The Association of Digital Forensics, Security and Law (ADFSL)
The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. We simultaneously carried out a survey to see if the trends identified in our case-studies could be backed up with broader quantitative data. We have also conducted in-depth interviews of five trust account regulators from the Law society of South Australia to know their view points on security threats on trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account data. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff.
Beare, M & Schneider, S. (2007), Money laundering in Canada: Chasing dirty and dangerous dollars, University of Toronto Press, Toronto, Canada.
Choo, K.K.R, Smith, R.G and McCusker, R, (2007), Future directions in technology-enabled crime: 2007-09, Research and Public Policy Series Report no. 78, Australian Institute of Criminology, Canberra.
Clark, N, (2007), The Impact of Recent Money Laundering Legislation on Financial Intermediaries, Journal of Financial Crime, 3 (2): 131-47.
Cooper, C, (2006), Combating the cyber crooks, Australian Law Management Journal, Winter: 6–8.
DeLacerda, M and Murdock, D, (2004), Ethics and professional responsibility: The trustworthy trust account, Oklahoma Bar Journal, 74 (34): 3393-96.
Fourth Report on the Legal Profession: Solicitor’s Trust Accounts, 1984, http://www.lawlink.nsw.gov.au/lrc.nsf/pages/R44TOC viewed on 9 March, 2009.
Genzman, L, (1997), Responding to organised crime: Laws and law enforcement, In: H Abdinsky (Ed) Organised crime, Wadsworth, Belmont CA, p. 342.
IMF (2007), Anti-Money laundering/Combating the financing of Terrorism, http://www.imf.org/external/np/leg/amlcft/eng/ viewed on 9 December, 2008.
Jenkins, R, (2008), Lawyer took paralysed client’s £1.2 million pay out, Times, http://www.timesonline.co.uk/tol/news/uk/crime/article3701640.ece Viewed on 9 July, 2008.
Law Society of Upper Canada (2005), Law Society Disciplines Lawyers, Viewed on 17 November 2007.
Mark, F, (2004), Moser clients fear funds are missing, Arkanas Business, March 8, http://www.allbusiness.com/legal/legal-services-litigation/9253324- 1.html Viewed on 25 November, 2008.
Mark, S, (2007), Money Laundering and Trust –What Role for Lawyers?, Anti-money Laundering Conference, March 2007, Sydney Australia.
Nelson, S, and Simek, J, (2005), Disgruntled employees and systems security, the enemy within, Sensei Enterprises, Viewed on 8 July, 2008.
Price Waterhouse Coopers (2007), Global state of information security study, Viewed on 20 September, 2008.
Sakurai, Y, and Smith, G.R, (2003), Identifying and responding to risks of serious fraud in Australia and New Zealand, Trends and Issues in Crime and Criminal Justice, No.270, Australian Institute of Criminology, Canberra, pp. 1- 6.
Sunday Mail, November 12, 2006, ‘Law firms missing millions’, Viewed on 24 November, 2008.
Thomson, I, (2008), Insiders, not hackers responsible for corporate data loss, IT News, Volume 10.
"Trust Account Fraud and Effective Information Security Management,"
Journal of Digital Forensics, Security and Law: Vol. 5
, Article 3.
Available at: http://commons.erau.edu/jdfsl/vol5/iss3/3