Potential review of the Bolam test?
The test for standard of care in professional negligence claims is the Bolam test, ie “whether the defendants, in acting in the way they did, were acting in accordance with a practice of competent respected professional opinion”.
In the recent decision of O'Hare and anor v Coutts & Co  EWHC 2224 (QB) the court held that the Bolam test did not apply to certain aspects of providing financial advice. In determining the question of the overall suitability of the investments, the judge found that the Bolam test did apply. However, in determining the required level of communication about the risks of an investment, he held that it was inappropriate to make that determination by reference to industry standards. He preferred the approach of the Supreme Court in the Scottish case of Montgomery v Lanarkshire Health Board  AC 1430, which concerned the duty of a doctor towards a patient in advising on the risk of treatment, namely to "take reasonable care to ensure that the patient is aware of any material risks involved in any recommended treatment, and of any reasonable alternative or variant treatments".
Bolam dates back to the 1950s and, with the legal world a very different place now, there is every possibility for a review of the application of Bolam in the case of solicitors who, like doctors, often undertake an advisory role in assessing risk with clients.
Changes to the test on remoteness?
20 years after the House of Lords decision in South Australia Asset Management Corporation v York Montague Ltd (SAAMCO)  UKHL 10, the Courts continue to consider limitation of liability and recoverable losses in accordance with the SAAMCO test.
The test distinguishes between the duty of a professional to provide information for the purpose of allowing a client to decide on a course of action (the information duty) and the duty to advise a client on the relevant action to take (the advice duty).
The appeal from the Court of Appeal's decision in Gabriel v Little  EWCA 1513 was heard by the Supreme Court on 14 and 15 December 2016 in proceedings called BPE Solicitors and another v Hughes-Holland (in substitution for Gabriel) UKSC 2014/0026.
The claimant in this case instructed solicitors in relation to a loan he intended to make to Whiteshore Ltd (W Ltd) for £200,000, to be repaid in 2 years together with a return of £70,000 (28% interest per annum). The loan was secured by way of a first charge on a development property. In the event W Ltd defaulted on the loan, and enforcement of the security realised only £13,000. Proceedings were issued against various parties including the solicitors and a 50% owner of W Ltd, Mr Little.
The judge at first instance held that the solicitors were in breach of duty in drawing up the facility letter and in failing to inform the claimant of the intended use of the loans - £150,000 was going to be passed to another of Mr Little’s companies before W Ltd could acquire the property. The judge awarded the claimant the whole of the loss he sustained as a result of entering in the transaction.
The Court of Appeal held that the judge was wrong to hold that the losses sustained by the claimant were the type of loss falling within the scope of the solicitors' duty.
Applying SAAMCO principles, the Court considered whether the solicitors were giving advice about the course of action to take or merely providing information on the transaction to enable the client to make a decision. The Court of Appeal held that this was an “information duty" case. It was therefore necessary to consider the loss attributable to the information being wrong. Commercial terms of the loan and the underlying risks of the transaction were important to loss, but there was no criticism of the solicitors in relation to these issues. In fact, the claimant's inability to recover the loan was caused by the value of the charged property at the date of enforcement, the absence of controls over the use to which the loan could be put and W Ltd’s financial position.
Those were all the foreseeable consequences of the commercial risks the claimant took in deciding to proceed with the transaction.
Accordingly, the type of loss sustained by the claimant was not the type of loss that fell within the scope of the solicitors' duty of care and the claim against the solicitors failed.
The Supreme Court's judgment has yet to be handed down. However, in light of the development of professional services over the last 20 years, it would come as no surprise if the court took this opportunity to revisit issues of remoteness in claims against professionals.
New scandal for solicitors?
2015/2016 was dominated by 'Friday afternoon scams' in which law firms were tricked into handing over sensitive information and/or funds to fraudsters. It is believed hackers stole approximately £85m from law firms over an 18 month period.
Examples of scams include fraudsters:
- intercepting emails and posing as either a solicitor or client
- corrupting and hacking entire computer systems
- calling the firm and pretending to be the bank's counter-fraud team.
