By Legal Futures Associate Access Legal
If you haven’t yet completed the Solicitors Regulation Authority’s (SRA) anti-money laundering questionnaire, time is running out for you to do so as the deadline is 23 September; based on the queries we have received it is clear that some questions are causing difficulties for those completing them, so don’t leave it until the last moment!
If previous approaches to surveys/questionnaires is anything to go by, the SRA may extend the deadline and then pass firms that have still not responded for enforcement action, but don’t rely on any extension being given; in any event firms may be ‘black-marked’ for not meeting the original deadline!
Compensation Fund
The Legal Services Board (LSB) has delayed for the first time ever approval of the SRA’s application for the level of Compensation Fund contributions, which are set to increase dramatically in October; it is uncertain what will happen if approval is not given by this time, or at all!
It would not be surprising if the delay is connected with the delayed publication of the LSB’s report looking into the conduct of the SRA in the Axiom Ince scandal; we are now 100 days since the LSB said the report would be published, so the continued delay seems to indicate that the findings may not be favourable to the SRA!
Chinese underground banking
The SRA has issued a warning to law firms after the sentencing of seven people involved in a money laundering network involving Chinese underground banking; as money entering the UK by this route has left China illegally, these were not funds that should be accepted for transactions or payment of fees.
Don’t get confused over the handling of these criminal funds, and funds coming out of China as a breach of currency restrictions; the former will need a defence (DAML) from the National Crime Agency, whereas the latter won’t as long as there are no other red flags apparent.
Cyber-crime
The number of successful cyber-attacks against UK law firms rose by 77% in the past year to 954, up from 538 the year before, according to a new study produced by chartered accountants Lubbock Fine, who said that “the wave is driven by criminals seeing law firms as prime targets for ransomware attacks or blackmail. This is due to the sensitive personal and financial information they hold, which hackers can sell on the dark web or threaten to publish on the internet.”
The legal sector has also faced “astronomical ransom demands” from cyber-attackers in recent years, ranging from $30,000 to $21m, according to new research by Comparitech, which identified 138 individual ransomware attacks on the legal sector, with nearly 3 million individual records compromised.
The threat of deepfake attacks has escalated rapidly in the last five years and therefore firms need to be more alert to these when carrying out online client due diligence. Deepfake attacks digitally replicate a person’s likeness, and manipulate a face, voice, or body, and have become increasingly convincing and difficult to spot without proper equipment and can even be broadcast in real time. In Hong Kong, a firm was recently tricked into paying $25 million to cybercriminals who used deepfake technology to impersonate the company’s CFO in a video call.
The Chartered Institute of Legal Executives Regulator has issued a scam warning in the following form:
“It has recently come to our attention that a company named Newcastle Regulation has published misleading content on its website. They are presenting themselves as an `independent regulator’ using content that appears to have been taken from CRL’s website.
Please be aware that this organisation and associated website is in no way connected to CILEx Regulation Ltd and as such, individuals should not submit any information or payment to them.”
Sanctions
The SRA has published revised guidance on complying with the UK sanctions regime, and the Office of Financial Sanctions Implementation (OFSI) has updated its frequently asked questions on UK financial sanctions, both of these should be read and training provided where appropriate; in addition firm-wide risk assessments should be updated to reflect any changes or a note made to say the updates have been read but do not apply.
