Bogus firms problem not going away as numbers double since 2012, says the SRA
Solicitors Regulation Authority
The Solicitors Regulation Authority (SRA) is advising law firms - and the public - to be vigilant, with reports of bogus firms doubling since 2012.
In its annual Risk Outlook report launched today (25 July), the SRA cautions that bogus firms and cyber security continue to be widespread issues for the legal sector.
Bogus firm reports to the SRA have doubled since 2012 to more than 700 per year in 2014 and 2015, with almost half of these involving criminals copying the identity of an existing law firm*. Bogus law firms can directly target the public, or genuine law firms with a view to deceiving them into sending money or information. The SRA earlier this year launched a law firm search on its website to help people confirm whether a firm is legitimate.
Likewise, a quarter of firms have also been targeted by cyber criminals, with nearly one in ten attacks resulting in money being stolen**. In the Risk Outlook, the SRA stresses that firms must understand that protecting themselves is as much about people and training, as it is technology. Most cybercrime involves an element of trickery such as the use of fake emails or phone calls to access information such as passwords.
The report highlights one of the newest of these tricks, CEO fraud, where senior law firm figures are impersonated and staff, such as people in the accounts team, are ordered, often by email, to transfer money to pay an invoice. Such scams often take place on a Friday, so as to give the criminals more time to avoid detection.
Also for the first time, the SRA is showcasing access to legal services as a key risk. Research shows that only a third of people with a legal problem seek professional advice. And only one in ten will take advice from a solicitor or barrister***.
Paul Philip, SRA Chief Executive said: "Many of the risks we are highlighting will be familiar to those in the legal sector. However, this does not make them old news - the challenges around areas such as cybercrime are changing rapidly and require constant vigilance. Well informed staff and good processes are just as important as antivirus systems in staying cyber secure.
"We want to see firms proactively making sure their clients are also aware of the risks in this area. For instance, we would recommend that people avoid sharing bank details over email, or transferring money before confirming the source of any request.
"We also know there are far too many people who either cannot afford, or choose not, to access legal services, with 63 percent saying they do not think legal advice is affordable. We are reforming the way we regulate to free up solicitors, and open up the market to healthy competition. We want providers to respond by playing their part in creating new, more affordable services that respond to the needs of the public and small businesses."
An easy to use guide to risk management, the report offers legal professionals definitive, up-to-date information and advice on current risks. The outlook highlights seven priority risks including money laundering, protecting client money, and a diversity in the profession.
The SRA also publishes Risk Outlook updates on specific areas of interest. The next update is scheduled for Autumn 2016 and will be on the implications of Brexit for law firms.
More information is available on the SRA website: http://www.sra.org.uk/priorityrisks