Purpose of this note
This Practice Note reminds solicitors of their obligations under Regulation 9(5) of the Solicitors Accounts Regulations 2023 in relation to authorised signatories on client accounts and the steps required where non‑compliance has been identified. It is intended for partners and sole practitioners responsible for the operation and oversight of client accounts.
Authorised signatories – core requirement
- Under Regulation 9(5), an “authorised signatory” on the client account must be a solicitor who is a partner in the firm or the sole practitioner, holding a current practising certificate.
- Only such an authorised signatory may act as sole signatory in relation to client account cheques and electronic funds transfer transactions.
- Payments from a client account, either by cheque or electronic funds transfer, must not be conducted solely by a staff member or only by staff members who are not a partner or sole practitioner, as this constitutes a breach of Regulation 9 of the Solicitors Accounts Regulations 2023 (S.I. 118 of 2023) (“the Regulations”). The firm must ensure that its bank mandate for the client account fully reflects the authorised signatory requirements under Regulation 9(5).
Use of staff as co‑signatories
- Regulation 9(5)(b) permits a staff member to act as an authorised co‑signatory on the client account, where there is more than one authorised signatory for the payment, provided that at least one of the authorised signatories is a solicitor who is a partner or sole practitioner with a practising certificate in force.
- Staff must not have unrestricted access to client funds, and a non‑solicitor must never act as the sole signatory on client account cheques or electronic transfers, save in exceptional circumstances authorised in writing by the Law Society of Ireland under Regulation 9(5)(c).
Required action where breach identified
- Where it is found that payments from the client account, either by cheque or electronic transfer of funds, have been conducted by a staff member who is not a partner or sole practitioner acting as sole signatory, the firm must treat this as a breach of Regulation 9(5)(a) and take immediate remedial action.
- The partners or sole practitioner should promptly update the bank mandate on the client account to ensure that only an authorised signatory (partner or sole practitioner) is recorded as sole signatory for cheques and electronic transfers, with any staff member listed only as a co‑signatory in accordance with Regulation 9(5)(b).
Scope of the obligation
- The obligation in Regulation 9(5) relates solely to the client account and does not extend to the firm’s office account.
- Firms should nonetheless document clearly, in their internal procedures and bank mandates, the distinction between client and office account signatories to support effective compliance monitoring and to demonstrate proper control over client moneys.
- The requirements of Regulation 9 applies to all payments being made or effected from the client bank account.
Exceptional applications for non‑solicitor authorised signatories
Regulation 9(5)(a) provides that an authorised signatory on the client account must be a solicitor who is a partner in the firm or the sole practitioner, holding a practising certificate in force. Applications that seek to depart from this central requirement and request authorisation for a non‑solicitor to act as a sole authorised signatory fall to be considered by the Regulation of Practice Committee.
The Committee has confirmed that the reference to an “authorised signatory” in Regulation 9(5)(a) is to a solicitor authorised under the bank mandate to sign cheques or conduct and execute electronic funds transfers on the client account themselves.
The Society considers it best practice to operate dual authorisation in accordance with Regulation 9(5)(b). Many firms already adopt this approach. In such systems, data entry is normally carried out by accounting staff, with the solicitor‑signatories (being a partner or sole practitioner) approving the payments. While some additional tasks may arise for one signatory – for example, approval of new account payees – dual authorisation does not require extensive data input by solicitors (being a partner or sole practitioner).
Regulation 9(5)(c): exceptional circumstances only
Regulation 9(5)(c) allows the Society, in exceptional circumstances, to authorise a person who is not a solicitor within the meaning of Regulation 9(5)(a) to act as a sole authorised signatory on the client account.
The Regulation of Practice Committee will assess such applications strictly on a case‑by‑case basis. The Committee has emphasised that:
- The threshold for approval is high.
- This pathway is not appropriate for most firms.
- Approval will only be granted where a firm demonstrates exceptional, well‑documented controls and justification.
- Approval may only be granted for a defined period of time, i.e. the duration of the exceptional circumstance.
Criteria expected for consideration
A firm applying under Regulation 9(5)(c) must demonstrate, through documented procedures, that all of the following safeguards are in place:
- The person proposed to conduct transactions is either:
- a solicitor with a current practising certificate, or
- a member of one of the accountancy bodies listed in Regulation 26(4).
- The firm maintains a documented accounting system with robust internal controls designed to prevent unauthorised withdrawals, including appropriate segregation of duties.
- The firm uses two factor authentication for electronic payment methods.
- All transactions are executed only upon documentary evidence of approval by a partner in the firm.
- An insurance policy is in place to compensate clients in the event of fraud by a non‑solicitor signatory.
Application procedure
Any firm wishing to apply for authorisation under Regulation 9(5)(c) for a non‑solicitor to act as a sole authorised signatory must submit a written application to the Financial Regulation Section of the Law Society’s Regulation Department.
The application must include:
- A statement of the exceptional circumstances;
- Full details of the firm’s internal controls for making, processing and execution of payments on the client account as well as the recording of same; and
- A copy of the relevant insurance policy in place to compensate clients in the event of a loss arising from fraud by a non‑solicitor signatory.
The Society reiterates that such applications will only be granted where the firm can demonstrate a compelling and exceptional justification supported by strong internal controls.
Client account protections
The sharing of online banking log on / authorisation credentials between staff members should not occur – each staff member should have their own log on credentials to ensure that payments are only effected in accordance with Regulation 9 and to ensure that proper controls are adhered to.
The Law Society’s Practice Note Misappropriation by employees in solicitors’ practices highlights that weak payment controls and unsupervised staff access to client funds have been recurring factors in misappropriation cases. Firms should therefore ensure that the authorised‑signatory requirements under Regulation 9 are strictly implemented, and that appropriate checks—such as two factor authorisation—are consistently applied as a safeguard against misuse of client moneys.
The firms bank mandates for both cheque payments and online banking arrangements should be reviewed to ensure that these both comply with the requirements of Regulation 9. It is not compliant with the Regulations for a bank mandate to authorise or facilitate payments that would breach the provisions of Regulation 9. This applies irrespective of any internal payment procedures adopted by the firm, even where such procedures may themselves be consistent with the Regulations.
During regulatory inspections, confirmation of the firm’s bank mandates and authorised signatories may be sought by an authorised person. These particulars must also be recorded in the firm’s bank account register, as required under the Regulations.
As noted above, recommended best practice is to operate dual authorisation of electronic payments – this ensures an additional layer of checks and controls in making electronic payments from the client account.
Prior to payments being executed from the client account, the client ledger should be reviewed to ensure that there are sufficient funds being held to the credit of that client to which the payment relates.