Third party managed accounts: will they replace client accounts?

It is 4.30 pm on Friday afternoon. The Head of Accounts appears at your desk, visibly shaken. Something is clearly very wrong. There has been a phone call.  Accounts were convinced it was the bank. Pass codes were given. It was a fraud. A total of £1.5 million has “gone” from the client account...

If you use a Third Party Managed Account (TPMA) you will be spared this scenario.

TPMAs have been in existence for some time, and we are all familiar with them in the form of escrow facilities for high value corporate or financial transactions. Historically they have been time consuming and expensive, but technological innovation has brought change and radically reduced the time and cost involved. This means that using a TPMA is now a viable alternative for routine residential property transactions. 

The revised SRA Accounts Rules, introduced in November 2019, make specific provision for the use of TPMAs. While there has been some discussion within the profession regarding their use, many law firms have been quick to dismiss them as “too expensive” or “lacking any real benefit”. We were concerned this is a common knee jerk response, and queried the extent to which firms had carried out any detailed analysis.  

We concluded that it would be useful to dig a little deeper into the way TPMAs work and the associated advantages and disadvantages. In the first instance we engaged with Shieldpay, a TPMA provider, to understand more. We then hosted a roundtable event, involving representatives from Howden, Shieldpay, the SRA, two participating Insurers and solicitors involved in the defence of professional indemnity claims and coverage disputes. There was insightful and lively discussion and debate. This article summarises some of the issues that were discussed at that event.

How does a TPMA work?

TPMA providers will deliver their services in different ways according to their specific capability and the benefits they offer their customers. However, the technology used for the delivery of these services is broadly similar. TPMAs use a central safeguarded client account to handle transactions that would otherwise take place sequentially along a chain via multiple client accounts.  

By way of example, a broad outline of the Shieldpay model (relevant to either a single transaction or a chain) is as follows:

1. There is an initial set up on the platform, which includes identity and bank account checks. The system verifies all the buyers, sellers, lenders, and other parties (e.g. agents, HMRC) who will either provide or receive monies, whether as consideration for the properties being sold or for services rendered.
2. Buyers and lenders then deposit monies into the TPMA’s safeguarded account.
3. The lawyer acting for the buyer(s) checks that completion and loan conditions have been met, and will then authorise the release of the monies. In some models this “trigger” might also be subject to additional authorisation by the client as a further layer of risk management.
4. All financial transfers then take place simultaneously in settlement of purchase amounts and administration fees.

An observation of the above process is the potential for increased efficiency. The status of a chain will be visible and the simultaneous transfer of funds means that transactions complete quickly. The transparency of the TPMA model will also allow transactions to take place outside banking hours, again providing greater flexibility and reducing the risk of transactions failing on completion day.

What are the regulatory issues associated with using a TPMA?

The revised SRA Accounts Rules, effective from 25 November 2019, include a specific rule relating to the use of TPMAs. We set out the full text of this as follows: 

11.1 You may enter into arrangements with a client to use a third party managed account for the purpose of receiving payments from or on behalf of, or making payments to or on behalf of, the client in respect of regulated services delivered by you to the client, only if:

   (a) use of the account does not result in you receiving or holding the client's money; and

   (b) you take reasonable steps to ensure, before accepting instructions, that the client is informed of and understands:

          (i) the terms of the contractual arrangements relating to the use of  the third party managed account, and in particular how any fees for use of the third party managed account will be paid and who will bear them; and

         (ii) the client’s right to terminate the agreement and dispute payment requests made by you.

11.2 You obtain regular statements from the provider of the third party managed account and ensure that these accurately reflect all transactions on the account. 

The definition of “third party managed account” restricts providers to those that are regulated by the FCA. The SRA have also published ethics guidance on the use of TPMAs.

While the SRA is clearly keen to promote and facilitate the use of TPMAs, there is a genuine concern regarding how far a law firm will need to go to ensure compliance with 11.1(b). Exactly how much will a law firm need to tell a client regarding the contractual arrangements? Will this include warning the client that if there is a fraud on the account of the TPMA, then recovery will be subject to the terms of the TPMA’s insurance and the law firm’s PII policy will not respond? Will the law firm need to be satisfied that the client understands the difference?

This was the subject of some discussion at our roundtable event and there are no easy answers. Jatinderpal Loyal from the SRA noted that the rule must be read in accordance with the requirements of the code generally. Practices will evolve over time, but ensuring the client understands the arrangement will be key.

We refer here to the imposter seller situation where the sophisticated fraudster dupes all those involved in the transaction and the fraud is uncovered post completion, by which time the proceeds have disappeared to an offshore account. In Dreamvar it was ultimately determined that the solicitors for both the buyer and seller were liable for “breach of trust”, because they had not released the funds to a “bona fide” seller, as they were required to do. No relief under section 61 of the Trustee Act was granted.

If we assume the same facts, but the use of a TPMA as opposed to a client account, we do not consider the outcome would be any different. The law firm would still be responsible because they had “pulled the lever” on the release of funds. The use of a TPMA would not alter the responsibility to ensure the release of funds to a bona fide seller.

