Important Alert: SRA Participating Insurer's Parent company placed in interim Liquidation

Important Alert: SRA Participating Insurer's Parent company placed in interim Liquidation

Feb 26 2018

On the 7th February 2018, Financial security agency AM Best issued CBL Insurance with an amended financial strength rating of B ++ under review with negative implications.  The catalyst for this downgrade was a suspension of shares on the New Zealand Stock market in early February due to regulatory authorities concluding that CBL needed to raise capital to shore up claim reserves in its most exposed Insurance lines.


The situation has since worsened and the New Zealand regulator via the High Court as of 23rd February 2018 has placed CBL Insurance into interim liquidation. This should be of particular interest to Insured firms of CBL Insurance Europe, a wholly owned subsidiary of CBL Insurance.  CBL Insurance Europe is still being supported by the CBL Corporation as things stand.  


CBL Insurance Europe are regulated by the central bank of Ireland, on the 19th February, the Central Bank of Ireland issued a direction to CBL Insurance Europe that it must cease underwriting new Insurance business with immediate effect, until further notice.  The Irish Regulator has commented that CBL Insurance Europe continues to operate and existing policies continue to remain in force. Our advice for CBL policyholders is to continue to monitor the situation closely, developments may occur very quickly and you need to ensure that you are best positioned to react, should the need arise.


There is however, a more immediate impact for policyholders who purchase a “rolling” monthly policy with CBL. The Central Bank of Ireland's directive means that any continuous policyholder will not be receiving further coverage moving forward as this constitutes “new insurance business”. Our advice to the aforementioned firms is to immediately look to source an alternative coverage solution.


If you are a policyholder of CBL Insurance Europe and are seeking further advice or you need urgent assistance in sourcing alternative coverage, please do contact us a member of the Lockton team on the numbers below as we have numerous alternative solutions for you firms of your size.


If you are not a CBL Insured and would like to seek alternative options for your forthcoming PII renewal please also contact myself, Marc Rowson or another member of the Lockton Solicitor team.


Marc Rowson                                                          Brian Boehmer

Vice President                                                         Partner

Tel 0207 933 2034                                                 0207 933 2083


Call: 0330 123 870


Important Alert: SRA Participating Insurer's Parent company placed in interim Liquidation

Important Alert: SRA Participating Insurer's Parent company placed in interim Liquidation

Feb 26 2018

On the 7th February 2018, Financial security agency AM Best issued CBL Insurance with an amended financial strength rating of B ++ under review with negative implications.  The catalyst for this downgrade was a suspension of shares on the New Zealand Stock market in early February due to regulatory authorities concluding that CBL needed to raise capital to shore up claim reserves in its most exposed Insurance lines.


The situation has since worsened and the New Zealand regulator via the High Court as of 23rd February 2018 has placed CBL Insurance into interim liquidation. This should be of particular interest to Insured firms of CBL Insurance Europe, a wholly owned subsidiary of CBL Insurance.  CBL Insurance Europe is still being supported by the CBL Corporation as things stand.  


CBL Insurance Europe are regulated by the central bank of Ireland, on the 19th February, the Central Bank of Ireland issued a direction to CBL Insurance Europe that it must cease underwriting new Insurance business with immediate effect, until further notice.  The Irish Regulator has commented that CBL Insurance Europe continues to operate and existing policies continue to remain in force. Our advice for CBL policyholders is to continue to monitor the situation closely, developments may occur very quickly and you need to ensure that you are best positioned to react, should the need arise.


There is however, a more immediate impact for policyholders who purchase a “rolling” monthly policy with CBL. The Central Bank of Ireland's directive means that any continuous policyholder will not be receiving further coverage moving forward as this constitutes “new insurance business”. Our advice to the aforementioned firms is to immediately look to source an alternative coverage solution.


If you are a policyholder of CBL Insurance Europe and are seeking further advice or you need urgent assistance in sourcing alternative coverage, please do contact us a member of the Lockton team on the numbers below as we have numerous alternative solutions for you firms of your size.


If you are not a CBL Insured and would like to seek alternative options for your forthcoming PII renewal please also contact myself, Marc Rowson or another member of the Lockton Solicitor team.


Marc Rowson                                                          Brian Boehmer

Vice President                                                         Partner

Tel 0207 933 2034                                                  0207 933 2083


Call: 0330 123 870


How to spot criminals targeting your firm to launder money

How to spot criminals targeting your firm to launder money

Feb 9 2018
Author Amy Bell

Criminals target Law Firms to launder their illicit funds, this isn't new news. It is estimated that over £90bn a year is laundered through the UK. The government is concerned about this and has recently issued the second National Risk Assessment of money laundering and terrorist financing (NRA).

The Legal Profession has been identified as high risk for money laundering, although low risk for terrorist financing.

That is not to say that all Solicitors are money laundering, but rather, where Law Enforcement see money laundering, there is a high risk that lawyers are involved. They single out lawyer's involvement in “high end money laundering” which is defined as the laundering of large amounts of criminal funds (often the proceeds of serious fraud or overseas corruption) through the UK financial and professional services sectors.

The NRA identified three aspects of a lawyers practice which are high risk: Trust and Company Formation, Conveyancing and the use of the Client Account. All firms who are regulated by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 will have to compile a Risk Assessment of their business (Regulation 18), and it needs to be considered in every matter (Regulation 28(12)(a)(i)). Therefore, consideration of the information in the NRA should form part of that process.

Trust and Company Formation

Law Enforcement have identified that in many money laundering investigations there is a presence of a trust or company vehicle which has been used to hide the true beneficial ownership. The SRA recently gathered information from all firms in relation to the types of work which they carry out, and involvement in this type of work was a specific question, and answers to this may feed into the SRA's risk rating of a particular firm.

If you do provide these services you should be alert to “red flags” such as unusually complex business structures, for which there doesn't appear to be any commercial reason. If you are having difficulty getting information about the beneficial owners because the client is being secretive, you should consider whether the entity you are being asked to form is to disguise the true ownership. It is relatively simple to form a company, so ask yourself why they are looking to use a lawyer, particularly if it is not part of a wider instruction. As ever extra caution should be applied when dealing with High Risk Jurisdictions, which lack transparency.


It has long been accepted that property transactions are attractive to criminals for the purposes of money laundering. The NRA accepted that the number of lawyers who are wittingly involved in money laundering is small, but the scale of money laundering through property must mean that criminal clients are getting past solicitor's checks. Criminals can present themselves as legitimate, they will have the documents a firm will need, and have answers prepared to the questions they are asked. However, there are some steps you can take to try and minimise the risk to exposure to money laundering.

  • Criminals like to move money around quickly, they are adding layers of legitimacy to disguise the involvement of criminal funds. Be careful if the property has been conveyed recently and is being sold without a plausible explanation.
  • Look out for transactions which are designed specifically to launder money, for example the parties are known to each other and the value of the property has increased significantly over a short period of time.
  • Third party funding can be completely legitimate, especially with gifts from Mum and Dad, but criminals are using this process to launder money. Think about the checks you should make on people who are not your clients to be satisfied that the money you are using is not the proceeds of crime. The criminals will bank on you not asking!
  • Don't forget about how the criminals get the money into the banking system. It's unlikely they will come into the office with holdalls of cash because you won't accept it. Instead they use cash rich businesses to disguise their money laundering, so consider carefully the legitimacy of funds from clients with these businesses, car washes, nail bars, take-aways, amongst others.
  • The government is particularly focused on the ownership of high value property in London and Edinburgh by overseas companies and trusts as fronts for money laundering, so care should be taken in these matters to establish the beneficial ownership and consider whether there are any risks of corruption, tax evasion or money laundering.

Client Accounts

The government has identified that criminals find the solicitor's client account an attractive way of adding a layer of legitimacy to transactions. Once money has been paid out of the client account, a criminal can lie about it's origins. Money which has been remitted to a client following the sale of a property, could be represented as damages from an injury claim. Firms should be alert to this risk and engage their accounts staff in looking for signs of money laundering.  

In particular firms should look out for clients placing funds in the client account and then cancelling instructions without any reasonable explanation. Requests for refunds should be considered carefully. Firms must comply with the Solicitor's Accounts Rules, in not providing banking facilities to clients to enable them to “hide” money.

It is clear that firms are doing a lot of work to prevent money laundering, but it is important to keep the risks on the radar, and remain vigilant to the new ways in which you can be targeted with regular training.

A Practical Guide for Managing Data Risk with consideration for GDPR

A Practical Guide for Managing Data Risk with consideration for GDPR

Feb 9 2018
Author Amy Bell

Are you concerned about managing your data or  perhaps you're not clear on your firms retention/destruction requirements with GDPR looming on the horizon?  Our risk consultant Amy Bell has put together a practical guide for managing data risk with consideration for GDPR. Click on the right hand side to download the full guide.

End of Year Review

End of Year Review

Jan 2 2018
Author Amy Bell

The year 2017 has been busier than most in compliance and 2018 shows no signs of slowing down.

So, what should you have ticked off your to do list by now, and what do you need to add for the new year?


1.Continuing Competence

At the end of the CPD year in 2016, the 16 hours required minimum CPD was removed, and replaced with Continuing Competence. During the 2017 Practising Certificate renewal process, Solicitors were required to give a declaration in relation competence – “

I have reflected on my practice and addressed any identified learning and development needs". Firms should have communicated the changes to their Solicitors, and ensured that they have reviewed the SRA Competence Statement and planned to complete any learning where a need has been identified. I presented a webinar for firms earlier in the year, so if this is still on your list, you may find it helpful click here.


2.Money Laundering Regulation

The Money Laundering, Terrorist Financing, Transfer of Funds (Information on Payer) Regulations 2017 came into force on 26th June 2017, only 3 days after the final draft regulations were released. These Regulations are the biggest change in AML legislation for a decade and require a considerable amount of work to implement. Many firms are still working through the requirements, preparing risk assessments, reviewing policies and procedures, and changing CDD procedures. The Legal Sector Guidance is still in draft form, and many firms are holding off finalising changes until it is approved by the Treasury, which I now expect to be in early 2018. The SRA did indicate that their approach to enforcement would be proportionate, but they have recently indicating that they will be surveying the profession in early 2018 to find out how they are complying. We released a webinar when the regulations were passed in the summer, to flag up the issues which you need to be considering, sooner rather than later. Click here to watch the webinar recording in full.


3.Criminal Finances Act 2017

The Criminal Finances Act is the Government's response to the first UK National Risk Assessment in relation to Money Laundering. Several areas were identified where legislative change could help fight financial crime. Much of the Act is not yet in force, but on the 30th September, the new Corporate Offence of Failing to Prevent Tax Evasion was implemented. Firms will be liable if they have failed to put in place reasonable procedures to prevent a person associated with it (an employee or agent) from facilitation facilitating tax evasion. The consequences are fines for the firm, risk of regulatory sanctions, and reputational damage. I wrote an article and presented a webinar which may be useful to firms who have still yet to so establish the required policies and procedures. In 2018 other parts of the Act will be implemented. There will be extensions to the powers which the National Crime Agency have to request information from reporters, and they may be given more time to investigate cases before they need to give consent. We will update you on these provisions when we know when they will be in force. Click here to watch the webinar recording.



At the top of the compliance to do list for many firms is the implementation of GDPR, which will apply in the UK from 25th May 2018. There is certainly a lot to think about. Firms will need to think about what data they hold, and for what reasons. They will need to think about how they can use data from former clients, dealing with subject access requests in the new shorter time scales. Lockton have some material on this and if your firm is not already on the way to getting compliant with GDPR, this should be a high priority in the New Year.


5.SRA Code of Conduct

Next year we are also expecting substantial changes to the SRA code of conduct, which may require changes to your policies and procedures. It is intended that the new code will allow more flexibility for law firms, moving further away again from rule based regulation. We will be providing articles and webinars on the new code and accounts rules as soon as they are confirmed, so watch out for those.


Planning now for the considerable amount of work to do for the rest of 2018 will help you find the time to fit it all in, and get compliant as soon as possible [If you need any support with these issues do get in touch and we will see how we can help].

Criminal Finances Act 2017 Webinar

Criminal Finances Act 2017 Webinar

Oct 19 2017
Author Amy Bell

Amy Bell, Chair of the Law Society's Money Laundering Task Force, and now a Risk Consultant for Lockton, recently presented a webinar for Lockton's Solicitor answers some frequently asked questions around the new Criminal Finances Act 2017: The Corporate Offence of Failing to Prevent Tax Evasion.

Click on the link below to watch the webinar.

Criminal Finances Act 2017: The Corporate Offence of Failing to Prevent Tax Evasion

Criminal Finances Act 2017: The Corporate Offence of Failing to Prevent Tax Evasion

Oct 19 2017
Author Amy Bell

Shortly before Government was dissolved for the General Election, the Criminal Finances Act was passed. As part of the Government's Action plan to tackle money laundering, terrorist financing and corruption, the Act introduced new investigation and information sharing powers for law enforcement and the regulated sector. Most notably, and of widest application, is the introduction of the new corporate offence of failing to prevent the criminal facilitation of tax evasion, which came in effect on the 30th September. If found guilty, firms can face unlimited fines in respect of acts done by their employees and associated persons. Firms which can demonstrate they have reasonable prevention procedures in place will have a defence.

To understand the requirements of the new regime, read our Guidance on the Criminal Finance Act - and watch our webinar, presented by Amy Bell, which is now available to view at any time.

Under the previous legislation, government felt that holding corporate bodies criminally liable was difficult because often the board would have no knowledge of the facilitation. The decision making or advice which can constitute facilitation of tax evasion is often at a lower level, particularly in large organisations. There was little incentive for the management to implement systems to look for the facilitation of tax evasion or to encourage whistleblowing of such activity. This legislation will hold firms accountable if they are “turning a blind eye”

HMRC have acknowledged that it will take time for firms to fully implement reasonable procedures but at the very least they expect firms to have

  • Demonstrated a clear commitment to compliance which might include the design of a plan to achieve compliance
  • Top level commitment to preventing the facilitation of tax evasion by the firm or its associated persons
  • An initial communication plan – this could be an email to all explaining the offence, and the steps the firm is going to take to prevent the facilitation of tax evasion.

That said, they have said they will still expect rapid implementation, so firms will need to keep up the momentum to ensure implementation as soon as possible.

What is the new offence  

There are three stages to the offence

  1. There must be tax evasion by a taxpayer. The offence applies to the evasion of UK and overseas tax provided there is a UK connection, and a corresponding UK offence. Note: there does not have to be a conviction for this to apply.
  2. There must be the criminal facilitation of the tax evasion by a person associated with the firm. A person is associated if it is an employee, agent or another person who performs services for or on behalf of the firm. This will be judged on the circumstances, rather than the contractual arrangements which are in place.
  3. The firm failed to prevent the associated person from committing the facilitation.

What is the defence?

There is a statutory defence, that the firm had in place reasonable prevention procedures. HMRC has issued draft guidance which explain the 6 guiding principles for a firm to have regard to when designing the prevention procedures. They are

•             Risk Assessment – assess the nature and extent of the risk that those acting on the firm's behalf will engage in the facilitation of tax evasion.

•             Proportionate Prevention procedures – depending on the size and nature of the firm, implement policies and steps to ensure they are complied with. Consider the opportunity, motive and means for a person to facilitate tax evasion, and if identified how this risk can be eliminated.

•             Top level commitment – demonstrate top level management commitment to preventing tax evasion, both in the involvement with the risk management process, but also their management and communication of those who could facilitate tax evasion.

•             Due diligence – carrying out appropriate due diligence on persons acting for or on behalf of the firm, who may not be subject to the same sort of monitoring as employees.

•             Communication – ensuring that your policies and procedures are communicated and embedded through training. It is also important that the firm's zero tolerance approach is communicated, both internally and externally to deterrent those seeking to use the firm to evade tax.

•             Monitoring and review – this could be seeking internal feedback to ensure employees and agents are aware of the policies and procedures, or formal review with documented findings. Firms need to establish whether the measures they have in place are being complied with and that they meet the risks the firm face, which may evolve over time.

What should firms do today?

Firms should consider the extent of their risk of exposure to this offence as soon as possible. They should conduct a risk assessment, identifying which departments, services, and relationships provide the opportunity, motive and means to facilitate tax evasion.

Policies and procedures will need to be reviewed to mitigate any risks identified. This offence may appear to be similar, in terms of the process to the adequate procedures required under the Bribery Act, but firms should not assume it is as simple as inserting the works “and tax evasion” into those policies.

