Coping with lender demands for bank statements

Print This Post

By Legal Futures

18 March 2011


Bank statements: firms need to seek client consent before disclosing

Q. My firm is on the panel of a well-known lender. The lender is currently reviewing its panel arrangements and is requiring all panel members to provide copies for the last three months of our client account bank statements. I am concerned that to do so would breach the duty of confidentiality which I owe to my clients. What should I do?

A. As you rightly say, solicitors have a duty under rule 4.01 of the Solicitors’ Code of Conduct 2007 to keep the affairs of clients and former clients confidential. You should be constantly alert to requests for information, such as this one, which might put you in breach of that duty. You will therefore need to explain to the lender that the rules of conduct prevent you from disclosing copies of the statements themselves.

Although it is probably not feasible in this instance, as a general rule, it is open to you to approach a client for consent to disclose confidential information to a third party. However, the client must be in a position to give informed consent and it would not therefore be appropriate to cover disclosures of this sort in your terms of business or in your client-care letter.

If giving consent would not be in the client’s best interests, you would need to point this out to the client and advise him or her that he or she may wish to seek their own legal advice before deciding whether to give consent.

The Code can be accessed at www.sra.org.uk.



Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Preparing for the GDPR – What do you need to know right now?

Craig Forsyth

On 25 May 2018, the EU General Data Protection Regulation (GDPR) comes into force. That might seem like a long time, but that’s just over 100 days away at the time of writing. Actually, GDPR was adopted back in April 2016, May 2018 is the end of the two-year grace period. The GDPR brings with it a whole host of changes, and the penalties for non-compliance are higher than ever, either 4% of your annual turnover or £20m, whichever is higher. But how do you prepare? What do you need to change first? Where do you even start?

February 19th, 2018