You are here

UK law firms may be liable for losses caused by bogus firms, SRA warns

May also have to pay higher professional indemnity insurance premiums

5 November 2014

Add comment

By Manju Manglani, Editor (@ManjuManglani)

The number of bogus law firms and scam alerts are on the rise in the UK and are set to be considerably higher than levels recorded in 2013.

In a report published today, the Solicitors Regulation Authority (SRA) has warned that almost half of the incidents recorded in the first eight months of 2014 involved identity theft of a law firm or solicitor.

In many cases, genuine law firm websites were cloned and fraudsters sent out bulk emails claiming to be from established firms, requesting money or confidential information.

"The key risk to firms is reputational damage from being cloned by a bogus firm. This may lead to the loss of potential future clients and income," the report warns.

"There is also the possibility that firms may be held liable for losses attributed to having dealt with a bogus firm."

Law firms which fall victim to scams may also be subject to increases in their professional indemnity insurance premiums.

"Insurers may have to pay large sums of money where a bogus scheme is successful due to negligence on the part of a genuine firm. These pay outs may lead to higher insurance premiums for genuine firms," the report says.

The number of recorded bogus law firms this year will likely exceed the 548 recorded in 2013, which was a 57 per cent increase on 2012.

The SRA says that, in the first eight months of 2014, it had already assessed 454 reports of bogus firms and that it expects reports this year to exceed the amount it received in 2013.

The number of scam alerts has almost doubled since last year, with 130 published in the first eight months of 2014, compared to 70 alerts issued over the same period in 2013.

Compliance obligations

The regulator warns in the report that law firms have an obligation under Principle 8 of the SRA Handbook to take "reasonable steps" to prevent their identity from being used by criminals and to ensure that neither they nor their clients fall victim to bogus firms.

"They must take steps that are appropriate to their individual characteristics and the type of work they engage in to protect against this risk," it adds.

The SRA recommends performing regular internet searches on the firm's name, as well as those of partners and staff, to ensure they are not being used without authorisation.

In addition, the SRA says firms should ensure their details on the Law Society's 'Find a Solicitor' database are accurate and up to date.

It also suggests reading the scam alerts and warnings about bogus activity on its website.

"Firms should note that no one control will be effective in mitigating this risk," the report warns.

"Where a bogus firm takes advantage of ineffective systems and controls on the part of a genuine law firm, it too may be held liable."

Scamming the regulator

The SRA admits in the report that even it has fallen victim to a scam.

An email claiming to be from the SRA and containing malware was sent to many solicitors earlier this year.

The attachment had the ability to take control of users' systems, steal information and carry out other criminal activities.

"While the content of the email appeared to be legitimate, the fact that the email was a scam was given away by the sender's email address, which did not end in '@sra.org.uk'," the report says.

"However, this is not a guaranteed test as it is possible to falsify a sender's address on an email.

"All of the information needed by the fraudster for this scam was freely available in the public domain," it concludes.

 

 

Categorised in:

Finance Risk & Compliance