It is important that the policy is communicated to associated people; that the firm has a zero tolerance approach to the facilitation of tax evasion, and that examples are provided through training as to how tax evasion could present itself to staff. Reinforcement of the commitment to the whistleblowing process, and protection for reporters is also crucial.

HMRC has published draft guidance, and for law firms, the Law Society has published a practice note which provides more in-depth guidance.

Continuing Competence Webinar

Continuing Competence Webinar

Sep 20 2017
Author Amy Bell

Amy Bell, Chair of the Law Society's Money Laundering Task Force, and now a Risk Consultant for Lockton, recently presented a webinar for Lockton's Solicitor answers some frequently asked questions around the new Competence framework which is now available for any time viewing.

Click on the link below to watch the webinar.



Continuing Competence

Continuing Competence

Sep 11 2017
Author Amy Bell

Summer is traditionally a time when Solicitors have a little more time to attend to their admin. As a former training manger for a firm, I would routinely send out emails in August asking people to check whether they were on target to do the CPD hours for the year, and in September I would circulate all the courses we were running for anyone who was “short”. Sound familiar?

31st October 2016 saw the end of the 16 hours CPD regime.

Instead it has been replaced by Continuing Competence.

To understand the requirements of the new regime, read our Guidance on Continuing Competence - and watch our webinar, presented by Amy Bell, which is now available to view at any time.


What is Competence?

Principle 5 of the SRA Code of Conduct requires solicitors to provide a proper standard of service. We see at outcome 1.5 of the Code, that solicitors must deliver a service which is competent. The SRA have issued a competency statement and a threshold standard which is the minimum a solicitor must be able to meet in order to qualify.

But, competency is not just about a level which was appropriate when you were a newly qualified solicitor. The SRA use a broad definition, being, "the ability to perform the roles and tasks required by one's job to the expected standard" (Eraut & du Boulay, 2001). Your required level of competence will depend on the level of expertise required for your role.

It is likely in the early part of a solicitor's career, they will spend a large amount of time learning the skills needed to perform their role. However that is not to say that more experienced solicitors do not need to learn. Apart from keeping current with the law, as a solicitor progresses, they will need new skills (management, financial skills) which were not needed earlier on in their career.


What is Continuing Competence?

This is the process of regularly reviewing your competence, whether in relation to changes in the law, or skills needed to perform your role and undertaking learning when appropriate.


What is the impact of the change?

Solicitors need to adapt to a new way of approaching their training needs. It is acknowledged that the old system of specified hours led to some solicitors attending courses which were not relevant, investing 7 hours in a full day course, when perhaps only 1 hour was directly relevant.

The need to attend 25% accredited training has been removed so, it may be possible to meet your training needs without attending a course.

Essentially, the requirements are now outcome focused.  The required outcome is that solicitors are competent, and how they achieve that is a matter for them.


What about my staff who are not solicitors?

The Code requires that the service which is provided by the firm is competent. This is not confined to qualified solicitors, but any staff delivering services to your clients.  Using the same process to identify training needs for your other staff can be useful.


When does this start?

The new continuing competence regime began on 1st November 2016, so you should already be well on the way, but if not, below is an outline of the process.

Where do I start?

First of all, you need to be familiar with the competence statement, which is split into 3 parts; the statement of legal knowledge, the statement of solicitor competence, and the threshold standard. These are available on the SRA website.  

The statement of legal knowledge is the legal knowledge you are required to know upon qualification, covering the main areas of law which you will study academically, as well as the code of conduct. 

The statement of solicitor competence is split into 4 parts:

  • A Ethics, professionalism and judgement
  • B Technical legal practice
  • C Working with other people
  • D Managing themselves and their own work

The areas are then broken down further, into specific examples of skills and behaviours. In total there are 91 skills in which a solicitor must be competent. When you look at each skill, you can see that emphasis for skills development is much wider that just the technical legal skills, but also making sure that solicitors have the soft skills needed to deliver their role.

Because the statement of solicitor competence is generic, the threshold standard gives context to what is expected by solicitors. A person must be at level 3 in order to qualify. The other levels are not assessed, and are provided for context, but they do demonstrate the mastery of the skills which are required for more senior solicitors.

Continuing competence process


Starting at the top right, you need to reflect on what your learning needs are. That can be difficult, it is hard to say what you don't know. However, a process of reflecting on your personal ability against the 91 skills in the competency statement will show areas for improvement.  When considering each of the skills, think about whether you can give an example of when you did the particular aspect well, if not that might be an area of development for you.


Once you have identified the areas for improvement you need to plan to carry out the learning. As already mentioned this does not have to be attending accredited courses, it could be reading articles, listening to webinars and podcasts, research, or mentoring. Think about how you enjoy learning new information, and look for ways to learn which match that. Some people like to read, some people like to be able to bounce ideas off each other in a social environment, some people like listening to short podcasts on the train in the morning. This regime really does provide that flexibility to learn in the way which best suits the individual.


You then need to carry out your plan, make the time to do the learning. Any significant issues, which would impact on your ability to provide a competent service should be addressed as soon as possible, with the rest of the needs addressed during the learning year.


Once you have carried out the learning, you should evaluate how useful it was, did it get you towards your learning goal, towards competency. Many training evaluation forms ask questions about the speaker, the room, the content, but in addition you should be asking yourself what did you learn. Again, this is usually on the form but in my experience the answer is usually what it is you remember, which is not necessarily the same thing. Ask yourself instead, what will you do differently.

What will the SRA need to know?

You, or your firm on your behalf, will need to give a declaration as to competence as part of the Practising Certificate Renewal process. In addition, you should keep a record of your learning plan (demonstrating your reflection) and your evaluation (demonstrating that you undertook effective learning). Templates for these documents can be found in the SRA Continuing Competency Toolkit, available on their website. Additional guidance is also available on the Law Society Website.

We will also be hosting a webinar on Wednesday 20th September at 12 noon to provide more guidance on this topic.

In this webinar we will:

* Examine the new regime, what do you have to do, when and how
* Is this the end of "More...junk CPD"
* How do you reflect - how do you know what you don't know
* Setting SMART learning goals
* How to make the most effective use of your training budget.
* How do assess the effectiveness of learning - what is the difference between learning and remembering 

Register here

Our recent feature in the Solicitor's Journal

Our recent feature in the Solicitor's Journal

Jul 11 2017

James Turnbull and Steve Holland feature in the Solicitor's Journal giving their expert insight into BPE Solicitors v Hughes-Holland and the Solicitor's Market.

Please see the links below to the articles, or alternatively download the pdf version on the right hand side.

The Biggest Change to AML in a Decade

The Biggest Change to AML in a Decade

Jul 5 2017
Author Amy Bell

Monday 26th June 2017 saw The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 come into force, just 3 days after they were passed.

Much of the 2007 regulations remain intact, however, there are considerable amendments and additions and below are highlighted those most relevant to lawyers.

Risk Assessment

Each firm will have to prepare a risk assessment. This will involve taking reasonable steps to identify and assess the risks your firm faces, and keeping a written and up to date record of those steps you have taken.

When compiling your risk assessment, you should consider:

  • Who your clients are
  • Where your clients, or their funds are coming from
  • The services you are providing to your clients
  • How you provide services to your clients
  • Size and nature of your business

Whilst it is not possible to prevent entirely the risk of being targeted by criminals, having a robust risk assessment will justify the steps you took.  

Policies, controls and procedures

You must establish and maintain and regularly review policies, controls and procedures to mitigate and manage the risks which you have identified in your risk assessment. They need to be proportionate to the size and nature of your business.

Your policies must provide for the scrutiny of complex and unusually large transactions.  This means each matter will need to be risk assessed. You should consider the due diligence information which has been obtained, and the nature of the instructions. The main question that lawyers need to ask themselves is does the transaction make sense?

Internal Controls

The internal controls which you must implement will depend on your assessment of the size and nature of your business. You may need to

  • Appoint an individual who is on the board, or a member of senior management as the officer who is responsible for compliance with the regulation
  • Carry out screening of relevant employees
  • Establish an independent audit function to examine the effectiveness of the policies



The training you provide must now also include training on the Data Protection requirements in the Regulations.

Customer Due Diligence (CDD)

CDD is not just required at the beginning of a relationship with the client, but also must be applied when you become aware of changes in the circumstances of an existing customer.

There are some important additions to the 2007 regulations in relation to a body corporate, namely

  • Its constitution (which may be found in the articles of association).
  • Where the client is beneficially owned by another person you must now also to verify the identity of the beneficial owner.
  • Where the beneficial owner is a legal person, you also need to understand the ownership and control structure of the beneficial owner.  
  • These requirements will not be satisfied by relying only on the register of people with significant control.
  • If the person instructing you is acting on behalf of a client, you must verify that person

It is also important to note that the definition of beneficial owner of a trust has been extended to now include settlor, the trustees, the beneficiaries or class of beneficiaries and any individual who has control of the trust.

Enhanced Customer Due Diligence (EDD)

The Regulations are more prescriptive as to when EDD measures need to be applied. You must apply EDD when the case is high risk.

When assessing whether a matter is high risk, you must consider regulation 33(6) including amongst others, customer, service and geographical risk factors.

EDD means examining the purpose of the transactions and increasing the frequency of monitoring. You may also seek further independent verification of the information you have been provided, take more steps to understand the ownership and financial situation or to ensure the instructions fit the client's business.

PEP definition

This has changed to include domestic PEPs and widened to include members of governing bodies of political parties and on the board of international organisations.

Simplified Due Diligence (SDD) and Pooled Client Accounts.

In relation to the client account, banks can apply SDD provided that

  • The firm presents a low degree of risk, and
  • Information on the identity of the person on whose behalf monies are held in the PCA are available on request.

You will need to ensure that you have explained to the client that, if the bank requests information about who you hold funds for, you will be required to provide that information. The client needs to consent to that.  

Data Protection

You must provide new clients with a statement that any personal data received will only be processed for AML and CTF purposes.  Data must be retained for 5 years following the end of the business relationship but then deleted unless you are required to keep it by law, or the data subject has given consent for its retention. You will need to ensure, probably through your terms of business letter, that you have the client's consent to keeping the data for longer than 5 years. 

The Impact of Phishing - Webinar

The Impact of Phishing - Webinar

Jun 15 2017
  • Location: Online
  • Time: 15/06/2017
  • Cost:
  • Number of Places:
  • 1.00 units accreditted CPD

This webinar will provide guidance risk mitigation and cyber security. In partnership with NCC Group, the webinar will examine the results of a recent phishing exercise conducted on 120 law firms.


This webinar will identify precautionary measures that firms can take to reduce the security risk from phishing.

Please use the link below to sign up. We encourage all law firm managers and those involved in risk and compliance to sign up early as there  are limited spaces available.

Webinar Details

Date: Thursday 15th June 2017

Time: 13:00 - 14:00

Speaker:  Haroon Malik, Principal Consultant, NCC Group

CPD:  1.00 unit


About NCC Group

NCC Group is a global expert in cyber security and risk mitigation, based in Manchester.    They work with over 15,000 clients worldwide to assist them protect themselves and their clients from information security breaches and cyber crime.

For more information about NCC Group visit


Prepare for the biggest changes to AML in a decade:  Watch our Webinar

Prepare for the biggest changes to AML in a decade: Watch our Webinar

Jun 7 2017
Author Amy Bell

New Money Laundering Regulations are due to come into force this summer, implementing the EU Fourth Money Laundering Directive.

Amy Bell, previously a specialist AML adviser to the Law Society, and now a Risk Consultant for Lockton, recently presented a webinar for Lockton's Solicitor clients outlining the key provisions of the new AML regulations , which is now available for any time viewing.


Overview of the new Money Laundering Regulations

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations  will replace the Money Laundering Regulations 2007. 

The original date for implementation was 26th June, but, since the election was called, there is some uncertainty about the exact date when the new regulations will come into effect, but there is not expected to be much delay to the original timetable.

If you are not already prepared to implement the anticipated changes, you should therefore prepare now. 


Overview of key changes

Risk Assessments

Solicitors have been identified as 'high risk' from a Money Laundering perspective, in the UK governement's current National Risk Assessment.   The SRA undertook some research on 250 firms, following this assessment, and found that the standard of Anti-Money Laundering processes amongst firms was generally high.

Regulated firms, including solicitors, must carry out a risk assessment as part of any client & transaction vetting process.  Source of funds is one of several risk factors that you should take into account.  The nature of services you provide are also relevant.  Conveyancing transactions are particularly susceptible to money laundering attempts.

There are a list of specific circumstances where enhanced due diligence will be required.   The definition of 'Politically Exposed Persons' has also been expanded - and extended due diligence will be required for such persons for a year after they have ceased to be defined as a PEP.

More Policies & Procedures

Your policies and controls must be proportionate to the size and nature of your firm, and be based on your risk assessment.

Depending on the size and type of business, firms must appoint someone at board level to manage compliance with the regulations.

There must also be a mechanism for flagging unusual/high risk/particularly complex files.


Training has always been an important part of AML requirements, and the new regulations are no exception.  There is now likely to be a requirement to include data-protection training as part of the regular training provided.


Watch our webinar

Click on the slide below to register and watch our latest AML webinar.

The webinar covers:

• Changes to the definition and requirements in relation to beneficial owners
• What do you need to include in your risk assessments
• New controls to manage and mitigate the risk of money laundering
• Changes to when you are required to apply enhanced due diligence measures
• The new definition of Politically Exposed Person
• New Data Protection requirements


For more information & Guidance

Sign up for one of our four AML Masterclasses, being held

  • London, 15th June
  • Manchester, 16th June
  • Birmingham, 26th June
  • Bristol, 27th June

We can also provided access to discounted AML support.

Contact Us for more information.

Protecting yourself from Ransomware: lessons from the NHS systems crash

Protecting yourself from Ransomware: lessons from the NHS systems crash

May 15 2017

'It could happen to you!'  This is the message to take from the recent NHS computer crash following the "wannacry" virus attack.    It is important to realise that the NHS was not specifically targeted.  This virus was sent out in millions of phishing emails worldwide, taking advantage of a known gap in Microsoft coding, which many companies and individuals had not addressed by means of a simple software update.  

While there is no guaranteed way of avoiding the risk of an information security breach or systems crash as a result of a malicious computer virus, there are a number of things you can do to reduce the risks -of this, and other, cyber attacks.


Advice on the current 'Wannacry virus' threat

The advice for firms seeking to combat the immediate threat posed by the Wannacry virus is:

  • Patch MS17-10 asap
  • Ensure that your anti-virus software is up-to-date 
  • Make sure you have an 'out of band' backup

For more specific details on addressing the current Wannacry virus threat, download our attached guidance note from Lockton's specialist Cyber Team, or contact us for more in-depth advice.


General Steps to reducing the threat of a successful cyber attack

Robust and up-to-date anti-virus software remains far and away one of the two most important protections in your armoury. 

The other is an independent or off-network back-up, that is tested as part of a tested business recovery plan.  This should enable your business to get back up and running, without having to pay any ransom (in case of a ransomware attack).

This is not simply an IT issue - and there are some additional simple steps you can take to help protect yourself.

1. Make sure you are using up-to-date supported software

While the recent 'Wannacry' virus potentially impacted all Microsoft Windows platforms, Microsoft, as with all software suppliers, recommends the most recent versions as providing greater security.  We are aware that a number of solicitors firms still use Windows XP, and it is important to be aware that this is no longer supported, and does not get updated as standard to take account of new security threats.  Using unsupported software exposes your business to a significantly greater risk of a successful cyber attack.

Nor should you forget your internet browser.  Viruses can equally be transmitted through infected or scam websites.  Up -to-date browsers help reduce the risks. Many firms are still using Internet Explorer 8, which is no longer secure.

Ensure you are using a current (ideally the latest) version of your browser.  Visit to check. This will instantly show you what browser you are currently using. 

2. Apply software updates at the earliest opportunity

The NHS systems crash is not simply an alert about one particular update.   The wider risk management lesson is to ensure that you always ensure that your software is up-to-date.

Activate automatic updates in the software, or, alternatively, when an update is flagged, install it straight away.  Microsoft, on becoming aware of the vulnerability rapidly issued a 'software patch' (MS 17-10) which provided essential protection against this particular type of attack.   If you have installed all relevant updates, you are unlikely to be affected by this particular virus.

3. Make ALL staff aware of the risk of 'phishing' emails immediately

The aptly-named 'wannacry' virus that sent the NHS into meltdown is spread by fake emails.  Typically the emails have appeared as job offers, invoices and security alerts.

If  any single person in your firm clicks on one of these messages, the whole firm is at risk of being affected.

While it is not possible to identify all phishing emails, each member of staff is still a vital line in your defence.  Please ensure that all staff are particularly aware of the risk of fake job offers, invoices, security alerts and the like.

