Feb. 20, 2019 – The Wisconsin Supreme Court Rules surrounding trust accounts are complex. With a recent rule change, lawyers may use just one trust account – but what about the insurance requirements?
Question
I recently established my own firm and, for now at least, it will be just me, so I am interested in having things run as smoothly as possible.
I was a bit surprised at the length and complexity of the trust account rule (SCR 20:1.15), and was hoping to be able to accept electronic payments into the trust account.
One lawyer told me I would have to maintain two trust accounts to do that, which is something I want to avoid. Another lawyer told me they thought there would be a way to do it, but that I had to obtain special insurance for the trust account. I called my malpractice insurance company and they did not seem to know what I was talking about.
Is there a way I can have one trust account that permits electronic transactions, and if so, what type of insurance do I need?
Answer
Lawyers were traditionally prohibited from permitting electronic transactions into or out of trust accounts. The purpose was to ensure that adequate records were kept, and to lessen the risk of loss of client funds due to mistake or malfeasance.
Tim Pierce is ethics counsel with the State Bar of Wisconsin. Reach him by email or through the Ethics Hotline at (608) 229-2017 or (800) 254-9154.
In 2007, the Wisconsin Supreme Court adopted amendments to SCR 20:1.15, which permits lawyers to establish “credit card trust accounts.” The rule allows lawyers to receive electronic transfers, but required lawyers to have a second “non-credit card trust account” to which the funds needed to be transferred by check.
In 2016, SCR 20:1.15 was amended again. The 2016 amendments were extensive, and a full discussion is beyond the scope of this brief article, but readers who wish for a comprehensive discussion of those changes should consult the June 2016 Wisconsin Lawyer magazine.
The amendment that is relevant to the question here is SCR 20:1.15(f)(3), which reads:
c. Alternative to E-Banking Trust Account. A lawyer may deposit funds paid by credit card, debit card, prepaid or other types of payment cards, and other electronic deposits into a trust account, and may disburse funds from that trust account by electronic transactions that are not prohibited by sub. (f)(2)c., without establishing a separate E-Banking Trust Account, provided that all of the following conditions are met:
-
The lawyer or law firm maintains commercially reasonable account security for electronic transactions.
-
The lawyer or law firm maintains a bond or crime policy in an amount sufficient to cover the maximum daily account balance during the prior calendar year.
-
The lawyer or law firm arranges for all chargebacks, ACH reversals, monthly account fees, and fees deducted from deposits to be deducted from the lawyer’s or law firm’s business account; or the lawyer or law firm replaces any and all funds that have been withdrawn from the trust account by the financial institution or card issuer within 3 business days of receiving actual notice that a chargeback, surcharge, or ACH reversal has been made against the trust account; and the lawyer or law firm reimburses the account for any shortfall or negative balance caused by a chargeback, surcharge, or ACH reversal. The lawyer shall reimburse the trust account for any chargeback, surcharge, or ACH reversal prior to disbursing funds from the trust account.
This provision now allows lawyers to conduct electronic transactions with only one trust account and one business account, which was previously not possible.
Need Ethics Advice?
As a State Bar member, you have access to informal guidance and help in resolving questions regarding Wisconsin’s Rules of Professional Conduct for Attorneys.
Ethics Hotline: To informally discuss an ethics question, contact State Bar ethics counselors Timothy Pierce or Aviva Kaiser. They can be reached at (608) 229-2017 or (800) 254-9154, Monday through Friday, 9 a.m to 4 p.m.
Thus, the lawyer using this alternative could accept an electronic payment of advanced fees directly into the lawyer’s only trust account and electronically transfer the fees to the lawyer’s only business account when the fees were earned. An initial obstacle to lawyers adopting this model proved to be the difficulty in obtaining the required “bond or crime policy” which was NOT cyber insurance or malpractice insurance, as many initially thought. What is required is a policy specifically designed to protect against theft or loss of funds from computer fraud or employee theft.
To address this issue, the State Bar worked with the Office of Lawyer Regulation and insurance companies to develop a product that meets the requirements of SCR 20:1.15(f)(3). These policies are available now and complete information is available on the Membership & Benefits page of the State Bar’s website.
Because this was a collaborative effort with the Office of Lawyer Regulation, they have agreed that the policy offered meets the requirements of SCR 20:1.15(f)(3)c.2, and a statement to that effect may be found on the State Bar’s webpage discussing the coverage policy.
With respect to “commercially reasonable account security,” the rule does not provide specifics. SCR 20:1.15(f)(1), however, states:
Security of transactions. A lawyer is responsible for the security of each transaction in the lawyer’s trust account and shall not conduct or authorize transactions for which the lawyer does not have commercially reasonable security measures in place. A lawyer shall establish and maintain safeguards to assure that each disbursement from a trust account has been authorized by the lawyer and that each disbursement is made to the appropriate payee. Only a lawyer admitted to practice law in this jurisdiction or a person under the supervision of a lawyer having responsibility under SCR 20:5.3 shall have signatory and transfer authority for a trust account.
The Office of Lawyer Regulation provides the following guidance:
This new rule requires lawyers to communicate with their financial institution as to what is "commercially reasonable" based upon the specific types of ebanking that a lawyer plans to use. It is very likely that security measures will evolve over time in response to the evolution of cyber threats and that minimum security requirements for the lawyer or law firm to follow will be identified in an agreement with the financial institution. At this time, commercially reasonable security measures may include some or all of the following:
-
A dedicated computer for e-banking that is not connected to the firm's server that has software protection against malware, spyware, and viruses;
-
Education of lawyers and law firm staff on corporate account takeover, social engineering techniques, and other cyber threats;
-
ACH debit blocks;
-
ACH positive pay;
-
On-line review of account activity at least daily;
-
Security Tokens for two-factor authentication (Tokens are small hardware devices with a PIN number and a time sensitive code to conduct transactions);
-
Dual controls (Two people must authorize a transfer); and
-
Creation of a contingency plan to mitigate and/or recover unauthorized transfers in the event of a cyber-attack or corporate account takeover.
While there is no definition of “commercially reasonable account security,” a lawyer can demonstrate compliance by consulting with their financial institution and documenting the steps the lawyer took to reasonably ensure the security to the account.
The availability of a tailored insurance policy through the State Bar removes one of the major obstacles to lawyers taking full advantage of the modernizing provisions of the current trust account rule.
In Case You Missed It: Read Past Ethical Dilemmas
Ethical Dilemmas appears monthly in InsideTrack. Check out these topics from recent issues: