WhatsApp and solicitor-client communication: convenience at a cost?
 In Industry Insights
0

By Samantha Bray

I sold my car last weekend. And no, it was not to that company so you can stop singing the tune in your head…..

After the car was collected, I went online to retrieve my policy documents from the online portal so I could cancel my insurance for the remainder of the year. When I clicked the link to do so, it automatically took me through to WhatsApp where, in the first instance, I was met with an AI bot who took key details from me, before being transferred to a person (in the same chat thread) who dealt with everything else. Pretty quick – everything was sorted (via message) in under 11 minutes.

Cancellation documents in my portal.

Email confirmation received.

A text message about my refund received.

Simple.

But it got my mind thinking again about the use of WhatsApp in professional services – and specifically in law firms. It is almost 4 years since I wrote this article about some of the potential risks and benefits, for using the platform, and it made me wonder – how far have we come in that time?

I decided to do a Google search – I had a fake issue and asked for a solicitor that I could ‘speak with’. And my search results were there in record time. Clicking into the top 10 firms presented to me, eight of them had WhatsApp functionality on their home screens. I was faced with messaging such as:

Connect to us anytime – we are here to help you

We are online

We are on WhatsApp

I get it, I do – between school runs, client calls, and the steady ping of e-mails, it’s easy to see why WhatsApp has become the go-to communication tool for many of us. It’s quick, familiar, and clients love it. In a world where everyone expects instant replies, it can feel like the easiest way to keep up.

But for solicitors, convenience can come with a cost. The SRA’s regulations on confidentiality, record-keeping, and professional standards don’t disappear just because a conversation happens on WhatsApp. In fact, the very features that make WhatsApp so appealing – its informality, speed, and accessibility – are exactly what make it risky when used for client communication..

In this article, I revisit some of the key pitfalls of using WhatsApp with clients; what the SRA expect; and practical steps you can take to stay on the right side of compliance while keeping your communication client-friendly.

The hidden risks of WhatsApp

Confidentiality and data security

WhatsApp uses end-to-end encryption, which gives a reassuring sense of security. But encryption isn’t the same as compliance. Once a message reaches your phone, it’s as secure as your personal setup – and that can be variable.

  • Phones get lost or shared.
  • Backups can sit unencrypted in the cloud.
  • Notifications might flash up private client details for anyone nearby to see.

Then there’s the issue of control. A single forwarded message, screenshot, or accidental group chat can breach confidentiality in seconds. For solicitors, who have a duty to protect client information under both the SRA Code of Conduct and data protection law, that’s a serious risk. 

Record-keeping and audit trails

The SRA requires clear, auditable records of client communications and decisions. WhatsApp doesn’t integrate neatly with most case management systems, meaning those quick, informal messages may never make it onto the file. If there’s a dispute about advice given, or whether instructions were properly confirmed, a trail of emojis and half-sent voice notes won’t help much. Without a proper record, proving what was agreed can become almost impossible. 

Tone and professional boundaries

WhatsApp’s informality can blur professional boundaries. A quick message sent between meetings can easily sound curt or unclear. Clients may assume an offhand “yes, fine” means formal approval or advice.

The casual setting can also make it harder to maintain objectivity – especially if the client sees you as being ‘always available’. The more informal the channel, the easier it is for tone and intent to be misunderstood. 

Firm policy and oversight

Finally, there’s a governance issue. Many firms have policies restricting the use of personal messaging platforms for client work. Using WhatsApp privately can unintentionally sidestep these controls, leaving the firm exposed to regulatory risk and data management headaches.