In response, Shieldpay highlight the fact that for each transaction they undertake their own identity checks. Given their technology and processes, they believe they would have identified the Dreamvar scenario as a fraudulent transaction. Given that the law firm for the imposter seller in Dreamvar had used a television licence for AML purposes that was not on the approved list of identification documents, the benefit of additional checks when using a TPMA, is a fair point to make.

B) Intercepted emails

In the current world where interception of emails is all too common, no law firm should allow bank details to be changed on the basis of an email instruction without a separate check being undertaken. However, where this happens and a law firm finds that it has transferred client funds to a fraudster, then liability will almost certainly follow and a claim on the PII will need to be made. Would the position be different if the firm were using a TPMA? If the firm actions the change of account details with the TPMA provider, then again they have “pulled the lever” on the circumstances leading to the loss.

In response, Shieldpay point to strict procedures they will not divert from when there are changes to bank account details. This includes undertaking verification and validation checks on personal accounts and validation checks on business accounts. Again they maintain that the use of a TPMA would ensure that this scenario is caught.

C) Solicitor fraud

Regrettably we still see significant instances of solicitors, or other fee earners, perpetrating fraud on their own client account. To what extent would this be mitigated or avoided if a TPMA were to be used? If the solicitor were to deliberately manipulate the TPMA arrangement, then the solicitor’s PII policy would respond, unless the solicitor were a sole practitioner, in which case the client would have recourse to the Compensation Fund. Insurers might have a third party claim against the TPMA if there were shortcomings in the latter’s processes that had enabled the fraud.

When this scenario was put to Shieldpay, they acknowledged that while this kind of fraud is difficult to prevent the chance of it occurring would be reduced when a TPMA is used. The fraudulent solicitor would need to evidence to the TPMA, by way of invoice or otherwise, the purpose of a release. The receiving bank account would also be subject to verification and validation as noted above. There is simply more opportunity for the fraudulent solicitor to be caught out.

To conclude this point it is fair to say that there are limitations on the extent to which the use of a TPMA will prevent claims against a firm’s own PII. However, it is clear from the above disucssion that by choosing the right TPMA, with sophisticated technology and robust processes, the incidence of fraud could be significantly reduced.  

Is the use of a TPMA positive from a risk management perspective?

At our roundtable event both QBE and AmTrust acknowledged the advantages of the TPMA as a risk management tool. Like Lexcel and CQS, the use of a TPMA is not a “badge” that will automatically entitle a firm to a discount on their PII premium, but it will reduce the risk of fraud with associated PII claims and regulatory issues. This will have a positive impact on firm’s risk profile and drive premium savings over time. Firms should, likewise, not under-estimate the saving in terms of time and stress for individuals in the firm if fraud and related claims and SRA investigations can be avoided.

It will be important for firms to undertake due diligence on the TPMA provider they choose and ensure they are satisfied that the technology, systems and controls are robust. As more providers come into the market, we might see a difference in standards despite their regulation by the FCA. Given that the TPMA’s sole purpose is to secure funds and payments, they should be embracing new technology and provide systems that are more sophisticated and reliable than most law firms could achieve. 

What is the cost of using a TPMA and will that cost be offset by any corresponding savings?

When discussing TPMAs many law professionals are quick to dismiss their use based on cost. Geoff Dunnett, Legal Services Director at Shieldpay challenges this: “TPMAs should not be discounted on the basis of cost, the fixed savings for firms using TPMAs can be significant. Firms using Shieldpay’s TPMA solution are seeing efficiencies gained and other cost reductions across the board, in addition to feeling confident that their clients’ money is held more securely with Shieldpay”

The cost of using a TPMA will depend upon the size of your firm and the level of use. Firms should also consider the more general cost savings that can be achieved when using a TPMA. If a client account is closed then the overheads associated with the running of it will disappear, including staff costs, office space, training costs, audit fees and the firm’s contribution to the Compensation Fund. As discussed above, there is also the potential to achieve savings on the PII premium if underwriters are satisfied that your use of the TPMA has reduced risk.

At the present time interest rates are low and accordingly the loss of interest on the client account is unlikely to be a significant issue for most firms. That position could change. The potential for future interest rate increases, and a more significant loss from this income stream, is something that might concern firms for the future. Again it is a question of balancing that potential against other savings and efficiencies. We would also expect there to be a conversation and negotiation with any TPMA provider regarding a sharing of this income stream, if interest rates were to increase to a point where this issue became a barrier to using a TPMA. 

Conclusion

The SRA is clearly keen to promote the use of TPMAs and the technology now exists to enable the service to be delivered at volume and reasonable cost; however, we are a long way from the use of TPMAs being mainstream. This exercise has demonstrated to us that there are advantages in their use, particularly in terms of efficiency and risk management, and we are likely to see more firms move to this model over time.

The introduction of the new “freelance” solicitor who is able to undertake reserved legal services is relevant here too. They are not able to have a client account, but there is nothing to prevent them from using a TPMA. This might open the door to freelance solicitors undertaking conveyancing work.

We encourage firms to engage in the discussion. TPMAs should not be dismissed based on cost without understanding what the cost is and what a change would really mean for your firm. At the very least you need to stay tuned and maintain a watching brief.