Rebukes for partners whose firm was tricked by fraudsters into paying away client’s money

Print This Post

10 February 2017


SRA: informed by the client, not the lawyers

Three partners of a law firm that was tricked by fraudsters into paying the proceeds of a property sale into the wrong bank account – and did not carry out sufficient checks before doing so – have accepted rebukes from the Solicitors Regulation Authority (SRA).

The case is a rare disciplinary action arising from the major issue of cyber-crime that many solicitors are now dealing with.

James Michael Ashton, Paul Christopher Grimwood and David Mark Roberts are all directors of Hull firm Sandersons Solicitors. Mr Roberts is also the COLP and Mr Grimwood the COFA.

Regulatory settlement agreements published today explained how, in 2014, the firm was instructed to act for a client in a probate matter and the associated sale of a property, and corresponded with the client by email.

On 14 October 2014, the client sent an e-mail to the firm giving a set of bank details. The following day the firm successfully transferred money to the client using those details.

Six weeks later, the firm received an e-mail purportedly from the client which requested that funds arising from the sale of the property be transferred to a specified bank account.

The bank account details were different to those which the client had provided in October. The account was in the name of an electrical company that had no connection to the client.

Later that day and again the following day, the firm received further e-mails repeating the request and setting out the same bank details. The three e-mails appeared to come from the client’s email address.

The fee-earner transferred £140,000 to the account specified in those e-mails. The firm had not contacted the client by alternative form of communication to check the instructions, and did not carry out any checks in relation to the electrical company.

A week later, the client contacted the firm regarding payment of the money, at that point the fraud was uncovered; the bank account specified in the three e-mails did not belong to the client and is believed to have been controlled by fraudsters.

The fee-earner brought the matter to the directors’ attention, who reported it to the police and their insurers, but not the SRA. The client reported the fraud to the SRA instead, some months later.

The agreement said Sandersons made a partial recovery of some monies which were repaid to their client on in April 2015, and fully accounted to the client for the money wrongly paid to the fraudsters in October 2015.

The three solicitors admitted breaches of the SRA principles and the accounts rules, and of the rule that required them to report the matter to the regulator.

In mitigation, the trio said they did not make any personal financial gain from the misconduct and had co-operated with the SRA’s investigation.

The SRA said that the rebukes and fine of £500 each were “proportionate in the public interest”. It said: “The outcome recognises both the significant loss and inconvenience to the client caused by the conduct of the directors.”

They also agreed each to pay £337.50 in costs.

The agreements mean that the three will not be referred to the Solicitors Disciplinary Tribunal.



Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Algorithms and the law

Jeremy Barnett

Our aim is to start a discussion in the legal profession on the legal impact of algorithms on firms, software developers, insurers, and lawyers. In a longer paper, we consider whether algorithms should have a legal personality, an issue which will likely provoke an intense debate between those who believe in regulation and those who believe that ‘code is law’. In law, companies have the rights and obligations of a person. Algorithms are rapidly emerging as artificial persons: a legal entity that is not a human being but for certain purposes is legally considered to be a natural person. Intelligent algorithms will increasingly require formal training, testing, verification, certification, regulation, insurance, and status in law.

August 22nd, 2017