Dealing with Risk and Liability in NECS Mark Sneddon. Partner, Clayton Utz 4 March 2010 © Clayton Utz NECS Legal Framework
Themes, Purpose Statement and Performance Objectives for Legal Framework Key Themes: Common rules across jurisdictions as far as possible to maximise efficiencies Flexibility for rule making and changes while keeping common approach As clear and simple to understand as possible (eg consistent and clear structure and rules with preference for certainty) Confidence no less than in paper in validity and enforceability of NECS transactions and instruments and level of risk undertaken
Recommended Legal Framework
Subscribers and Certifiers 1.Representative Subscribers act for Clients use Certifiers to digitally sign instruments and certifications on behalf of Clients 2.NBM: If Representative Subscriber is not a lawyer or conveyancer, it must use an employee or contractor Certifier who is a licensed lawyer or conveyancer. (We have recommended that NECS designers reconsider option of Representative Subscriber who is not a lawyer or conveyancer because of unlicensed practice prohibition.)
Subscribers and Certifiers 3.Non-representative Subscribers act for themselves (e.g. lenders or government agencies) and use employee or contractor Certifiers to digitally sign on their behalf. If the Certifier is a contractor, must be a licensed lawyer or conveyancer. Note recent NPT variations to this. 4.All Subscribers must hold PI and fidelity cover to be a Subscriber registered with ELNO. If there is a lawyer or conveyancer Certifier they will also hold PI cover and fidelity fund/insurance cover as a professional. 5.Representative Subscribers must conduct Client Identity Verification on Transacting Parties they represent and obtain a signed Client Authorisation from them.
Instrument Certifications Signing Certifier (acting for Subscriber) certifies: 1.Instrument is correct in context of transaction 2.Instrument is in compliance with all relevant legislation and Land Registry prescribed requirements 3.Subscriber has obtained, scrutinised and retains copies of all supporting evidence required for the instrument (and, where relevant, CIV and CA) 4.Subscriber (if representing a Client) has signed CA in proper form for the transaction from the Client 5.Subscriber (if representing a Client) has properly conducted CIV on each Client it represents There are other certifications eg on settlement statements and accounts
Client and Representative Subscriber - Client Authorisation Client uses CA to authorise Representative Subscriber to sign instruments and certifications on Client's behalf. Rep Sub employs/contracts a Certifier to do digital signing on Rep Sub's behalf. Certifier has no contract with Client. Participation Rules will require a standard national form of CA to be obtained by all Representative Subscribers from their Clients Client Representative Sub ELNO --- Sub Certifier
Client and Representative Subscriber - Client Authorisation (cont) Normal retainer agreements between Representative Subscriber and Client continue alongside CA as does existing regulation of these (Representative Subscriber may need to contract with ELNO or others as Client's agent to enable Client to obtain benefit of some promises but we prefer a deed poll promise by ELNO)
Qualifications for Representative Subscribers and their Certifiers NBM position and NPT position late 2009 Significant legal uncertainty and complexity re non-industry licensed persons being Representative Subscribers (NIR Subscribers) because of prohibitions on unlicensed legal practice Recommend NECS re-consider permitting NIR Subscribers and not proceed unless all complexities are resolved
Qualifications for Representative Subscribers and their Certifiers (cont'd) Mortgage processors are most likely NIR Subscribers and NPT proposal lets them operate under authority of mortgagee Subscriber Liability of Subscribers for contractor Certificates may require contractual extension on common law and insurance extension If NIR Subscribers are removed, likelihood of contractor Certifiers for Representative Subscribers is much reduced
Recommended Legal Framework
Foundation elements of the Legal Framework Inter-governmental arrangements Enabling legislation Model Operating Requirements and Participation Agmt/Rules determined by intergovernmental JOG Authorisation issued in each jurisdiction by a JA to an ELNO imposing Operating Requirements Participation Agreement and Participation Rules
Other elements of the Legal Framework Participation Agreement/Rules b/w ELNO and Subscribers Client Authorisation between Client and Rep Sub ELNO licence to Licensed Service Providers Contract between the LSP and Subscribers Contract terms between a Subscriber and Certifiers Insurance contracts Licensing and professional conduct rules
Other elements of the Legal Framework (cont'd) Contracts between the Gatekeeper Certification Authority / Registration Authority (CA/RA) subscribers relying parties Possibly a master service agreement Service agreements between the ELNO and the Financial Settlement Manager (FSM) Agreement between Land Registry and ELNO
