One of my favorite lawyer songs is the Warren Zevon classic “Lawyers, Guns and Money”. I was reminded of that song when I sat on a panel on Wednesday with Dan Chapman and Mike Volkov, where we discussed recent enforcement actions and due diligence under the Foreign Corrupt Practices Act (FCPA). Dan is the Chief Compliance Officer (CCO) at Parker Drilling here in Houston and one of the points he raised was the company’s need to put their outside counsel through FCPA due diligence similar to other vendors. He said that law firms would yell, scream, kick and whine vociferously that their collective honor was being questioned but Dan made clear that foreign (and sometimes US) outside counsel often deal with foreign governmental officials.
It’s been since the last millennium since I practiced law in a law firm, other than in my current incarnation as a solo practitioner. So to say things have changed for law firms in the 12+ years since I practiced with other lawyers might be saying that ‘water is wet’. I thought about how much things have changed as I was perusing this week’s edition of the Texas Lawyer and saw an article, entitled “Simple Steps to Prevent Fraud at a Firm”, by Jacob Harris, Assistant District Attorney for the Dallas County District Attorney’s Office, Specialized Crimes Division. Harris believes that when lawyers focus on the practicing of law and relegate everyday business responsibilities to non-lawyers, they expose the firm to theft and fraud. He writes that the best way for lawyers to reduce their law firm’s fraud risk “begins with the attorneys in charge getting more involved with their firm’s everyday business affairs.” To this end Harris proposes five “simple, routine tasks that significantly lower a firm’s fraud risk.”
- The lawyer in charge should receive and open mail. By personally receiving mail, an attorney can insure that no person in the firm has manipulated any items such as bank/credit card statements, vendor invoices or other types of mail which might involve or include accounts requiring payment. A common method used by fraudsters is “white out fraudulent transactions, making a copy of the statement and then replacing the statement into the envelope.” By reading all mail personally, a lawyer can assure this does not occur.
- That lawyer should also review statements and invoices. Embezzlers can often set up personal bank accounts with the same name as the firm accounts. Lawyers need to check for multiple payments on the same accounts, multiple payroll checks to the same person for the same payroll period and for checks to unknown persons and vendors. Invoices and payments should be matched up contracts for services or the purchase of goods.
- The attorney in charge should check online financial sources to review statements regularly and make sure that no one has changed passwords. With the increasing paperless world, banking is transacted online. More than one person at a law firm should know online and software passwords. This enables more and better monitoring.
- Owners and partners should understand who works for the firm and what everyone’s duties are at the firm. Just as with non-law firm businesses, there should be a segregation of duties as it reduces the chance of fraud and is a basic internal control technique of fraud prevention. Further knowing who works for a firm can prevent the “ghost-employee scam.”
- Lawyers should not assume others will detect fraud for them. Harris points out that “banks and certified public accountants normally do not catch thieves.” Simply because a check is made out to one party, does not mean that the same check cannot be deposited into a fraudster’s account. Further a fraudster may be operating with someone at a bank so lawyers need to verify that money sent to be deposited has actually been posted to the law firm’s back account.
Harris ends by noting that “by understanding how a [law] firm is vulnerable to fraud and making the proper adjustments to business practices, a firm can minimize its everyday fraud risk.” I found it useful to review some of these basic controls that my colleague Henry Mixon continually preaches on, many law firms neglect these basic controls. Dan Chapman’s comments on law firms as third party service providers who represent companies in front of government officials should also let lawyers know that companies may well begin anti-bribery due diligence on them. US law firms with international clients should also remember that if they represent a UK company in the US, it is the US law firm which is the international entity and that a UK company may be required under the UK Bribery Act to perform due diligence and require Bribery Act compliant anti-bribery terms and conditions included in the engagement letter.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.