tm blog

Following the success of our first Property Workshops, we are pleased to announce that the series will be continuing in April with sessions in Norwich, Cambridge, Leeds and Rotherham.

Just a few small changes can make a big difference to conversion rates

Having listened to our customers, we know that business generation is one of the main aims of leading law firms. Price is often seen as the main reason for winning or losing business, but results from recent surveys show us that this is not a customer’s primary concern.

In reality, there are a number of factors that can influence the customer in their choice of conveyancer and just making a few small changes to current practice can make a big difference to the conversion of new enquiries into instructions.

Gain new insights into the shape of your local property market 

Our free-to-attend half-day Property Workshops are tailored to the needs of conveyancing solicitors, and feature new research on how to win more conveyancing instructions, as well as key insights into the shape of your local property market.

The main focus of each session will centre on an interactive roundtable discussion, where we expect to hear a diverse range of opinions and ultimately gain an understanding of best practice in such a vital area of business development.

Secure your place at a Property Workshop near you 

We’ll be holding our next 4 Property Workshops in Norwich, Cambridge, Leeds and Rotherham across April. 

You can find out more information and secure your place using the links below:

Norwich : 19th April 2017

The time : 8.45am – 11.30am

The venue : Norwich City Football Club, Carrow Road, Norwich, NR1 1JE

The registration link : https://www.surveymonkey.co.uk/r/KTGSPRV  

Cambridge : 20th April 2017

The time : 8.45am – 11.30am

The venue : Quy Mill Hotel, Church Road, Stow-Cum-Quy, CB25 9AF

The registration link : https://www.surveymonkey.co.uk/r/KRN9YGV 

Rotherham : 26th April 2017

The time : 8.45am – 11.30am

The venue : Holiday Inn Rotherham - Sheffield M1, J33, West Bawtry Road, S60 2XL 

The registration link : https://www.surveymonkey.co.uk/r/KNK6W7L 

Leeds : 27th April 2017

The time : 9.30am – 11.30am

The venue : Leeds Football Club, Elland Road, Leeds, LS11 0ES

The registration link : https://www.surveymonkey.co.uk/r/KMF8SK5 

100% of attendees would recommend a Property Workshop to their peers

Property Workshops have already taken place and been well-received in Southampton, Exeter and Guildford, with 100% of attendees agreeing that the sessions were both relevant, and worthy of recommending to their peers. 

Here are some verbatim comments:

• "Really interesting and thought provoking" 

• "Very helpful and has highlighted areas to work on within the business"

• "Great entertaining training, opened my eyes to areas we needed to focus on"

• "Interesting and held my attention through interactive, roundtable discussions"

Request a Property Workshop near you

If have any questions, or would like to attend a Property Workshop but there isn’t currently one running near you, please email marketing@tmgroup.co.uk

The Coal and Water authorities have advised of their annual round of price increases – effective from Saturday 1st April 2017.

These changes will be implemented automatically on the tmconvey system, and as such any new orders placed on or after 1st April 2017 will reflect the new pricing.

The full details for standard individual price increases (exc.VAT) can be seen in the table below:

If you have any questions, please contact our helpdesk on 0844 2499200 or email helpdesk@tmgroup.co.uk

Following our National Conference and in support of our ongoing cyber awareness campaign, we’ve compiled a list of cyber security key terms and jargon for reference.

Bogus Law Firm

The term ‘bogus law firm’ refers to an individual or small group of people posing as a genuine law firm to form part of a legitimate property chain.

However, once the money changes hands, they do not fulfil their commitment to close the deal and instead disappear with the funds that have just arrived in their bank account.

Risk Management Services such as Lawyer Checker are available to assure conveyancing solicitors that they are dealing with genuine law firms before progressing a transaction.

Chief Executive Fraud (or President Fraud)

‘Chief Executive Fraud’ (also referred to as ‘President Fraud’) is a targeted phishing attack, where an individual in the firm is sent a fake email which looks as though it has come from a Managing Partner.

For example: “Did you send £20,000 to Michael J Hart? I thought I asked you to do this last week, but Michael has just phoned to say he hasn’t received the money?”

The success of this type of fraud relies heavily on social engineering to create a stressful situation where the target feels under pressure to respond quickly to an email from one of their superiors – without questioning the validity of the message.

