on 25-06-2018 02:53 PM
Don't panic @jgusew! Interesting point you raise though.
It's very similar to using a Facebook/Twitter account in the wrong way, the individual who created the account would be responsible unless another individual can be identified. If the latter is the case, say a rogue employee is bad mouthing their own company on Community, we would moderate the posts, suspend the user then clarify the situation offline.
on 25-06-2018 06:43 PM
While I agree in principle to your suggestions and thank you for the opinion. I feel this limits the service provided to clients.
In a world that is digital based it is the little things that allow our clients to have a client centric experience, the human touch. For my business, that would rule out your suggestion as I would not quantify that a client can only draw funds from the same bank as there mortgage, or only deposit funds into the same bank as their discharging bank.
My opinion is not one of what is right or wrong for cyber safety. Rather an opinion focusing on client experience and what you offer your client.
on 26-06-2018 08:44 AM
One should not see client service and client protection as mutually exclusive @PetaStewart.
In this case the priority must be on client protection, with client service and satisfaction flowing from our ability and preparedness to make the changes necessary for such protection.
For example, if a client wants to use my trust account and have funds delivered to their nominated bank account I will probably require a copy of a bank statement with the name of the account as well as the account number highlighted by the the client, together with a photocopy of the document signed by the client. This may be a little inconvenient for the client, but when it is explained that lawyers' trust accounts are now a prime target for hack attack the client will feel that they are being well served.
Correct marketing of cyber-security is also part of the solution.
on 26-06-2018 08:55 AM
Spot on @LawyersConveyancing
Correct marketing is very relevant at the moment with a few things.
@PetaStewart remember when we were at the conference and the talk on Trust came on. Trust and technology are becoming very important.
I am sure you would agree that in the beginning, asking someone to do a VOI and Client Authorisation there was a tiny bit of reluctance on our part (until we knew what we were asking) - i know that when i portray confidence, i gain the trust of the client. Just yesterday i noticed as i spoke to a client about VOI over an app, i stumbled when i interrupted my thinking with hang on, i am asking someone ive not met to put their identity documents into an app on their phone! In order so someone that they have never met can receive them!!! How dodgy does that sound for someone over the phone. For that brief moment i noticed i potentially could have lost their trust, so i began trying to understand what they must think at that moment and reassure them of the security measures in place.
on 26-06-2018 09:19 AM
Yes Peter, I 100% agree with that response.
My point is not to limit the importance of cyber security or for it to be in exchange for customer service. Moreover that every firm needs to adopt their own internal policies to ensure they are providing a client centric experience whilst still upholding a maximum level of cyber security.
You should not need to limit the client service because of strict cyber policies, rather be able to enhance it.
26-06-2018 09:22 AM - edited 26-06-2018 09:23 AM
Good point @PetaStewart
Sometimes following something by the book becomes routine and presents risks in itself.
example - you need to have clients in order to protect them lol
on 26-06-2018 09:29 AM
Agreed. We are an evolving industry and we must continue to evolve. That means continuous review of internal policies etc.
In an era where many firms are concerned about e-conveyancing limiting the service they provide clients, staff being put off, becoming redundant etc....this is the opportunity to bring trust and growth into your business by focusing on the human touch. That will create business/profit.
How each firm does this is up to them.
My point is that do not use cyber risk as a reason to limit your service. Rather, acknowledge it, build policies and procedures. It is an opportunity to show case how your business is at the forefront of trust, security AND customer centric experiences.
on 26-06-2018 09:48 AM
I don't think that any of us in this industry seek to use cyber-security as a reason to limit client service @PetaStewart, so let's put that to one side.
I think a genuine problem in the industry is the belief among practitioners that ensuring that responsibility is correctly passed to those best placed to accept and discharge it somehow equates to a lowering of client service.
For example, our experience is that a client will lodge a Discharge Authority telling their bank to collect surplus funds at settlement, but the bank invariably tells us, via a PEXA conversation that they will not accept surplus funds and that we must accept these funds into our trust account. Some practitioners will say that by standing up to the bank and arguing against taking the funds into our trust account we are not providing good service to our client. However, given that lawyer trust accounts are now a prime target for hackers, I feel that my firm is championing our clients' right to security.
The same goes for receiving top-up funds.
As my trust account is in the hacker's cross hairs, I am standing up for my client and providing an enhanced service when I insist that top up funds should be channeled through the mortgagee and not through my trust account.
In both cases the mortgagee is better able to deal with the security issues associated with funds moving between accounts than my suburban law practice, and therefore it is appropriate that responsibility for these funds should rest with the mortgagee.
We need to develop a collective mindset about proper apportioning of responsibility between the parties, and drop the notion that change should always be seen as being at the expense of customer service.