I love it: Law firms send us brochures and offer us free CLE programs about all the things that smart corporations should do.
We should protect data privacy. We should have written policies that require pre-approval before our sales folks entertain clients at fancy events. We should train our employees about “intelligent business communications,” so that no one writes stupid e-mails. We should train everyone about conflicts of interest, avoiding discrimination or harassment in the workplace, and insider trading. We should establish systems to confirm that any person or entity that needs a license is in fact licensed.
And then what do law firms themselves do? The firms blithely ship personal information from office to office around the world — because the folks in the U.S. need information about the plaintiff suing for personal injuries in France. The firms have no rules at all restricting how lawyers entertain their clients. Lawyers at the firms write stupid e-mails. [Note to David Lat: Please do not add a link to the preceding sentence about stupid e-mails. You'll link to an article about some law firm in particular, and lawyers at that firm will write to me accusing me of having slung mud at their firm. I'm not slinging mud at any one particular law firm, by God -- I'm slinging mud at all of them!] What else do firms do? Corporate lawyers move from New York to California and never bother to take the California bar exam, because it’s such a pain in the neck, and no one will ever know, anyway.
Corporate Counsel recently investigated this issue, asking major law firms about their compliance programs. The conclusion? Law firms generally either don’t have compliance programs or choose not to discuss the issue (because, I’ll speculate, they don’t have compliance programs, and prefer not to admit this publicly). Isn’t it time for the shoemaker’s children to be shod?
I wrote a year ago about one example of law firms ignoring their own advice: An English firm advised my corporation that we should eliminate all client entertainment — forbid sales people from treating clients even to lunch — to ensure that we complied with the new UK Bribery Act. Weeks after having given us that advice, different partners at the same law firm invited some of our in-house lawyers to attend the Summer Olympics in London as guests of the firm.
That struck me as fodder for a blog post.
But the Corporate Counsel survey made me think about this issue more generally. Many years ago, when I was a partner at a big firm, I met a couple of old law school buddies for a drink. One of my old chums had recently started working at the SEC. Because I’m such a good sport (and because these guys were light drinkers), I went to pick up the check at the end of the evening. The SEC guy stopped me: “Thanks for the offer, Mark, but I work for the SEC. I’m forbidden from accepting gifts of any kind.”
At the joint where I work now, everyone knows — or, at a minimum, everyone has taken on-line training that says — that we forbid employees from offering anything of value to government officials without prior approval from our compliance department. But when I was a partner at one of the world’s largest law firms, no one had ever bothered to raise this subject.
And, although I may have been uniquely ignorant, I’ll bet that my personal experience isn’t an isolated example. Think about how law firms entertain clients: Did anyone think twice, or obtain pre-approval, before your firm flew all those clients to Augusta for the Masters in April? Is your firm now approving the guest list — for purposes of compliance, as opposed to deciding which partners win the scramble for tickets — identifying the clients who will be going to Wimbledon on the firm’s dime in July? Does your firm confirm that every lawyer is licensed by the bar of the state in which the lawyer resides?
What’s the idea here? “We’re all lawyers at this firm, so we learned all the legal rules by osmosis. And, in any event, we’re all highly trained professionals, and we trust ourselves. And, in any event, our partners would chafe at any restrictions we tried to impose on client entertainment. And, in any event, no one would obey those rules anyway, and we could never punish important rainmakers who didn’t follow the rules.
“But our clients, including those in professional services, such as accountants and investment bankers and management consultants and the like? They’re all boneheads, likely to disregard the law. Our clients must create compliance departments, establish written rules, and then enforce those rules uniformly — even as to the clients’ important rainmakers who will chafe at the rules and ignore them.”
I’m sure that there are exceptions to my generalizations about compliance rules at law firms. Many law firms, for example, have written policies against insider trading, because the firms’ securities lawyers told the managing partner that those policies protect the firm if any lawyer trades on inside information. And after your joint got slapped by the EEOC for sex discrimination, the firm probably forced all lawyers to attend an hour-long training session as part of the consent decree. And a stray few firms may actually practice what they preach, establishing for themselves the types of compliance programs that the firms sternly instruct their clients to create.
But that’s not true at every law firm, by a long stretch. In a key area — ensuring compliance with the law — many law firms are near the back of the pack. The shoemaker’s children, indeed.
Mark Herrmann is the Chief Counsel – Litigation and Global Chief Compliance Officer at Aon, the world’s leading provider of risk management services, insurance and reinsurance brokerage, and human capital and management consulting. He is the author of The Curmudgeon’s Guide to Practicing Law and Inside Straight: Advice About Lawyering, In-House And Out, That Only The Internet Could Provide (affiliate links). You can reach him by email at firstname.lastname@example.org.