More information : Click here for more information on Chief Executive Fraud (or President Fraud)

Cyber Incident Response Plan

A ‘cyber incident response plan’ is a dedicated (printed) document containing all of the information your team might need in the event of a cyber-attack.

This will include agreed responses to “worst case scenarios”, alongside named individuals responsible for executing them. It will also feature a detailed list of contact details for the people whose advice, support and technical services will be required to get your operation back up and running.

More information : Click here for more information on How to Prepare to Defend Your Law Firm's Reputation in the Event of a Cyber-Attack

Friday Afternoon Fraud

‘Friday Afternoon Fraud’ is a term used in the media to describe a cyber-attack where clients are targeted with phishing emails imitating their solicitor and asking them to transfer their deposit to an alternative bank account.

When successful, victims are left with no funds to finalise their property transaction, and a dilemma as to how to proceed with their purchase. 

High profile example : Howard Mollett incident

General Data Protection Regulations (GDPR)

A new, more consistent global legal framework for all organisations that deal with EU citizens’ data, set to replace the existing Data Protection Directive (DPD) in May 2018.

To avoid fines of up to €20 million, or 4% of annual turnover (whichever is higher), law firms will need to review their data usage, storing and cleaning methods to ensure they are compliant with the new regulations.

Good to know : Despite Article 50 being triggered in March 2017, the UK will still be part of the EU until at least 2019; and will need to comply with the General Data Protection Regulations (GDPR) when they are introduced in May 2018.

More information : Click here to find out more information about the forthcoming General Data Protection Regulations (GDPR).

Phishing email

A phishing email is an email which impersonates a legitimate organisation.

Such emails are typically ‘blanket emails’ sent to multiple recipients pretending to be from a bank or building society, in attempt to obtain sensitive information such as usernames, passwords, and credit card details.

However, these can very quickly be identified as spam by the receiver, especially if they are pretending to be from Halifax, and the receiver only banks with Lloyds Bank (for example).

People Risk

People Risk refers to the risks posed to a law firm by human error or naivety.

Clients and colleagues can impact this in equal measure, and criminals are highly aware of this.

A successful attack or accidental data leak can bypass any technology-based security measures in place and make them redundant.

More information : Click here to read more about the people risks in your law firm and how your colleagues could pose an even greater risk than your clients.

President Fraud

See : Chief Executive Fraud

Ransomware attack

A ransomware attack is when a cyber-criminal infects a computer system with a piece of malware, which places a digital blocker on the system so that the victim firm can’t raise an invoice or continue business as usual.

This can happen as a result of just one member of staff clicking a link in a rogue email, or plugging in an infected USB stick.

The cyber-criminal will then hold the firm to ransom, with a message appearing on their computer screen asking them to pay them money for the digital release key.

More information : Click here for more information about ransomware attacks

Secure online portal

A secure online portal provides a safer and more efficient alternative to email communication, enabling law firms and their clients to exchange sensitive information online.

As all the information is encrypted, law firms can be confident that bank details and contracts are being delivered securely to their clients, removing any concerns about post or emails being lost or intercepted by criminals.

More information : Click here for more information about secure online portals and how they can improve security and business efficiency in your law firm.

Shadow IT

The term ‘Shadow IT’ refers to IT activity that goes on around a law firm under the radar of the official IT department.

For example, employees plugging in USB sticks they’ve picked up at events, or sharing files across popular file-sharing websites; both of which can act as a gateway for cyber criminals.

HR and IT departments need to work together to help promote positive messages across their law firm to raise awareness of these risks, and curb ‘Shadow IT’ behaviours.

Spear-phishing email

Spear-phishing is similar to phishing [see: phishing email], but operates under a more targeted approach.

Instead of sending a ‘blanket email’ to multiple recipients, spear-phishing emails will be based on information the sender has already obtained about the recipient.

For example, their name, email address, and whether they are a Lloyds Bank customer (for example). This can contribute to the confusion, and the success of the attack.

Take Five

Take Five is the name of a cyber-security awareness campaign led by FFA UK and its members, with partners Cifas and City of London Police.

It advises people to question the validity of any communications they receive, and contains useful advice and resources which can be shared with clients and colleagues alike to help to better protect a law firm from the risks of cyber crime.