Circulate our guidance on identifying phishing emails.

The key message is, if in doubt - do not open.  To reduce risk, set emails into preview mode in your settings.


For further advice and guidance

Download our guidance note advising on specific measures to combat the threat of the Wannacry virus, or speak to our Cyber Team for more in-depth advice.

Look out for further guidance on phishing awareness from Lockton coming out this summer.


This article is for general advice only.  Acting on this advice will not protect you or your firm from all computer malware, and Lockton can accept no liability for any losses of any kind arising from a breach of your computer system security.

Conveyancing Phishing emails alert

Conveyancing Phishing emails alert

May 2 2017

We have recently received a number of scam conveyancing emails which include attachments containing malware.

As the latest government report on information security and data breaches, issued in April, revealed that 72% of breaches reported by UK businesses related to fraudulent email, it is even more important that you staff are educated, and remain alert to the risks.  No matter how stringent your internet firewall is, scam emails will get through the net from time to time, and you are therefore reliant on your staff's alertness to prevent a potential major information security incident.


Latest conveyancing phishing email

Here is the latest example of a phishing email specifically targetted at the conveyancers:


Hopefully the majority of your team would recognise that the solcitors details referenced did not match up to a current transaction, and similarly, query the generic email address.  Some of the more sophisticated scams are more difficult to spot however.


Phishing awareness webinar

Lockton has recently worked with specialist cyber security expert, NCC Group, to undertake a simulated phishing exercise for law firms in Scotland.  They are presenting a webinar on Tuesday 9th May, looking at the results of the simulated phsihing exercise, and highlighting some of the approaches that cyber criminals take, and how you can mitigate the risks of attacks in future.

You can register for the webinar here


Further guidance

You can access further guidance on recognising phishing emails in our Resource Centre.  And look out for more guidance and training materials from Lockton on cyber security, coming soon.

If you have a specific cyber security concern, contact Calum MacLean, Lockton's Risk Manager for Professions, or your Lockton Account Executive.

AIG Aggregation Case - Supreme court overturn Appeal decision

AIG Aggregation Case - Supreme court overturn Appeal decision

Mar 22 2017

AIG has been successful in overturning the Court of Appeal decision (see Lockton's post on the Appeal verdict) regarding the interpretation of the SRA Minimum Terms & Conditions wording of the compulsory Primary layer Professional Indemnity insurance relating to the aggregation of claims.

The Supreme Court held that the Court of Appeal formulation (that there needed to be an intrinsic relationship between the matters giving rise to a  claim) was too narrowly framed, and the decision, in consequence, not satisfactory.

The Supreme Court decision, announced today, held that, in applying the aggregation clause, it is necessary to consider the transactions objectively, taking them 'in the round'.

The facts of the case - a refresher

Two property developments (one in Turkey, one in Morocco) failed.  The International Law Partnership had devised a mechanism to protect external investors' investments in the schemes, involving a complex trust and escrow structure.  This structure proved ineffective, and the Trustees for the investors made claims against the International Law Partnership which would have totalled approximately £10million.   AIG, The International Law Partnership's Professional Indemnity insurer, argued that the MTC aggregation clause applied, with the result that the total claim payable under the primary policy would not exceed £3million.


The Supreme Court Judgement

In his judgement, Lord Toulson concluded that each investment scheme contained a number of significant connected elements.  Not only did The International Law Practice fulfil a dual role (as trustee and escrow agent), the investors in each scheme were also connected - all investing in the same project, and as joint beneficiaries of the relevant trust.  

From these connecting factors the Court concluded that they arose from acts or omissions in a 'series of related transactions' on the basis that they 'shared the common underlying objective of the execution of a particular development project'.

The Court held that the case for aggregating the claims of the two different investment projects, Peninsular Village and Marrakech, was much weaker, the relationship between the two development companies not being sufficient.  This means that the aggregation of claims is likely to be limited to each scheme, individually.

The Court has referred the matter back to the High Court to determine the issue in accordance with its judgment.


Lockton Comment

The application of the MTC aggregation wording will always depend on the detailed specifics of a particular case.  The Supreme Court judgement makes it clear that there can be no straightforward clear-cut 'test' to determine whether a series of claims can be aggregated.

Law firms should, when assessing risk, be aware of the potential for multiple claims arising from certain types of error.   This is particularly evident where you are drafting a document that will be used multiple times for a client or series of clients.  A good example would be a lease style used for a client across their property estate.

Firms should also be aware of the risks of aggregation when calculating the amount of Professional Indemnity insurance required.  Failure to take sufficient consideration of this could, amongst other things, leave you in breach of your regulatory requirements to have an 'adequate' level of insurance in place.

Leasehold properties - Grounds for concern for solicitors?

Leasehold properties - Grounds for concern for solicitors?

Mar 6 2017

The question is often asked by law firms undertaking conveyancing work 'why are we paying so much more for our PII than other firms who don't'?  The answer is that issues keep popping up to trouble insurers, often unexpected.

Two recent developments causing concern for insurers involve leasehold properties. 

Firms may have a potential claims exposure if they have not identified and advised on the following matters:


Potential Claims Issue:  Failure to pay Ground Rents

An issue has been brewing since the Housing Act 1988 (The Act) came into force in January 1989  - however the potential problem has only recently been recognised.  The issue surrounds the buying of a leasehold property where the ground rent is, or will during the lease be £250.00 or more (£1,000.00 or more in London), meaning that the lease will therefore fall within the provisions of The Act and become an assured tenancy. 

The problem arises, in part out of the wording of Ground 8 in Part 1 of the Second Schedule to The  Act,  which determines that where x rental payments are missed in a given period, the Court must, without discretion, terminate those leases and award possession of the property to the freeholder. It is clear then that any issue could potentially affect hundreds of thousands of leases.


Potential Claims Issue:  Increasing Ground Rents clauses

Taylor Wimpey has received significant negative publicity recently for its incorporation of leasehold clauses imposing significantly escalating ground rent charges.  They are not the only developer to have taken advantage of this opportunity for a surreptitious additional income stream.  

CML Handbook Reporting requirement

A solicitor owes a duty of care both to the purchaser and lender, if any, to report on any matters affecting title or the value of the property, as reflected in Part One of the CML handbook which provides instructions for conveyancers acting on behalf of lenders in residential conveyancing transactions.

Clause 5.6.1. of the Handbook states  under the heading 'Good and Marketable Title', that the “title to the property must be good and marketable free of any restrictions, covenants, easements, charges or encumbrances which, at the time of completion, might reasonably be expected to materially adversely affect the value of the property or its future marketability ……… and which may be accepted by us for mortgage purposes”.

Therefore, if ground rents are not paid OR leases contain 'unusual' clauses for the increase of ground rents, conveyancing solicitors will be under a duty to report, both to purchaser and lender.  However, it is believed that these issues have not been reported, either because firms have missed the issue or not understood its importance.  

Some lenders have certainty seen this issue as a real concern and have insisted upon additional requirements prior to lending. Examples of these additional requirements include:

  • The ground rent must not be capable of being increased during the first 21 years
  • The ground rent cannot be open-ended i.e. it must not be capable of being increased to an unspecified amount.


It has also been reported that lenders have begun to refuse to lend where ground rents are due to increase significantly over future periods.

So how should conveyancers deal with the issue now?


Risk Mitigations

Historic files

  • Provide a 'Property Law Bulletin' to existing clients alerting them to the risks regarding
    • non-payment of ground rent; and
    • onerous ground rent provisions

           and prompting them to get in touch if they have any concerns.

  • Undertake an audit of any potentially 'high risk' files involving leasehold property interests.  You may be able to identify transactions involving new-build housing developments and audit a sample to identify whether or not there is likely to be a problem regarding punitive ground-rent provisions.


New matters

  • The first, and simplest, solution is to specifically advise all clients at the outset to pay ground rents when due and inform them of the penalties for not doing so. 
  • Where a lender is involved also inform your client that you will be writing to the lender to advise of the situation.
  • Amend or add letters to solicitors acting for the freeholder to your precedent bank, pointing out the issue and flagging that amendments are required to the wording of the lease.  
  • Be aware, where a client is facing forfeiture of a lease, that relief from forfeiture can be granted but the amount due in arrears must be paid.
  • Include a specific prompt for fee-earners to check leases for the wording of ground rent clauses/increase provisions as part of your transaction checklists.
  • Once the potential size of the issue is known, develop a strategy for dealing with clients, landlords and lenders. Each of these will have differing primary concerns.
  • Circulate this warning note to conveyancing fee-earners and follow up with departmental training.


The Bold Legal Group (BLG) have obtained a legal opinion on the matter which has been made available to BLG members.  For more information on the BLG, visit their website: or email Rob Hailstone; 

Related Resources

The Housing Act 1988 (ref Section 1, Schedule 1 & Schedule 2)

Artesian Residential Investments Ltd v Beck  [2000] QB 541


Conveyancers Beware!

Conveyancers Beware!

Feb 2 2017

Conveyancing has always been one of the highest risk areas of practice, from a Professional Indemnity insurer's perspective.  The decision of the High Court in a recent case involving Mishcon de Reya, will do nothing to alter this.  If the decision stands, we are concerned that some insurers, already wary of residential conveyancing firms, may seek to remove such firms from their books or increase premium rates on conveyancing work.

The biggest concern for solicitors is that the court found against Mishcon de Reya, notwithstanding a finding that the firm had not been negligent.  This opens up significant risk exposure for firms.  Pending the results of an appeal, we highlight some practical risk management action points that may help minimise this risk.


The (pertinent) Facts of the Case

Mishcon de Reya ('Mishcon') acted for Dreamvar (UK) in the purchase of a property in London.  The purchase proceeded as normal, but after Dreamvar had paid the purchase price (of over £1m) it transpired that the seller was a fraudster who did not have ownership of the property in question.   

Dreamvar's claim was made on the basis that Mishcon had been, in their view, negligent in failing to obtain an undertaking from the seller's solicitors regarding the seller's identity and title to the property.  This element of the claim failed however, David Railton QC found Mischcon in breach of trust and considered that recourse to the firm's Professional Indemnity insurance was the 'only practical remedy'.


Conveyancing Risk Mitigations

  • Ensure your client vetting procedures are robust – and properly implemented.  For high risk transactions, electronic identity checks should be used as standard.  Ensure you keep a record of your process/findings on the file.


  • Refer any high risk transactions to a Senior Partner Risk and Compliance Partner (e.g. back to back transaction or where there is a disparity between the address being used for correspondence and the property address).


  • If you are acting for the purchaser ask for confirmation as to how and what processes were used to verify the seller's identity.  You may wish to request formal evidence of the seller's ownership of the property (request a document that only the real owner is likely to be able to produce).  


  • Advise your (purchaser) client of any requests for information to which you have not received a satisfactory response


We have an ever-increasing range of useful guidance in our Resource Centre which you can download - see the downloads panel on the right hand side.

Alternatively call us or speak to your Lockton broker.  

Client Account Dangers Exposed

Client Account Dangers Exposed

Feb 21 2017

A recent Solicitors Disciplinary Tribunal decision highlights the dangers of firms accidentally misusing their client account.

Using client account as a banking facility is a 'serious departure' from required standards

Earlier this year Mandeep Dhariwal was fined £40,000 and ordered to pay SRA costs of £20,250 for allowing his firm to act as an escrow agent. Despite no suggestion of dishonesty the Solicitors Disciplinary Tribunal commented that it was Dhariwal's conduct in letting the client account be used as a banking facility which represented a 'serious departure' from the standards expected of him. 

There is undoubtedly a lack of clarity and awareness amongst some in the profession on this issue – Dhariwal believed the investment schemes in question were genuine. However, he accepted that with hindsight he should have considered that there was a risk he was breaking solicitor rules.

The SRA has provided a warning notice about the improper use of a client account as a banking facility  This states the key issues and offers guidance to the current SRA position.

Potential risks when acting as an escrow agent:

  • Providing banking facilities through a client account is prohibited. The SRA states that a firm should only receive funds into client account in relation to an underlying transaction that you or your firm is advising on.
  • There must be a reasonable connection between the underlying legal transaction and the payments. This will be dependent on the facts of each case. You should only hold funds where necessary for the purpose of carrying out your client's instructions in connection with an underlying legal transaction or a service forming part of your normal regulated activities. You should ask why the client cannot make the payment themselves. If the client does not have a bank account in the UK, this considerably increases the risks. You should be prepared to justify any decision to hold or move client money.
  • Significant aggravating factors include the risks of insolvency and money laundering. Following the case of Simms SDT 8686/2002 “A solicitor who involves himself in transactions which he knows or suspects or should have known or suspected could involve illegality or impropriety or who gives such transactions credibility cannot but appreciate that his behaviour will be perceived as affecting his integrity and trustworthiness and so affect the reputation of the Profession.”

Minimise your risk

If you are in doubt about holding funds in escrow or the investment scheme we recommend you consult with the SRA's ethics help line or alternatively please contact your Lockton Account Executive / Lockton claims department.

How Lockton can help

At Lockton we want to protect your firm's reputation and control any additional risks your firm may face. Regulatory breaches and or subsequent claims arising from misuse of the client account or participation in questionable investment schemes will mean facing in-depth questioning by insurers and ultimately an increase in premiums, if insurers are unable to get the comfort from your conduct in these past activities. 

PII Case-notes: Litigation Funding decision

PII Case-notes: Litigation Funding decision

Jan 12 2017

The Supreme Court handed down it's long awaited decision on the case of Impact Funding Solutions limited against AIG on 26 October 2016.  The decision is relevant for solicitors and their PI insurers in providing guidance on the debts and trading liabilities exclusion contained within the SRA Minimum Terms and Conditions.

The facts - a summary

Impact Funding provided loans to clients of a Law firm. The funds were to be held by the firm on behalf of the clients to finance disbursements in the conduct of litigation for industrial deafness.

The firm had entered into two 'Disbursement Funding Master Agreements' with Impact Funding, as part of the arrangement for the provision of finance to the clients.  Pursuant to the Master Agreements, the firm undertook to repay the loans which Impact had made to the clients including in circumstances where the clients breached the credit agreement or where any credit agreement was unenforceable as a result of an act or admission by the firm. The firm also warranted to Impact that it would perform its professional duties to its clients.

The firm failed to adequately or timeously investigate the merits of the claims and also misapplied the funds provided by Impact. Impact issued proceedings against the firm and was awarded damages of £581,353.80, representing the principle elements of the loans which would not have been made if the firm had not breached its contract with Impact. Following the firm's insolvency, Impact sought to recover this sum from the firm's professional indemnity insurers, AIG, under the Third Parties (Rights against Insurers) Act 1930.

First Instance Decision & Appeal

The Court at first instance held that Impact's claim against AIG failed. The Court of Appeal found in favour of Impact on the basis that the loans were inherently a part of a solicitor's practice and that the personal liabilities incurred pursuant to the warranties were incurred professionally and therefore fell within the cover under the policy.

Supreme Court ruling

The Supreme Court overturned the Court of Appeal, finding that Impact's cause of action arose by reason of a breach of a term of the contract or arrangement by which Impact supplied services to the firm. In these circumstances, the trading debts and liabilities exclusion under the policy excluded cover. The Court acknowledged that the breach of warranty, on which Impact relied, was a breach of duty owed by the firm to its clients, but noted that Impact's claim was not derived from the clients' claims.

Implications for solicitors

In conclusion, whilst the decision will be pleasing news for insurers, solicitors will need to be conscious of their potential personal exposure in circumstances where they employ litigation funding schemes.

Lockton ranked first in client satisfaction survey

Lockton ranked first in client satisfaction survey

Dec 12 2016

JD Power & Associates' found Lockton to be 40 points clear of its nearest rival, Arthur J Gallagher & Co, in its latest client satisfaction survey.  The study measures customer satisfaction with insurers and insurance brokers that operate in the commercial sector, across a wide range of measures.

Lockton achieved 863 points on a 1,000 point scale.  The survey identified the most important driver of client satisfaction was the quality of advice and guidance provided by Lockton,  ' in-depth expertise and... a hands-on consultative relationship with clients'.  

Greg Hoeg, a Vice President in JD Power's USA isurance practice, (as quoted in Business Insurance magazine) suggested that, as a smaller company, Lockton could be more nimble, and responsive to client needs.

The success of this approach has been seen in our UK professions business.  Lockton's investment in service was rewarded with our highest ever retention rate of 97% for solicitors in England & Wales PII.  

We are continuing to re-invest to ensure that our service - both in person, and on-line, remains class-leading.

