Guest post: How to keep your firm’s digital communications SRA-approved

Your employees are probably already using messaging apps to communicate with clients. What do you need to be aware of from a compliance perspective?

By Steve Whiter, director of Appurity

Among professionals, the average email response time is three-and-a-half hours. But modern law firms have to be agile, and it’s often not feasible to wait half a day for a response to a query. This is why SMS and instant messaging apps like WhatsApp, WeChat and Telegram have exploded in popularity among lawyers and their clients.

Instant messaging brings a raft of benefits to today’s legal landscape. The days of strict office hours are gone, and clients want to know they can contact their lawyer at any time, by any means, and receive prompt responses. This is great for client-firm relationships. And firms that embrace instant messaging can reap the operational rewards, too. If fee-earners can conduct business on-the-go, their productivity, and their recording time, increases.

But modern communications apps can raise security concerns if not used correctly. If firm partners aren’t vigilant, even widely-used apps like WhatsApp have the potential to become a compliance nightmare.

How do you ensure compliance?

Your employees are probably already using WhatsApp, WeChat or SMS to communicate with their clients – but this doesn’t need to be a cause for concern. The question your firm should be asking is how do you keep these communications SRA-approved and your firm compliant?

Implementing a robust security strategy across your organisation is the answer. Utilising innovative technologies to secure your firm will enable your lawyers to work productively and use their preferred communication methods to conduct business with clients. Crucially, this can all be achieved while adhering to industry standards and regulations.

Capture client communications

Encourage the use of SMS, WhatsApp or WeChat among your fee earners by installing a communications capture tool across your devices. Take VoxSmart’s Mobile Capture, for example, which can capture SMS, voice, and WhatsApp communications in real-time, providing end-to-end security for all your firm’s mobile communications – critical for protecting your clients’ data.

You’ll also want to guarantee that all messages sent by your fee earners can be accounted for, especially if those messages become central to a dispute. Deleting messages sent in error is a useful feature built into many modern communications apps, but can cause regulatory headaches. A tool like VoxSmart’s Mobile Capture ensures that even messages that are retracted can be captured – ensuring that your conversations with clients are always accessible.

Secure communications in the cloud 

Thanks to the rise of remote and hybrid working, your lawyers won’t just be communicating with clients when they’re physically in the office, connected to an on-premise network.

Firms need the peace of mind that when a lawyer sends an instant message or SMS from a mobile device on-the-go, the message and its content are secure. And if your lawyers are sending instant messages from mobile devices, the chances are that they are also running other applications and connecting to other devices. Consider a complete cloud security strategy – or update an existing one in place – to mitigate against the potential threats associated with mobile working.

Any cloud solution that your firm adopts should come with advanced security offerings, including: encryption for email clients, the ability to wipe sensitive data from devices remotely in case of a breached or stolen device, and a comprehensive, centralised management system that gives your IT department full visibility of all the apps installed on any device – including messaging apps.

Implementing a security strategy like this isn’t just good practice. Being proactive in protecting your firm against the security risks inherent in messaging applications and mobile working more generally is important from a regulatory standpoint. The SRA’s code states that firms are expected to “identify, monitor and manage all material risks to your business.”

What does the SRA say?

The Solicitors Regulation Authority (SRA) has embraced innovation in recent years, providing firms with guidance and tips on using legal technology – including messaging apps.

This is a positive step for firms wishing to refresh their practices and adopt the technologies native to younger lawyers. But there are still expectations for firms, and guidance they should follow, to ensure their use of innovative technologies and communications tools remain compliant.

Section 4 of the SRA’S Code of Conduct for Firms stipulates that “you have an effective system for supervising clients’ matters.” Is your firm on top of all its business conducted through non-traditional means? Have you taken into account that many messaging apps include features that allow users to retract messages, share messages outside of the app, and save files directly to their devices?

The SRA’s guidance on offensive communications similarly offers insights for firms embracing modern forms of communications, highlighting how SMS messaging can “lead to the blurring of the line between client and friend.” If this seems difficult to qualify, ask yourself this: If one of your lawyers were accused of sending an offensive WhatsApp message, could you access the message in question? Do you know exactly how many personal devices are being used for business matters across your firm?

Ensure compliance, embrace innovation

Firms shouldn’t shy away from using messaging apps to communicate with clients, but instead should embrace these mobile technologies. The key to making a success of firm-wide use of messaging apps is by doing so securely. Building a robust, impenetrable security strategy around instant messaging and mobile working will reduce oversight and the potential for unauthorised or unaccountable communications. For the firms that get this right, they will realise the rewards of improved productivity and better client relations.

Steve Whiter is a director of Appurity, specialists in business mobility, with extensive experience of secure mobile communications for the legal profession.

We do not charge for guest posts, which appear here on merit. To submit a post for consideration please email