More information : Click here to find out more information about Take Five and how it can help to keep your colleagues and clients safe from cyber criminals.

Technology Risk

Technology Risk refers to all the risks associated with IT and technology that can be mitigated through best practice and innovation.

There are a broad range of technology risks IT departments need to stay abreast of to maintain the security of their law firm, from password management and email security, through to continuous user activity monitoring and ensuring all employees are running the latest versions of anti-virus software. 

Third Party Risk

The term ‘third party risk’ refers to any business partner, PR agency, contractor or customer who has access to a law firm’s IT systems, and could (intentionally or unintentionally) act as a bridge for hackers.

Understanding and limiting the information these third parties have access to can help law firms to avoid cyber security incidents.

Two Factor Authentication

Two Factor Authentication is an additional layer of security that requires someone to have more than just a username and password to log into an account.
 
For example, inserting a physical bank card into a card holder when accessing online banking, or generating a unique code to be texted to a mobile phone to add in as part of a computer log in process.

Vishing

Vishing refers to a phishing-style attack over the phone in which a criminal claims to be from the victim’s bank and tells them their account has been compromised. They then ask the victim to transfer their money to a “safe” account to address the problem.

This approach can be used to target both individuals, and employees in the Finance Department with access to company accounts.

Similar to spear-fishing [see : spear-fishing email], the fraudster may have already gained access to some of the victim’s banking details, and may quote genuine transactions to back up their story. 

‘Zero Day’ Vulnerabilities

‘Zero Day’ vulnerabilities are vulnerabilities in IT systems and processes that nobody knows are there – apart from hackers.

They have been given this name because a law firm will have ‘zero days’ to respond and fix them when (and if) they are found.

More information : You can find out more about ‘Zero Day’ vulnerabilities and how you can prepare for them by watching this video from BeCyberSure

If there are any words you feel are missing from our Cyber Security : Key Terms and Jargon reference guide, please email our Marketing Communications Executive on megan.jones@tmgroup.co.uk

We are delighted to announce that our Wellbeing Programme has been shortlisted for the Employee Benefits Awards 2017, in the category “Best healthcare and wellbeing benefits - small employer”. 

The Awards, in association with Aon Employee Benefits, are now in their 15th year and celebrate the best people, initiatives and benefit strategies from the last 12 months. 

Our Wellbeing Programme was introduced to demonstrate to our employees just how much they are valued 

The 2017 shortlist, decided by a panel of industry experts following a rigorous two-day judging process, formally recognised our Wellbeing Programme. 

The Programme was introduced to invest more in our employees and demonstrate how much they are valued, and was launched to our 140-strong workforce as part of a company re-brand in November 2015.

Alongside partner wellbeing provider The Tonic, we implemented a well-rounded Programme that covered four key areas of wellbeing:

• Physical fitness 

• Work-life balance 

• Healthy behaviours 

• Mental wellbeing 

Each area of wellbeing was assigned to a different quarter of the year, and was accompanied with both one-to-one and group sessions focussing on personal development, tips and advice; available for free for all employees to take part in during normal working hours.

This core wellbeing programme was also supplemented with additional initiatives across the year, including improved internal communication and a Charity Walk. 

The Wellbeing Programme has had a positive impact on tmgroup’s employees

The Wellbeing Programme has had a noticeable impact on employees, and tmgroup have seen a significant decrease in the number of days lost in the business due to anxiety, stress and depression between 2015 and 2016, as well as reduction in employee turnover.

Paul Albone, Managing Director at tmgroup, comments:

“It doesn’t matter how good your product is if it is not backed up by the people that create and support it. That’s why People are your most important asset in a business and investing time in them reaps rewards in a whole host of ways. We continually look at how we can enhance the overall benefits package at tm, and it is great that our Wellbeing Programme has been so well received.”

tmgroup’s Wellbeing Programme continues to thrive in 2017; with employees already having benefited from a series of informative seminars, including sessions on financial wellbeing, the juice diet, and healthy eating.

The winners of the Employee Benefits Awards will be announced at a ceremony in London on Friday 9th June 2017.

Paul Albone

Paul's tenacity and drive in his role as Managing Director has seen him establish tmgroup as a leading supplier of searches to the industry.

 

With a number of cyber threats challenging the legal sector, it is increasingly important that everyone from clients, to partners, to receptionists and admin staff understand how to protect themselves and the firms' interests from cyber criminals.

Fortunately, in a lot of cases, it can be enough for everyone faced with a fraudulent situation to just #takefive and think about whether the communication is genuine. 

This is the key message of Take Five, a new awareness campaign led by FFA UK and its members with partners Cifas and City of London Police.

In support of their latest awareness campaign #takefiveday, we've republished their 5 key messages to help better protect everyone: 

• Never disclose security details, such as your PIN or full banking password

• Don't assume an email request, text or phone call is genuine 

• Don't be rushed - a genuine organisation won't mind waiting 

• Listen to your instincts - you know if something doesn't feel right 

• Stay in control - don't panic and make a decision you'll regret 

You can also share these key messages with your clients to help proactively inform them of how they can be more alert to criminal activity.

‘Take Five’ messages can help law firms better tackle the current threats

While these 5 things may seem like common sense, they can help to protect against key industry threats including: 

Chief Executive Fraud (or President Fraud)

The term ‘Chief Executive Fraud’ (or President Fraud) refers to a targeted phishing attack, where an individual in the firm is sent a fake email which looks as though it has come from a Managing Partner: “I thought I asked you to do this last week, but Michael has just phoned to say he hasn’t received the money? Please take care of this.”

#takefive : Stay in control - don't panic and make a decision you'll regret 

Ransomware Attacks

A “ransomware attack” is when a cyber-criminal infects a computer system with a piece of malware, which places a digital blocker on the system so that the victim firm can’t raise an invoice or continue business as usual. This can happen as a result of just one member of staff clicking a link in a rogue email.

#takefive : Don't assume an email request, text or phone call is genuine 

Friday Afternoon Fraud 

‘Friday Afternoon’ fraud describes a cyber attack where clients are targeted with phishing emails imitating their solicitor and asking them to transfer their deposit to an alternative bank account. When successful, victim clients are left with no funds to finalise their property transaction. 

#takefive : Listen to your instincts - you know if something doesn't feel right 

Top Tip : To help further reduce the risk, you should also make sure your clients are informed of the type of communications and requests you will and won’t make, so they are better positioned to recognise a rogue or unusual request.

Additional Resources

For more information on how to protect your law firm from cyber crime and fraud, visit the Take Five website

You can also read some of our recent blog posts for more on cyber crime:

• http://blog.tmgroup.co.uk/post/2-Lesser-Known-Cyber-Threats-Every-Conveyancing-Firm-Needs-to-Hear-About 

• http://blog.tmgroup.co.uk/post/How-to-Prepare-to-Defend-Your-Law-Firms-Reputation-in-the-Event-of-a-Cyber-Attack

• http://blog.tmgroup.co.uk/post/5-Reasons-Why-Your-Colleagues-Are-a-Bigger-Cyber-Risk-Than-Your-Clients

Have you told 5 people about #takefiveday?

We’re pleased to report that we have recently made some minor amendments to key sections of our Premium Terms, adding clarity on certain points to better support our customers' needs. 

These updates follow the official launch of our Premium Terms in September 2016, offering a whole of market approach; enabling customers to rely on a single set of Premium Terms irrespective of which customer has ordered the searches from us.

The warranties and subsequent £20 million indemnity offered under these terms stand ahead of any third party supplier terms, thus addressing the liability chain in the event of a claim. It also means that third party terms do not need reviewing, thus saving further time.

The terms Definitions and Interpretations will also satisfy reliance on search results associated with Islamic Finance underwritten according to Sharia Law.

Customers on Premium Terms also benefit from additional services

By signing up to Premium Terms, our customers can also benefit from a host of additional services, including: 

• End to end management of property portfolios

• Managed case

• LR volume orders including register extract service

• tm clinics

• Transition management

Jon Horton, Account Director at tmgroup, comments:

“These changes to our Premium Terms underline our understanding of the commercial real estate market, by listening to our customers and shaping our services to meet their needs. The complimentary Premium Services reiterate our core business message that ‘we make time for you’.”

: About Premium

Information about Premium is available on our website and from your Account Management Team.

Jon Horton

Having worked in the tm sales team since 2002, Jon now heads up tmconnect - a sophisticated, user friendly system that facilitates property collaboration.