Potential fertile ground for new claims in the coming months arises from solicitors' failure to warn of soaring ground rents on leasehold properties. Insurers are seeing multiple claims involving failure by solicitors to warn buyers and lenders that ground rent on new-build leasehold properties can escalate dramatically in future years due to clauses in which the ground rent doubles every decade.
For that reason, most housebuilders have now switched to a new formula for calculation of ground rent based on the RPI. However, the ground rent issue dates back over several years. Reports suggest that buyers are finding that new-build homes bought as far back as 2010 are virtually unsellable due to this issue.
The CML Handbook (section 5.14.9) requires that the lender is informed of any increase in ground rent which may materially affect the value of the property. In such circumstances, it is difficult to determine how solicitors involved in such claims will be able to raise a credible defence.
With the new-build leasehold property market in England and Wales valued at nearly £2 billion in 2015 according to land registry data (2016 figures are yet to be published), the potential exposure for solicitors and their insurers is substantial.
The rise of cyber security attacks has been endemic with over 2.5 million cyber crimes reported in 2015/6. This risk affects companies of all shapes and sizes. For example, Yahoo!, a highly sophisticated and well-resourced IT company, recently suffered a data breach jeopardising the records of 1 billion people - a stark reminder that no organisation is immune from danger.
According to Lloyd's Cyber-Attack Strategy paper published in June 2016, cyber-attacks globally were up 48% on 2013 levels to 42.8 million in 2014, the equivalent of 117,339 attacks a day. The compound annual growth rate of detected security incidents has increased 66% year on year since 2009. With the increase in the frequency of attacks, the cost of managing and mitigating breaches has also increased. The estimated reported average financial loss from cyber security incidents globally in 2014 was $2.7 million – a 34% increase on the 2013 figure.
This increase in frequency and severity of attacks is reflected in the increasing levels of business written by the Lloyd's market. In 2015, the market wrote £322 million premium in cyber policies, up from £206 million in 2014. In 2016, this is expected to rise to £500 million. In 2013, the number of Lloyds' syndicates writing cyber was 22; in 2016, it had increased to 63. Globally, some analysts estimate the worldwide cyber insurance market could be worth $18 billion by 2025 – up from the current figure of $2.5 billion.
The Lloyd's market currently insures cyber attack risk in two main ways: (a) specific cyber insurance policies or (b) traditional policies where cyber attack has the potential to cause loss. Lloyd's aim is to develop good practice for the market and it is currently undertaking a consultation with syndicates on issues of risk management frameworks in place for cyber attack, risk appetites and factors taken into account in underwriting and pricing business.
In the meantime, it is clear that cyber risks are having a direct impact on solicitors and their insurers. Insurers are seeing increasing examples of cyber incidents arising from a number of issues, including:
- Efforts to hijack funds transfers by sending false payment instructions either to the client or the solicitor to action - Most solicitors are now aware of this risk and take steps to guard against it by verifying requests coming into the firm, warning clients of the risk and setting up secure mechanisms for receiving payment instructions
- Information security - Solicitors would be horrified if it were possible for someone to walk into their offices and review paper files at will. This is possible electronically in the event that systems are not up-to-date and secure and staff are unaware of the risk. In addition to possible regulatory action in response to information security breaches, clients will undoubtedly seek recompense against solicitors if their data is exposed to third parties, deals collapse or money is lost
- IT security failures - These often lead to extortion via denial of service attacks or by encrypting data and seeking payment to return the firm's systems to normal
- Knock on effect of security failures – In the event of security breach, the risk to solicitors is not limited to their own system. An insecure system can be used as a means of accessing clients' systems and other systems to which the solicitor may have access. This could lead to claims by the owners of those systems
- Cyber risks are here to stay. As the profession becomes increasingly aware of these issues and puts in place measures to manage risk, so fraudsters are likely to find ever new and innovative ways of by-passing security and/or relying on human error to achieve their objectives.