Why the COLP Decision Log Matters for SRA Compliance

The COLP (Compliance Officer for Legal Practice) role carries personal statutory responsibility under the SRA Regulations. One of the most overlooked but critical tools in a COLP's compliance toolkit is the decision log. A well-maintained decision log is not a bureaucratic exercise. It is your primary evidence that the firm has considered, challenged, and resolved compliance issues properly.

The SRA does not prescribe a specific format for a decision log. But during a firm visit or investigation, the SRA will expect to see a clear, chronological record of compliance decisions made by the COLP and the firm's management. Without this, the COLP risks being unable to demonstrate that regulatory obligations were met at the time decisions were taken.

This guide is written for UK solicitors, COLP holders, and law firm partners who need practical, no-fluff guidance on building and maintaining a decision log that satisfies SRA expectations. We cover what to record, how often, and how to structure entries so they hold up as compliance evidence.

What Is a COLP Decision Log?

A COLP decision log is a formal record of significant compliance-related decisions made by the COLP or the firm's management body. It captures the issue, the options considered, the decision taken, the rationale, and any follow-up actions. Think of it as a board minutes book for compliance, but narrower in scope.

The log should cover decisions on:

  • Client account queries or potential breaches of the SRA Accounts Rules
  • Conflict of interest assessments and waivers
  • Anti-money laundering (AML) escalation decisions
  • Complaints handling outcomes and root cause analysis
  • Professional indemnity insurance (PII) renewal decisions
  • Changes to the firm's compliance policies or procedures
  • Decisions to report (or not report) matters to the SRA
  • Any other matter where the COLP exercises professional judgement on a regulatory issue

The log is not a diary of every minor compliance task. It is a record of decisions that could be scrutinised by the SRA, a forensic accountant, or a claimant's solicitor in litigation. If the decision later proves controversial, the log is your contemporaneous evidence that proper process was followed.

The COLP's duties are set out in the SRA Authorisation of Firms Rules 2019 (Rule 4) and the SRA Accounts Rules 2019 (Rule 12). The COLP must take all reasonable steps to ensure the firm complies with its regulatory obligations. A decision log is a practical way to demonstrate that those steps were taken.

Under the SRA Accounts Rules, the COLP must ensure that client money is properly handled and that any breaches are reported promptly. If a breach occurs, the COLP must decide whether to report it to the SRA. That decision, and the reasoning behind it, should be recorded in the decision log. The same applies to decisions about whether to apply the de minimis exemption for the accountant's report.

The SRA's Enforcement Strategy makes clear that the COLP's personal fitness and propriety can be called into question if the firm fails to comply. A robust decision log protects the COLP individually by showing that they exercised proper oversight and did not ignore or conceal issues.

What the SRA Expects to See in a Decision Log

The SRA does not publish a template for decision logs. But from our experience advising firms that have undergone SRA inspections, the following elements are consistently expected:

  • Date of decision and date of entry (these may differ)
  • Description of the issue or trigger event
  • Options considered (including any legal or accounting advice taken)
  • The decision reached in clear, unambiguous language
  • Rationale for the decision, referencing relevant SRA rules or guidance
  • Any dissenting views from other partners or the COFA
  • Action items arising from the decision, with owners and deadlines
  • Review date if the decision is time-limited or conditional

The log should be signed or initialled by the COLP. If the firm uses an electronic system, a digital signature or audit trail is acceptable. The log should be reviewed at least quarterly by the firm's management body, and those review meetings should themselves be minuted.

Worked Example: Client Account Breach Decision

Consider a scenario where a conveyancing solicitor inadvertently used client money to pay a firm overhead because of a bank error. The COLP must decide whether to report the breach to the SRA. The decision log entry might read:

Date: 12 March 2025
Issue: Client account breach: £4,200 transferred from client account to office account on 10 March 2025 due to incorrect standing order instruction. Client funds fully restored on 11 March 2025.
Options considered: (a) Report to SRA as a material breach under Rule 12. (b) Treat as de minimis and not report, given prompt restoration and no client loss.
Decision: Report to SRA. The amount exceeds £1,000 and the breach was not caused by a simple administrative error. The COLP considers that a prudent regulator would expect notification.
Rationale: SRA Accounts Rules Rule 12.2 requires reporting of "material" breaches. The COLP considers materiality based on amount, duration, and client impact. Prompt restoration mitigates but does not eliminate the reporting obligation.
Action: COLP to draft SRA notification by 14 March 2025. COFA to review bank mandate procedures by 31 March 2025.
Review date: 30 April 2025 (to confirm SRA response).

This entry provides a clear evidence trail. If the SRA later challenges the decision, the COLP can point to the contemporaneous record showing proper consideration of the rules and a reasoned outcome.

How Often Should the Decision Log Be Updated?

The decision log should be updated as decisions are made. Do not batch entries at month-end or quarter-end. The SRA expects contemporaneous recording. If a decision is made during a partner meeting on a Tuesday, the log entry should be completed by the end of that week.

For routine compliance decisions (e.g., approving a new AML risk assessment), a weekly or fortnightly update cycle is acceptable. For urgent matters (e.g., a client account shortfall), the entry should be made the same day.

The log should be reviewed by the firm's management body at least quarterly. The COLP should present the log at those meetings, and any challenge or ratification by the partners should be recorded in the meeting minutes. This creates a dual evidence trail: the decision log itself and the management minutes.