 

The HMRC deadline has passed and all Local Authorities have now added VAT to the Con29. This has been updated accordingly in tmconvey.

[Please note, the original blog post below has been left in place for archive reference only.]

Local Authorities have been given the option by HMRC to implement the addition of VAT to the Con29 between the dates of 1st Jan 2017 and 31st March 2017.

As a central data provider, we are working hard to find out when each local authority is planning to make the changes in order to keep you informed, and also to ensure the pricing on our system is accurate and up to date for you. 

Below is a list of the Local Authorities for which there is a known price change date and we will actively keep this list up to date over the coming months as we gather more information. If a Local Authority do not appear on this list then their date for adding VAT to the Con29 is not yet known. The newest information is highlighted red for your convenience.

Rest assured that if the prices of local searches are increased and/or VAT is added, the tmconvey ordering platform will be up to date at the point of ordering and you need make no other changes.

If you have any further questions please contact our helpdesk on 0844 2499200 or email helpdesk@tmgroup.co.uk

(TABLE UPDATED 02-03-2017) 

One of the main issues discussed at our National Conference in London was how your colleagues are an equal, if not greater, cyber risk to your law firm than your clients, especially when it comes to accessing your data, systems and office. 

Here are 5 behaviours you may need to address to help better protect the best interests of your firm and your clients from a cyber attack:

1. They assume it isn’t their job to worry about cyber crime 

There is a risk that your colleagues simply think it isn’t their job to worry about cyber crime. 

There are 2 main schools of thought on this. In small firms, there can be an assumption that they are too small to be targeted by cyber criminals as they don’t handle large transactions, whilst in bigger firms there can be an assumption that another department is probably taking care of it.

The truth is that everyone needs to be aware of cyber crime and understand the steps they can take in both their personal lives and in the office to protect their own best interests, as well as those of their firm and their clients. 

2. They are too trusting of strangers entering the office – and even hold the door open to let them in

It is human nature to want to hold the door open to an engineer carrying something heavy, or to help someone in a wheelchair; trusting that they have a legitimate purpose to be entering your office environment. 

However, wearing overalls, a lab coat, carrying something heavy, and even using a wheelchair, are all techniques that have been used by cyber criminals to take advantage of our willingness to trust one another – and gain access to areas they shouldn’t be in. 

The only way to stop this from happening is to make all of your colleagues aware of these risks and keep them vigilant. For example, training your employees about building security processes, as well as placing posters near doors, and sending out regular reminder emails.  

3. Their password is “password123” – and has been since 2012 

Password protection is typically a good way to restrict access to sensitive information, however the benefit of this can be undermined if your colleagues are too relaxed about the strength of their passwords. 

Best practice is to use a strong, complex password which is changed regularly. 

Click here for some advice from Google on how to create a strong password

Company processes whereby passwords automatically expire once a month, or even once a day, can help to ensure that they are being changed regularly across the company. 

Also challenge your colleagues on where they are storing their passwords. The strongest password in the world is as good as useless if it is written on a post-it note stuck to the computer!

4. They automatically give temporary workers and interns the same access as permanent staff 

From facilitating work experience placements, to supporting team members on maternity leave, there are many reasons for a firm to have temporary workers in the building. 

While your core team may want to be welcoming, these temporary members of staff carry their own level of risk; especially if they are given automatic access to all of your systems and data. 

Reviewing your induction processes for these new, temporary employees and the data sources they have access to can help to ensure they only use the systems they genuinely need. 

5. They give ex-colleagues the benefit of the doubt as they leave the firm

Do you know if your ex-colleagues still have access to your systems? If you aren’t sure, it is worth investigating to find out more about your employee exit processes.

For example, whether or not their access to key systems containing client data, email accounts and file sharing systems has been disabled, and their passwords have been changed. 

It is best practice to make this a priority on a colleague’s last day with the firm, or even beforehand if you are concerned about the information they may try to take to their next job. 

Whilst it is rare for an ex-employee to use their unrestricted access to construct a targeted attack, law firms shouldn’t underestimate the impact of an ex-employee accidentally losing sensitive information as they clear out their paperwork, or sell on their smartphone. 