What the SRA expects

The SRA Code of Conduct and Principles are clear about a solicitor’s duties, whatever medium you use to communicate. The most relevant are:

  • Confidentiality (Code of Conduct para 6.3): You must keep client affairs confidential unless disclosure is required or permitted by law.
  • Integrity (Principle 2): Even well-meaning shortcuts can compromise your professional integrity.
  • Client interests (Principle 7): You must act in the best interests of each client – which includes safeguarding their data and ensuring advice is properly documented.
  • Record-keeping: The SRA expects you to maintain proper records that demonstrate compliance with your regulatory obligations. Paragraph 4.4 of the SRA Code of Conduct for Firms tells us that we must have “an effective system for supervising clients’ matters”. COLPs will be concerned that there is a systemic breach of the rules here.

In short: if your firm can’t retrieve, evidence, or secure your client communications, you’re at risk of breaching the Code.

Steps to use messaging responsibly

The good news is that you don’t have to ban WhatsApp altogether – you just need to manage it properly. We have discussed WhatsApp compliance for law firms previously. But the landscape has shifted again in the last few years and will continue to do so.

Here are some practical steps to stay compliant while meeting client expectations.

Set clear boundaries

At the start of a matter, tell clients which channels are appropriate for different types of communication.

  • Routine logistics (e.g. “I’ll call you at 3pm”) may be fine via WhatsApp.
  • Formal instructions, advice, or document sharing should stay on firm-managed platforms or email.

Setting this expectation early prevents confusion and helps you stay in control. 

Use approved tools

If your firm has a secure messaging platform or client portal, encourage its use. These systems are designed to capture records and protect data properly. If clients prefer WhatsApp, consider using WhatsApp Business rather than your personal account – it allows you to separate work and personal contacts, manage messages more professionally, and set clear availability hours.

Protect your devices

  • Enable password protection and multi-factor authentication.
  • Disable cloud backups for sensitive chats.
  • Keep your app and phone software up to date to reduce security vulnerabilities.

If your phone is used for both personal and work purposes, make sure you can remotely wipe data if it’s lost or stolen.

Keep the record

Important messages should always be transferred to the client file. You can export WhatsApp chats or take screenshots of key exchanges and upload them to your document management system. It’s not glamorous, but it’s essential for compliance and good file hygiene. There has to be a full audit trail!

Train and communicate

Make sure everyone in your firm – from partners to support staff – understands the firm’s stance on messaging apps – if and when they can be used, and when they cannot be used. Include it in your induction and ongoing training. And make it part of your client care conversation. A simple statement like, “For data security reasons, we don’t send or receive confidential information by WhatsApp,” sets expectations clearly.

The human element

Everyone is busy – sometimes too busy – and it can be tempting it can be to dash off a quick WhatsApp reply while waiting at football practice or juggling dinner and deadlines. It feels efficient – you’re getting things done and staying responsive. But those few seconds of convenience can lead to hours of sorting out compliance issues later.

The goal isn’t to make communication harder. It’s to protect both you and your clients. Clear boundaries and good systems give you the best of both worlds: modern convenience, with professional integrity intact.

A quick checklist

Before sending a client a WhatsApp message, ask yourself:

  1. Does this message contain any confidential or substantive information?
  2. Could it be misunderstood if read out of context later?
  3. Can I easily save this exchange to the client file?
  4. Am I using a secure, approved account or platform?
  5. Would I be comfortable if this message appeared before the SRA in a disciplinary case?

If the answer to any of these is “no,” it’s probably best to stick to email or your firm’s secure system instead.

Conclusion

In an age where clients expect instant answers, it’s tempting to blur the line between convenience and compliance. But while technology evolves, our core responsibilities remain the same. The SRA’s standards on confidentiality, record-keeping, and professionalism apply just as much to a WhatsApp message as to a formal letter.

Recent Posts

Start typing and press Enter to search

Get your FREE COLP Insider email delivered fortnightly

We’ll never share your email address and you can opt out at any time, we promise

 

I do not want to subscribe

client and matter risk assessments CMRA
Turning risk assessments from an admin task into a proper AML controlIndustry Insights
end solicitor client retainer
It’s not me, it’s you: How to dump your clientIndustry Insights