The massive leak of documents from Panamanian law firm Mossack Fonseca – which came to light on Monday – will not deter people from using offshore vehicles, but will make them more careful about the service providers they employ, argues Josephine Chung, director of Hong Kong-based consultancy CompliancePlus.

Moreover, the breach – which Mossack Fonseca has blamed on hackers – will force law firms to focus and spend more on cyber-security, says a senior lawyer based in Hong Kong. Many do not do nearly enough, he noted.

Dubbed ‘the Panama Papers’, the 11.5 million leaked documents expose the offshore holdings of 12 current and former world leaders and 128 other politicians and public officials, said the International Consortium of Investigative Journalists.

Ultimately, however, unless they can find a more effective structure, people will still use offshore vehicles to achieve greater tax-efficiency, said Chung, whose firm advises fund managers and other financial institutions. However, they will need to be more cautious that their identities may be exposed, she noted.

In any case, clients have had to accept that offshore vehicles are no longer as secretive as they once were, with data now relatively easier to access, added Chung. Banks and other institutions are under ever-greater pressure to be transparent as a result of measures seeking to tackle terrorist financing and money laundering.

She suggested that clients may well conduct more rigorous due diligence and seek to further diversify their risk by using a wider spread of offshore service providers in different jurisdictions. Hence some of the less popular jurisdictions may benefit as a result.

The point is that if clients use one firm for many of their activities, in the case of a leak “it’s easier for to form a picture of what’s going on”, noted Chung. “If you only get piecemeal information, it’s harder to do that, but [in the case of the Mossack Fonseca leak] they can trace links between lots of offshore vehicles.”

Meanwhile, the breach is a clear indication of the importance of investing sufficient resources in cyber-security, said the unnamed Hong Kong-based lawyer.

“What happened at [Mossack] shows that they simply had no real system security measures in place of a kind that most larger firms now routinely have,” he noted. “This kind of security sophistication costs a great deal.

“Many smaller, offshore firms simply run the gauntlet on this kind of risk because in the past, it was not something that the offshore firms were quizzed about by their clients,” said the lawyer. “I believe that will now change for these kinds of firms.

“The events at Mossack will put pressure on the entire legal profession to up the ante and be more accountable to clients for data protection,” he added. “It will become more routine for clients to demand answers to questions about the measures the firm is taking to protect their data.”

Mossack Fonseca did not respond by press time to a request for comment.