Skip to content
Accounts for LawyersUKSpecialist accounting for UK solicitors and law firms

Pillar guide · Compliance

COFA Fundamentals: The Compliance Officer for Finance and Administration Role

Every SRA-regulated firm must nominate a Compliance Officer for Finance and Administration. The role is real, not nominal — the SRA can take action against the named individual for failures. New COFAs typically inherit a function quietly running for years; the challenge is understanding what 'good' looks like and where the risks actually sit.

8 min read·1,575 words·Updated 18 May 2026

Every SRA-regulated firm must nominate a Compliance Officer for Finance and Administration. The role is named in the firm's SRA authorisation and the named individual is accountable to the SRA for compliance with the Accounts Rules. The SRA can take action against the named individual for failures.

This guide is the practical picture. We cover what the COFA actually does day-to-day, the relationship with the COLP, the materiality call between recorded and notified breaches, who can hold the role, and a structured 90-day onboarding playbook for newly-appointed COFAs.

What the COFA actually does

The COFA's mandate is the firm's compliance with the SRA Accounts Rules. The detailed obligations:

Oversight of the reconciliation cycle

The bookkeeper or accounts team typically performs the five-weekly reconciliation. The COFA reviews and signs off. Sign-off should be more than a rubber-stamp — it confirms the reconciliation actually reconciles, exceptions are explained, the evidence file is complete, and the work was done within the five-week cap (Rule 8.3).

Breach identification and recording

Breaches happen. Most are operational, not deliberate. The COFA's role is to ensure breaches are surfaced (rather than hidden), recorded in the breach log, and addressed. A breach log entry should include: date breach occurred, date identified, nature, financial amount involved, root cause, remediation taken, and the materiality call.

Materiality calls

The hardest part of the role. The Accounts Rules require notification to the SRA of material breaches, but the threshold for "material" is judgement-based. Some breaches are clearly material (any sustained shortfall, any client money used as office money, any fraud); some are clearly not (a £20 ledger mispost corrected next day); the grey area in between is where the COFA earns the title.

Client money interest policy

The firm must have a written client money interest policy, accessible to clients, applied consistently. The COFA owns the policy: keeps it current, audits its application, and adjusts where market interest rates change materially.

Annual Accountant's Report co-ordination

The COFA is the primary interface with the accountant preparing the annual report. Provides the working file, responds to queries, reviews the draft report, manages the relationship across the period. A good COFA-accountant relationship typically delivers a clean report 4-6 weeks ahead of the SRA deadline.

Management reporting

The COFA reports to firm management on the state of Accounts Rules compliance. Best practice is a short monthly written update covering: reconciliations completed (date, by whom, signed off when), any breaches identified and recorded with materiality call, any SRA-notifiable matters arising, any control improvements implemented or recommended.

Who can be the COFA

SRA requirements

The SRA requires the COFA to be:

  • "Fit and proper" — no relevant criminal record, no prior regulatory action that disqualifies
  • Of sufficient seniority and authority to perform the role
  • Not subject to conflicting interests that compromise the role

The COFA does NOT have to be a solicitor. This is one of the key differences from the COLP role.

Common appointments

  • Practice Manager: in larger high-street firms, the Practice Manager is often the COFA. Good fit because the Practice Manager already runs the firm's operational systems.
  • Finance Director: in larger firms with a dedicated finance function, the FD typically holds the role.
  • Experienced bookkeeper: in mid-size firms, the senior bookkeeper or accounts manager can be the COFA. Closeness to the day-to-day operations is an advantage.
  • Equity partner: in smaller firms, an equity partner holds the role. Often combined with the COLP role.
  • Sole practitioner: in solo firms, the sole-practitioner solicitor holds both COLP and COFA.

External COFAs

Some firms appoint external consultants as COFA. The SRA permits this but the external COFA must still have authority within the firm to perform the role. The arrangement works best where the external COFA is genuinely embedded — visiting weekly or fortnightly, with real authority and not just a paper appointment.

The COFA-COLP relationship

The COFA and COLP roles overlap in the breach reporting area. The COLP handles regulatory matters generally; the COFA handles Accounts Rules matters specifically. Breaches that involve both regulatory and accounts dimensions (e.g., AML failure that touches client money) require COLP and COFA coordination.

