"LexisLibrary gives us the most relevant and recent cases and always has the latest information on them. It makes research so much easier. We're more cost-effective for our clients and more efficient each day"
Advocates
Access all documents on Outsourcing
Using a third party to undertake work that a law firm or in-house team would normally do for themselves and for which the firm or in-house team remain responsible.
This may include business operations (IT services etc) or legal services (activities which could be carried out by a paralegal etc). However, reserved legal activities must only be outsourced to an authorised person and all arrangements must be subject to controls including the right for the SRA to enter the premises of the third party and obtain documentation from them. These controls are the SRA Code of Conduct 2011, ch 7.
Speed up all aspects of your legal work with tools that help you to work faster and smarter. Win cases, close deals and grow your business–all whilst saving time and reducing risk.
For our full legal glossary and more legal research sources, register for a free Lexis+ trial
EU operational resilience—timeline This timeline shows key developments relating to EU operational resilience requirements for financial services firms from January 2024 onwards. For earlier developments, see Operational resilience—timeline [Archived] 2025 Date Source Document Description 15 April 2025 FSB FSB finalises the common Format for Incident Reporting Exchange (FIRE) The Financial Stability Board (FSB) has published its finalised format for incident reporting exchange (FIRE), which aims to standardise and streamline cyber and operational incident reporting. Developed with private sector collaboration, FIRE addresses fragmentation in reporting requirements across multiple jurisdictions and supports phased implementation. It is interoperable with existing systems and applicable to a wide range of incidents, including those involving third-party service providers. The initiative promotes convergence in cyber incident reporting, reduces the reporting burden for firms, and improves communication among authorities.See: LNB News 15/04/2025 37. 24 March 2025 European Commission COMMISSION DELEGATED REGULATION (EU) …/... supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the elements that a financial...
UK MiFID II regime—timeline This timeline shows key developments relating to the UK provisions which implemented the recast Markets in Financial Instruments Directive 2014/65/EU (MiFID II) and Assimilated Regulation (EU) 600/2014 (UK MiFIR) (together, the UK's MiFID II framework). For earlier developments, see: Markets in Financial Instruments Directive (MiFID II) and Markets in Financial Instruments Regulation (MiFIR)—timeline (2007–2023) [Archived]. For key developments relating to the EU’s MiFID II framework, see: EU Markets in Financial Instruments Directive (MiFID II) and Markets in Financial Instruments Regulation (MiFIR)—timeline. 2025 Date Source Document Description 23 April 2025 PRA CP9/25 – Markets in Financial Instruments Directive Organisational Regulation The Prudential Regulation Authority (PRA) has published consultation paper CP9/25, which sets out proposals to amend the PRA Rulebook to reflect the planned revocation of the Markets in Financial Instruments Directive Organisational Regulation (MiFID Org Reg) under the Financial Services and Markets Act 2023 (FSMA 2023). The PRA proposes to restate the MiFID Org Reg within the PRA Rulebook without material changes. This approach is intended...
Discover our 4 Checklists on Outsourcing
The diagram below shows key compliance steps from the point at which your firm first considers entering into an outsourcing agreement up to and including post agreement auditing. The diagram incorporates:•Solicitors Regulation Authority (SRA) requirements•data protection requirements•general risk management best practiceFor guidance on the steps shown in the diagram, see Practice Note: Outsourcing—systems and controls for law firms.At the end of the table, you will find links to Precedents and guidance notes for each step.StepPrecedentsPractice Notes1—internal due diligenceOutsourcing due diligence record—law firmsDue diligence in outsourcing2—non-disclosure agreementNot applicableOutsourcing and offshoring—law firms—Outsourcing and confidentialityOutsourcing—systems and controls for law firms—Pre-contract compliance checks: stages 1–63—supplier auditInformation and cybersecurity—supplier
Before you engage in outsourcing activities, you will have to navigate a complex compliance obstacle course dictated by:•SRA requirements•data protection requirements•other legislation, eg Equality Act 2010•general risk management best practiceWe have attempted to simplify this in our Outsourcing compliance lifecycle diagram. This Practice Note provides high-level guidance on the four key compliance phases, which are further divided into 12 practical stages to correspond with our Outsourcing compliance lifecycle diagram:•pre-contract (stages 1–6)•negotiating and executing the contract (stages 7–9)•post-contract record keeping (stage 10)•post-contract quality checking and auditing (stages 11–12)Regulatory requirementsFor guidance on regulatory requirements that are specific to the legal sector, see Practice Note: Outsourcing and offshoring—law firms. For guidance on data protection requirements, see Practice Note: Outsourcing and data protection.For guidance on general risk management best practice, see Practice Notes: •Due diligence in outsourcing•Limitation of liability in outsourcing •Outsourcing remedies—step-in rights, service credits, liquidated damages and terminationPre-contract compliance checks: stages 1–6There are several compliance activities you should consider before entering into an outsourcing agreement. The order suggested reflects our Outsourcing compliance...
