Wire Transfer Fraud: Who Bears the Loss—The Client or the Lawyer?

All Practice Areas

By Michael J. Epstein

Wire transfer fraud doesn’t just hit banks. It also exposes painful questions for two other players: the person sending the money and the lawyer guiding the transaction. Who is on the hook when fraud strikes?

The short answer: liability often falls on the person wiring the money—but when a lawyer is involved, professional duties can shift the equation.

The Sender’s Liability

Under UCC Article 4A, businesses wiring funds bear the risk if they—or their employees—are duped into authorizing a fraudulent transfer. Unless the bank’s security procedures were not “commercially reasonable” or the bank failed to act in “good faith,” the customer eats the loss.

That means:

• If a fraudster spoofs a vendor’s email and you approve payment, the law may treat that transfer as “authorized.”
  
• If you ignore company procedures (say, skipping dual authorization), courts are unlikely to bail you out.
  
• Even if you acted in good faith, the focus is on whether your bank did the same—and whether your own process showed diligence.
  

Consumers have stronger protections under the Electronic Fund Transfer Act, but business clients—the ones typically moving large sums—are far more exposed.

The Lawyer’s Liability

Where does the lawyer fit in? Increasingly at the center.

Lawyers often hold client funds in trust accounts or guide clients through real estate closings, settlements, or business sales. Courts and bar regulators expect heightened vigilance from attorneys in these roles.

Potential areas of liability include:

• Failure to Verify Instructions: If a lawyer accepts emailed wiring directions without an independent check, they may face malpractice claims if funds vanish.
  
• Breach of Fiduciary Duty: Lawyers handling escrow funds owe clients a fiduciary duty—higher than mere “reasonableness.” Courts can treat lapses here as professional misconduct.
  
• Negligence in Safeguards: Failing to use encrypted communications, two-factor authentication, or secure portals for wiring instructions could be seen as falling below the standard of care.
  

Several state bar associations have warned lawyers that “email-only” confirmations of wiring instructions are malpractice traps. In fact, disciplinary actions are increasing when lawyers don’t take simple steps like calling the client at a pre-verified number before releasing funds.

Dividing the Risk

Ultimately, liability can become a tug-of-war:

• Client vs. Bank: Was the fraud “authorized” under Article 4A? Were the bank’s security procedures reasonable?
  
• Client vs. Lawyer: Did the lawyer meet their professional duty of care in handling instructions? Did their conduct contribute to the loss?
  

Courts are increasingly recognizing that while clients must protect themselves, lawyers are gatekeepers in high-stakes transactions—and they can’t simply pass the risk down the chain.

Practical Takeaways

For clients:

• Never approve a wire without verifying instructions through a second channel.
  
• Ask your lawyer about their process for confirming wiring changes.
  

For lawyers:

• Treat wire instructions as sacred. Use encrypted systems, dual approvals, and voice confirmation protocols.
  
• Document every verification step. If something goes wrong, a paper trail may be your best defense.
  

Looking Ahead

As criminals use AI to make fraudulent instructions nearly indistinguishable from reality, the line between client and lawyer liability will only blur further. Courts will likely impose higher expectations on attorneys, given their fiduciary role and access to secure systems.

The law is clear about one thing: prevention matters more than cure. For both clients and lawyers, vigilance is the cheapest insurance policy you’ll ever buy.