Typical division of labour

  • COLP: AML supervision, conflicts, client care complaints, professional conduct issues, supervision quality, training, PII renewal
  • COFA: client money discipline, reconciliations, client money interest, accountant's report, finance-related breaches
  • Shared: SRA notifications when matters touch both areas, decision log for grey-area breaches, response to SRA inspection

Single person holding both

In smaller firms one person holds both roles. The dual appointment works fine but the person needs the time and attention for both — neither role is part-time work in a busy mid-size firm. The combination is most workable below 10 fee-earners.

Materiality: where COFAs earn their title

The single hardest part of the role. The Accounts Rules require notification of material breaches; the SRA expects firms to exercise sensible judgement about what's material.

Almost always material (notify)

  • Any sustained shortfall on the client account (longer than next-day correction)
  • Use of client money to fund office expenditure (even briefly, even small amounts)
  • Any breach indicating fraud or attempted fraud (theft, manipulation, false reconciliation)
  • Failure to deliver the annual Accountant's Report by the deadline
  • Systemic control failures (consistent reconciliation lateness, recurring matter-level errors)
  • Any breach that put client money at risk of loss

Almost never material (record only)

  • Minor reconciliation timing slips (5 weeks and 2 days, promptly corrected)
  • Posting errors corrected before the next reconciliation
  • Brief delays in client account transfer (24-48 hours) due to bank holidays etc.
  • Residual balances under typical thresholds (£20 etc.) older than expected, identified and being addressed

Grey area (judgement)

  • Disbursement-paid-before-billed breaches, especially if recurring even at low amounts
  • Client money interest policy that's been undocumented for a period
  • Single-matter shortfalls held briefly and corrected — depends on amount and circumstances
  • Reconciliations consistently completed at the end of the 5-week period rather than mid-period

The COFA's decision log

The decision log is the COFA's primary defence. Every materiality call should be documented: facts of the breach, considerations weighed, reasoning for the decision, signed and dated. If the SRA later challenges the call, the decision log shows reasoned judgement was exercised — even if the SRA disagrees with the outcome, a reasoned decision attracts less regulatory weight than an unrecorded one.

New-COFA onboarding: 90-day playbook

Most new COFAs inherit a function that has been quietly running for years. The challenge is understanding what "good" looks like in your specific firm and where the risks actually sit. A structured 90-day onboarding gets the role onto solid ground.

Days 1-30: Orientation

  • Read the SRA Accounts Rules in full. Yes, all of them — it's only 30-odd pages.
  • Read the firm's prior 12 months of breach log entries and SRA correspondence
  • Review the last 6 months of reconciliation evidence files
  • Walk through the reconciliation process with the bookkeeper
  • Read the firm's client money interest policy
  • Review the most recent annual Accountant's Report and any management letter
  • Inherit the official COFA designation (SRA must be notified within 7 days of any change in COFA)

Days 31-60: Control assessment

  • Identify any control gaps: reconciliation frequency, breach reporting, residual handling, interest policy application
  • Document recommended improvements with priority and timeline
  • Build a personal monthly checklist of recurring COFA tasks
  • Establish the firm management reporting rhythm
  • Have a meeting with the firm's accountant (especially if specialist legal-sector accountant) to align on the year-end approach

Days 61-90: Bedding in

  • Implement the priority improvements from the control assessment
  • First full monthly cycle complete under your stewardship
  • First written monthly update to firm management
  • Begin building the relationship that will support the next annual Accountant's Report
  • Quarterly check-in with the accountant booked

Common pitfalls for new COFAs

Inheriting without handover

The departing COFA leaves quickly. No knowledge transfer. The new COFA finds out what the role involves three months in, when something goes wrong. Mitigate by demanding a structured handover even if the departing person has limited time. At minimum: brief documentation of the breach log status, reconciliation file location, accountant relationship status, any open SRA matters.

Conflating COFA with bookkeeper

The COFA oversees; the bookkeeper performs. New COFAs sometimes try to do both, get overwhelmed, and the role becomes performative rather than supervisory. Mitigate by being clear about your role as oversight, with the bookkeeping function (whoever performs it) reporting in.

Avoiding materiality calls

New COFAs sometimes lean towards over-reporting because it feels safer. Over-reporting wastes SRA attention and creates a long compliance file that prejudices the firm's regulatory standing. Lean instead on the decision log: every call recorded with reasoning, so the audit trail shows considered judgement.

