Attorney John McCann's letter in the August 26 edition of the Law Tribune ("Waterbury Law Firm Secretary Accused of Stealing $1 Million") suggests a two-tier (three, really) approach to protecting client trust fund accounts. While he is correct that targeted, rather than random, audits of law firms by state bar officials might be more efficacious, I don't think that it is either good policy or likely to happen.

When then-Chief Justice William Sullivan announced that Connecticut was going to follow the six or seven other states with random audit programs, much attention was given to the profile of the typical offenders and whether we could or should focus on them, stretching our limited investigative and enforcement dollars by "fishing where the fish are." We decided against it.

Attorney McCann is correct that much, though not all, of the defalcations occur in firms with few lawyers. Many of the biggest defalcation cases, where the money was taken by lawyers, as opposed to staff, occurred in solo or very small firms. So if we were to target parts of the bar for auditing, solos would be right at the top of the list, with two and three person firms following right below.

Employee theft is a crime of opportunity, and many of the cases where this has happened occurred in firms that are a bit larger, where the ample cash flow allows the bad employee to siphon money off and cover the losses with fresh money coming into the accounts. These cases usually were discovered when there was a "blip" in the cash flow due to a downturn in the business or some other event. So add mid-sized firms with average daily account balances of $1 million into the target mix.

Big firms are managed like big businesses, and if they have theft problems, they have the resources to detect them and remedy the situation. Virtually no lawyer discipline or employee theft cases come out of this slice of the bar. So take big firms out of your target population.

What we have then is a situation where we have one set of rules for the solo and small/medium firm lawyers and one for the big guys. Add into that the fact that many members of minority and underrepresented ethic and gender communities are in solo and small firm practice, and the whole thing starts to look very discriminatory. We discovered that every state that had random audit programs had done the same analysis and come to the same conclusions. Politically, targeted audits were a non-starter.

So can we prevent theft (both by lawyers and their staff) without targeted audits? Yes, sort of.

It is virtually impossible to police solo practitioners. If they want to steal, they are going to do it. The best we in the Office of the Chief Disciplinary Counsel could come up with was a policy of swift and certain response when we learned of a possible case of theft. Pat King and the other disciplinary counsel on her staff usually file suspension petitions on these folks within days of learning of impropriety. They cannot prevent the crime but they can stanch the bleeding. And, assuming that there is a deterrent effect in enforcement, the prosecution of these folks may stop others who may be tempted.

For bigger firms, there are simple controls that can be put in place to lessen the likelihood that a member of the firm (attorney or otherwise) will steal. They include:

Segregation of duties: Different people should deal with money at different stages. This creates checks and balances which make it difficult to steal without detection.

Rotation of duties: Jobs should be moved around from time to time so new eyes can look at the books and problems discovered.

Mandatory vacations: Many insurance companies require that personnel with authority over money be required to take time away from the office without access to the books. Lots of bad stuff has been found during vacations.

Check-signing policies: All checks should be signed only by a partner. Use of pre-signed checks or signature stamps should be verboten.

Software oversight: "Administrator" rights for accounting software should be available only to partners. This prevents a dishonest employee from "adjusting" an account to cover a theft.

Outside oversight: Monthly three-way reconciliations should be done by a partner or, ideally, an outside firm. There are several accounting companies which do this for a quite reasonable fee.

Insurance coverage: Employees with access to money should be covered by fidelity bonds or other insurance.

Bad things are always going to happen. Even the best system can be defeated by a determined and skilled criminal. But the state doesn't have to institute a policy of discriminatory targeted audits to keep lawyers and their clients safe. There is a robust body of guidance available to law and other businesses to prevent devastating events like those experienced by the poor Waterbury lawyers.•