Participation Agreement and Rules - ELNO - Subscriber Bilateral contract between ELNO and each Subscriber on model terms required by JA/JOG Incorporates Participation Rules and ELNO's Service Charter (and non-contract items e.g. Operations Manual) Some ELNO promises are also made to Clients of Representative Subscribers (by deed poll) Attribution promise from Subscribers and Certifiers in Participation Rules will have a multilateral contractual effect to benefit other Subscribers and their Clients
ELNO and Certifiers All or some Certifiers should have a Certifier Agreement with ELNO (small subset of Participation Agreement) under which they: make continuing representations to ELNO re their qualifications and status agree to notify ELNO and Subscribers if they become ineligible for any Certifier role agree the ELNO can suspend or terminate them at any time agree to obligations regarding private key and use of ELNO's system
ELNO and Certifiers (cont'd) agree to attribution rule (promise extends to other Subscribers and Clients in a workspace) unless policy is that Subscribers take on full liability for Certifiers (including contractor Certifiers) Certifiers are responsible for certifications under law of misleading and deceptive conduct and negligent misrepresentation Possible carve out from Certifier Agreement for Restricted Certifiers and non-qualified Certifiers acting for Representative Subscribers but not our preference
Participation Rules Content Rules include requirements for: Client Authorisation Client Identity Verification Instrument Certification (and other certifications) If the above requirements are extended to paper conveyancing, may need to be in statutory instruments Sanctions for false certification include suspension or termination of Certifier and/or Subscriber
Draft Outline of Participation Rules Application Process outlines Legal Effect of Participation Rules Subscribers Certifiers Effect of Resignation, Termination or suspension of a Subscriber or Certifier Incorporation of other documents by reference in the Participation Rules Minimum Subscriber, Certifier and other User qualification Requirements
Draft Outline of Participation Rules (cont'd) Subscriber's General Obligations, Representations and Warranties Comply with minimum network security and integrity requirements prescribed by the ELNO Ensure User compliance Use of a client authorisation template prescribed by the ELNO Comply with Client identity verification standards prescribed by the ELNO Comply with supporting evidence and document retention requirements prescribed by the ELNO Privacy law compliance
Draft Outline of Participation Rules (cont'd) Confidentiality Keep NECS registration details complete and up-to-date Immediately notify ELNO of any default/breach by the Subscriber under the Participation Rules or other term of the Participation Agreement Representations and warranties Certifier's General Obligations, Representations and Warranties Obligations Keep NECS registration details complete and up-to-date
Draft Outline of Participation Rules (cont'd) Immediately notify ELNO of any default breach by the Certifier under the Participation Rules or any other term of the Participation Agreement Confidentiality Representations and warranties ELNO's General Obligations, Representations and Warranties ELNO Service Charter ELNO representations and warranties
Draft Outline of Participation Rules (cont'd) Financial institution Subscribers receiving/paying settlement funds NECS Transactions Digital signing Signature verification (including certificate verification) Unsigning Lodgement Acceptability Checks Lodgement Transactions Financial Settlement in Settlement Transactions and financial settlement
Draft Outline of Participation Rules (cont'd) Fees Suspension and Termination Events Suspension Events and ELNO's rights on their occurrence Termination Events and ELNO's rights on their occurrence Resignation of Subscribers and Certifiers Subscribers Certifiers Emergency Provisions ELNO Audit Rights
Draft Outline of Participation Rules (cont'd) Liability and indemnity Intellectual Property General Provisions Variation Governing law and jurisdiction Paramountcy Notices Waiver Consents No representation or reliance
Subscriber and Certifier We recommend this relationship be left to negotiation between parties Negotiation will be affected by: Participation Rules including Subscriber and Certifier liability under the attribution rule law of vicarious liability and any extensions of Subscriber's liability for Certifier under attribution rule prohibitions on unlicensed practice and sharing receipts professional conduct obligations and insurance terms
Subscriber and Certifier (cont'd) But if there will be NIR Subscribers using Industry Certifiers we recommend regulation via Participation Rules be considered to protect integrity of Industry Certifier CA role.