We will be launching our own client satisfaction survey early in the New Year.  Please do ensure that you add your voice, as a valued Lockton client, to ensure that we deliver what you need from your broker.

Cyber Crime: Protecting your Business from Reputational Harm - webinar

Cyber Crime: Protecting your Business from Reputational Harm - webinar

Dec 6 2016

Profesional firms can be split into two categories:  those who know that they have been subject to some form of cyber incident, and those who have, but aren't aware of the fact!

We have previously focussed on preventative measures you can implement that can minimise the risk of a security breach - but there is no 100% failsafe solution.  Planning how to protect your firm's reputation in the event of a cyber attack is therefore equally important.    Experience shows that firms that are well prepared fare much better reputationally and financially, after an incident.  

If you were not able to attend one of our seminars on the topic earlier in the year, this webinar, presented in conjunction with cyber recovery specialists, Insignia, addresses the same topics - namely:

  • current cyber crime threats
  • how to plan for a security incident
  • how scenario testing can help you make quicker and better decisions
  • what to do when it happens
  • how to assess reputational impact
  • who to have on your incident response team
  • communication materials you should prepare beforehand
  • a messaging framework to use in the event of a breach


You can also download the presentation slides, using the link on the RHS.

Click on this link to watch the webinar

UK set for third increase in Insurance Premium Tax in under two years

UK set for third increase in Insurance Premium Tax in under two years

Nov 29 2016

In his Autumn Statement on 23 November, Chancellor Philip Hammond announced the third increase in Insurance Premium Tax (IPT) in less than two years.


IPT - a history of rises

IPT was introduced in the UK in 1994 at a rate of 2.5% and slowly rose to a modest level of 6%.  Since 2015, however, we have seen more frequent increases.  Firstly in November 2015 (to 9.5%) and again in October 2016 (10%), with the latter being cited as a way to fund flood defences across the country.  It is suggested that next year's increase is essential to pay for the government's infrastructure plans and to “build an economy that works for everyone”.

Increase effective from June 2017

The increase will see the tax rise from its current level to 12% from June 2017, an increase of 20% and effectively doubling the rate in under two years:

  • November 2015 - IPT rose from 6% to 9.5%
  • October 2016 - IPT rose from 9.5% to 10%
  • June 2017 - IPT will rise from 10% to 12%

The new rate will apply to all insurance policies incepted from 1 June 2017.

There is again no change to the higher IPT rate of 20% (this applies to a number of personal lines insurance, such as travel insurance).

Will there be any further increases?

Given the frequency of the recent increases we could be excused for expecting further hikes in the rate but particularly with Hammond, announcing next year's increase, noting that rates in the UK, notwithstanding the recent increases, remain some of the lowest in Europe.

Further advice

Businesses are naturally keen to avoid paying the additional rate of tax, where possible.  However, the government introduced a number of anti--avoidance measures in the last year, which you need to be aware of.

We can help you:

  • undertake a review of your insurance programmes; and
  • comply with HMRC's recently introduced anti-avoidance rules. 

For more detailed advice regarding the specifics for your business, speak to your usual Lockton contact.  

Email security top tips

Email security top tips

Nov 15 2016

Most cyber security articles focus on high-tech systems issues.  Largely because they sell more consultancy and more products.  It is not that these complex issues aren't real or relevant - but, for most businesses they are not, or should not be, the main focus.

More information security breaches reported to the Information Commissioner's Office relate to email issues than anything else-  and often quite prosaic issues at that.

Our six top tips on email security will see you a long way on the road to safer working.

Tip 1:  Use a good email system

Try to use reputable business email systems -such as Outlook - rather than generic Hotmail, Gmail or Yahoo accounts.  Not only will this make your business look more professional (you will be able to set up email addresses that reflect your business name), but they will provide good quality security with regular updates, include important privacy features, and, appropriately set up, are less likely to store your client confidential data outside the EU (think Data Protection regulations).

Tip 2:   Choose a strong, unique password

This could be a guidance note in its own right.  Don't simply reuse a stong password you use on other accounts (eg your internet banking, your personal email, or facebook account).  Don't make it so complex that you can never remember it, but complex enough that it will take hackers longer to break.  Do not include any part of your name, including maiden name, your school, first pet, home address or other personal information - as these things are remarkably easy for serious criminals to find out and guess.   You can, if you like, use a reputable password manager (a bit of software that, via a single secure password, then creates and remembers constantly changing random passwords) as long as you keep that one password very secure.

For more guidance on selecting a secure password, read this Wikipedia guide

Tip 3:  Add a second layer of protection to your email account

This is called 'two-factor authentication' - and is available on almost all modern email systems that you would want to be using.  All it is, is adding a second type of identity verification to your account.  You may have experienced this when making a paypal transaction or using your internet banking, for example where you have been asked to quote a code sent to your telephone.  This could be activated, for an email account, when you want to change your password for example.

Tip 4:  Keep alert to the threats

Don't click on suspicious links.  Do check the sender email address carefully.  Don't log in to other accounts from your email.  Beware of spam - and remember some of it is becoming much more sophisticated.

Tip 5:  Beware of public wifi

It may be free, and convenient, but it is not very secure.  The data your viewing, including passwords being entered, could well be accessed by hackers.  If you must use it, avoid accessing sensitive material or logging into business accounts - unless you access your work network remotely via a secure encrypted 'virtual desktop' which minimises the risks.  If in doubt about this, check with your IT team.

Tip 6:  Encrypt sensitive data, or don't send it by email

Email is not a secure form of communication.  The simplest way of protecting information is to place relevant files into a 'zip' folder before sending, or even password protecting a document.  These offer a limited additional degree of security.  The problem with better encryption is its impracticality.  Security software company Sophos have an excellent blog  - including a post on the practicalities of email encryption which you my find a helpful source of further advice.

Invoice fraud:  educating your clients

Invoice fraud: educating your clients

Nov 17 2016

Invoice hijacking-  the technique whereby a legitimate invoice is intercepted and replaced by a replica invoice, with different bank details for payment – has become a known risk for law firms and their clients.

While you are unlikely to face a claim on your Professional Indemnity insurance from such a fraud, the fraud typically comes to light when you chase your unpaid bill – and results in an often acrimonious dispute between you and your client over who is to blame.  You will want your bill paid, and the client will be unwilling to pay for the work a second time.

While this scam could arise from postal invoices, to date, we have seen it only in relation to emailed invoices, indicating that cyber criminals have hacked into either your or your client's email system.

While you can control, to some extent, the security of your own email system, clearly there is nothing you can do about the security of your clients' systems and the way they use them  – other than share with them our top tips on email security.

Your next best risk management tool is client education – and providing clients with clear statements about your invoice process and the provision of bank account details.  These goals are best achieved by building them into clear and effective standardised systems and procedures.


Lockton's Best Practice Guide to Invoicing

Calum MacLean, Risk Manager for Professions at Lockton, suggests

  • Ensure that all new engagements use an approved centrally stored (and regularly updated) Terms of Engagement letter. 

  • Include all payment information (including bank account details) in the Terms of Engagement. This section of the document could be non editable, to reduce the risk of fraudulent amendment.  We would also suggest, on a precautionary basis, that these details are double checked by the Fee-earner on receipt of the signed Terms of Engagement.

  • Clearly flag your procedure for notifying changes to account details in your Terms of Engagement

  • If your bank details do change, have a policy of notifying clients by Recorded Delivery hard copy letter.  Ideally, this would be a 'centrally-managed' campaign (eg by the Accounts team) to avoid the risk of fee-earners choosing to email clients with the details.

  • Play safe:  DO NOT include bank details in any invoice

  • Invoices should clearly state the firm policy in that regard:  eg 'We will never provide details of our bank account number or sort-code on our Invoices.  Please check your Terms of Engagement for details or contact your [law firm name] matter manager for details'

  • Ensure you flag your policy regarding how and where you provide payment details and notify any changes thereto in any initial meetings with a client.  Include this as an item in any  'client meeting checklists' you may use.

  • Add an alert to your firm's email sign-off.  A high profile visual will attract more attention (see for example the Nat-West cyber-crime alert included in their current emails). 

Alternatively – you can simply add some a simple message in text – just make sure it stands out.   Suggested messages include:

Please note our bank details will not change during the transaction. If you receive an email or suspicious telephone call informing you differently, please let us know immediately by telephone using the contact details on our letterhead.

Cyber Crime Alert
Emails can be scammed. Please do not rely on email notification of bank account changes without direct verbal confirmation from a trusted source.

For more information about protecting your practice from frauds and scams, speak to our Risk Manager, Calum MacLean, or browse our other guidance articles on our resource centre.

Advanced Anti-Money Laundering for Professionals

Advanced Anti-Money Laundering for Professionals

Apr 3 2016

Our recent webinar, presented by Sam Palmer, Ashford's Head of Professional & Financial Risks, explains the practical implications of the swathe of new AML legislation recently introduced or in the pipeline.  Sam is particularly well versed in the subject having been responsible, during her tenure at the SRA, for leading their AML focus.  You can download the slides that accompany this webinar using the link below.

The webinar provides practical guidance on:

  • avoiding Tipping off, and defending allegations of tipping off
  • the new client due diligence requirements ('Know Your Client' is no more!)
  • Sanctions and PEPs (Politically Exposed Persons).  Note:  these are more prevalent than you might think.
  • effective record keeping
  • recent cases

The hidden costs of closing your firm

The hidden costs of closing your firm

Nov 21 2016

Are you a Partner in a Practice looking to merge with or sell to another firm, or a Sole Practitioner considering retirement?  More often than not, you are probably still too caught up in fee-earning and the requirements of managing your practice, to truly think through all the implications and properly pre-plan.

Yet many firms find themselves caught out by precisely that – the small details that can make all the difference between a smooth and profitable  wind-down or transfer, and a costly and difficult one.

You need to be able to answer the following questions:

1. What are you seeking to achieve, and in what timeframe?

Retirement / Merger / Sale / Other [please specify]

Within 1 year/ 1-2 years/ 2-5 years

2. What is your strategy to achieve this? [eg:  sell practice as going concern within 2 years and become a Consultant for a transitional period OR bring in new partner to take on the business]
3. What obstacles are there to achieving this? [eg:  poor claims history; reducing client base, terms of partnership agreement]
4. What alternatives are there, and what are their implications? [eg.  firm closure without a successor practice - including merger where ongoing liabilities not taken on]


Many Sole Practioners, and Partners in smaller firms are finding that it is more difficult to sell or otherwise transfer their practice as a going concern than they had expected.   New partners may not be easy to find to carry on the business, leaving you with few alternatives to selling or winding up the business. 


Responsibility for ongoing liabilities

Depending on the strength of your bargaining position, you may find that potential merger partners are unwilling to take on liability for future claims arising from your business.  You may have no option but for your firm to go into run-off.

Yet, how many of you, when considering your Professional Indemnity renewal, consider the terms and cost of run-off cover?


Run-Off considerations

Solicitors' PII is highly regulated and policies are largely standardised, following the SRA's Minimum Terms & Conditions wording (MTC).  The provisions for Run-Off Cover (the cover in place when your firm closes without a successor practice taking on future PII liabilitities) do vary from insurer to insurer – and can have a significant impact for your as a Partner in a former practice.

You should be aware of the following key facts:

  • You do not have a choice of Run-Off insurer.  Your Run-Off Insurer is the Primary Layer PII insurer in place at the time your practice ceases.
  • The terms of your Run-Off Cover are set out in your existing PII policy
  • The cost of Run-Off Cover can vary.  It is normally between 225% & 400% of your last annual premium
  • Partners in the former Practice will normally continue to be liable for the payment of excesses due for any claims made in the Run-Off period.  The specific terms will vary from insurer to insurer.
  • If your insurer becomes insolvent (most likely if you have not insured with a reputable A-rated insurer) they are unlikely to honour any claim payments.  You could incur greater personal liability in consequence.


Ensure you speak to your broker about the terms of your Run-Off cover – and that this is addressed as part of any decision concerning your choice of insurer.

We have an ever-increasing range of useful guidance in our Resource Centre, including our latest  Guidance Note on Run-Off, which you can download - see the downloads panel on the right hand side.

Alternatively speak to your Lockton broker.  

Solicitors PII Renewal Statistics - a year in review

Solicitors PII Renewal Statistics - a year in review

Oct 27 2016

The 2016 Professional Indemnity renewal has just completed for the majority of Solicitor firms in England & Wales.  3 years after the move from a single renewal date, and over 60% of firms continue to prefer a 1st October renewal.

Lockton, one of the largest specialist professional indemnity brokers in the UK market, has further increased market share.  Our  rigorous commitment to A-rated markets, several exclusive markets, robust broking, and ongoing investment in our client service proposition, has ensured that we have delivered excellent renewal terms for all our clients, from sole practitioner, to magic-circle global practice.

We are therefore particularly well placed to report on the market dynamics and trends evidenced in this latest solicitors renewal season.


October 2016 Renewal in focus

Headline statistics from this renewal 'season' are:

  • Soft market means rates reduction for many: Solicitors PII premiums (for the complsory primary layer) are anticipated to total £225m , down 12% from approximately £255m in 2015.
  • More firms move from 1st October renewal: 35% of firms (according to latest estimates) now renew their PII away from the traditional renewal date of 1st October, with Feb-May being the most popular alternative period.
  • Increasing focus on fraud and cyber risks: the increased incidence of cyber and telephone frauds has led to more questions for firms regarding their information security and fraud prevention measures.  


Benign market conditions with competition from new A-rated insurers...

infographic showing solicitors professional indemnity premium trends in 2016

As predicted,  there was a 'soft' market for solicitors PII in 2016.  As recessionary claims post 2008 continue to recede, the majority of established A-rated markets have been able to reduce rates for 'good risk' firms. 

Our analysis of the renewal statistics indicates that the vast majority of firms benefited from rate reductions, unless they were already well below the 'technical price' calculated by underwriters.  

With the availability of sustainable low premiums, there was less of a move by firms to 'unsustainably low' premiums offered by some insurers, meaning that there were fewer switches of insurer.


... but some established insurers stand firm on rates

Some insurers, notably Zurich and AIG took a rigid stance with their renewal portfolios. Despite what else was going on in the market they did not react to other insurer's rate reductions.

Consequently, this has resulted in both these insurers losing market share to Insurers that continue to be in 'growth mode'; these include Pelican (who write on behalf of Great Lakes), Endurance, CV Starr and Hannover.


Co-Insurance increases-  providing wider range of insurance options for clients

infographic showing increase in co-insurance in solicitors PII

Co-Insurance (where more than one insurer shares the risk on a particular policy) has become more prevalent than in previous years. The advantage of co-insurance, other than spreading the risk for insurers, is that increases the number of insurers interested in considering a firm. 

Large firms, involved in high value work, such as Corporate/Commercial, Commercial Litigation, or High Value Property are generally considered good risks, but the potential quantum of any claim that does arise can be prohibitive for some insurers.

Given the increase in claims severity, it has become an attractive option for insurers in respect of firms undertaking particularly high value work. Lockton has worked on a significant number of co-Insurance programmes at this last renewal. Taking this 'different' approach enabled us to attract more Insurers thereby increasing the competitiveness of premiums on offer.


Extended Policy periods an increasing trend

Infographic showing extended policy termExtended policies for periods up to 18 months have become a popular feature. This allows firms to 'lock into' an underwriting rate for a longer period than normal, thereby providing greater certainty for an extended period.

 An ancillary benefit , where insurers are prepared to continue to offer longer-term policies, is that there will be a little less paperwork -  as the renewal process comes around just twice every three years - although you have to be comfortable with obtaining the necessary data at different stages in your firm's economic cycle.


A number of firms have been attracted by an offer of a Long term Arrangement (LTA). In summary, insurers provide a 12-month policy with an fixed agreement to renew in 2017 at the same rate as 2016, provided:

  1. Fees have not increased by more than a given percentage (typically 5% to 10%)
  2. Work profile remains similar
  3. The firm does not merge or acquire another practice
  4. Claims to not exceed an agreed amount


Unrated Insurers

The soft market of the past few years has had a significant impact on unrated insurers. These insurers came into the market when it was hard, with rated insurers quoting very high premiums which were beyond the economic reach of some firms.

However, history will show that claims have caused significant distress to many insurers over the years, not the least of which have been the unrated insurers. We have seen many cut-price insurers fail in recent years –  including Quinn, Lemma, Balva, ERIC and Enterprise.  Elite, one of the last remaining unrated insurers, also withdrew earlier this year citing the increased incidence of fraud and unsustainable premiums. 

We have not seen the emergence of further unrated insurers to fill the gap left by these firms, but this does not seem to have produced a reduction in capacity, as a number of reputable rated insurers have emerged in the last two years.


