms, and national firms, to ensure compliance and protect client money.
A simple monthly and quarterly routine
Effective financial management relies on a steady, predictable routine rather than last-minute checks. A sensible pattern for many firms might be:
- Monthly: Prepare and independently review client account reconciliations, run reports on residual balances and record any actions taken, update breach and action logs, and test interest policy samples if there is a high volume of client funds.
- Quarterly: Conduct a light internal review of a small sample of files across fee earners and matter types, covering various legal practice areas such as property transactions, personal injury, and other matters. Provide a brief training refresher and update partners on key points if needed.
This routine creates the evidence your reporting accountant will require during the audit and supports a successful SRA audit.
The COFA monthly pack
Equip the COFA with a concise monthly pack of information that enables quick, well-informed decisions to be recorded. A good pack includes:
- Client bank statements and reconciliations, with preparer and reviewer sign-offs.
- An aged list of reconciling items, with notes on progress.
- Residual client balances above a clear time threshold, with records of tracing actions.
- Results from any interest policy file testing.
- The breach register and actions log.
- A one-page summary of issues, decisions required, and responsible parties.
Keep the pack brief, factual, and consistent so it is easy to read and straightforward to file as audit evidence. This approach helps firms meet regulatory requirements and improve overall financial performance.
Client account reconciliations: a non-negotiable discipline
All client accounts should be reconciled at least every five weeks, with monthly reconciliations being the ideal standard as they align with broader financial reporting and keep matters up to date. Ensure reconciliations are prepared, independently reviewed, and signed off, with any discrepancies investigated and cleared rather than carried forward. The COFA should review the reconciliation pack, query any old differences, and record any actions taken. Timely, clean reconciliations are the strongest indicator that client money is protected and that the firm meets its responsibilities under the SRA Accounts Rules.
Residual client balances: clear and documented
Residual balances often build up when close-down procedures are weak. Run a monthly report listing balances older than a set threshold, such as three or six months. Make every effort to return these funds, record all steps taken, and if money is genuinely unreturnable, follow the correct procedure to donate it to charity, keeping permission evidence on file. Add status notes to the actions log so progress is visible to partners. This tidies the ledger, removes a common audit finding, and helps firms manage client money effectively in line with best practice.
Interest on client money: policy and proof
Every firm should have a short, plain English policy explaining when interest is due, how it is calculated, any minimum thresholds, and who is responsible. Build simple prompts into the matter opening and billing processes so staff remember to consider interest at the right time. Test a small sample of files each quarter and record the results and any corrections made. The COFA should review the sample, confirm consistency, and note any actions for improvement. Consistent application matters more than complex calculations, ensuring SRA compliance and protecting client funds.
Breach register and materiality judgement
Keep a live breach register recording the date, description, cause, materiality assessment, corrective action, and closure date. Review it monthly. The COFA must judge whether a breach is material and reportable. Use a straightforward, written approach to materiality that considers value, frequency, cause, and potential impact on client money. Where a decision is made not to report, record the reasons. Maintain a separate actions log to track who is responsible for what and by when. These two documents show the regulator that issues are identified and managed effectively, reflecting a deep understanding of regulatory requirements.
Roles, permissions and approvals
Most avoidable breaches stem from unclear roles or loose permissions. Document who prepares, reviews, and approves each key process. In your banking and case management systems, restrict who can set up and authorise payments, separating these roles where possible. Set sensible defaults so client transactions post to client accounts and office transactions to office accounts. Approval trails should be clear and visible so auditors can follow decisions quickly. Firms benefit greatly from transparent governance in this area.
Training that works
Short, regular training sessions are more effective than long, infrequent ones. Focus on areas that commonly cause breaches: client versus office money, transfers, residual balances, interest policy, and documentation standards. Include Accounts Rules essentials in new employees’ induction. Keep attendance records and share a summary of training content with the COFA. Practical examples from your files make training memorable and relevant, providing professional advice for the firm’s practice areas.
Evidence management and file organisation
Audits run more smoothly when evidence is easy to find. Use a standard digital folder structure for reconciliations, bank statements, breach and actions logs, residual balance reports, interest tests, policy documents, and training records. Save files with dates and consistent naming conventions, store sign-offs within the same folder, and maintain sensible permissions. Agree on who files monthly; nothing should remain on personal drives or email. This discipline supports compliance and reduces audit delays.
