Dreamvar - a solicitor’s worst nightmare
12 October 2018
No solicitor in Northern Ireland can fail to notice the regular scam alerts circulated by the Law Society of Northern Ireland which contain warnings of increasingly sophisticated cyber frauds being targeted at solicitor firms across the province. Thanks to these regular alerts, we are all aware of the risks of cyber frauds and attacks, and an email from an unfamiliar source containing a hyper link will hopefully raise alarm bells with most solicitors and staff members.Similarly, many firms have enhanced their procedures around the transfer of funds in an effort to protect against the risk of the dreaded ‘Friday afternoon fraud’, a term which has entered into common parlance. However, despite this increased awareness of cyber crime, we are perhaps less familiar with other types of fraud which could leave solicitor firms equally at risk and out of pocket.
In May this year, judgement was handed down in the appeal of Dreamvar (UK) Ltd v Mishcon De Reya (a firm). It was heard jointly together with the appeal in a similar case, P&P Property Ltd v Owen White & Catlin LLP and another. The appeals raised common issues about the liability of solicitors and estate agents in cases involving identity fraud.In both cases the fraudster posed as the owner of property in London and he instructed solicitors and agents to act for him on the sale of the property. Both sales proceeded to completion, however, following transfer of the purchase monies, it was discovered that the fraudster was not the true owner of the properties. By that stage the fraudster had, of course, disappeared with the purchase funds.
In the Dreamvar case, the purchaser brought proceedings against its own solicitors, Mishcon de Reya (“MdR”) and against the vendor's solicitors, Mary Monson Solicitors Ltd (“MMS”). To the relief of conveyancing solicitors, it was held that MdR was not negligent. MdR took reasonable care to identify risks of fraud to its client. However, of great concern to solicitors was the finding of the Court that MdR was nonetheless liable to its client for breach of trust. The Court held that, in accordance with normal conveyancing practice, when MdR received the purchase monies from its client it held the money on trust for its client to be paid to the purchaser on completion of the sale. In this case, because the vendor was fraudulent, the Court held that there was no ‘true’ completion and therefore the money was released in breach of trust. As a result, MdR was held liable to refund the trust monies to its client and was liable to pay to its client over £1million plus interest. Meanwhile, the claims against the vendor’s solicitors were dismissed.
At appeal, the finding against MdR was affirmed that, although it had not been negligent, it was nonetheless liable in breach of trust. However, the Court of Appeal held that the vendor’s solicitors, MMS, had also acted in breach of trust by paying the funds out to the fraudster when there was no true completion of the sale. MdR sought relief from liability under s.61 of the Trustee Act, on the basis that they had acted honestly and reasonably and ought fairly to be excused. However, whilst the Court accepted that MdR acted honestly, it did not accept that it ought fairly to be excused and it therefore refused to grant relief to MdR. At appeal, Lady Justice Gloucester stated that she would have granted relief to MdR under s.61 however, unfortunately for Mishcon de Reya, she was in the minority and therefore the original order against it stood.
There is no doubt that the Dreamvar case represents a solicitor’s worst nightmare - despite not being negligent, the solicitors were held liable for the loss of completion monies as the result of a crime perpetrated on their client. It is easy to see how the reasoning in this case could be applied to any instance in which a solicitor pays away client money in circumstances where it should not have done so. There is a risk that solicitors could be liable in breach of trust even if the solicitor has fallen foul of the most sophisticated and believable of scams.
Clearly the importance of strong IT security and staff training in relation to cyber crime risks cannot be overstated. However, it is also important not to get so caught up in the now-classic examples of cybercrime and ‘Friday afternoon fraud’ that we overlook the dangers which are also posed by identity fraud and the importance of the familiar advice: Know Your Client.