By Jamie Russo

On February 21, 2025, the Board of Trustees approved and adopted proposed rules relating to the Client Trust Account Protection Program (CTAPP). Catalyzed by the Girardi scandal, the State Bar has been working to develop CTAPP since 2022. [27:2 CRLR 115]. CTAPP is a regulatory program designed to facilitate the State Bar’s detection and deterrence of attorney misconduct related to client trust accounts.

The Board of Trustees has the authority to regulate CTAPP under Rule of Court 9.8.5, which the Supreme Court of California approved on October 24, 2022. Rule 9.8.5 states the State Bar must implement CTAPP rules pertaining to annual reporting, trust account registration, and certification; the State Bar may impose requirements relating to compliance reviews, self-assessment, and additional actions, including investigative audits. [28:2 CRLR 123].

At its November 17, 2022, meeting, the Board of Trustees adopted State Bar Rule 2.5, outlining attorney reporting requirements, deadlines, and exemptions relating to client trust accounts. In September 2024, AB 3279 (Committee on Judiciary) (Chapter 227, Statutes of 2024) added sections to the Business and Professions Code to facilitate the implementation of CTAPP by requiring that (1) financial institutions keep records of client trust accounts and annually provide information to the State Bar regarding those accounts; (2) licensed attorneys furnish financial institutions in which client accounts are located with their bar license number; and (3) the State Bar annually submit a report to the legislature of findings, mandatory corrective actions, and referrals for possible discipline that the State Bar made in the prior year relating to client trust accounts. AB 3279 also enabled the State Bar to use a portion of annual licensing fees to fund audits of client trust accounts under CTAPP.

In November 2024, the Board of Trustees met and discussed proposed new rules 2.4 and 2.6 and proposed amendments to rule 2.5. On November 19, 2024, the State Bar published notice of the proposed changes and sought public comment for a period of 60 days, ending on January 20, 2025. With few public comments, the Board approved the proposed changes and adopted Rules 2.4 through 2.6 of the State Bar.

Rule 2.4 is a centralized definition rule providing definitions applicable to CTAPP generally. Rule 2.4 defines terms such as compliance review, investigative audit, mandatory corrective action plan, and trust account. Rule 2.4 clarifies the scope of attorney actions and responsibilities that subject an attorney to CTAPP, including the types of accounts governed by CTAPP. For clarity, the State Bar incorporated definitions from the original Rule 2.5 (as adopted in November 2022) into the current Rule 2.4.

The revised Rule 2.5 outlines mandatory duties for attorneys, such as annual reporting, account registration, and self-assessment completion. Rule 2.5 requires that attorneys report whether they are responsible for client funds annually. Even if a client trust account holds no entrusted funds, attorneys must report and register each trust account with the State Bar. Rule 2.5 also requires attorneys to provide their bar license information to each financial institution in which they maintain a trust account.

Rule 2.5 defines noncompliance under CTAPP and provides exemptions from CTAPP compliance. Rule 2.5 clarifies what constitutes noncompliance with its requirements and provides that failure to comply automatically results in a licensee’s enrollment as inactive. Attorneys who fail to comply with a notice of CTAPP reporting noncompliance will be ineligible to practice law unless and until the attorney submits proof of compliance and pays noncompliance and reinstatement fees. Rule 2.5 provides that attorneys on voluntary inactive status for the entire reportable period are exempt from CTTAP compliance. Notably, Rule 2.5 does not exempt suspended attorneys from reporting requirements.

Rule 2.6 establishes requirements for compliance reviews, investigative audits, and mandatory corrective action plans. Under Rule 2.6, if an attorney is selected for a compliance review or investigative audit, the attorney (and all attorneys at that firm) must comply with and complete the compliance review and/or investigative audit. Licensees must cooperate with requests for information and requests for responses to questions and comply with any mandatory corrective action plan. Rule 2.6 mandates that records provided to the State Bar as part of the compliance review and investigative audit procedure remain confidential.

Compliance reviews encompass at least one year of trust account activity, and Rule 2.6 outlines attorney obligations during such reviews. Based on a compliance review finding, the State Bar can perform investigative audits. Investigative audits include at least three years of trust account activity, and Rule 2.6 describes licensee obligations during an investigative audit. Moreover, if the State Bar identifies a possible violation of law during either procedure, the State Bar can issue a mandatory corrective action plan.

Rule 2.6 provides that a licensee is noncompliant for failing to (1) comply with a mandatory corrective action plan; (2) comply with any compliance review or investigative audit requirements; or (3) timely respond to questions or requests for information or documents regarding records subject to a compliance review or investigative audit. Noncompliance can result in attorney discipline through referral to the Office of Chief Trial Counsel.

The State Bar continues to work on CTAPP implementation and is preparing to begin overseeing CTAPP with mandatory compliance reviews in July 2025.