The Accounting Policy & Practice Report ® provides financial accounting policy makers, advisors, and practitioners with the latest news, expert insights, and guidance on emerging, evolving,...
By Cathy Allen
Cathy Allen helps CPAs and others understand and apply auditor independence and professional ethics rules though consultation, training, litigation support and expert services. Ms. Allen was a Managing Director in PwC and served as senior staff to the AICPA Professional Ethics Executive Committee (PEEC), where she was instrumental in developing standards and tools for the profession, such as the AICPA Plain English Guide to Independence and the Conceptual Framework for Independence. She authors several AICPA courses and other publications, including the Institute’s Ethics and Professional Conduct: Updates and Professional Ethics: The AICPA’s Comprehensive Course, and has written on professional ethics for various publications. Ms. Allen is a CPA in New York, New Jersey and Maryland and serves on the New York State Board for Public Accountancy and the National Association of State Boards of Accountancy (NASBA) Board of Directors as Northeast Regional Director. She also chairs the NASBA’s Ethics Committee and contributes to AICPA PEEC task forces.
As we embark upon the 2017 tax season, and look ahead to 2018, we should reflect on the professional responsibilities that differentiate CPAs from the rest of the pack. Tax practitioners have a duty to help clients minimize their tax burden while paying the amount legally owed under the tax code. Tax practitioners act as their clients’ advocate for these purposes but CPAs also must maintain confidentiality of the client’s information, be competent, exercise due care, and act with integrity, objectivity, and sometimes independence. This Insight highlights one of these critical ethics requirements—maintaining the confidentiality of a client’s information.
With very limited exceptions, the AICPA Code of Professional Conduct and state accountancy boards require CPAs to obtain a client’s explicit consent before disclosing confidential client information to outside parties. “Confidential client information” is information the CPA obtained from the client that is not available to the public. Information that is already in the public domain, for example, on websites, or in public filings or publications, is excluded.
A CPA may release confidential client information without consent to: (i) comply with a validly issued and enforceable subpoena or summons; (ii) comply with professional standards, laws or regulations; (iii) enable an authorized peer review of the CPA’s firm; (iv) initiate or respond to a duly authorized investigation by AICPA, state CPA society or state accountancy board; or (v) permit review connected to the prospective purchase, sale, or merger of all or part of an accounting/tax practice. State accountancy board rules may or may not mirror the AICPA Code, and CPAs should comply with the strictest requirements.
A rule that’s been gaining more attention lately, but is apparently not yet widely known in the tax preparer community is the Federal Trade Commission’s (FTC’s) “safeguards rule,” which was adopted as part of the Gramm-Leach-Bliley law and applies to financial institutions’ handling of customer information. The following appears on the FTC’s web site:
The definition of “financial institution” includes many businesses that may not normally describe themselves that way. In fact, the Rule applies to all businesses, regardless of size, that are “significantly engaged” in providing financial products or services. This includes, for example, check-cashing businesses, payday lenders…professional tax preparers…
Though CPAs are not financial institutions, thanks to this definition, tax preparers are subject to the law’s safeguards rule, namely, extensive client information security provisions. According to an August 2017 press release, the FTC settled charges alleging that TaxSlayer (not a CPA firm) violated the safeguards rule by failing to develop a written comprehensive security program, conduct a risk assessment to identify reasonably foreseeable internal and external risks to security, and implement information security safeguards that would help prevent a cyberattack. New York State’s Department of Financial Services adopted a rule that became effective this year and goes beyond requirements in the safeguards rule.
CPAs should comply with Internal Revenue Code (IRC) Section 7216, which prohibits tax return preparers from “knowingly or recklessly” disclosing or using tax return information without the explicit, written consent of the client. Frequently-asked-questions are available at https://www.irs.gov/tax-professionals/section-7216-frequently-asked-questions.
A CPA needs the client’s explicit written consent to disclose tax return information in a report to the IRS Office of Professional Responsibility or in a complaint filed with a state accountancy board regarding a previous preparer’s substandard tax work.
The International Ethics Standards Board for Accountants (IESBA) recently adopted a standard that requires accountants (including tax practitioners) to take certain actions when they become aware of a client’s noncompliance with laws and regulations (NOCLAR). Among other things, the rule requires accountants to disclose NOCLAR to the appropriate members of management so they can address the NOCLAR. The accountant must later evaluate whether management has addressed the NOCLAR and whether the accountant should consider further action(s). If the accountant believes the NOCLAR is not sufficiently addressed, the IESBA framework gives accountants the right to disclose NOCLAR to an appropriate regulator when public interest concerns warrant it and applicable laws do not prohibit the disclosure. In considering the IESBA rule, the AICPA proposed a rule that did not incorporate this right to disclose without client consent because the Code and most state accountancy boards prohibit such action, unless a law or regulation requires the accountant to disclose the NOCLAR.
Currently, the AICPA Code addresses a situation in which a CPA withdraws from an engagement after discovering irregularities in a client’s tax return. If contacted by the successor, the CPA should suggest that the successor ask the client for permission to discuss all matters with the successor. If the client refuses, the successor is effectively on notice.
Firms that subcontract tax return preparation services to other companies should obtain their clients’ specific consent to disclose information to the other company. Alternatively, the CPA can ensure that the subcontractor agreement provides reasonable assurance that the company has appropriate procedures in place to protect the client’s information. The FTC safeguards rule requirements go beyond these measures and requires the CPA to oversee all contractors’ handling of client information.
The AICPA recently clarified the Code’s definition of “client,” and the CPA’s responsibilities for maintaining client confidentiality. For example, Ann engages a CPA to prepare her and her husband’s joint tax return. Even if the CPA works exclusively with Ann, both spouses are a single client. Accordingly, if the couple initiates divorce proceedings and Ann instructs the CPA to withhold joint tax information from her husband, the CPA may provide the information to both spouses, because both are “the client.” If, however, a company engages the CPA to perform personal tax services to its executive staff, the CPA has two clients, since the “engaging” entity (company) and the “subject” entities (executives) are different. If the company requests information about the executives’ personal tax situations, the CPA must obtain each executive’s explicit consent to provide that information.
Copyright © 2018 Tax Management Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)