News release

Public and law firm money at risk as regulator reports cyber theft at peak levels

There has been a record number of reports of cyber thefts from law firms reported in the first quarter of this year, with house moves the main target, according to our latest report.

We have received more than double the amount of reports of cyber theft in the first quarter of this year compared to last year, with triple the amount (£3.2m) stolen. Overall, in the last year (April 2016 to March 2017) we have seen cases involving around £11m of losses.

Around three-quarters involve some form of email hacking fraud, where criminals modify emails and alter bank details so funds go to the criminal.

Around half of cases involve money being used for house moves. The National Fraud Intelligence Bureau has also reported increased risks in this area, with an 85 percent increase in theft of property deposits in 2016. Other targets for cybercriminals include inheritance money and law firm's own money.

The Outlook aims to warn the legal professional of the main risks to their business and their clients. The risk of cybercrime is not the only risk to client money, and we have this year added investment schemes as a new major risk to the profession.

While the vast majority of solicitors act properly, a small minority are failing to adequately protect the money of investors, most of which are members of the public.

In the last nine months, we have taken action in cases where the public have lost more than £50m by investing in questionable schemes that have included the involvement of a solicitor. We published a range of warnings to the profession and the public to make sure everyone is aware of this risk.

Paul Philip, SRA Chief Executive, said: "Our Risk Outlook is designed to help firms manage the big issues in the marketplace. Challenges such as keeping information safe, cybercrime and compliance with anti-money-laundering regulations need constant attention.

The threats of criminals using IT to steal client’s funds is an increasing problem. It is important that law firms develop a culture where cyber security is treated as a serious priority, and take sensible steps to warn their clients about the risks.

"We have included one new priority risk this year – questionable investment schemes. We know that the numbers of solicitors who would willingly get involved are very small, but the harm to the public and potentially the reputation of the profession is significant."

The fifth Risk Outlook can be found here:

Go to the Risk Outlook page