Trust Account Fraud Update
Lawyers in all areas of practice continue to be a target for fraudsters. Although fraud cannot be fully prevented, certain steps can be taken to minimize risk and loss. As March is Fraud Prevention Month, we encourage lawyers to be aware of any fraudulent activity and pay close attention to their bank accounts, records, communication platforms and system security.
The charts below represent a summary of fraudulent activity reported to the Trust Safety Department from January 2022 – December 2022. The total amount of reported fraud loss was over $470,000.
Cheque fraud remains the most common type of fraud, where fraudsters either steal physical cheques and alter them, or forge signatures that are indistinguishable from those of the lawyers within the firm.
Theft by staff is also on the rise, where the firm’s employees with access to internal systems facilitate theft. Although it may be tempting to delegate certain responsibilities to internal staff, it is crucial to continuously supervise employees and monitor your systems and records.
Cybersecurity refers to the technologies, processes and practices designed to protect an organization’s information assets — computers, networks, programs and data — from unauthorized access. We have seen a rise in cybersecurity breaches during these unprecedented times of geopolitical conflict. Instances of cybersecurity breaches involve hacking into the firm’s computer systems, taking over staff email addresses or using fake email addresses and presenting themselves as potential clients. Fraudsters can obtain account information and even withdraw funds from the law firm’s accounts.
Practise cyber hygiene by implementing network security controls to mitigate cyber breaches and conducting cybersecurity awareness training for all staff. Remember, you are the strongest line of defense.
Measures to minimize risk
There are several proactive measures you can take now to prevent fraud related to your trust account. Here are a few prevention strategies:
- Monitor your trust and general accounts frequently to ensure that no unsolicited transactions have occurred. If they have, it is crucial to catch and remedy them promptly.
- Monitor inactive accounts or client ledger accounts with high balances for unusual entries and transfers.
- Perform monthly bank reconciliations. This is a key control that compares your book balances to your bank balance and ensures that it matches.
- Follow the money by performing audits to ensure the transactions make sense.
- Ensure that computer systems are secure and backed up regularly.
- Be wary of emails and phone calls from unknown individuals and entities, and always verify the email address from which you receive correspondence.
- Pay attention to documents and the supporting paperwork. Remember that good documentation does not mean something happened, only that someone said it happened.
- Consider obtaining insurance that would indemnify you for a fraud loss and consider purchasing employee theft insurance.
If you have any questions regarding trust account fraud, contact the Law Society’s Trust Safety department via email or at 403.228.5632.