Not getting accountant alignment

The annual Accountant's Report relationship matters. A new COFA who doesn't engage with the firm's accountant until 2 weeks before the SRA deadline is heading for a stressful month. Build the relationship early; quarterly contact is reasonable.

What we'd do if you brought us in

Our COFA support engagement covers:

  • New-COFA onboarding (half-day session on the Accounts Rules in plain English; specific firm risk profile review; reconciliation rhythm setup)
  • Quarterly check-in for the first 12 months while you bed in
  • Direct line for the "is this a breach?" question that inevitably arises in month 4
  • Breach decision log template and reporting template
  • Pre-inspection readiness review
  • Annual Accountant's Report delivery

If you've just been appointed, or your predecessor has just left, or you've inherited the role alongside something else and it's not getting the attention it needs, book a scoping call.

Frequently asked

Who can be the COFA?
Any 'fit and proper' person with authority to perform the role. The COFA does not have to be a solicitor (unlike the COLP, who must be). Practice Manager, Finance Director, experienced bookkeeper, or an equity partner are common appointments. For very small firms, the sole-practitioner solicitor often holds both COLP and COFA roles.
What's the difference between COLP and COFA?
COLP (Compliance Officer for Legal Practice) is accountable to the SRA for the firm's broader regulatory compliance: AML, conflicts, client care, professional conduct. The COLP must be a solicitor. COFA (Compliance Officer for Finance and Administration) is accountable for compliance with the SRA Accounts Rules specifically — client money discipline, reconciliations, accountant's report co-ordination.
What does the COFA actually do day-to-day?
Oversees (doesn't necessarily perform) the five-weekly reconciliation cycle. Maintains the breach decision log. Makes the materiality call on which breaches need SRA notification. Manages the client money interest policy and its application. Co-ordinates the annual Accountant's Report. Provides regular reports to firm management — typically a monthly written update.
How do I know if a breach is 'material' and needs SRA notification?
The materiality test depends on context: amount of client money involved, duration, whether client money was put at risk, whether the breach indicates a systemic control failure. Small accidental shortfalls promptly corrected typically aren't material. Anything indicating a control gap, anything involving client money out of the client account longer than a day or two, anything fraud-adjacent — almost always material. The COFA exercises judgement; over-reporting wastes SRA attention, under-reporting risks regulatory action.
What happens at SRA inspection?
The inspector requests the breach decision log, reconciliation evidence file (samples), client matter ledger extracts, recent client money interest applications, client money interest policy, and any SRA correspondence and the firm's response. The faster and cleaner the response, the better the outcome. Firms whose working file can answer any reasonable request within an hour have the best inspection experiences.
What's the consequence of failing as a COFA?
The SRA can take action against the named individual. Outcomes range from informal reprimand for minor failures, through formal rebuke and conditions on practice for moderate failures, to strike-off and/or substantial fines for serious or repeated failures. The role is real. Most COFA failures arise from inadequate handover at appointment, not deliberate misconduct.

More pillar guides

Pillar guide · Career structure

Fee-Share vs Equity Partner: The Two Routes to Senior Status in UK Law Firms

The full comparison: fee-share solicitor vs equity partner. How each is taxed, how capital and risk differ, the FA 2014 Salaried Member position, and the long-run economics of choosing one route over the other in a UK law firm.

Pillar guide · Firm structure

Partnership vs LLP for UK Solicitors and Law Firms

The practical UK comparison: when general partnership still makes sense, when LLP wins (most cases), what the FA 2014 Salaried Member Rules do to partner-vs-employee categorisation, and how each structure handles capital, succession, and exit.

Pillar guide · Mergers + acquisitions

Post-Merger Integration Playbook for UK Law Firms

The practical playbook for the first 90 days after a UK law firm merger or acquisition. Client matter novation, SRA notification mechanics, PII continuity, accounts and payroll integration, and the COFA/COLP transition that determines how the new firm starts.

Free scoping call

Get your COFA role onto solid ground

30-minute scoping call. Whether you're newly appointed, inheriting from a departing colleague, or feeling that the function has drifted, we help you bed in the controls.

Book your free call

We will be in touch within 24 hours.

We do not share your details with third parties.