Using light internal reviews
A quarterly mini review helps the COFA spot issues early. Test a small number of matters across teams for correct postings, approval trails, and interest treatment. Confirm that reconciliations were completed on time and differences cleared. Check that residual balance actions were taken—record findings, owners, dates, and close actions by the next quarter. For independent assurance before year-end, consider an Internal Control Review that mirrors key Accounts Rules tests and produces a practical improvement plan. Regular internal reviews like these are essential for ongoing compliance.
Third-party managed accounts and alternative arrangements
Third-party managed accounts can reduce the amount of client money held directly, but the firm remains responsible for oversight. The COFA should keep copies of third-party managed account agreements, understand the flow of funds, and reconcile records to statements provided by the third party. Treat these arrangements as part of the control environment, with the exact expectations for documentation and review as traditional client accounts. This is especially important for larger firms or those with diverse practice areas.
Preparing for the accountant’s report
Hold a readiness meeting with the COFA, the finance lead, and a partner six to eight weeks before the reporting date. Check that mandates and signatories are up to date, reconciliations are current and signed off, residual balances have recent actions recorded, interest testing is filed, and the breach register is complete. Agree on how evidence will be shared securely, who will handle any queries, and who will sign the report. Keeping the evidence well-organised reduces time spent on site and cuts down on follow-up questions, helping the firm to ensure compliance smoothly and efficiently.
Common pitfalls and how to address them
- Reconciliations prepared but not reviewed: build an independent review into the schedule and follow up on sign-offs.
- Aged reconciling items: ensure all items are aged, escalate those older than one month, and record reasons and resolutions.
- Residual balances overlooked: introduce a monthly review with dates and actions recorded, closing items promptly.
- Interest policy only documented on paper: add prompts within files and conduct sample testing to ensure the policy is applied in practice.
- Weak narratives and transfer documentation: every posting should have a clear purpose and a brief note explaining why it was made and who approved it.
- Breach decisions not documented: implement a simple template for recording materiality judgements and corrective actions.
Addressing these common issues removes recurring audit findings and speeds up future reviews, supporting a successful SRA audit.
Partner oversight and reporting
Partners hold overall responsibility for compliance. The COFA should update them quarterly with a summary covering reconciliation timeliness, residual balance status, interest testing results, breaches logged and closed, training delivered, policy updates, and any material issues. Keep minutes of these discussions and list actions with owners and deadlines. Visible partner oversight strengthens the firm’s culture and provides a clear audit trail of governance, which is vital for top law firms and national firms.
Turning audit findings into improvements
Treat audit feedback as a structured list for improvement, not just a compliance score. Create a concise action plan listing each finding, its impact, owner, and due date. Review progress at COFA meetings and close items with a note of the resolution. Where a finding reveals a gap in process design, update checklists or system rules so the fix becomes part of the routine. Turning findings into standard practice reduces repeat issues and builds confidence for the next audit, ultimately improving the firm’s financial performance.
How we support COFAs and partners
We work with solicitors across the UK to deliver efficient SRA audits and help COFAs establish practical routines that keep firms compliant throughout the year. Our team conducts independent Internal Control Reviews to identify risks early and provide partners with a clear action plan. For broader governance and reporting, our wider Audit and Assurance services bring consistency to financial management processes and evidence handling. If you’d like a brief chat about your current approach or a readiness check before year-end, contact us, and we will devise a practical timetable.
Quick reference: COFA best practices checklist
- Monthly client account reconciliations were prepared, independently reviewed, and signed off.
- Residual balances report runs monthly, with actions recorded and closed.
- Interest policy was written and understood, and the sample was tested quarterly.
- The breach register was updated promptly, and materiality decisions were recorded.
- The actions log was maintained, along with owners and target dates.
- COFA monthly pack is issued and filed in a standard structure.
- The quarterly mini internal review is completed, with actions closed by the next quarter.
- Roles and permissions documented, with approvals visible and appropriate.
- Training delivered and logged, including induction for new starters.
- Evidence is stored consistently and ready for your reporting accountant.
By following these responsibilities and best practices, the COFA helps ensure the firm complies with SRA regulatory requirements, manages client money responsibly, and is well prepared for the annual SRA audit.