Client matter risk assessments: Think first, tick second

Picture of InfoTrack UK
InfoTrack UK

Client matter risk assessments (CMRAs) have moved from back-office paperwork to the frontline of regulatory scrutiny for conveyancers. Recent  Solicitors Regulation Authority (SRA) reviews show that, alongside firm-wide risk assessments and Anti-Money Laundering (AML) policies, regulators now examine CMRAs in detail – not just whether they exist, but how they’re used and what they record.

In our recent digital conveyancing masterclass, law society-accredited risk and compliance specialist Tracey Thompson described the CMRA as ‘the most important compliance document on the file.’ Done properly, it’s your permanent record of what you were thinking, why you judged risk as you did, and how that shaped due diligence.

Why CMRAs really matter

From Tracey’s work with around 100 firms a year, a clear pattern emerges: weaknesses in CMRAs are a common feature of SRA findings and ‘suggestions for improvement’ after AML inspections. Problems range from superficial completion and missing documents to mismatched risk ratings. If risk isn’t documented, regulators assume it didn’t happen – and memory won’t stand up three years later. A defensible file shows that reasoning clearly in the CMRA.

Start early and treat it as a working document

A CMRA shouldn’t be a one-off exercise completed at exchange or completion. It must be opened as soon as the client is onboarded and revisited as information emerges. Early assessments may be provisional, but as source-of-funds or overseas details come in, risk ratings and due diligence should be updated with clear version history and who made each change. Regulators expect to see that journey.

Common pitfalls the SRA is finding

Tracey highlighted recurring issues:

  • CMRAs missing entirely, particularly on ‘low-risk’ matters.
  • Boxes ticked before checks are completed.
  • High-risk indicators but overall ‘low-risk’ ratings with no explanation.
  • Over-reliance on personal knowledge instead of evidence.
  • Identical narratives across files suggesting pre-populated text.

All these signal a tick-box mindset rather than genuine analysis.

Using the SRA template as a benchmark

The SRA’s 2023 CMRA template and warning notice provide a clear benchmark. Its structure – targeted questions, narrative boxes and defined risk rating sections – promotes consistent, evidenced reasoning. What matters is the quality of thought recorded. Narrative sections should explain why a certain risk rating and due diligence level were chosen, directly linked to identified factors.

Technology should support, not replace, judgment

Digital tools for ID verification, screening and workflow automation increase efficiency but can’t replace human judgment. Regulators assess your firm’s decisions, not the system used. Prepopulated answers and cloned narratives undermine evidence of real assessment. That’s why we built our CMRA tool within eCOS: to surface key questions, capture narrative explanations and keep a clear audit trail of every change, while leaving fee earners firmly in control of the risk call.

Align risk factors and due diligence

Each CMRA must link to your firm-wide risk assessment. Factors such as cash purchases, complex ownership, overseas funding, and PEP or sanction exposure should affect both risk rating and due diligence level. Each file should clearly state:

  • Client and matter risk ratings, with reasons.
  • Due diligence level (simplified, standard, or enhanced) and rationale.
  • Any escalation or second opinions.

Short, specific narratives suffice – for example, noting a remote client with standard checks versus an overseas-funded transaction requiring enhanced due diligence and MLRO approval.

Turning the CMRA into a genuine risk tool

Ultimately, the message is “think first, tick second”. When treated as a living document revisited throughout the file, the CMRA becomes a powerful tool for risk management, protection and regulatory defence. With tools like eCOS supporting structured completion, firms can embed that mindset into day-to-day workflows, not just policies on paper. To explore Tracey Thompson’s real-world examples and see the CMRA tool in action, you can watch the full webinar on demand here. 

See how eCOS can strengthen your CMRA process – book a demo today. 

This article was submitted by InfoTrack as part of an advertising agreement with Today’s Conveyancer. The views expressed in this article are those of the submitter and not those of Today’s Conveyancer.

Want to have your say? Leave a comment

Your email address will not be published. Required fields are marked *

Read more stories

Join over 7,000 conveyancing professionals – Check back daily for all the latest news, views, insights and best practice and sign up to our e-newsletter to receive our daily and weekly round ups

You’ll receive the latest updates, analysis, and best practice straight to your inbox.

Features

View all features
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.