There is also a risk that unmanned usernames can make it easier for a cyber criminal to log into your systems undetected, as it will look like legitimate activity. 

There is no magic cure

While there is no magic cure to protect your law firm from cyber criminals, investing time in developing best practice behaviours in your day-to-day working environment is a key way to help mitigate the risk of an attack. 

This is part of a series of content we’ll be delivering on cyber crime, and just one element of the people risks involved. 

Stay tuned for more articles and webinars.

Megan Jones

Megan is tmgroup’s Marketing Communications Executive. She is responsible for writing company communications, including blog posts and newsletters.

 

PlanVal mining alerts are now available on tmconvey. 

The new MiningCheck Alerts assess a property against a wealth of data to alert conveyancing solicitors and their clients to the materials that have been mined on the land; both recently and historically. 

The new MiningCheck Alerts follow the recent release of two new mining products in November, also available to order on tmconvey:

• PlanVal Coal Mining Search with Professional Opinion

• PlanVal Non-Coal Mining Search with Professional Opinion

Click here for more information

The new MiningCheck Alerts enable conveyancing solicitors to advise their clients as to whether it is necessary for them to order a complete Coal Mining Search or Non-Coal Mining Search before proceeding with their purchase. 

Isn’t mining just a risk in Cornwall and the North East?

According to PlanVal data, there are mining risk areas in every county in England and Wales; with 34% of land being in a mining risk area. 

Mining risks are not just a problem for home movers in the North and the Midlands (coal), or in Cornwall (tin), as 63 minerals have been mined, quarried or extracted across England and Wales.  

These new MiningCheck Alerts enable solicitors to confidently advise whether a client’s property is situated in a mining risk area; even when it isn’t overtly obvious. 

If you have any questions, please talk to your Account Manager for more information, or contact Helpdesk on 0844 249 9200 or helpdesk@tmgroup.co.uk.

We are pleased to announce we will be holding a series of Pop-Up Property Workshops, starting in Guildford on 8th March 2017.

These free-to-attend, half-day events – starting at 9.30am and finishing at 11.45am – will focus on how law firms and estate agents can deliver excellent service to their mutual clients from the very first contact. 

Find an event near you

If you are an estate agent or conveyancer, we would love you to join us for what we believe will be lively, informative and highly effective workshops.

The series will comprise of 4 individual events, held at the following locations:

• 8th March – Guildford, Holiday Inn

Click here to register for the Guildford event

• 15th March – Poole, RNLI College

Click here to register for the Poole event

• 21st March – Exeter, Sandy Park Conference Centre

Click here to register for the Exeter event

• 23rd March – Southampton, Holiday Inn

Click here to register for the Southampton event

Discuss your challenges with local law firms and independent estate agents

Having listened to our customers, we know that business generation is one of the main aims of leading law firms. We know that estate agents are always keen to ensure that their customers secure the services of trusted local law firms and so the answer should lie in local networking and effective partnerships.

The reality is rarely so simple as there are a number of factors that can influence the customer in their choice of conveyancer and so a warm recommendation may not always be enough. Price is often seen as the main reason for winning or losing business, but results from recent surveys show us that this is not a customer’s primary concern.

If you are interested in maximising profits from leads and potential leads, interaction with current and future customers will be always be your priority. These workshops will look at every aspect of the process from the initial recommendation to winning the customer’s instructions.

Estate agents want to be confident that their recommended conveyancers are instructed whenever to possible so that customers receive the best possible experience and sales exchange with minimum difficulty.

With this is mind, we are inviting both leading local law firms and independent estate agents to take part in these free-to-attend, interactive workshops, where both sides of the industry can discuss their respective challenges and agree best practice as far as the client is concerned.

Facilitated by tmgroup, our team will share ideas on how to make the most of market intelligence, results from consumer research and simple ways you may be able to increase business. 

The main focus of these sessions will centre on interactive roundtable discussions, where we expect to hear a diverse range of opinions and ultimately gain an understanding of best practice in such a vital area of business development.

The full Agenda for each of these events will feature:

• Sharing market intelligence on customer trends and recent research
• Converting new enquiries into instructions
• Roundtable Discussion
• 10 tips to improve your conversion rate
• Summary

If you have any questions, please get in touch with Clare Yates on clare.yates@tmgroup.co.uk, or 07977 256748