Risk Update July 2021

Welcome to our 100th issue. We have published this regularly (and on time) since 2004, before the Solicitors Regulation Authority (SRA) was created, and before law firms entered the regulated sector under the Money Laundering Regulations 2003.

In addition to reporting on developments in our areas of practice, professional regulation and professional indemnity insurance law, we have tried to provide some insight into future developments.

Our first issue noted that many firms had not updated their procedures for anti-money laundering (AML) – an issue which the SRA are now picking up on (virtual) visits. Our prediction of a rise in email scams and viruses perhaps fell short of mentioning the full extent we see now. The Clementi review was ongoing, but ABSs had yet to emerge.

On professional indemnity, we noted that firms had their fingers burned by inadvertently taking on risk under the successor practice provisions – still a major issue occupying much of our time to this day (and see also our comment under the Legal Ombudsman heading below).

We also noted an increase in large claims, including claims over the indemnity limit; this is a trend which has not gone away, and we are advising many firms whose potential liabilities are substantially over their insurance limits, many of these arising from buyer-funded development schemes.

We continue to pick up a variety of points to note when carrying out independent audits. Note para- graph 6.2 of the Legal Sector Affinity Group Guidance 2021 (LSAG) which states that longstanding/ personal relationships do not satisfy the requirement for independent verification of Customer Due Diligence (CDD), and paragraph 6.8 which requires that CDD is carried out before you permit funds to be deposited in client account (though money on account of costs/fees may be accepted on a risk sensitive basis).

Our January 2021 issue identified the need for evidence of the process by which the Practice Wide Risk Assessment was produced. This is a statutory requirement and the SRA are asking for records of steps taken to review it.

The Crown Prosecution Service has published updated guidance and will now prosecute individuals for failure to disclose offences even where it transpires that money laundering did not occur.

The Office of Financial Sanctions Implementation (OFSI) has updated its Russia guidance. It has also published a blog on reasonableness in licensing, including a section on legal fees.

Links to the above are on www.legalrisk.co.uk/News.

Extra-territorial scope of overseas trust registration has been enhanced with effect from by 1 July 2021 by amendments to the Sanctions and Anti-Money Laundering Act 2018 introduced by section 34 of the Financial Services Act 2021.

We have advised several firms on third party complaints which have been made to the SRA. These are sometimes tactical to secure some advantage in dispute resolution, and can pose practical challenges in responding while protecting the interests of the client – including entitlement to legal professional privilege and confidentiality as to tactics.

Solicitors Indemnity Fund (SIF) continues to provide cover in limited circumstances; these include run off cover for solicitors’ practices after expiry of the six year open market cover which insurers have to provide where a firm closes without a successor practice.

SIF was due to close in 2017, but this has been extended three times because there was enough money available and to allow further review, but it will now close in September 2022 (subject to an affordability test). Assuming the test is met for one more year, it will mean that SIF will continue to provide post six- year run-off cover for claims against firms which have closed without a successor practice until September 2022.

A solution needs to be found beyond that date but will only be found with access to claims data and an injection of enthusiasm to find a solution. No commercial solution has yet been forthcoming. Frank Maher has written a short article for the Gazette, Fourteen months to find a solution, addressing some of the key issues. 15 months remain, but SIF itself, covering practically the whole of the profession’s risk, was set up in a similar timescale.

The outcome from the SRA’s consultation on the proposed cyber exclusion in the Minimum Terms and Conditions (MTC) is expected imminently.

The Council of Licensed Conveyancers (CLC) has issued a call for evidence on its MTC in the face of difficulties experienced by licensed conveyancers in obtaining cover. (Link: www.legalrisk.co.uk/News.) In the past, some solicitors have moved from SRA regulation to the CLC but this has now become nearly impossible.

We continue to see new problems emerging with buyer-funded investment schemes such as hotels and buy to let. We are advising many firms on dealing with the insurance fallout.

There are important developments in relation to international transfers of data. Most importantly, the European Commission has adopted adequacy decisions for the UK, but note the ‘sunset clause’, which limits the duration of adequacy to four years. It has also approved new Standard Contractual Clauses for international data transfers. These are not effective for transfers from the UK on which an announcement is awaited from the Information Com- missioner’s Office (ICO). The ICO is in the process of updating its guidance.

The European Data Protection Board has published Recommendations 01/2020 on measures that supplement transfer tools to en- sure compliance with the EU level of protection of personal data; although not binding in the UK they may still be useful.

In Sanso Rondon v LexisNexis Risk Solutions UK Ltd [2021] EWHC 1427 (QB), a representative appointed under Art. 27 of GDPR was held to have no liability to the claimant for alleged breaches of GDPR in connection with a database providing information for anti -money laundering compliance.

Links to the above are on www.legalrisk.co.uk/News.

Recent cases from opposite sides of the pond illustrate the potential for losing LPP. In Travelers Insurance Company Ltd v Armstrong & Anor [2021] EWCA Civ 978, an assignment of professional negligence claims against solicitors and counsel to an opponent in litigation enti- tled the assignee to documents which were the subject of joint privilege of the assignor and its insurers. (Link: www.legalrisk.co.uk/News.) The case is of some concern. Similar issues may arise in corporate transactions where a company is sold.

In United States v. Holmes, No. 5:18-cr-00258-EJD-1, 2021 U.S. Dist. LEXIS 98060 (N.D. Cal. May 21, 2021), a claim to privilege by Elizabeth Holmes, the founder of Theranos, a high profile tech company which collapsed in a sea of fraud allegations, failed because the lawyers advising were retained by the company, not Holmes. (The history is recounted by John Carreyrou in Bad Blood: Secrets and Lies in a Silicon Valley Startup.) This risk also needs addressing carefully when a partnership or LLP seeks legal advice to oust a member.

Attacks on all sectors, including lawyers, continue. Training is an important step and is available free from the National Cyber Security Centre.

Although not aimed at law firms, Guidelines on outsourcing to cloud providers, published by the European Securities and Markets Authority, may be useful. (Link: www.legalrisk.co.uk/News.)

The Legal Ombudsman has published an updated complaints handling guide. (Link: www.legalrisk.co.uk/News.)

One point which is often overlooked when acquiring other practices, is that the successor practice provision under the Scheme Rules is different from the definition which applies to the MTC for insurance purposes. It has scuppered one major acquisition by a top 100 firm which we advised.