Trust Account Fraud Update

March 24, 2022

Lawyers in all areas of practice continue to be a target for fraudsters. Although fraud cannot be fully prevented, certain steps can be taken to minimize risk and loss. As we wrap up March, which is Fraud Prevention Month, we encourage lawyers to be aware of any fraudulent activity and pay close attention to their bank accounts, records, communication platforms and system security.

The charts below represent a summary of fraudulent activity reported to the Trust Safety Department from Jan. 2021 – Dec. 2021. The total amount of reported fraud loss is $1 million.

Cheque fraud remains the most common type of fraud, with fraudsters either stealing physical cheques and altering them, or forging signatures that look indistinguishable from those of the lawyers within the firm.

Theft by staff has also been a rising concern where the firm’s employees who have access to internal systems are able to facilitate theft. It may be tempting to delegate certain responsibilities to internal staff members, but it is crucial to have continuous supervision over employees and ensure that you are monitoring your systems and records.

Cybersecurity

Cybersecurity refers to the technologies, processes, and practices designed to protect an organization’s information assets — computers, networks, programs and data — from unauthorized access. We have seen a rise in cybersecurity breaches during these unprecedented times of geopolitical conflict. Instances of cybersecurity breaches involve hacking into the firm’s computer systems, taking over staff email addresses or using fake email addresses and presenting themselves as potential clients. The fraudsters can obtain account information and even withdraw funds from the law firm’s accounts.

Measures to minimize risk

Frequent monitoring of your trust and general accounts is recommended to ensure no unsolicited transactions have occurred, and if they have, they are caught and remedied quickly. Additionally, it is crucial to ensure your computer systems are secure and backed up regularly. Be wary of emails and phone calls from unknown individuals and entities, and always verify the email address you receive correspondence from.

If the firm uses electronic banking practices, administer training to staff on cybersecurity best practices and annually test cybersecurity of the system and resources. Remember, you are the strongest line of defense.

Finally, consider obtaining insurance that would indemnify you for a fraud loss and consider purchasing employee theft insurance.

If you have any questions regarding trust account fraud, contact the Law Society’s Trust Safety department via email or at 403.228.5632.