The North Carolina State Bar released an ethics opinion regarding an attorney’s responsibility when a client’s money is stolen by a hacker. The ethics opinion, which did not address the legal liability of the attorney in such situations, focused on the attorney’s duties to maintain computer security. Attorneys should educate themselves about the risks of security banking and hire technology consultants for any advice. Staffers should be adequately trained on trust-account management and taking proper safety measures when it comes to client’s confidential information.
Attorneys have an ethical responsibility to replace the client’s stolen funds if the attorney’s failure to take safety precautions was the proximate cause of the trust account theft. In plain language, the attorney should replace the funds if the funds were lost as a result of the attorney’s mistake. The opinion provided a hypothetical scenario in which a lawyer carelessly wires money to a spoof email set up by a hacker. The lawyer had previously been told to contact the seller by phone before any transactions, but he did not bother to do that. As a result of the lawyer’s mistake, his client lost money. Instead of immediately wiring the money, the lawyer should have contacted the seller directly. By doing this, he might have found out about the hacker’s spoof email. In this case, the lawyer has an ethical duty to replace the funds.
Lawyers are advised to immediately notify their client of any stolen money and help them identify ways to cover the losses. The hope is that lawyers will be more careful with their client’s funds and take the best security measures to protect their client’s personal information. These ethical standards from the North Carolina State Bar are only standards and cannot be imposed on attorneys. There may not be a clear-cut answer on whether or not attorney’s should replace hacked client funds, but the State Bar has attempted to outline a set of ethical guidelines.
Source referenced: ABA Journal