Discover our 25 Practice Notes on Outsourcing
Letter—TUPE (2) from transferor or transferee to their employees about the election of employee representatives [ To be typed on headed note paper of transferor or transferee ] [Date] [ Strictly private and confidential ] Dear [insert name of employee], [ [ If from transferor: ] We are writing to tell you that [we are proposing to transfer our [insert details] business to [insert name of transferee] OR we are proposing to outsource our [specify business function] to [insert name of transferee] OR our contract for the provision of [insert details] services to [insert name of client] is coming to an end and, on its termination, those services will be performed by [insert name of new contractor/client]]. OR [ If from transferee: ] We are writing to tell you that [we are proposing to acquire the business of [insert details of transferor] OR we are proposing to bring in house our [specify business function] OR we have agreed a contract to provide [insert details] services to [insert name of...
New to role—in-house lawyers—meeting agenda and question plan—IT Director General Item Description Purpose of meeting Introductory meeting between [Insert your name], [insert your job title] and [insert name of IT Director], IT Director of [Insert name of organisation] Date and time of meeting [Insert date] at [insert time of meeting] [am OR pm] Attendees [Insert name of IT Director][Insert your name][[Insert names of any other invited attendees, eg your line manager]] Agenda Item Supporting documentation Person leading item Questions Introducing [insert name of organisation]’s in-house lawyer. N/A [Insert your initials] Explain to the IT Director who you are, where you were before, and why you joined this organisation. Structure and reporting Copies of:—departmental structure chart;—outsourcing agreements;—list of the organisation’s spend per supplier, ranked highest to lowest. [Insert IT Director’s initials] How is the IT department structured? Ask for a structure chart.What changes has the director made to the department over the past year and is any change or restructuring anticipated in the next six months?What and where are the...
Dive into our 43 Precedents related to Outsourcing
On a relevant transfer under TUPE 2006, does the transferor’s liability for failing to prevent bribery, to the extent that it is not criminal liability, transfer to the transferee? Bribery Act 2010 The Bribery Act 2010 sets out four offences: • bribing another person (also known as active bribery) • soliciting or accepting a bribe (also known as passive bribery) • bribing a foreign public official, and • failure of a commercial organisation to prevent bribery by an 'associated person' for its benefit For further information, see Practice Note: Bribery Act 2010: essentials for employment lawyers. The first three offences above apply to individuals and companies. The offence of failure to prevent bribery applies only to relevant commercial organisations. For information on the offence of failing to prevent bribery, see Practice Note: Bribery Act 2010: essentials for employment lawyers—Failure of commercial organisations to prevent bribery. See the Serious Fraud Office (SFO) Guidance on adequate procedures facilitation payments and business expenditure and the following documents (referred to in...
What is an approved reporting mechanism (ARM)? What is an approved reporting mechanism? Assimilated Regulation (EU) 600/201 (UK MiFIR) requires investment firms that execute transactions in financial instruments to report details of those transactions to the Financial Conduct Authority (FCA) as quickly as possible, and not later than the close of the following working day. Transaction reports can be made either by the investment firm itself, an approved reporting mechanism (ARM) acting on its behalf or by the trading venue on which the transaction was executed. An ARM is defined as a person authorised under the Data Reporting Services Regulations 2024, SI 2024/107 (DRS Regulations 2024) to provide the service of reporting details of transactions to the FCA on behalf of investment firms. ARMs, together with approved publication arrangements (APAs) and consolidated tape providers (CTPs), are referred to as data reporting services providers (DRSPs). For detailed information, see Practice Note: UK data reporting services providers — The UK DRSP regime. What operating requirements apply to ARMs? The operating requirements for...
See the 3 Q&As about Outsourcing
Ireland—Banking & Financial Services analysis: Domestically, the CBI published the revised Consumer Protection Code. At European level, ESMA published guidelines on suitability requirements and the format of the periodic statement for portfolio management activities under MiCAR.This article was written by the Insurance & Reinsurance team of A&L Goodbody LLP.
Welcome to this week’s edition of the TMT weekly highlights: a hand-picked summary of news analysis, updates and new content from across the technology, media and telecoms sectors. These highlights focus on key topics including new technologies, software, cloud computing, internet, outsourcing, music, film & television, publishing, defamation and telecoms.
Read the latest 6 News articles on Outsourcing
**Trials are provided to all ÑÇÖÞÉ«ÇéÍø content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these ÑÇÖÞÉ«ÇéÍø services please email customer service via our online form. Free trials are only available to individuals based in the UK, Ireland and selected UK overseas territories and Caribbean countries. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
0330 161 1234