Getting ahead of APP fraud in the legal sector

The ever-changing technology landscape brings with it new challenges, especially with the rise of cybercrime. A growing concern is Authorised Push Payment (APP) fraud, which is becoming a significant threat to the legal sector. Law firms dealing with high-value transactions and sensitive client information are particularly at risk, and as they implement technological advancements into their operations, they may heighten their susceptibility to further targeted attacks. By Scott Newby (pictured) , Director of Compliance & MLRO at Shieldpay. 

The seriousness of this problem can be seen in statistics compiled by UK Finance. Their data reveals a staggering loss of £239 million to APP fraud in the first half of 2023 alone, highlighting the significant challenge facing law firms. To mitigate the risk of falling victim to APP fraud, they need to improve their internal processes and systems to tackle the growing threat it poses.

Strengthening defences and empowering stakeholders

A crucial defence mechanism for banks and non-bank payment service providers against APP fraud is the use of Confirmation of Payee (CoP). CoP serves as a verification tool that enables firms to authenticate payee details before processing transactions. Implementing CoP protocols can reduce the risk of falling victim to fraudulent payment requests, paying to an incorrect payee, safeguarding client assets and reinforcing trust.

Artificial Intelligence (AI) is also increasingly being utilised by firms to strengthen their fraud controls. By noticing suspicious transactions before they escalate into fraudulent payments, AI-powered fraud tools are helping law firms minimise the impact of these attacks.

Moreover, securing communication channels not only prevents unauthorised access to sensitive information but also ensures the integrity of client communications. By implementing these protocols, law firms can create fortified digital pathways through which sensitive data flows securely. This proactive approach not only safeguards against malicious actors, but also helps to strengthen relationships with clients to build trust. 

Combatting APP fraud requires a collective effort from all stakeholders. Law firms can start by prioritising education initiatives that equip staff and clients with the tools to identify and thwart scams like CEO fraud, impersonation, and invoice scams, amongst others. Alongside this, law firms can empower their people by providing access to user-friendly resources that arm them with accessible and intuitive tools. By fostering a culture of vigilance and awareness, firms can fortify their defence mechanisms and mitigate the risk of financial loss and reputational damage.

Collaborating with external support to maximise security

Staying ahead of the curve in the fight against APP fraud requires a multi-faceted approach. Continuous monitoring and evaluation of internal processes is crucial to addressing potential weaknesses. Leveraging the expertise of external specialists by embedding a third-party managed account (TPMA) solution can equip law firms with the necessary tools and knowledge to mitigate threats.

By embracing a dynamic strategy through internal awareness and external support, law firms can build a robust defence against cybercriminals. By reinforcing security with investments in the latest technology and establishing a culture of awareness, law firms are able to safeguard their operations against APP fraud and uphold the most important aspect of client relations – trust.