Insight: Blanket Policies – Why It’s Good To Have Them

In this short blog series, Lawyer Checker’s Tom Lyes explains why it’s beneficial to have blanket policies implemented in firms, giving people that extra layer of protection.

Sometimes it can feel like policies exist for no other reason than as a stick to beat hardworking employees with.

When it comes to cyber security and fraud we’ve previously discussed the importance of adopting policies from the top down; leading by example and taking the risks seriously across the whole of the organisation.

Having cyber policies in place that direct attitudes and culture across the whole organisation will embed a sense of cyber security across the board.

Legal regulators are starting to focus more on the way firms are protecting their own and client interests, especially from cyber criminals who are chomping at the bit to intercept transactions and personal data.

Regulators are encouraging firms to be more vigilant and do all they can to embed a cyber positive culture, nipping any suspicious activity in the bud as soon as it starts.

Much of the focus has been around the interception of funds as criminals seek to redirect proceeds of property sales, probate monies, claims awards etc away from the rightful recipient to fraudulent bank accounts.

With around 11,000 criminal organisations actively targeting the legal sector right now, there is a sense that they are circling like sharks attempting to exploit any weaknesses they see.

When it comes to your due diligence what level of check do you undertake to ensure the money is going to the right place? Do you verify a firm’s legitimacy via the Law Society? Have you confirmed the fee earner is regulated by the SRA? Have you checked Companies House (where relevant) to confirm the existence of the business? Have you applied Customer Due Diligence appropriately to confirm the recipient?

The recently updated CQS Core Practice Management Standards mandates that relevant checks are carried out “in relation to the conveyancer acting for the other party” (Conveyancing Quality Scheme, Core Practice Management Standards, section 1.4) and that the bank details are verified.

It’s simply not enough to have verified one or the other; it is best practice, and more security conscious, to do both.

Lawyer Checker has a range of cyber risk and anti-fraud tools to help firms combat redirection of funds. Account & Entity Screen verifies the bank details of the firm and provides a real time assessment of the legitimacy of the firm on the other side of the transaction. Consumer Bank Account Checker verifies that the bank account of the individual you are dealing with is legitimate.

Beefing up cyber security is going to be on the regulator’s agenda for the foreseeable future. After all, nearly 60% of law firms were affected by a cyber incident last year, so shoring up defences is a priority.

Implementing blanket policies to ensure everyone is working in the same way and conducting their own due diligence will help you become one step closer to leaving the cyber criminals out in the cold.