A man turned to court to get his missing R1.7m back from a law firm. He said he had entrusted them with his money. File Photo: IOL
Pretoria - Cybercrime is rife and something attorneys must be aware of; if they by mistake pay money over held by clients in their trust accounts, they cannot hide behind the defence that it is not their fault as the client’s bank account was hacked.

This was the message of Acting Judge Matthew Klein delivered in the Gauteng High Court, Pretoria, in a case of a Montana businessman who claimed back more than R1.7million held in the trust account of his lawyer following the sale of one of his properties.

The law firm Van der Spuy and De Jongh Inc paid several amounts over to companies and persons, as “per instruction from Fourie”.

The problem was that he never gave these instructions. He only heard of the payments when he spoke to the lawyer about something else and she told him that she did make the payments as requested by him.

A stunned Fourie told lawyer Nicola van der Spuy that he never requested her to make these payments.

Fourie said in papers before the court that the fraud was apparently perpetrated in that the fraudsters had somehow hacked into his email and created the false impression with the law firm that he was sending the instructions.

The money was part of more than R3.9m Fourie left in the trust account of the law firm following the sale of a property. He was looking to buy another property and decided to leave it in the trust account for the time being.

He turned to court to get his missing R1.7m back from the law firm. He said he had entrusted them with his money.

Judge Klein, in his opening remarks, said this judgment pertained to cybercrime, where innocent people were being dragged into cases where emails are hacked and payments made to unknown hackers. The victims then litigate against one another.

He said the facts here are straightforward: the law firm held money in its trust account on behalf of Fourie. “But the crucial question that could be asked is this: who must take the knock for the loss? Should it be the client or the attorney?” the judge said.

In citing other judgments, the judge said it was clear that an attorney must account to his client regarding the money held in a trust account with the attorney. “The relationship between an attorney and his client is based on a contract of mandate. It, among others, imposes fiduciary obligations on the attorney and an attorney has a duty of care to his client.”

He said in this case Van der Spuy could at best say that she intended to pay Fourie, but she paid the wrong person. “This, however, is no defence” Judge Klein said.

He added that it could not be disputed that if she had verified the new bank details with Fourie the fraud simply would not have occurred. “It is abundantly clear from the facts that no verification process was followed and that the firm would have to carry the loss, not the applicant.”

The judge said the rate at which cybercrime occurred made the internet a very unsafe working area. “Perhaps a time will come when monies will be transferred in the presence of a client.” He added that it was, however, not the task of the court to make plans on how to curtail “absolute low-minded, yet deceptive cyber criminals”.

“It is perhaps time that attorneys say that they will not accept email notifications concerning banking details from any client.”

He said it was cumbersome to hear that attorneys were targeted in this regard.

The profession was in 2017 warned that cyber-related risks were on the increase and that it must ensure that it had adequate risk measures in place.

Fourie’s attorney in this case, William Tintinger, said that as a general rule, attorneys were not protected through the fidelity fund when cybercrime occurred.

He said it was important that attorneys verified client’s banking and other details in a face-to-face meeting. Clients should also provide their attorneys with a signed affidavit which confirmed instructions to change banking details.

Pretoria News