Common Mistakes in COLP Decision Logs

From reviewing decision logs across dozens of UK law firms, we see the same errors repeatedly:

  • Too vague. "Discussed AML issue and agreed to proceed" is not enough. What was the issue? What was agreed? Why?
  • No rationale. The SRA wants to see why a particular decision was reached, not just what was decided.
  • Missing dates. Without dates, the log cannot demonstrate contemporaneous recording.
  • No follow-up. Decisions without action items are incomplete. Who is responsible? By when?
  • Only recording positive outcomes. If the COLP decides not to report a breach, record that too. The decision not to act is still a decision.
  • Using the log as a catch-all. The decision log is not a to-do list or a complaints register. Keep it focused on compliance decisions.

Digital vs Paper Decision Logs

Both formats are acceptable. Many firms use a simple Excel spreadsheet or a Word document. Others use dedicated compliance software such as Legl, P4, or LawWare. The format matters less than the content and consistency.

If you use a digital log, ensure it is backed up and accessible to the COLP and COFA. If you use paper, keep a bound volume with numbered pages to prevent tampering. The SRA will accept either, provided the log is complete and legible.

For firms with multiple offices, a shared digital log with access controls is usually more practical. The COLP should have edit rights; other partners and the COFA should have read-only access unless they are contributing entries.

Integrating the Decision Log with Other Compliance Records

The decision log does not exist in isolation. It should cross-reference other compliance documents:

  • Client account reconciliations: If a breach is identified during the five-weekly reconciliation, the decision log entry should reference the reconciliation date and the relevant ledger.
  • AML risk assessments: Decisions to accept or decline high-risk clients should be recorded in the AML register and cross-referenced in the decision log.
  • Complaints records: If a complaint raises a systemic compliance issue, the decision log should reference the complaint file and the remedial action taken.
  • COFA reports: The COFA may identify financial compliance issues that require a COLP decision. The decision log should record the COFA's input and the COLP's response.

This integrated approach makes it easier for the SRA to see the full picture during an inspection. It also helps the COLP and COFA work together effectively, which is a regulatory expectation in itself.

How the Decision Log Protects the COLP Personally

The COLP role carries personal liability. Under the SRA's Enforcement Strategy, the SRA can take action against the COLP individually if the firm fails to comply with its obligations. A well-maintained decision log is the COLP's best defence.

If the SRA investigates a compliance failure, the first question will be: "What did the COLP know, and when did they know it?" The decision log provides the answer. It shows that the COLP was aware of the issue, considered the options, and made a reasoned decision in good faith.

Without a decision log, the COLP is relying on memory and email trails. Emails are often incomplete, ambiguous, or lost. The decision log is a single, authoritative record that the COLP controls.

For firms with multiple offices or departments, the COLP should ensure that all fee-earners know how to escalate compliance issues to the COLP. The decision log should record every escalation, even if the COLP decides no further action is needed. This prevents the "I didn't know" defence from being used against the COLP later.

Practical Steps to Start or Improve Your Decision Log

If your firm does not yet have a formal COLP decision log, start today. Here is a simple process:

  1. Choose a format. A Word document or Excel spreadsheet is fine. Use a template with the columns listed above.
  2. Appoint a custodian. The COLP should own the log, but a compliance assistant or practice manager can maintain it under the COLP's direction.
  3. Set a review schedule. The COLP should review the log weekly for new entries and present it to the management body quarterly.
  4. Backdate where possible. If you have recent compliance decisions that were not recorded, add them now with a note that they are retrospective entries. The SRA prefers late recording to no recording.
  5. Train the team. Ensure all partners and senior fee-earners understand what should be escalated to the COLP and recorded in the log.

For firms that already have a decision log, conduct a quarterly audit. Check for missing entries, vague language, and incomplete action items. Ask the COFA to review the log from a financial compliance perspective. The COFA's input can identify gaps the COLP might miss.

When to Seek External Advice

Some compliance decisions are too complex or high-stakes to make without external input. If the firm faces a potential SRA referral, a material client account breach, or a conflict of interest that could lead to litigation, the COLP should consider taking external legal or accounting advice. That advice should be recorded in the decision log, including the name of the adviser and the date of the advice.

External advice does not absolve the COLP of responsibility, but it demonstrates that the decision was made on an informed basis. The SRA views this positively.

If you are a COLP or COFA looking for support with your firm's compliance framework, we can help. Our team specialises in COFA compliance support and can review your decision log as part of a broader compliance health check. We also offer SRA Accounts Rules advisory for firms that need technical accounting input on client money issues.

For a broader overview of the COLP and COFA roles, see our COFA fundamentals guide. If you are considering a change in firm structure, our partnership vs LLP guide covers the compliance implications of each structure.

Final Thoughts

A COLP decision log is not optional good practice. It is essential evidence that the firm takes its regulatory obligations seriously. For the COLP personally, it is the single most important document in demonstrating that they discharged their duties properly.

Start your log today. Keep it simple, keep it consistent, and keep it contemporaneous. The SRA will thank you for it, and so will your professional indemnity insurer.

If you need help designing or auditing your firm's decision log, speak to a legal-sector-specialist accountant. The rules are complex, and the consequences of getting it wrong can be severe.