Panama Papers leak is the “law firm equivalent of Edward Snowden”
6th Apr 2016
The leak of documents which reveal details of tax havens held by the global elite has been labelled the “law firm equivalent of Edward Snowden” by a legal expert.
Over 11.5 million confidential files belonging to Panamanian law firm Mossack Fonseca are being trawled through by investigative journalists in a mass leak for the firm and its clients.
So far the documents show how some of the world’s richest people – including political leaders, criminals and celebrities – have hidden their money in secret offshore companies to allegedly launder money, dodge sanctions, and evade tax.
Any wrongdoing has been denied by the firm in question. In its response to the revelations, Mossack Fonseca pointed to adverse findings of less than 1% of approximately 300,000 companies it had incorporated since its foundation in 1977.
Peter Wright, solicitor and managing director of Digital Law UK, has labelled the leak, “the law firm equivalent of an Edward Snowden” and, as media reports have confirmed, the disclosure must have come about due to a cybersecurity whistleblower. Wright stated that he doesn’t see “how this operation could have been carried out by somebody outside of the organisation.”
In its response to the revelations, Mossack Fonseca said that “Over the last 18 months, we have reinforced our compliance department by hiring an additional 26 professionals to comply with new regulations as well as to conduct retroactive due diligence on all existing clients.”
Wright urged law firms to learn from Mossack Fonseca’s cyber security practices by carrying out “very thorough due diligence” when hiring people and ensuring access to internal systems is limited.
“All too often people rely on statements on a CV or on a LinkedIn profile but it is important to do the background checks on that and get more than the bare minimum out of the former employer’s HR department. Too few firms actually do that.”
On restricting access to information, Wright added that “no one individual should have been able to access all of that information. Very often you find that information is not properly ring-fenced so if you know where you’re going, you can go onto a firm’s server and go into a different department. That kind of free access across a network should not be permitted.”
Meanwhile, reports in the US suggest that almost 50 law firms have been the subject of an online security breach, with hackers seeking information on mergers and acquisitions.