Claim numbers down

infographic showing solicitors claims down in 2016Whilst the claims environment has improved since the recession, there are concerns that this may only be short lived. Frequency may well be down, but the severity of losses  especially from commercial work is on the rise. In view of this, there cannot be much more room for rates to continue reducing.

Furthermore, with the emergence of the cyber related claims, which crystalise much sooner than a traditional negligence claim, the savings we have seen this year may only be temporary.  Therefore, LTA's and extended policy periods may well be prudent to consider at your next renewal.




Those firms who presented themselves as well run firms, who could demonstrate to Insurers that they have good financial controls, along with a robust approach to risk management, a good or improving claims records, had the best chance of obtaining cover at the most competitive cost.

Lockton offers tailored advice on your renewal strategy, with the benefit of in-depth insight into the specialist solicitors PII market.  Our service proposition extends well beyond your PII insurance renewal, with online and in-person guidance available on all your professional risks.

You can contact Neville, or any one of our dedicated Solicitors Team, to discuss how we can help your business.

Lockton's Client Portal & Online Proposal Form - a user guide

Lockton's Client Portal & Online Proposal Form - a user guide

Oct 17 2016

Lockton have recently launched an all-new client portal, which provides you, as a solicitor client of Lockton, streamlined any time access to

  • your insurance policy documents
  • additional client-only guidance and resources
  • your online professional indemnity proposal form


If you can't remember whether you have been set up with a user name and password, simply contact your Lockton broker.

The portal is simple to use - but we have provided some brief guidance notes for users - both to the portal and our online proposal form, which may assist.

Don't forget to check out the wide range of CPD and other guidance and resources available via the Resource Centre.  As a logged-in client you have access to a wider range of materials that can be accessed otherwise on the public site.

You can download our guidance, using the link below.


Completing your Proposal Form - a practical guide

Completing your Proposal Form - a practical guide

Jun 7 2015

This guidance note provides information on how to plan and best complete your Solicitors Professional Indemnity Proposal Form in order to assist us achieve the best broking result for your business.

What General Data Protection Regulation means for you

What General Data Protection Regulation means for you

Oct 7 2016

Upcoming changes to the data protection regime in Europe, and the UK, will have a major impact on the legal sector, according to Phil Brining of Data Protection People - and firms would be well served to prepare now.

Whatever type of Brexit the UK is facing, the EU General Data Protection Regulation will have a significant impact on UK firms. 


Past Record

The legal sector has had its run-ins with the Information Commissioner in the past famously through the controversy surrounding ACS Law  and more recently the undertaking agreed with Martin and Company, and of course the Panama Papers leak. 

In 2014/15 ICO the reported that no less than 4.5% of all data breaches reported to the it related to solicitors and barristers.  While most of us tend to think of cyber attacks as the biggest risk, the statistics tell a different story - of people and process failures, with the two main causes of reported breach being loss and theft of paperwork, and information being posted or faxed to the wrong recipient. 

So how will the legal sector fare under the new regime, the General Data Protection Regulation which is due to take full effect on 25th May 2018?

Key Differences between DPA and GDPR

At first glance the GDPR seems very similar to the existing Data Protection Act (DPA) – it has similar data protection principles, restrictions around transferring data overseas, and obligations to maintain data securely.  The reality is that it is a far cry from the DPA.

There are a few new obligations and some shifts and redefinitions which are easy to spot:

GDPR Mandatory Requirements

  • breach reporting
  • privacy risk-assessments
  • disaster recovery and business continuity measures,
  • system and process testing, audit and compliance checking
  • maintaining DP policies and records which evidence Regulatory compliance.

GDPR Prohibitions & Major Changes

  • the definition and scope of personal data (different)
  • what constitutes consent (different)
  • legal rights for individuals (beefed up and extended)
  • the use of legitimate interests as a lawful ground for processing (different)
  • the processing personal data relating to criminal convictions and offences without “official authority” (prohibited)
  • the use of “legal professional privilege” as a SAR disclosure exemption (gone)
  • transferring data overseas to inappropriate places/people (prohibited).

You still have the ability to determine what is appropriate to your own circumstances but under the new regime you must document your decision-making process and be able to demonstrate that you have balanced the rights of individuals with your own legitimate interests, fairly and transparently. 

"Failure to retain records of your decision making process is a breach"

Failure to retain such records is a breach of the Regulation and that in essence is the major paradigm shift – the need to be able to demonstrate systematic management control over data processes: plan, do, check, act.


Implications for the legal sector

There are some specific challenges for the legal sector – the wide-spread use of paper for storing information has challenges regarding access control, security, and retention. 

Legal Privilege

The new 5th data protection principle requires data rendering anonymous early in its life-cycle – how do you do that with paper?  The removal of the specific 'subject access request' disclosure exemption for legal professional privilege is likely to make more information disclosable than at present. This is likely to affect firms' attitudes towards retention.  

The diverse composition of the profession with global firms and local independent solicitors means that there cannot be a one-size-fits-all approach.  The carve out for those employing fewer than 250 people to maintain such a detailed level of DP record keeping will provide some respite for the smaller firms – but Brining suggests that clients are likely to drive the standards that such smaller firms are likely to have to comply with.

More costly regulatory intervention

There are those who believe that the largely reactive policing of DP law will mean that GDPR will have little impact.  Yet the Information Commissioner has already taken a more rigorous approach to fines and censure of organisations.  And penalties are set to increase significantly - up to 4% of global annual turnover or €20 million, whichever is the greater.  

There are other changes which mean that the impact of the regulations will be felt by law firms:  individuals have greater access to compensation including class actions; and more organisations are subject to the fines' regime.  For instance, data processors such as cloud providers or payroll companies (or indeed law firms appointed by their clients) bear equal liability for penalties and compensation and will be pushing back on indemnities and the scope of their contracts.  This supply chain pressure will be a significant factor.


Brexit implications

There is enormous uncertaintly about how Brexit will affect the UK's legal framework.  The timetable for the triggering of Article 50 suggests that the UK will leave the EU on or around March 2019, which means that there will be a period of about a year when the GDPR will directly apply to UK controllers, processors, and data subjects. 

Lockton can advise you on your approach to managing information security and cyber risks.  

Data Protection People are Specialists in Data Protection. Their aim is to help organisations to reduce the risk of non-compliance, to get the best from their data, and ensure it is always processed legally.

For more information please visit, call on 0845 519 8705 or email




Cyber crime:  how to protect your business from reputational harm

Cyber crime: how to protect your business from reputational harm

Oct 11 2016
  • Location: Lockton Companies LLP, 45 Church Street, Birmingham
  • Time: 09.30 - 11.00
  • Cost: free of charge
  • Number of Places: 40
  • 1.5 units accreditted CPD

Our recent webinar suggested practical ways to minimise the risk of information security breaches.  Technical IT solutions are an essential part of the mix, but can never provide 100% protection.  So planning how to protect your firm's reputation in the event of a cyber attack is essential.  This seminar provides a framework for doing so.

Our Cyber Crime seminar will cover:

  • current cyber crime threats
  • how to plan for a security incident
  • how scenario testing can help you make quicker and better decisions
  • what to do when it happens
  • How to assess reputational impact
  • who to have on your incident response team
  • communication materials you should prepare beforehand
  • a messaging framework to use in the event of a breach

Location & Sign Up

Lockton Companies LLP
45 Church Street
B3 2RT

Cyber crime:  how to protect your business from reputational harm

Cyber crime: how to protect your business from reputational harm

Oct 5 2016
  • Location: Lockton Companies LLP, London
  • Time: 9.30am-11.00am
  • Cost: Free of Charge
  • Number of Places: 60
  • 1.5 units accreditted CPD

Our recent webinar suggested practical ways to minimise the risk of information security breaches.  Technical IT solutions are an essential part of the mix, but can never provide 100% protection.  So planning how to protect your firm's reputation in the event of a cyber attack is essential.  This seminar provides a framework for doing so.

Our Cyber Crime seminar will cover:

  • current cyber crime threats
  • how to plan fro a security incident
  • how scenario testing can help you make quicker and better decisions
  • what to do when it happens
  • How to assess reputational impact
  • who to have on your incident response team
  • communication materials you should prepare beforehand
  • a messaging framework to use in the event of a breach

Location & Sign Up

138 Houndsditch
The St Botolph Building
United Kingdom

Information Security Posters

Information Security Posters

Mar 10 2016

Preventing data breaches or theft is principally about reinforcing best practice.  Regular reminders are a valuable tool.  Our 6 posters can be used around your office to keep information security best practice front of mind.

Our Services for Solicitors - brochure

Our Services for Solicitors - brochure

Jan 21 2016

The Reality of Cyber Risk:  Webinar

The Reality of Cyber Risk: Webinar

Aug 8 2016

Cyber crime and information security have become high profile risks, especially for professional firms.  It remains an area that many firms do not fully understand.  Our webinar seeks to demistify the risks, critique the scare stories, and take a pragmatic look at the risks and what you can do to combat them.  We also look at some common misconceptions about what insurances provide what cover - so that, if you are looking for insurance protection, you are better placed to make the right purchasing decision.


View Part 1 of our webinar:  The reality of Cyber Risk  Olivia Burren, Risk Consultant, Lockton

View Part 2 of our webinar:  The reality of Cyber Risk  Calum MacLean, Risk Manager, Lockton

You can also attend our upcoming seminars, in London & Birmingham, (on 5th & 11th October, respectively) on managing the fall-out from a cyber attack.

Choosing a Cloud Provider - infographic

Choosing a Cloud Provider - infographic

Jan 22 2015

Cloud-based solutions (services provided online via remote servers) are increasingly popular, and offer firms flexibility and business resilience.  Unless you get it wrong.

It is important to understand the risks, and prepare accordingly, including in terms of selection of provider.  Our infographic provides a convenient summary guide to the key issues for you to consider.

PII Renewal: Overseas Offices Questionnaire
Proposal Form

PII Renewal: Overseas Offices Questionnaire

Jun 4 2016

Newly Established Practices Professional Indemnity Proposal Form
Proposal Form

Newly Established Practices Professional Indemnity Proposal Form

Jun 6 2016

Many of the questions in a standard proposal form are not relevant to new practices.   Our newly established practices proposal form is specifically designed to fit the needs of new practices - to help you obtain the best PII terms.

PII Renewal:  Mergers & Acquisitions Questionnaire
Proposal Form

PII Renewal: Mergers & Acquisitions Questionnaire

Jun 3 2016

PII Renewal:  Litigation Questionnaire
Proposal Form

PII Renewal: Litigation Questionnaire

Jun 3 2016

PII Renewal:  Information Security & Fraud Questionnaire
Proposal Form

PII Renewal: Information Security & Fraud Questionnaire

Jun 3 2016

PII Renewal:  Financial Services Questionnaire
Proposal Form

PII Renewal: Financial Services Questionnaire

Jun 3 2016

PII Conveyancing Questionnaire
Proposal Form

PII Conveyancing Questionnaire

Jun 3 2016

Introducing Lockton's new solicitors' website and client portal

Introducing Lockton's new solicitors' website and client portal

Aug 15 2016

I am delighted to announce the launch, today, of Lockton's new website for solicitors.

This is not merely a 'face-lift' exercise.  We have studied the use of our website carefully, and taken account of your feedback about what you want from us your broker, in terms of service. 

This is the public face of a much wider modernisation of the way we serve you.

What's new?

The single biggest change to the front end website is our new resource centre.  We have built up an incredible breadth and depth of resource for you to call upon, from online CPD, technical evaluation of insurance covers, case-law updates, and practical risk management resources to help your business.   And we expect to build on this exponentially over the course of 2017.  But we recognise that this information needs to be easier to find.

With the launch of our Resource Centre, you can search by keyword, type of resource, and even format - to find what you want quickly and easily, whether it is an insurance proposal form, guidance about cyber exposures, or an AML checklist or other risk management template.  And clients that log-in will be able to access a much wider range of content too.

We have also simplified the structure of the website, accompanied by a much clearer, cleaner layout, to make things easier to find and read.

New Client Portal

We have completely redesigned our client portal on an all-new platform.  When you log in, not only will you access a dashboard view of all your insurances, complete with policy details and the status of the policy/renewal, you will also be able to access your online proposal form directly, without any further log-in being required.  Any renewal notifications are displayed in your dashboard, as well as emailed to you.

Our new portal will become your one-stop shop for accessing and managing all your insurances - although not at the expense of contact with your allocated Lockton broker!

Once your professional indemnity policy is renewed this year, you can log-in to view or print copies of your insurance documents as and when you need them.

And bookmark our website address ( to ensure you stay up to date with the latest news, guidance and CPD - provided by our dedicated specialist solicitors' team.

For more information about our services, or for advice about an insurance matter, contact us.

Solicitors CPD - a change for the better?

Solicitors CPD - a change for the better?

Aug 10 2016

From 1 November 2016 solicitors are no longer required to undertake 16 hours of CPD annually.  Instead, the SRA's new regime of continuing competence focuses on Principle 5 to 'provide a proper standard of service' and requires every solicitor to:


  • reflect on the quality of their Practice by reference to the SRA competence statement; &
  • Make an annual declaration that they have considered their training needs and taken measures to maintain their competence


About a third of the profession are already on the new regime (it was introduced voluntarily more than a year ago) using their existing appraisal process to reflect on training needs, but the majority have continued to record their CPD in the traditional way.  

Existing process 'tick box', but is new approach any better?

The SRA described the current CPD regime as largely 'tick box' with no real focus on the quality or appropriateness of the professional development undertaken.   While this is certainly true for some, the new approach brings new risks.  As one reader of the Gazette stated "the saving in firms' CPD budgets will doubtless be welcome, but personally, I welcome the strictures of having to meet my CPD annual target hours, as it forces me to physically make the time to update myself rather than being a round the clock hostage to demands of my desk".

Both the Law Society and the Legal Services Consumer Panel have criticised the plans, flagging concerns that the proposals could lead to the cessation of training in some firms.   There is a very real risk that the abolition of the requirement may send the wrong signal to employers, solicitors, and indeed clients.

Guidance on complying with the new regime

The SRA, however, is adamant that this is not a soft option to learning and development.  It will be for firms to decide how they provide a proper standard of service and whilst any form of learning and development is valid they will have to justify how they remain competent.  

In absence of any clear guidance from the SRA, there remains a lot of uncertainty from firms regarding how best to comply with the new regime.  We have produced practical guidance (and some template documents) to assist firms concerned about complying with the new Competence-based regime. 

Insurance Implications

Insurers are concerned that some firms may take advantage of the regulatory change to reduce the amount of training solicitors undertake.  It remains to be seen whether they will ask for proof of competency when they are faced with a negligence claim or as a part of the renewal process. 

The new Insurance Act 2015 makes it easier for Insurers to claim reimbursement from the firm so we may see increased activity in this area.  

Training & Guidance available from Lockton

We understand that providing relevant training is time-consuming and costly for firms.   We have a growing library of guidance, and online CPD that Lockton clients can access free of charge. 

Visit our Resource Centre for more information, or contact our Risk Manager, Calum MacLean



Insured with Enterprise?   Managing the fall-out from liquidation

Insured with Enterprise? Managing the fall-out from liquidation

Aug 4 2016

Practices insured with Enterprise should speak to their broker, not only for advice about an urgent transition to another insurer before the 22nd August deadline, but also about engaging with the Financial Services Compensation Scheme ('FSCS').   They should be able to advise you of the requirements that will determine whether or not you qualify for compensation from the FSCS.

Needless to say, most brokers will already have significant experience in this regard, having addressed exactly the same concerns with regards to risks placed with Quinn, Lemma and of course Balva and Berliner.

Affected firms should contact Brian Boehmer or one of the wider solicitors team at Lockton for advice on how to manage the transition and minimise their risk exposure.

Enterprise Update

Frederick White, of Grant Thornton, the liquidator recently appointed for Enterprise, has confirmed that while policies have not been cancelled, they are not able to pay any claims arising from such policies, at present at least.  They are also uncertain whether Enterprise has sufficient assets to meet all insurance claims in full.

Obviously, it will not be possible to buy insurance to cover claims that have already been notified to Enterprise. However, as Enterprise has now ceased trading, we would strongly recommend that you replace your cover with a reputable MTC Insurer without delay to ensure that you are not exposed to uninsured losses arising from future claims.

Even if your practice is in run-off under the terms of an Enterprise policy, you may face exposure to claims. Any run-off claims you have are likely to be similarly affected.

FSCS Compensation Process explained

We would draw you attention to the following points/facts when dealing with the FSCS in relation to compensation for any claims you may have against your firm when an Insurer stops paying claims.