Performance Objectives for Risk Management and Allocation 1.Give participant groups confidence that there is no net increase in their risk or liability exposure in e-conveyancing 2.Contribute to giving participant groups and the public the same confidence in the integrity and security of e-conveyancing that they have in paper conveyancing 3.Ensure all legal and regulatory mechanisms which prevent, mitigate or allocate risks in e-conveyancing are consistent in their treatment of risk and provide clear and specific guidance to participants
Performance Objectives for Risk Management and Allocation (cont'd) 4.As far as possible, allocate risks and liabilities to the person(s) able to prevent or mitigate those risks at least cost 5.NECS roles carrying liability should insure (or if able to do so, self-insure) against that liability 6.If significant residual and systemic risks remain, reviewing existing insurance and compensation systems and consider whether additional insurance or compensation systems are desirable
Risk and Liability Among Parties
Liability of ELNO to Subscribers and Clients ELNO should be liable to Subscribers for a limited range of its own obligations under Rules ELNO may limit its liability but limited liability must give Subscribers and Clients confidence that they have no net liability increase on paper conveyancing ELNO's promises and liability should extend to Clients of Representative Subscribers (e.g. by deed poll) Examples: accurately use and present information and checks from Land Registry and digital signature validation checks
Liability of ELNO to Subscribers and Clients (cont'd) deliver commitments under Service Charter ELNO should be liable for limited back-to-back performance obligations of FSM and CA/RA ELNO's liability can be limited to excluding consequential loss and capping maximum liability per incident ELNO not liable for residual risk loss (i.e. no wrongdoer can be found for the loss) Other E-Conveyancing / E-Lodgement Framework Comparisons
Liability of ELNO to Subscribers and Clients (cont'd) Subscriber/Certifier obligations to ELNO Clearly negotiation of liability will be needed among ELNO, Subscribers, Certifiers on liability and limits
Liability Allocation and Transfer Principles Risks and attendant liabilities to be held by role(s) best able to prevent or mitigate at least cost ("least cost avoider roles") Least cost avoider roles should insure risks they hold No transfer of risk/liability from least cost avoider unless cogent reasons, and still maintaining some incentives on least cost avoider to mitigate or prevent risk Risk and liability transfer should be overt and apparent
Subscribers Liable for their Certifiers Client Representative Sub ELNO - Sub Certifier Representative Subscriber should be liable to Client for losses caused by their Certifier even if Certifier is an independent contractor This is an extension of common law liability and current professional PI cover
Other Liability Relationships LSPs - leave to commercial negotiations but retain residual power in JOG/JA to bring LSPs into Participation Agreement regulation ELNO and LRs - commercial agreements ELNO and FSM/CA/RA - commercial agreements Torrens Assurance Funds - neutral effect on scope of exposure as far as possible, no statutory amendments recommended
Fidelity Cover Issues - Lawyers Lawyers - there are largely uniform statutory schemes which cover persons who suffer loss as a result of a "default" by a law practice or an associate (or in Vic) an approved clerk "Default" is a failure to pay/deliver trust money or trust property or fraudulent dealing with trust property by an act or omission involving dishonesty (SA differs)
Fidelity Cover Issues - Lawyers (cont'd) Does this cover dishonest digital signature by a lawyer or clerk to mortgage or transfer a client's title - is a digital instrument or electronic record of CoRD "trust property"? Does this cover a lawyer or clerk entering wrong destination account for settlement proceeds so funds go to fraudster but where the funds never go to lawyer or through lawyer's trust account - are those funds ever "trust moneys"? Lawyer's fidelity cover is being reviewed under National Legal Profession Reform Project
Fidelity Cover Issues - Conveyancers No uniform statutory scheme - some schemes turn on defalcation/failure to account, WA has a fidelity insurance requirement also Variable terms of cover, levels of cover and claim limits And same NECS coverage questions as lawyers - is misuse of a digital signature to mortgage/transfer land covered? - is deliberate misdirection of settlement monies to wrong destination a/c designation covered? Can we achieve a nationally consistent fidelity cover framework for lawyers and conveyancers for NECS that covers these scenarios and at comparable terms and levels of cover and claim limits?
Professional Indemnity Cover Issues See Final Report section 18 and Environment Review National Legal Practice Reform intends to bring some national consistency to PI cover for lawyers. Note differences between statutory PI schemes and market cover eg statutory schemes provide non-avoidance cover, not cancellable, often provide innocent partner cover for dishonest conduct and run-off cover for claims made after practitioner ceases to practise. Market policies generally do none of these.
Professional Indemnity Cover Issues (cont) NECS will reduce some types of PI claims eg data and document errors. But it may open up new types of claims eg contractual exposure to ELNO, liability for certifications and for negligence with private key. An important practical response is to determine safeguards for storage and use of private keys.
Professional Indemnity Cover Issues (cont) In 2 areas the NECS legal framework anticipates that Subscribers and Certifiers may carry liability beyond the common law reasonable care standard to provide confidence and certainty to Clients and other Subscribers: Subscribers may be liable for their independent contractor Certifiers handling of their private key (and perhaps certifications) beyond common law (although we have recommended against independent contractor Certifiers) Certifiers and Subscribers will have contractual exposure through attribution rule for misuse of C's private key in circumstances where a negligence claim against them might not succeed.
