PDA as your compliance manager

As often as not, COLP and COFA roles are fulfilled by a Partner or other senior member of the organisation; in many cases reducing their time available for fee-earning or strategic work.


Ultimate responsibility for risk and compliance rests with the practice and its COLP and COFA, but we can take some of the weight off of your shoulders.

Our service is tailored to your practice and conducted on a fixed fee basis. You may wish us to take a full role supporting your COLP, or to simply assist with certain aspects of compliance; the choice is entirely yours.

See what our clients say about us as compliance managers, here.

Much of the compliance support work we conduct adopts on of the following three routes:

1. Ad hoc / turn-key

We update your ‘office manual’ when changes to regulation, SRA requirements, Lexcel, CQS or the circumstances of the Practice make updates necessary

  • PDA amends/updates the relevant registers, plans, policies and procedures, and manages any formatting amends across links to other documents, including client care letters and Terms of Business.



Training provided on general or specific topics

  • Round-table or large groups or by video, for staff or managers.
  • Recurring themes might include GDPR, cyber security, AML, client care and risk.
  • Turn-key support by telephone, email or in person.


Support with dealing with Data Protection matters:

Support with preparation for assessments, including documents, registers and staff

  • Checking that registers, plans, policies and procedures are up to date.
  • Gap analysis and updates versus Lexcel, CQS, ISO, SQM or Cyber Essentials.
  • Sampling reviews of matter files.
  • Briefing of staff in readiness for interview.
  • Being present during part or all of the assessment visit to support the Practice.
  • Support with gathering or managing remedial evidence, post-assessment visit, if required.

Support with evaluation of compliance status of new staff or potential corporate acquisitions

  • To provide support during the due diligence process.
  • Perusal of the plans, policies and procedures of the to-be-acquired /new Practice to identify gaps that shall need to be bridged to be brought into alignment with that of your Practice.
  • Review of matter files to identify areas or individuals of concern on short and longer-term risk basis.
  • Onward interim monitoring of performance and compliance.

2. Low frequency: Quarterly or half-yearly, or annual visits to any of the Practice's offices.

  • Including conduct of the ‘ad hoc’ items when required.
  • On-the-ground monitoring and reporting, with written or verbal reports on status. 
  • Conduct of file reviews (whole firm or on an individual basis); status report and identification of trends.
  • Attendance at compliance/Partner/management meetings, from time to time, to discuss compliance issues.
  • Reviews of registers and plans, Preparation and consolidation of documents , material and people in readiness for annual Lexcel assessment or ISO audit visits.

3. Hands-on support every month (‘peripatetic Compliance Management’)

PDA has a presence at the Firm’s office(s) at least monthly, to conduct all of the ‘Low frequency’ activity and in addition will also:

  • Preparation of documents and people for annual assessment visits.
  • Dealing with Lexcel / CQS / SQM / Cyber Essentials / ISO assessors/controllers.
  • Attendance at supervision or management meetings to provide guidance and support.
  • Co-ordination of compliance activities, such as file review scheduling and follow-ups on corrective action, maintaining training plans/registers, arranging/reporting on business continuity testing.
  • Updates to key documents, such as; business continuity plans, risk register and compliance plan.