  • The FSCS begins its investigation by establishing whether the Insurer genuinely lacks the finances to pay its claims.
  • If the FSCS is satisfied that the Insurer cannot afford to pay its claims, the Insurer will be declared 'in default'.
  • A policyholder requires compensation in respect of a valid claim being made under the policy.
  • If the policyholder has not already been confirmed as eligible by the FSCS, an application form is sent to them to complete.
  • If the agency handling the claims are unable to get in contact with a policyholder or the policyholder has ceased through intervention/liquidation, intervening agents and liquidators can complete the form.
  • If the policyholder is a partnership, Limited company or an LLP, then the firm's audited accounts for the period between the policy inception and expiry are required to pass the FSCS small business test.
  • To be eligible, a partnership's  net assets must be less than £1.4M,
  • Once an policyholder has been declared eligible by the FSCS, any claim payment/settlement sum, defence costs or counsel fee then has to be submitted to the liquidators of the Insurer in default.
  • Once the Insurer has confirmed that the claim is covered under the policy, a bordereau is submitted to the FSCS payment portal along with supporting documents where the FSCS will then assess the claim themselves and make payment if appropriate.

Potential Obstacles to Compensation

Please be aware that there may still be obstacles that an Insured can face even when their Insurer is declared in default, as follows;

  • The current FSCS rules are that they will pay 100% compensation for compulsory and professional indemnity insurance for Insurers declared 'in default' after 3 July 2015.
  • The FSCS will not agree to pay compensation until the financial amounts have been agreed by the Insurer. There are many reasons that Insurer may be obstructive in giving their agreement and this can delay the process for long periods of time and can hinder not only future payments but the litigation process.
  • If there are any doubts in relation to coverage, the FSCS will not pay the costs incurred in the coverage investigation, which can leave a policyholder in limbo in such cases.
  • The FSCS is not subject to the Qualifying Insurers Agreement, such as, for example, the first Insurer notified agreeing to handle the claim in the event as a dispute as to the correct Insurer.

These points are not necessarily obvious from reading the FSCS rules and FAQs on the website.

Please note that, while FSCS have stated in the past that they will only consider dealing with  Insured's where their net assets are less than £1.4M,we would suggest that if you are a firm with net assets just over £1.4M,  it might still be worthwhile  contacting the FSCS as they no doubt will view each matter on its own merits.

For further reading, please see and for a copy of the handbook.

If you are one of the affected firms please call one of the Lockton team on 0845 050 1471

Claims trends for Solicitors, 2016

Claims trends for Solicitors, 2016

Jul 28 2016

Following Lockton's own Solicitors' PII Report, published a few months ago, Pelican, a new entrant to the Solicitors Professional Indemnity market last year, has published its own analysis of solicitors claims.  Their findings are very much inline with our own statistics.

Number of litigated claims reduce, but quantum of claims increases

Litigated claims have reduced since the increase in Court fees over a year ago. Insurers also report a decrease in the incidence of claims but report that the severity of claims has worsened. A positive trend, however, is that parties appear willing to resolve matters using the Pre-Action Protocols in order to avoid issuing proceedings.

The usual suspects:  property, litigation timebar, wills and probate

We continue to see the traditional types of claims involving property, missed limitation and Wills and probate.

There are a number of new types of claims materialising however, including cyber claims, under settlement of personal injury claims and an increase in regulatory investigations.

Cyber claims & fraud significant emerging issues

Recent market reports suggest that there have been over of 150 'raids' on client accounts, related to cyber crime against solicitor practices in England & Wales, worth an estimated £85 million.

You can download Pelican's full report, below.

Pelican - a good fit for your firm's PII?

Pelican is an A-rated insurer with specialist experience in underwriting Solicitors PII. Lockton is one of only two brokers able to access this market.

Pelican are particularly interested in underwriting firms who work in particular specialist areas of the law, for example; oaths, agency advocacy, arbitration, family, criminal, debt collection, employment, immigration or planning, or a combination of specialist disciplines, and who have:

  • their offices and income base inside the UK;
  • partners with five years or more post-qualification experience;
  • a good disciplinary record;
  • robust management and supervisory practices and procedure in place;
  • no on-going regulatory investigations.

Read our article Introducing Pelican for more information, or speak to Brian Boehmer, Partner in our Solicitors Professional Indemnity team.

Enterprise collapse:  the last of the unrated insurers?

Enterprise collapse: the last of the unrated insurers?

Jul 26 2016

Enterprise, a Gibraltar based insurer, is the latest 'unrated' insurer to crash out of the Solicitors' Professional Indemnity market, following the withdrawal of Elite, announced late last year.

This has echoes of the collapse of Balva two years ago, when the replacement insurer, Berliner, was forced to pull out of the market - although this time, at least, firms currently insured by Enterprise have a little more time to explore the market for alternatives.

Lockton have long warned of the dangers of unrated markets.  The combination of a lack of capital strength, low premiums, and often a lower-touch approach to underwriting has proven unsustainable time and time again, particularly against a backdrop of ongoing high claims.  

After a period of volatility, the Solicitors Professional Indemnity market has become much more stable.  Established A-rated insurers, in the market for the long-term,  are offering increasingly competitive rates in the face of new A-rated competition from the likes of Pelican and QIC.  For more information about the current market conditions, read our Solicitors PII Report.

Insured with Enterprise?

As Balva/Berliner policy-holders found out 2 years ago, and as Frank Maher has commented in response to today's announcement in the Law Gazette, although the SRA is reassuring policy-holders that their contract of insurance remains in place for the time being, "that is not the same thing as saying 'if you have a claim, the claim will be defended and...paid'".  Though remote, it is also possible that, over the next few weeks, an 'insolvency event' will be declared, meaning that policies will have to be replaced immediately.

Act Now

If you are currently insured by Enterprise, it is important to act quickly to protect your position.  Amongst other things, you will want to avoid any last minute scramble for cover - as many insurers identify a particular market capacity, and once they have achieved that with the firms they want, they will not actively seek to insure additional firms.

Established Insurers may also be wary of firms that have previously insured with an unrated carrier and/or moved insurer frequently.  You will need to make additional efforts to present your firm well.

Be wary of deals that seem 'too good'.  Always check that your broker can provide evidence of the 'A' security rating of a proposed insurer.  Only a few brokers will only access A-rated insurers on your behalf.

If you are a firm insured with Enterprise and wish to discuss how best to proceed, you can speak directly to one of our specialist solicitors professional indemnity team by calling us on 0845 0501 471.  Or you can email us.

Lockton issue Brexit statement

Lockton issue Brexit statement

Jun 29 2016

The UK vote to exit the EU (Brexit) has sent shudders through financial markets and created a cascade of political changes.

Our clients face an array of short-term challenges with foreign exchange volatility especially in the core currencies of the sterling, euro, and dollar. Many insurers had de-risked their investment portfolio because of the uncertainty of the vote, but those that did not will face pressure on their investments. 
Additional impact on insurance markets is unclear and will likely not be settled for months.  Prior to the referendum vote, the British Insurance Brokers' Association warned about the risks of a Brexit vote, suggesting that the current 'passporting' arrangements allowing EU insurers access to the UK market could cease, with the potential consequence of a significant reduction in choice and resultant increases in premiums. However, there are no immediate changes for insurers in the UK or in Continental Europe because the actual departure from the European Union will not occur for months or even years. This is a long and complicated process that will begin shortly.

The Departure Process
Under the Treaty on European Union, the two European legislative bodies, the European Parliament and the Council of the European Union, must vote on the departure. They have up to two years to negotiate the UK departure and vote.
Current Rules Apply
Commercial insurance buyers and their insurers currently benefit from the easy movement of business and people in the EU. The exit will lead to a period of uncertainty. But until negotiations are completed, the current business rules still apply.
Lockton's View
Lockton believes the change will create opportunities as well as risks for our clients, our insurer partners, and our business. The change will likely create new products, new corporate structures, and new businesses.
Lockton believes that the London market and Lloyd's will remain critical hubs in the insurance world. The rich depth of resources, expertise, and insurance capital have served clients well for centuries and will continue to do so.
This historic vote represents change. Our role at Lockton and in the insurance community is to help our clients respond effectively to change, manage risk, and seize opportunity. We will stand with our clients to help guide them through the issues as they emerge.
The order of the day is to remain steady and calm. There is no need to adjust insurance programs simply because of the June 23 vote. We will conduct ongoing analysis and share commentary as issues arise and decisions are taken to help our clients through the uncertainties.
Please contact your team at Lockton if we can help you further.

New law firms need to go the extra mile to get the best Professional Indemnity premiums

New law firms need to go the extra mile to get the best Professional Indemnity premiums

Jun 27 2016

The solicitors' professional indemnity market has seen a welcome return to stable and secure rated markets after a period of volatility.  Reputable insurers are keen on firms with a strong track record of stable financial performance and proven risk management credentials.  This poses problems for newer firms that do not necessarily have a significant track-record to evidence to insurers.

Strart-up practices require to have their professional indemnity insurance in place before they start practicing.  So what can such practices do to obtain the necessary insurance timeously and cost-effectively?

Two key elements are a strong business plan, and a comprehensive and demonstrable risk management strategy.

Your business plan provides insurance underwriters with an invaluable insight into your business strategy, and the likely growth of the business.  It should contain an overview of the business, its structure and target market(s), and financial information, particulatrly funding proposals for at least a three year period.

Risk Management is similarly important.  In the past, some small firms have started up without any obvious risk controls in place.  Risk controls do not have to be complex to be effective.  More and more start-up firms are turning to cloud solutions to provide affordable state-of-the-art management information, document and diary management, and practice management systems.  This is just one element however, and insurers are always keen to see evidence of how effective supervision will be provided.

Lockton recognise that start-up and recently established practices require specific guidance from their broker.  Also, many of the typical broker proposal forms ask questions that simply don't apply to these new practices.   We have produced a dedicated Start-Up Practice Proposal Form for you to use - and are happy to talk you through the process.  You can download this proposal form using the link below.

Our Risk Management assistance is also second-to-none.

You can read the full article on the Solicitor's Journal website, or speak to us for more information about how we can help you with your new practice.

Solicitors Professional Indemnity Proposal Form (Large Firm)
Proposal Form

Solicitors Professional Indemnity Proposal Form (Large Firm)

Jun 6 2016

download our proposal form, using the link below.

Solicitors Professional Indemnity Proposal Form (1-20 Partners)
Proposal Form

Solicitors Professional Indemnity Proposal Form (1-20 Partners)

Jun 6 2016

Residential Property Risks:  Managing the relationship with lender clients

Residential Property Risks: Managing the relationship with lender clients

Nov 30 2014

Wills, Trusts & Probate Risk Management webinar

Wills, Trusts & Probate Risk Management webinar

Nov 30 2014

Calum MacLean, Risk Manager of Lockton, examines risks facing practitioners undertaking wills trusts and probate work, focussing on an analysis of patterns of claims emanating from the profession.   Seminar presented in conjunction with Certainty, the National Will Register.

Click the Book Now icon to start the webinar.  You will need to enter the password 'SearchWithCertainty' in order to view the webinar.

Property Law Risks - strategies for mitigating risks

Property Law Risks - strategies for mitigating risks

Nov 30 2014

Property Due Diligence - getting it right

Property Due Diligence - getting it right

Mar 20 2015

To start the webinar, simply click on the 'register online' button below.

Information Security risks

Information Security risks

Mar 13 2015

To start the webinar, simply click on the 'register online' button below.

Please note, the seminar starts at the 1 minute mark.  Please fast forward the video player to 1min 00 seconds to start the webinar.

Environmental Risks Seminar, by Andrew Wiseman, Harrison & Grant Solicitors

Environmental Risks Seminar, by Andrew Wiseman, Harrison & Grant Solicitors

Mar 27 2015

To start the webinar, simply click on the 'register online' button below.

Introduction to Property Law Risks

Introduction to Property Law Risks

Nov 30 2014

To start the webinar, simply click on the 'register online' button below.

Property Law Risks II - Risk Mitigation & Avoiding Claims

Property Law Risks II - Risk Mitigation & Avoiding Claims

Apr 22 2014

Part II in our series of Property Law Risk webinars, in this webinar, Calum MacLean considers the risk management systems and procedures which can most effectively assist you in managing the claims risks associated with residential and commercial property work.

Property Law Risks - an overview

Property Law Risks - an overview

Apr 22 2014

This webinar provides an overview of the current risk profile of commercial and residential property work for the profession.   Ideal for managers of the business, or heads of Property teams, this 20 minute webinar from our Risk Manager (and solicitor) Calum MacLean, highlights the areas of practice which generate most claims and examines what the causes of claims are.

See also our Property Law - Risk Mitigations webinar (available to Lockton clients via the logged in client site only).

Claim Reporting Form
Proposal Form

Claim Reporting Form

Mar 1 2016

European Data Security White Paper

European Data Security White Paper

Mar 1 2016

Selecting your Renewal Date

Selecting your Renewal Date

Mar 1 2016

New Start Up Practice Proposal Form

New Start Up Practice Proposal Form

Mar 1 2016

Completing your Proposal Form - Guidance for Start-Up Practices

Completing your Proposal Form - Guidance for Start-Up Practices

Mar 1 2016

Letter of Appointment - 4-6 partner practices
Proposal Form

Letter of Appointment - 4-6 partner practices

Mar 1 2016

Overseas Offices PII Questionnaire
Proposal Form

Overseas Offices PII Questionnaire

Mar 1 2016

Risk Management Submission Template
Proposal Form

Risk Management Submission Template

Mar 1 2016

Staff Details Template Spreadsheet - for use with Solicitors PII Proposal Form
Proposal Form

Staff Details Template Spreadsheet - for use with Solicitors PII Proposal Form

Mar 1 2016

Preparing a Risk Management Submission - Guidance Note

Preparing a Risk Management Submission - Guidance Note

Mar 1 2016

Making a Successful ABS Application

Making a Successful ABS Application

Mar 4 2015

Guide to Completing your Proposal Form

Guide to Completing your Proposal Form

Mar 1 2016

PII Renewal 2016 - what you need to know

PII Renewal 2016 - what you need to know

Jun 6 2016

If you are one of the vast majority of firms in England & Wales who continue to work to a 1st October renewal date for your Professional Indemnity Insurance, now is an ideal time to be considering your renewal, and undertaking the preparatory work in order to be able to completeyour proposal form.

What we expect for October 2016 Renewals

We expect 2016 to be a year of consolidation for insurers in the Solicitors market,  resulting in stable premiums for the majority of firms.

As another un-rated insurer, Elite, exits the market - and with competitive premiums from new A-rated carriers Pelican and Qatari  Insurance Company (QIC), the 2016 renewal will see a return to A-rated markets for all but a small minority of firms.

Insurance Act Changes

While the new Insurance Act, that comes into force on 12th August, will not change the renewal process from a broking perspective, it does have implications for firms completing their proposal forms this summer.

We have provided detailed guidance on what this means for you, in our 'Completing your Proposal Form Guide' (which you can download using the link below).  In brief, it means:

  • Insurers have a greater obligation to ask the right questions of you to elicit the information they want.  This means a few more questions in the proposal form.
  • You in turn, have more of an obligation to be able to evidence that you have made all necessary enquiries to obtain all material information and disclosed this to insurers.  Expect to start your renewal process earlier, and keep notes of what information you are obtaining from whom.

Please read the notes regarding the Insurance Act at the start of your proposal form.  You can also read Brian Boehmer's article on the subject for more information.

Preparing for renewal

The changes to your renewal actions, as a consequence of the new Insurance Act, in many ways enshrine good practice in any event.   Starting your renewal preparation early, and being thorough really does pay dividends.

If you have not done so already, review your claims record.  If there are any claims which you consider to be incorrectly reserved, now is the time to discuss this with your Account Executive.  If there are any claims trends or high value claims, start considering how these should be addressed, both in practical risk management terms, and also in terms of what and how you present these to insurers. 

Insurers will take comfort if they can see that you are managing any resultant issues pro-actively and effectively.

Start compiling your financial data for the proposal form.   Providing accurate, up-to-date fee information and work-splits again helps to convey the impression of a well managed practice.  Getting this in order now also will help you complete your porposal form timeously.

Consider what risk management information you are going to provide.  This should not be the equivalent of 'War & Peace', but insurers do uise this section of the proposal form to differentiate firms.  It can also provide underwriters with sufficient information to enable them to offer preferential terms.  Do not just skimp this section and assume it doesn't matter.

Note also - there are new questions on information security and fraud risks which you will require to answer. 