Professional Indemnity Cover Issues (cont) LPLC on behalf of insurers has raised concerns about this contractual extension of liability beyond the common law reasonable care standard and warned it may not be covered by current PI polices. We have recommended liability allocation by reference to the Performance Objectives of the Framework (allocate liability to least cost avoiders and promote confidence in NECS transactions among stakeholders) rather than by reference to the terms of current PI cover. We believe an extension of policy cover can be negotiated among stakeholders including PI insurers and profession regulators.
A new NECS Compensation fund? Need for a new fund is not yet demonstrated and would add another layer of management and funding (eg by levy on transactions) and possibly buck-passing between funds Prefer that ELNO have reasonable liability limits and insure/provision for its own liability Do not reduce TAF coverage any further for NECS transactions But if ELNO cannot insure or provision its liabilities or there is substantial systemic risk without a least cost avoider who can cover the risk, then consider a NECS compensation fund
Liability for Fraud in NECS Relating to Digital Signatures and Attribution Rule Digital signatures based on a pair of keys - private and public. Content encrypted with one key can only be decrypted using the other key. Certifier digitally signs using a private key which must be kept secret. The public key corresponding to the private key is published by a CA to the world in a certificate (DSC) linking the Certifier (and perhaps subscriber) with the public key. A recipient of a document said to be digitally signed by X can get X's DSC published by CA and extract public key. If the public key decrypts to the same document, then recipient can be confident that: X's private key was used to create the digital signature (not that X used the key) the document has not been altered since X's digital signature was attached to it.
Repudiation Scenarios - attribution rule Subscriber (or Certifier or both) says I am not bound by the digital signature on this transfer (or a/c number) because: Certifier used own private key without Subscriber's authority Another employee of Subscriber (S) used Certifier's private key without authority A contract cleaner of S's building owner obtains and uses Certifier's private key without authority A Trojan horse program finds the private key on S's IT system and sends it to fraudster who uses it without authority When should S and C be bound by the digital signature?
Attribution Rule Statutory or contractual rule as to when an apparent maker of a digital signature is bound by it whether or not they made it. Apparent signer of a digital signature usually wants a weak attribution rule (to avoid liability). Party relying on a digital signature want a strong attribution rule (so they can rely on signatures) Least cost avoider for unauthorised digital signature is the Certifier/Subscriber holding the private key, not the relying party
Recommendation on Attribution Rule As between the signing Subscriber and Certifier and any Eligible Relier who relies on the digital signature, the apparent signing Certifier and Subscriber are liable in all circumstances for the digital signature except where they can prove that: the digital signature was created by a person who is not the Subscriber, a Certifier nominated by the Subscriber, nor an employee, agent or officer of the Subscriber or Certifier; and the person acted without the express or implied authority of the Subscriber or the Certifier and obtained the private key by compromising the IT system of the Subscriber or Certifier where the private key was stored; and both the Subscriber and Certifier complied fully with the Participation Rules and any requirement under their agreement with the Certification Authority, in relation to protecting the key and reporting any possible compromise of the key, and took reasonable care to protect the IT system and its security where the private key was stored.
Fraud scenario 1 (Attachment 4) Relinquishing Client (e.g. registered proprietor) is one who relinquishes an interest in land by transferring or mortgaging it to a Receiving Client or Receiving Party (e.g. transferee or mortgagee) Signing Subscriber is one who acts for and signs for Relinquishing Party using a Signing Certifier. Signing Subscriber has any necessary CORD over Relinquishing Client's title but in this scenario no instructions to deal in it A contract clerk sets up a mortgage loan and fraudulently uses private key belonging to Signing Certifier to digitally sign mortgage of land and designate the destination account for loan proceeds. Receiving Client (lender) receives the interest in land and is represented by the Receiving Subscriber.
Fraud scenario 1 (cont) ELNO validates the digital signature on instrument and certifications and destination account as being that of Signing Certifier acting on behalf of Signing Subscriber. Receiving Subscriber relies on validated digital signature and hence on instrument, certifications and the destination a/c designation and arranges for settlement moneys to be ready. Lodgment of instrument and if registration usually indefeasibility Settlement funds are transferred to nominated destination account and lost.
Questions or Comments? Mark Sneddon. Partner, Clayton Utz
Dealing with Risk and Liability in NECS Mark Sneddon. Partner, Clayton Utz 4 March 2010 © Clayton Utz NECS Legal Framework