Law Firm Compliance Checklist

Pull 10 matters opened in the last 90 days from Clio / MyCase / iManage. For each, confirm the intake form captured client identity (government ID), matter type, opposing parties, related entities, and witnesses. Missing opposing-party data is the top reason conflicts get missed downstream.

Re-run each sampled matter through the conflicts database against current clients, former clients, adverse parties, and witnesses. Document any hits the original intake missed — these become the basis for a Rule 1.7 / 1.10 remediation conversation with the responsible attorney.

Imputation under Rule 1.10 means a missed conflict can disqualify the firm. The managing partner decides whether to seek a written waiver, screen the affected attorney, or withdraw. Document the decision in the matter file and the conflicts log.

Reconcile book balance, bank balance, and the sum of individual client ledgers — all three must match to the penny. Discrepancies even of a few dollars indicate a posting error or, worse, commingling. Use Clio Trust, CosmoLex Trust, or Tabs3 Trust depending on the firm's stack.

Trace every transaction in the variance period. Common causes: bank fees posted to IOLTA (a Rule 1.15 violation in most states), retainer disbursed before funds cleared, or a client ledger posting to the wrong matter. Resolve before the next month closes.

Any client ledger below zero is a Rule 1.15 violation. Most state bars are notified by the bank automatically on IOLTA overdraft, triggering a disciplinary referral. Pay particular attention to matters where retainers were disbursed on the same day funds were deposited.

Pull the NetDocuments / iManage / SharePoint access list and cross-check against HR's active-employee roster. Any lingering credentials for departed attorneys, paralegals, or contract reviewers must be revoked the same day. Lateral departures are the highest-risk category.

Model Rule 1.6(c) requires reasonable safeguards on client information. MFA on email, DMS, PMS, and trust-accounting platforms is table stakes. Pull the admin report from Microsoft 365 / Google Workspace and identify any account without MFA enrolled.

For each open matter under hold, confirm custodians are still receiving hold notices and that auto-deletion policies in Outlook and OneDrive are suppressed for those custodians. A missed custodian is the textbook spoliation sanction scenario.

Most state bars set a 5–7 year minimum after matter close, with longer schedules for trust-account records (often 7+) and certain matter types (estate planning, real estate). Filter the closed-matter report by close date plus the applicable retention period.

Estate-planning files often retained for the life of the testator plus a tail; real estate closing files typically held 10+ years; matters involving minors retained until the minor reaches age of majority plus the SOL tail. These cannot be destroyed on the standard schedule.

Pull the prior-month pre-bill report from Clio / Tabs3 / LeanLaw. Every pre-bill should show responsible-attorney edits before issuance. Unedited pre-bills with verbose junior-associate narrative are the leading driver of fee disputes and write-downs.

Each transfer from IOLTA to operating must correspond to an issued, client-approved invoice. Transfers ahead of invoice issuance are a Rule 1.15 violation regardless of whether the work was performed. Sample 10 transfers from the prior month.

Annual hours vary by state (commonly 12–15), with separate ethics hours and, in some states, mandatory diversity or mental-health hours. Confirm transcripts against the state's compliance period — calendar year, birth-month cycle, or admission-anniversary cycle.

Book affected attorneys into Lawline, Practising Law Institute (PLI), or state-bar on-demand programming. Suspension for non-compliance is typically automatic at the deadline — there is no grace period in most jurisdictions.