PII Report 2016

As a Lockton client, you should already have received your 2016 PII Report.  It provides an overview of the solicitrors professional indemnity market, and looks at claims trends over the last few years - and what emerging risks you need to be alert to.

If you have not already read a copy, download it now.  You can find a link to it, below.

And don't forget, if you want to discuss any matters relating to risk or your insurance renewal, get in touch.

PII Case notes:  Being wrong doesn't necessarily make you liable

PII Case notes: Being wrong doesn't necessarily make you liable

May 25 2016

Failing adequately to advise on tax issues or simply providing the wrong tax advice are fruitful sources of claims – particularly since HMRC tightened up on tax avoidance schemes.

The recent case, Barker v Baxendale Walker Solicitors ([2016] EWHC 664 Ch) concerned failed Inheritance Tax mitigation scheme, and considered (i) what standard of care should apply; (ii) whether the standard of care was breached, and (iii) whether, in the circumstances, the solicitor should be liable. 

Three key points arise from the case, relevant to all practitioners:

1.  You may face a higher standard of care if you fail to seek specialist advice in complex matters

The court held that Baxendale Walker required to satisfy the standard of care of 'an experienced specialist tax solicitor'.  Interestingly, their failure to seek counsel advice on the complex 'employee benefit trust' arrangements in question left the firm exposed to a higher duty of care than they might otherwise have been. 

2.  If you satisfy the standard of care you should not be liable for an error of judgement

Baxendale Walker was held not to have been negligent when advising their client that the tax scheme satisfied the requirements of the Inheritance Tax Act.    The fact that several specialist tax consultants had provided similar advice, based on the same analysis of the legislation assisted the determination that the appropriate standard of care had been met.  It was not an unreasonable conclusion for a tax specialist to reach, using due skill and care, and therefore, following the decision in Saif Ali v Sidney Mitchell, liability should not accrue.

3.  You should always advise clients of potential risks

While the firm in question escaped liability in this instance, the Court did highlight the need for firms to provide a "general health warning" regarding the potential risks:  in this case, that the tax avoidance scheme might be challenged by HMRC.   Baxendale Walker had not done so, however the view of the Court was that this client would have proceeded notwithstanding any such advice, had it been given, so there was no cuasation.  Other firms may not be so fortunate – and you should ensure that all material risk issues are flagged, prefereably in writing, to their client – even if not advising on the specifics of the risk in question.

Contact us to discuss how this case might apply to your business, or for more general risk management advice.

Learn to recognise Phishing

Learn to recognise Phishing

May 19 2016

Phishing is on the rise - again.  And much of it is taking a more sophisticated form that before, making it easier for people to fall foul of the scammer.

A quick reminder

What is phishing about?  It is the sending of malicious software that infects your computer or business network, via links or attachments to emails.  It can corrupt your data, spread the malicious software to clients, crash your systems, or even enable criminals to see exactly what you are typing (including usernames and passwords).

1500% increase in Phishing attacks via attachments

We are all familiar with the eails, often purportedly from our email contacts, encouraging us to click on an unconvincing random link.  

Then there are the more sophisticated versions, such as the example below (taken from VISA's website).   

If received randomly, you may be unlikely to be duped, but if the scammers know that you have a visa account, and are specifically targetting you as a known visa card user, they re likely to create a much more professional, branded email with a convincing link - and you are more likely to assume it is genuine.

The latest trend, which apparently can be more difficult for anti-virus software to catch and block, is to implant the malicious software (malware) within a document attachment - such as a MS Word document or PDF.  Again, if the email is convincing and from a known sender, it is more likely that you will open this.

Identifying phishing emails

Aside from ensuring that your email security is up-to-scratch, your best defence is training yourself and your staff to habitually scan over emails looking for suspicious signs before clicking on an attachment or link. Allow this to become instinctive behaviour, and you will all but eliminate the risk of a potentially very serious attack on your systems, data and/or finances, with minimal additional burden.

Share our simple tips for recognising phishing (download our infographic, below) with your colleagues.   And consider running your own phishing test.    Look out for our forthcoming phishing test resources later in the year.



Lockton wins Law Society of Scotland Master Policy contract

Lockton wins Law Society of Scotland Master Policy contract

May 13 2016

Last week, the Law Society of Scotland appointed Lockton as its broker for their Master Policy professional indemnity scheme following a rigorous tender process.  Lockton has for many years been the broker of choice for many law firms in England & Wales, and runs both the Master Policy for solicitors in Singapore and the Bar Association in Norway, and this prestigious win confirms Lockton's pre-eminent position as a trusted adviser for professions, in the UK and worldwide.

Lockton has been assiduous in its ongoing quest to serve its clients more responsively and efficiently, and it is gratifying that Lorna Jack, Chief Executive of the Law Society of Scotland, singled out Lockton's innovation, 'especially in the area of online renewal' as a key reason for choosing Lockton.  Equally important to the Law Society of Scotland's decision were the quality of Lockton's  broking and placement strategy, and the ready availability of cost-efficient and effective administration.

With a 5 year appointment to serve in excess of 1000 Scottish law firms, from January 2017, Lockton is committed to investing heavily in the delivery of insurance and risk management services for the legal profession.   Much of this work is already well under way.  This summer we launch our new client portal for all our solicitor clients in England & Wales, providing streamlined access to your insurance data and a wealth of risk and compliance templates and guidance. 

We will continue to build on the range of services we provide, year on year – both on and off-line, ensuring that you receive a service that sets us apart from all other brokers.  

For more information about the services that set us apart, and how we can help your business, download our brochure using the link below, or simply Contact Us.

A question of Trust?  AML Lessons from the recent case of Purrunsing v A'Court

A question of Trust? AML Lessons from the recent case of Purrunsing v A'Court

Apr 26 2016

The facts in brief: Purrunsing v A'Court and another [2016] EWHC 789 (Ch)

This case turns on the issue of breach of trust.  It does not, as might at first seem the case, establish a duty of care on the part of the vendor's solicitor to the purchaser.

This was a straightforward case of identity fraud, by someone purporting to be the registered owner of the property.  The purchase money was paid to A'Court & Co (the vendor's solicitor) by the purchaser to be held on trust pending completion of the purchase, and as that completion never took place there was a claim for breach of trust.  House Owners Conveyancers (HOC), the purchaser's conveyancers, were sued not only in breach of trust but also in tort and contract.

A trustee (in this case the conveyancer) can seek relief under s.61 of the Trustee Act, and that was the basis of the defence of both A'Court & Co and HOC in this case. Section 61 states that a trustee who acts in breach of trust but who has acted honestly and fairly and ought reasonably to be excused from the breach, can seek relief from the court.

The court concluded that there were no grounds to interpret s.61 more leniently for a vendor's solicitor than for a purchaser's solicitor, and thus the test to be applied to A'Court & Co was the same as for HOC.

Risk Management Lessons 

1.  Identify High Risk Transactions

There were several 'pointers' in this case which might have made any conveyancer look at it with extra caution, whether they were acting for the vendor or purchaser. 

  • the property was high value, it was mortgage free and it was not occupied by the vendor. 
  • there were discrepancies between the information first given about the property and subsequent replies to enquiries
  • the vendor was apparently living and working abroad, and was anxious to complete within a very tight timeframe. 

All frauds are based on circumstances which could be plausible and any or all of the above facts could occur in a genuine transaction.  It is for the conveyancer to make further enquiries if they have any doubts or concerns and to satisfy themselves before proceeding with the transaction.

2.  Check your Client's Identity

A'Court & Co asked for, and obtained, utility bills and a passport for the fraudster 'Mr Dawson'.  The passport was, in fact, a forgery but it is important to note that there was no suggestion that A'Court and Co should have detected this and this was not a material factor in the judgment.

However, where a transaction is high risk, it is good practice to carry out enhanced due diligence.   This could include electronic AML checks, which would have been likely to identify the passport as a forgery.

3.  Investigate disparities & obtain verification of important information

  • The property was in Wimbledon, but Mr Dawson produced bills for an address in Maidenhead, informing A'Court & Co that he was not living at the property.  The Office Copy Entries showed an alternative address for the registered owner, in Huntingdon. 

A'Court & Co took no steps to verify that address, and in fact there was nothing to link 'Mr Dawson' living in Maidenhead with the registered owner of the property.  Had they taken the simple step of writing to the Huntingdon address, the court found that the fraud would very probably have failed.  

  • A'Court & Co apparently made no enquiries at all about Mr Dawson's reasons for sale or the reason why he was not living at the address, simply accepting at face value his assertion that it had been a gift from his father, and that he needed the money.
  • Mr Dawson had answered 'no' to a question about building work at the property, but the purchaser's solicitors asked for details of work revealed by the local search.  This was a minor discrepancy but indicated a lack of knowledge of the property which, particularly in conjunction with other issues, might have alerted A'Court & Co to the situation.
  • Mr Dawson was extremely keen to complete the sale, setting an initial deadline of 7 days which was unrealistic and which had to be amended.  Again, there could be valid reasons for this but it is a factor which may have given rise for concern.

It is all too easy to get engrossed in the detail of a matter, and lose the bigger picture.  Undertake a periodic risk review of the transaction (you can use Lockton's Transaction Vetting/AML checklist) to help flag potentially suspicious circumstances.

4.  Be alert to unexpected changes in the transaction

Perhaps most importantly, having pushed for completion and agreed to various requirements including a Statutory Declaration regarding a right of way, Mr Dawson withdrew from the initial sale after the purchaser's solicitors asked for the name of his employer in Abu Dhabi.  Not only was this something which the court thought should have caused A'Court & Co to be concerned, it was the first that they had heard of Mr Dawson working and living abroad. 

A further sale was agreed, at a price £30,000 greater than the previous sale (a price increase of nearly 10% in two weeks). 

Not acting dishonestly, but acting reasonably?

There was no suggestion at any point that A'Court & Co had acted dishonestly; rather they had been careless, some might say reckless, in their approach to managing the well known risk of identity fraud.  

Although this was not a case of money laundering, the firm failed to apply due diligence as required by the Money Laundering Regulations and did not follow the guidance of the Mortgage Lenders Handbook. Accordingly, they had not acted 'reasonably' so as to afford them relief under s.61 of the Trustee Act.


Nothing in this case imposes any additional burden upon conveyancers acting for vendors, but it reinforces the case that a vendor receiving purchase money does so on trust for the purchaser until completion has taken place.   

His Honour Judge Pelling commented that the Money Laundering Regulations require a risk-based approach.  He said  “the approach that should be adopted will depend upon the circumstances surrounding the particular transaction. What will be appropriate in relation to a sale by the owner-occupier of a modestly priced residential property that is subject to a building society charge may not be appropriate in relation to the apparent sale of a high value unencumbered property being offered for sale by a registered proprietor whose claimed address is not that of the property being sold or any other address for service on the Register.”

In any case where there is an unusual element to a transaction further enquiries should be pursued until the conveyance is satisfied with the answers. 

Determined fraudsters will falsify documents, create fake identities and conceal facts but they will usually avoid too much detail.  It is better to risk offending or even losing a client by asking questions than to find you have acted in breach of trust.


Clinical Negligence Solicitors face capped fees

Clinical Negligence Solicitors face capped fees

Apr 22 2016

On April 21st NHS England published its General Practice Forward View. This has been hailed by the Royal College of GPs as the “most significant GP deal since the 1960s”. In amongst the announcement of an extra £2.5bn in funding for Primary Care, the NHS have made mention of their plans to cap claimant lawyers' fees in clinical negligence cases.

"Indemnity costs have risen in the NHS in England significantly in recent years. This is the result of the rising number of claims, and the rising level of awards made by the courts"

With the blame for the rising cost of indemnity insurance being laid firmly at the door of personal injury solicitors we await the outcome of the forthcoming consultancy. Previously a cap on cases with a value of below £100,000 has been mentioned:

"The Department of Health will be consulting shortly on the options for introducing a Fixed Recoverable Cost scheme to cap the level of recoverable costs for claimant lawyers on clinical negligence claims. The aim is to make the cost of claimant lawyers more proportionate to damages and defence costs."

Lawyers undertaking claimant personal injury work  are already under pressure, and these proposals, if implemented, will not make it any easier for PI specialists. 

For more information, download the NHS white paper, General Practice Forward View, using the link below.

Lessons for law firms from the 'Panama Papers' leak

Lessons for law firms from the 'Panama Papers' leak

Apr 22 2016

The media focussed on the salacious details of high profile public figures who used the Panamanian firm, Mossack Fonseca, to assist avoid tax liabilities.  However the underlying story behind the 'Panama Papers' scandal, for law firms at least, is the potential liability, and reputational damage, of data loss and data theft.

The Mossack Fonseca data hack

While there remains some uncertainty regarding the exact details of the hack, the general consensus is that a 'John Doe' used an insecure email server as an in, to hack into over 11 million documents and emails which the Süddeutsche Zeitung, in conjunction with the Internation Consortium of Investigative Journalists, reviewed before making their findings public.

Regardless of the relative morality of such 'public interest' hacks, whether you are a large law firm dealing with highly sensitive dealings of high profile companies or individuals, or a high street firm with the confidential information of thousands of 'regular' clients, there are a number of relevant cyber lessons:

Cyber Lessons for professional firms

  1. Patch & Update: Whether you outsource your IT function or have a dedicated internal resource, it is essential that you are confident that they are rigourously updating software, and patching security vulnerabilities.  Had Mossack Fonseca done so, there is a suggestion that the hack attempt would have been foiled.
  2. Do not retain more data than necessary: there is a clear tension between the need to retain files/data for a period (not least in case of claims) and the Data Protection principles of not retaining data longer than necessary.  Mossack Fonseca had records going back decades.  Review the data that you have/require to retain regularly.  Lockton can provide guidance on this - Contact us for more information.
  3. Defend your data: effective computer security systems are essential.  This does not just mean anti-virus and malware systems, but also systems that detect large outflows of data.  Given that most malicious data thefts are insider jobs, this is very relevant for all firms.

Other protections

Mossack Fonseca can expect major financial consequences from a breach of this nature.  While most firms will not be likely to face targeted attacks of this nature or extent, all law firms hold considerable quantities of valuable confidential data, and need to be alive to the risks.

Your PII policy will respond to claims from clients, but, as previous articles have detailed, will not cover costs such as notification to clients, recovery costs, and legal/public relations expenses.  Cyber insurance can help - but many policies will not cover all types of criminal attack.  Some firms may therefore wish hybrid cyber/crime policies.  Firms with a high risk profile client base or work type should consider most specialist reputational harm policies.

For more information, read our other articles and alerts on information security and cyber risk issues, or Contact Us.

Aggregation Wording:  Court of Appeal decision

Aggregation Wording: Court of Appeal decision

Apr 20 2016

(see also our post on the subsequent Supreme Court decision announced 22nd March 2017)

AIG insured a firm who advised on investment schemes that failed - resulting in over 200 investors making claims against the firm.  AIG had sought to rely on the aggregation clause in MTC policy wording ("similar acts or omissions in a series of related matters or transactions...") which would have limited them to making one payout under the primary policy, of up to £3m.

Court of Appeal decision

AIG had appealed the High Court ruling at first instance, that while there were 'similar acts or omissions' they were 'not part of a series of related matters or transactions' because, in Mr Justice Teare's judgement, that required a degree of dependency between the transactions. 

The Court of Appeal considered this test to be too wide, but only upheld AIG's appeal in part, as "the transactions have to be "related" and that can only mean related to one another" in some intrinsic way.  Importantly, this means that the transactions themselves must have some internal relation. 

While this provides significant additional clarity - and doubtless concern for insurers who may now consider the MTC wording to provide them with even less comfort than they had previously thought, the Court of Appeal ruling proves that the circumstances that constitute 'aggregation' remain something of a grey area that depend on the circumstances of the individual case.

In this particular case, the matter has been returned to the court of first instance (Queens Bench Division, Commercial Court) to consider the specific facts, and we will have to wait for that decision before we are sure whether in this particular case, aggregation will be held to apply or not.

Implications for you, as an insured Practice

Where you are advising on a series of transactions that are linked in some meaningful way, you will need to consider carefully what the potential quantum of liability is.  If you think that there could be a possibility of aggregation applying, speak to your Lockton broker, as you are obliged by the SRA to ensure that you have adequate PII cover in place. 

Even if you do have additional cover above the minimum £2m/3m currently required, the impact of a claim going above your primary limit can be very significant in terms of impact on cost and availability of cover in future.


Workplace health risks examined

Workplace health risks examined

Apr 11 2016
Author Mike Tyler

Lockton Employee Benefits are conducting a workplace health risk survey to gain insight into the current and future risks faced by organisations. Using a 'horizon scanning' technique, we have identified a number of key people risks which we believe are of increasing importance to organisations.

