Catch up with the latest insight on AI with contributing expert Uwais Iqbal. We’re also trying something new with our sanctions policy – we’d appreciate hearing whether you prefer the comprehensive or the streamlined version.
What's new?
GRC for Law Firms
Ask me anything with legal AI expert, Uwais Iqbal (Webinar)
A Linkedin Live Q&A session where the presenters answered questions from the audience on all things AI.
CPD: 1 hour
SRA enforcement – case studies (Webinar)
The webinar provides an insight into recent SRA enforcement cases and the lessons that can be learned from them.
CPD: 1 hour
Monthly Compliance Update – September 2025 (Webinar)
On the first Thursday of each month, Brian Rogers hosts a 45-minute compliance update webinar for the legal profession. These sessions have proven very popular with our clients, attracting over 4,000 registrants for the live broadcast. These update webinars focus on current and upcoming events within the legal regulatory space and some of the topics covered in this edition were:
Consumer claims
AML risk - consultant-firms
Reflecting on competence
Changes to the Money Laundering Regulations
Residual balances
CPD: 1 hour
On-demand recordings of these webinars are made available through our LMS. You can find these recordings, as well as other webinars, inside the ‘Webinars for Law Firms’ library. You can also register to attend the live sessions by registering here.
Policies and Precedents
Our subject matter experts have provided updates to the Information Technology and Data Protection and Legal and Regulatory Compliance catalogues of templates, detailed below.
Information Technology and Data Protection
Subject Access Request Policy
Has been extensively updated to improve the layout for ease of reference and navigation and to refer to changes implemented by the Data (Use and Access) Act 2025 (DUAA) on 19-20 August 2025. These include reference to:
the new “reasonable and proportionate” statutory search standard,
the “Stop the Clock” provision,
the Legal Professional Privilege exemption and
the manifestly unfounded or excessive standard for refusing DSARs or charging a reasonable fee.
Note – other updated data protection template documents will be released in future releases to align with the phased implementation of other provisions within the DUAA 2025.
Retention and Disposal Policy
Has been updated to incorporate the Data (Use and Access) Act 2025 (DUAA) and to reflect modern working practices. Key changes include:
updated legislative references acknowledging DUAA requirements
revised subject access request language reflecting the new "reasonable and proportionate" search standard
flexible disposal options for both digital-first and traditional paper-using firms
comprehensive electronic and cloud-stored record destruction procedures covering modern platforms like Teams and SharePoint
enhanced remote working guidance with practical home document disposal solutions, and
addition of professional indemnity insurance considerations to the pre-destruction checklist.
Secure Desk Policy
Has been updated to include the Data (Use and Access) Act 2025 and to modernise guidance for current working practices. Key changes include
comprehensive remote and hybrid working security procedures,
enhanced video conferencing and cloud document protection requirements
mobile device security standards,
Multi-monitor configuration security guidance covering screen positioning and visibility concerns; and
updated technology references replacing outdated equipment like PDAs with current devices and platforms.
Sanctions Policy
Has been updated to comply with the SRA’s revised guidance on financial sanctions compliance (updated 01.05.25). We've created two updated versions of our Sanctions Policy to gather feedback on preferred approach:
Version 2.1 (Comprehensive): Detailed policy covering all aspects of sanctions compliance.
Version 3 (Streamlined): Condensed policy focusing on practical, day-to-day compliance requirements with simplified procedures and quick-reference tools for efficient implementation.
Please let us know if you have any comments on your preferred approach.
Sanctions Checks and Risk Assessment Form Matter Level
Has been significantly updated to comply with the SRA’s revised guidance on financial sanctions compliance (updated 01.05.25). Key changes include:
Streamlined screening procedures with clear timing requirements and simplified documentation processes
New enhanced due diligence framework with specific triggers and mandatory escalation to the Nominated Officer for complex cases
Updated risk factors covering state-owned entities, crypto assets, PEPs from sanctioned territories, and high-risk trade routes
Strengthened approval hierarchy with clear escalation matrix linking risk levels to required sign-offs and monitoring frequencies
Enhanced ongoing monitoring requirements with interim and final review procedures built into the assessment process
Comprehensive documentation standards throughout all stages of the assessment with mandatory compliance checklist
Sanctions FWRA
Has been updated to align with the SRA’s revised guidance on financial sanctions compliance (updated May 1, 2025). Key enhancements include:
new staff screening and onboarding controls
sanctions committee governance structures for complex case oversight
enhanced due diligence framework requirements
updated risk factors covering state-owned entities and crypto assets
strengthened internal coordination protocols between compliance and finance teams, and
expanded self-reporting obligations.
How to access the update
The content included in this release note is being launched on September 11th, please note it may take up to 24 hours for it to appear in your portal.
Please note, if you are a client utilising our ContentServe solution you will need to download the latest Pathways into your LMS.
GRC for Law Firms
The following content has now been launched for all GRC for Law Firms clients and can be found under the ‘GRC for Law Firms’ library within your Learning application, or by using the Learning application ‘search’ function.
SRA enforcement – case studies (Webinar, New)
Ask me anything with legal AI expert, Uwais Iqbal (Webinar, New)
Monthly Compliance Update – September 2025 (Webinar, New)
Policies and Precedents for Law Firms
The following content has now been launched for all Policies and Precedents for Law Firms clients and can be found under the ‘Policies and Precedents for Law Firms’ library within your Learning application, or by using the Learning application ‘search’ function.
Information Technology and Data Protection
Data Subject Access Request Policy v2
Retention and Disposal Policy v2
Secure Desk Policy v2
Legal and Regulatory Compliance
Sanctions Policy v2.1 (Comprehensive)
Sanctions Policy v3 (Streamlined)
Sanctions Checks and Risk Assessment Form Matter Level v1.3
Sanctions FWRA v2.2
Additional information
What’s Next?
Our next content release is scheduled for October 9th. It will have updates to templates, webinars, and some training content.
We hope you enjoy this latest content release and if you have any queries, please take a look at our Help Centre.
If you would like to find out more information about our Legal Learning products or inquire on adding any of these products your account you can find more information regarding this here.
Kind Regards
Access Legal Learning Team