As the era of regulatory scrutiny continues to intensify and client expectations evolve, UK law firms have been hit with a wake-up call with the recent SRA rebuke of Hett’s Johnson Whiting LLP, offering a cautionary tale and a timely opportunity for reflection.
In June, the firm was sanctioned for repeatedly submitting identity documents with inconsistencies, including a passport photo that didn’t match the signature to HM Land Registry. These were red flags any modern compliance system should have caught, but in this case, they were missed.
According to Cindy van Niekerk, CEO of Umazi, UK law firms continue to be one step behind, relying on manual processes for client onboarding, and ID verification, with Hett’s Johnson Whiting being a prime example.
“PDFs, office-certified photocopies, and siloed data handling are still in use, meaning red flags are easily missed because of outdated, fractured systems and human fatigue. This is leaving firms open to fines, reputational damage, regulatory investigations, and lost client trust. However it appears with the right shared corporate identity infrastructure, firms can remove the need for repetitive manual verification, centralising and digitising identity checks, reducing the risk of human oversight, and ensuring consistent compliance across every client interaction.”
Corporate identity platforms are built to modernise how law firms handle due diligence, identity, and compliance. Hett Johnson Whiting’s incident would have played out differently with a digital-first approach, with the following coming into play. Through advanced AI-powered document verification, irregular or inconsistent identification documents are flagged immediately upon upload, using biometric validation and intelligent scanning to prevent mismatched credentials from entering the system.
Van Niekerk continues: “Should an individual attempt to resubmit the same ID across different internal channels, behavioural red-flag detection triggers a risk-based alert and prompts further due diligence before any onboarding process is allowed to proceed. Rather than relying on uncertified photocopies, a reusable digital identity wallet enables clients to present a single, verified, tamper-proof credential that can be securely reused across institutions. Crucially, every verification step is immutably recorded via blockchain-backed audit trails, ensuring full traceability and embedding accountability into the process from the outset.”
If UK law firms had corporate digital identity platforms in place, ID Inconsistencies would simply not occur. Firms must learn from Hett Johnson Whiting and adopt a secure corporate identity infrastructure. The UK is lagging, and firms are at risk of further incidents.
Van Niekerk concludes: “It’s well known that the legal sector has been slow to embrace new technology, but in this environment, hesitation is no longer safe. The dangers of inaction now far outweigh the perceived risks of change. Corporate ID platforms don’t just tick a compliance box; they deliver assurance, speed and resilience. UK firms must act now, because the next time warning signs appear, they may not get a second chance to stop the damage.”