The aim of this survey is to identify which of these risks organisations feel will increase in importance, which they are actively controlling, and which are seen as less of a priority.

Our findings will help to inform our research into how people risk is changing, and provide guidance for organisations on future risks which they may not be actively controlling at present.

We would greatly appreciate it if you could take 5 minutes to complete the survey. You will receive an advanced briefing of our findings as a thank you for your participation. The survey will close on Friday 15th April and all individual responses will remain confidential

The Insurance Act - what you need to know

The Insurance Act - what you need to know

Apr 5 2016

The Insurance Act 2015 has been described as the "the biggest reform to insurance contract law in more than a century", modernising, as it does, key insurance provisions that date back to the Marine Insurance Act of 1906.

Although entitled 'The Insurance Act 2015', the legislation will only apply to insurance contracts (including variations or endorsements to current policies) entered into on or after 12th August 2016 where the governing law of that policy is a UK country.

Who does the Act apply to?

The Act applies to all non-consumers, those being buyers of insurance who are doing so in relation to their trade, business or profession. Therefore the Act applies to ALL solicitor practices in England and Wales when they are seeking renewal of their Minimum Terms and Conditions (MTC) Professional Indemnity Insurance (PII) policy.

Key provisions of the Act

The Act deals with:

  • the Duty of fair presentation of risk, both before a contract incepts and when amended
  • Warranties (including basis of contract clauses)
  • Terms not relevant to the actual loss
  • Fraudulent claims by insureds
  • Good faith

Similarly to the recent changes in regulation to the legal profession, the Act, rather than being a rigid code, sets out principles to be followed, with the aim of being suitably flexible regardless of the size of a firm.

'Duty of Disclosure' replaced by 'Duty of Fair Presentation of Risk'

The Act brings some clarity to the problematic area of disclosure, namely, what to tell your insurer before the start of an insurance contract. Previously known as the 'Duty of Disclosure', this is being replaced with 'Duty of Fair Presentation of Risk'.

What's the difference?

Previously Insurers relied upon 'utmost good faith', Duty of Disclosure was defined as '...every material circumstance which is known to the insured, and the insured is deemed to know every circumstance which, in the ordinary course of business, ought to be known by him...'

whereas Duty of Fair Presentation of Risk is now defined as ...

'Disclosure of every material circumstance which the insured knows or ought to know, or failing that, disclosure which gives the insurer sufficient information to put a prudent insurer on notice that it needs to make further enquiries for the purpose of revealing those material circumstances'.

 'Disclosure in a manner which would be reasonably clear and accessible to a prudent insurer'.

 Every material representation as to a matter of fact is substantially correct, and every material representation as to a matter of expectation or belief is made in good faith'.

The Act does however state that a 'fair presentation' does not have to be made in a single document or oral presentation. All information which has been provided to the insurer by the time the contract is entered into will therefore form part of the presentation to be assessed for the purposes of considering whether or not the presentation is fair.

This is intended to recognise that the insurer may need to ask questions about the information in the initial presentation in order to draw out the information it requires to make the underwriting decision, so there may be a series of exchanges.

More onus on Insurers to ask the relevant questions

The Act puts more onus upon the insurers to make sure that they do ask the appropriate questions in order to assess your risk.  Nonetheless, insureds need to make sure that a full investigation is undertaken relating to the risk and that the outcome of such investigation is presented to the insurers in a clear and structured way.

Traditionally, for the majority of policies, insurance contracts could be cancelled 'ab initio' for non disclosure.  The Minimum Terms and Conditions for Solicitors PII are a rare exception to this - on the grounds of public protection, nonetheless non-disclosure can still have serious implications on the cover provided.  Solicitors need to remember that the majority of other insurance polcies they hold are subject to ab initio cancellation.  Whilst this remains a possibility under the Act, the circumstances in which this can occur have reduced.

However there are other remedies available to insurers for a breach of the duty of fair presentation of risk - and solicitors remain obliged to take every precaution to avoid any misrepresentation or lack of disclosure in their proposal forms.

What is the impact for you?

(i)  More detailed Proposal forms in some cases

While you can expect to see some changes in proposal forms, particularly round any declarations you are required to sign, the Legal Profession should not be impacted unduly by the introduction of the new legislation (though see paragraph (iii) below).   This is in large part because prudent PII insurers have always had quite extensive proposal forms in order to properly quantify the risk, and price your policy accordingly. 

We have already noticed an increase in the length of some proposal forms, however, and we are likely to see an increase in the number of quotations issued subject to additional questions (subjectivities).

(ii)  more detailed due diligence required

The duty of fair presentation of risk requires you to act differently in respect of your disclosure investigations than you did under the duty of disclosure and we would recommend that you start this process early and collate evidence of your investigations in case of any future disputes with insurers.  You should present information clearly and flag material issues to insurers. 'Data dumping' is prohibited.

You will need to be able to summarise and document:

  • who has been consulted
  • what information was asked for
  • how the information has been collated and checked

Effective due diligence and a comprehensive proposal form response is likely to assist ensure a faster renewal process in the long-term with fewer subjectivities.

For more information on the duty of fair presentation of risk please download our guidance note, using the link below.

(iii)  Changes to MTC wording:  insurers more likely to seek re-imbursement from insured practices who fail to disclose properly

The Act has no impact to the extent of coverage that the insurers will be offering:  the priority of policy continues to be the protection of the public.

The SRA have issued an amendment to the Minimum Terms and Conditions citing the Act, It now provides insurers with broader grounds for seeking reimbursement from an insured practice, where information has not been fairly disclosed.  It is therefore important that you fully comply with the Act.

How Lockton can help

We can help advise you on your renewal process, and provide assistance with any queries you may have about how to complete your proposal form or the due diligence you should be undertaking in order to comply with the new duty of fair representation.

Engage with your Lockton Account Manager early - and don't hesitate to get in touch with any queries you may have.

You can also download both our Guidance on the Insurance Act and our latest client briefing on the Duty of Fair Presentation of Risk using the links below.



Have your say on the future of Client Accounts

Have your say on the future of Client Accounts

Mar 24 2016

The rise in cases of fraud, and the consequential exposure of law firms to high value claims, has led to the SRA suggesting the potential removal of client accounts.  This is already the case in some jurisdictions, such as Singapore.   While it is hard to prove a consequential link, the quantum of claims in that jurisdiction is certainly much lower than in the UK.

The Law Society has expressed concern regarding the proposals, and is keen to elicit a wide range of views from members regarding the pros and cons of the status quo and various alternatives.

Responses must be lodged by 6th May.

For more information - visit the Law Society's Client Account consultation page.

Don't forget to check out Lockton's range of fraud risk guidance for more information about how to protect yourself against such risks.

Budget sees further IPT rise

Budget sees further IPT rise

Mar 16 2016

In his budget The Chancellor increased insurance premium tax (IPT) from 9.5% to 10%. This is the second IPT rise in under a year following the increase from 6% to 9.5% in November 2015.  In his budget statement, George Osborne cited "the increasing extreme weather events our country is facing" as grounds for the half percent rise.  He will "commit all the extra money we raise to flood defence spending. That's a £700 million boost to our resilience and flood defences.”

Despite the steep hike in rates from 6% less than a year ago, the UK rate is still below the European average.

What you need to know

The new rate will apply to all insurance policies incepted from 1 October 2016.  For any amendments made after this date, but to policies already in place at 1 October 2016, the lower rate of 9.5% will apply.  This will be the case until 1 February 2017, at which point 10% will be applicable on all transactions.

There is no change to the higher IPT rate of 20% (this applies to a number of personal lines insurance, such as travel insurance).

HMRC has introduced anti-avoidance rules to prevent the use of artificial arrangements to avoid the IPT increase.  If you will be renewing an insurance policy, or placing a new cover ahead of the 1st October deadline, and are considering the option of an extended term, or you have a policy with 'cancel and replace' arrangements in place, speak to your Lockton account manager to discuss the IPT implications.

Further advice

You can download our guidance note on the implications of the IPT rate rise - simply click on the link below.  For more detailed advice regarding the specifics for your business, speak to your usual Lockton contact .   We can help you:

  • review your insurance programmes to ensure that they remain efficient and appropriate for your business; and
  • comply with HMRC's IPT anti-avoidance rules.  

Anti Money Laundering:  Keeping ahead of the curve

Anti Money Laundering: Keeping ahead of the curve

Mar 11 2016

Anti Money Laundering is on the agenda - particularly for law firms.  The SRA carried out a number of inspections over the last year, in advance of the inter-governmental Financial Action Task Force promising to audit UK law firms in 2017, via a series of no-notice inspections.  Your firm could be one of the firms inspected.

If that wasn't reason enough to take notice, breaching the money laundering regulations could lead to up to a 5m euro (or 10% of turnover) fine, and if you are the MLRO for your firm, a prison sentence of up to 14 years.

New Legislation

The latest EU Money Laundering Directive came into force last year.  The UK government has until mid 2017 to implement this into national laws.  They will include new obligations on firms in relation to client due diligence, and new obligations to report suspicious transactions and record details of payments.

A concern of many MLROs has been the potential for liability to clients where they have been prejudiced by an Suspicious Activity Report (SAR) having been made.  The 2015 Serious Crime Act provides new protections for firms in this regard.

AML Webinar

Our recent webinar, presented by Sam Palmer, Ashford's Head of Professional & Financial Risks, explains the practical implications of the swathe of new AML legislation recently introduced or in the pipeline.  Sam is particularly well versed in the subject having been responsible, during her tenure at the SRA, for leading their AML focus.  You can download the slides that accompany this webinar using the link below.

The webinar provides practical guidance on:

  • avoiding Tipping off, and defending allegations of tipping off
  • the new client due diligence requirements ('Know Your Client' is no more!)
  • Sanctions and PEPs (Politically Exposed Persons).  Note:  these are more prevalent than you might think.
  • effective record keeping
  • recent cases

Other Resources

As part of Lockton's commitment to providing clients with useful resources, we are putting an increasing range of resources online. Look out for further resources being launched in the coming weeks.

For firms that do not already have any form of File Opening/Client and transaction vetting checklist, we provide a simple template that you can use.  This is available for clients to download via the logged-in client portal.

You can watch our AML webinar at any time, and share it with colleagues.

If you want to run your own in-house training, we have a powerpoint presentation template you can download.  Just click on the link at the end of this article.

Ashfords also can provide a review of your firms policies and procedures, and/or provide bespoke AML training for you in house.

For more information or guidance on AML matters, contact Calum MacLean.

No longer a Safe Harbour for your data?

No longer a Safe Harbour for your data?

Feb 22 2016

In October 2015 the European Court of Justice (ECJ) invalidated the Safe Harbor principles agreed to by the US and the European Union (EU) that facilitated the transfer of data of EU citizens to the US. Even before the ECJ issued its judgment US and EU were working on what was informally referred to as “Safe Harbor 2.0”. Those efforts intensified over the past few months on account of the judgment.

On February 2, 2016 the negotiations bore fruit. Well, almost. On that date the EU announced that an agreement has been reached to replace the Safe Harbor with the “EU-US Privacy Shield”. While we have that great new metaphorically distinct name, we don't actually have a formal agreement yet.  We do nonetheless know what the agreement will include:

  • US companies moving data from the EU to the US must “commit to robust obligations on how personal data is processed and individual rights are guaranteed”.
  • The US Federal Trade Commission (FTC) will monitor US companies' compliance with the Privacy Shield, and will be able to enforce the agreement.
  • US companies handling human resources data from the EU must comply with the decisions of European data protection authorities (DPA).
  • “Clear limitations, safeguards and oversight mechanisms” applying to US public authorities' access to EU citizens' information. These will effectively eliminate indiscriminate mass surveillance of EU citizens. An annual joint review by the EU and US will monitor compliance.
  • EU citizens will be able to lodge complaints with US companies, and those companies will have a deadline to respond.
  • EU DPAs will be able to refer citizen complaints to the US Commerce Department and the FTC.
  • EU citizen complaints about the misuse of their data can engage in alternative dispute resolution proceedings with the US company involved at no charge to them.  The US Commerce Department has stated that companies will commit to arbitrating complaints as a last resort.
  • An ombudsman will be created to investigate complaints regarding access of personal data by US national intelligence authorities.

The Privacy Shield clearly was created to address concerns in the ECJ's judgment regarding generalized access to personal information by US authorities and the absence of any means for EU citizens to challenge the handling of their data. Whether the Privacy Shield resolves those concerns and truly proves to be a shield for US companies (as well as for EU citizens) remains to be seen. Until we have a draft framework to look at it will be difficult to analyze whether the Privacy Shield will pass muster with the ECJ.

A legal challenge to the framework does seem likely though, so it is very possible the ECJ ultimately will end up deciding the issue.

What should companies do in the interim? US Companies can still use model contract clauses and binding corporate rules to comply with EU law. Some have questioned the validity of these methods in light of the Safe Harbor decision. With that in mind, at the moment the only method of handling EU citizen data that is certain not to violate EU law is to store it in the EU and thereby avoid transferring it to the US altogether.

You can read more on Lockton's Cyber Security blog.

How safely do you use Social Media?

How safely do you use Social Media?

Feb 17 2016

Social media is a great tool for interacting with clients, vendors and peers, communicating with   family, or connecting with old friends. However, far too often, people willingly give up their personal privacy by oversharing information. Cybercriminals can use information posted to social media sites to gain fraudulent access to personal or company accounts through sophisticated phishing techniques.

Follow our four tips to help you protect your privacy, reduce the risk of fraud, and protect your reputation:

  • Be thoughtful about your privacy settings. Take time to review and set appropriate privacy settings for each social-networking site to determine who sees your personal information.
  • Be cautious about who you connect with. Only “act” online how you would feel comfortable “acting” offline: Don't feel obliged to accept invitations to connect from strangers. Cybercriminals can hide behind fake profiles. Talk to your family and children about appropriate social-networking activities. Kids often compete to see who can get the most friends or “likes” because it makes them look popular. Warn them about the dangers of friending total strangers.
  • Think before you click. Just like in email, malicious links or attachments can be shared through social networking. Studies show, people are more likely to trust links shared by friends. Be mindful accounts may have been compromised by cybercriminals.
  • Be mindful of what you share. Think before you post, and ask yourself, could this information be used against me in the future? Never post confidential information or personally identifiable information. Teach your children that the information they post today could be used against them in a future college or job interview.

If you do not already have a policy in place regarding the use of social media, download our template Internet and Electronic Communications policy, provided in conjunction with Lexisnexis PSL.

Law Society reports that 'business as usual' not an option for law firms

Law Society reports that 'business as usual' not an option for law firms

Feb 10 2016

The Law Society of England & Wales has just published their report 'The Future of Legal Services'.  Based on consultation with a number of firms, a review of literature and three panel discussions it makes scary reading especially if you are a lawyer in a traditional high-street firm.  The report envisages the legal market in 2020. 

The Report's findings - in brief

The report's underlying conclusion is that ''Business as usual' is not an option.

  • There will be greater competition from unregulated or non-lawyer providers and in particular for traditional 'retail' firms dealing with family, wills, personal injury and conveyancing
  • Technology is key to survival
  • Clients will be looking to buy legal services in different ways in future
  • Many solicitors are approaching retirement with no viable plan for exiting their firm

Changing demographics

The Law Society predicts that by 2020 there will be more lawyers working in-house and in 'B2B' (business to business) environments, with a corresponding decrease in the number of lawyers working in consumer-facing firms.  At the same time, opportunities for solicitors in non-traditional environments may increase.

They also envisage that for the first time, women solicitors will make up more than 50% of the profession.  Worryingly, the number of solicitors approaching retirement age is also increasing and many of these have no clear exit route and may find the cost of closing their firm is unaffordable.

A much greater use of technology is likely, with lawyers diversifying into project management and business skills while using IT systems to automate parts of the legal process. 

Changing client needs reflected in structural changes in law firms

Globalisation will also have a significant impact on the Top 200 firms, with new entrants from emerging markets and changes to the global economy forcing firms to adapt. 

Consumers of legal services are becoming much more sophisticated – they want to buy services as they are needed, and at a fixed price.  Corporate consumers are likely to use more than one law firm, sending different types work to the cheapest provider.

Corporate legal departments will no longer operate as an in-house law firm but will have responsibilities throughout the business. 

There will be greater competition from unregulated providers, and from non-lawyer entities such as licensed conveyancers.  Some law firms will de-regulate to take advantage of these options.

What does this mean for you?

Technology  is one of the five main drivers identified