1 Use of a Third-Party Service Provider to Provide Professional Services to Clients or Administrative Support Services to the Member
.001 Question—A member in public practice uses an entity that the member, individually or collectively with his or her firm or with members of his or her firm, does not control (as defined by in Financial Accounting Standards Board Accounting Standards Codification 810, Consolidation)or an individual not employed by the member (a “third-party service provider”) to assist the member in providing professional services (for example, bookkeeping, tax return preparation, consulting, or attest services, including related clerical and data entry functions) to clients or for providing administrative support services to the member (for example, record storage, software application hosting, or authorized e-file tax transmittal services). Does Rule 301, Confidential Client Information [ET section 301.01], require the member to obtain the client’s consent before disclosing confidential client information to the third-party service provider?
.002 Answer—No. Rule 301 [ET section 301.01] is not intended to prohibit a member in public practice from disclosing confidential client information to a third-party service provider used by the member for purposes of providing professional services to clients or for administrative support purposes. However, before using such a service provider, the member should enter into a contractual agreement with the third-party service provider to maintain the confidentiality of the information and be reasonably assured that the third-party service provider has appropriate procedures in place to prevent the unauthorized release of confidential information to others. The nature and extent of procedures necessary to obtain reasonable assurance depends on the facts and circumstances, including the extent of publicly available information on the third-party service provider’s controls and procedures to safeguard confidential client information.
In the event the member does not enter into a confidentiality agreement with a third-party service provider, specific client consent should be obtained before the member discloses confidential client information to the third-party service provider.
See ethics ruling No. 112 [ET section 191.224–.225] under Rule 102, Integrity and Objectivity [ET section 102.01], and ethics ruling No. 12 [ET section 291.023–.024] under Rule 201, General Standards [ET section 201.01], and Rule 202, Compliance With Standards [ET section 202.01], for additional responsibilities of the member when using a third-party service provider.
[Revised, effective July 1, 2005, except for professional services performed pursuant to agreements in existence on June 30, 2005 that are completed by December 31, 2005, by the Professional Ethics Executive Committee. Revised effective May 31, 2011]
2 Disclosure of Client Information to Third Parties
.003 Question—A member has received a request from a third party (for example, a trade association, member of academia, or surveying or benchmarking organization) to disclose client information or intends to use such information for the member's own purposes (for example, publication of benchmarking data or studies) in a manner that may result in the client's information being disclosed to others without the client being specifically identified. May the member comply with such a request or use client information for such purposes without violating Rule 301 [sec. 301 par.01]?
.004 Answer—A member would be in violation of Rule 301 [sec. 301 par.01] if the information is considered to be confidential client information, unless the member has the clients' specific consent, preferably in writing, for the disclosure or use of such information. The disclosure or use of the information that is available to the public is not subject to Rule 301 [sec. 301 par.01]. The member should be cautious in the disclosure or use of the information so as not to disclose client information that may go beyond what is available to the public or that the client has agreed may be disclosed.
Accordingly, before disclosing confidential client information to a third party or using such information for the member's own purposes when the use of such information results in disclosure of confidential client information to others, the member should obtain the client's specific consent, preferably in writing, about the nature of the information that may be disclosed, the type of third party to whom it may be disclosed, and its intended use.
A member is not prohibited from marketing his or her services or advising a third party, such as a current or prospective client, of information based on his or her expertise or knowledge obtained from prior experiences with clients (for example, the nature of services provided to other clients or common practices within a client's industry). However, in cases when such information may be identifiable to one or more clients, specific consent, preferably in writing, would be required from such client(s). Prior to disclosing confidential client information to a third party, the member should consider whether a contractual agreement with the third party to maintain the confidentiality, or limit the use, of the information is necessary.
In addition, the member should consider whether federal, state, or local statutes, rules, or regulations concerning confidentiality of client information may be more restrictive than the requirements contained in this ethics ruling.
See Ethics Ruling No. 12 of section 291 [sec. 291 par. .023-.024] and Ethics Ruling No. 1, "Use of a Third-Party Service Provider to Provide Professional Services to Clients or Administrative Support Services to the Member," of this section [sec. 391 par. .001-.002] for guidance when disclosing confidential client information to a third party used to assist the member in providing professional services to clients that will not result in disclosure to others.
[Revised August 2011, effective November 30, 2011]
3 Information to Successor Accountant About Tax Return Irregularities
.005 Question—A member withdrew from an engagement on discovering irregularities in his or her client's tax return. May he or she reveal to the successor accountant why the relationship was terminated?
.006 Answer—Rule 301 [ET section 301.01] is not intended to help an unscrupulous client cover up illegal acts or otherwise hide information by changing CPAs. If the member is contacted by the successor he or she should, at a minimum, suggest that the successor ask the client to permit the member to discuss all matters freely with the successor. The successor is then on notice of some conflict. Because of the serious legal implications, the member should seek legal advice as to his or her status and obligations in the matter.
[4.] Prior Client Relationship
[.007–.008] [Deleted August 1989]
[5.] Records Retention Agency
[.009–.010] [Deleted October 2004]
6 Revealing Client Information to Competitors
.011 Question—A municipality in a particular state enforces a personal property tax on business inventories, fixtures and equipment, and machinery by retaining a firm of CPAs to examine the books and records of the businesses to be sure the proper amount has been declared. In the course of its engagement, the CPA firm will examine sales, purchases, gross profit percentages, and inventories as well as fixed asset accounts. A member serving one of the companies involved objects to these procedures on the ground that information gathered from the books and records of his or her client could be inadvertently conveyed to competitors by employees of the CPA firm doing the audit. Is such an engagement ethically proper?
.012 Answer—It would be proper for a member's firm to perform such services. It should be emphasized to everyone concerned that rule 301 [ET section 301.01] prohibits members from revealing to others any confidential information obtained in their professional capacity.
7 Revealing Names of Clients
.013 Question—May a member in public practice disclose the name of a client for whom the member or the member's firm performed professional services?
.014 Answer—It is permissible under rule 301 [ET section 301.01] for a member to disclose the name of a client, whether publicly or privately owned, without the client's specific consent unless the disclosure of the client's name constitutes the release of confidential information. For example, if a member's practice is limited to bankruptcy matters, the disclosure of a client's name would suggest that the client may be experiencing financial difficulties, which could be confidential client information.
[Replaced previous ruling No. 7, Revealing Names of Employer's Clients, effective August 31, 1989.]
[8.] Fee as Percentage of Bond Issue
[.015–.016] [Deleted June 1991]
[9.] Finder's Fee
[.017–.018] [Deleted June 1991]
[10.] Fee as Expert Witness
[.019–.020] [Deleted June 1991]
[11.] Fee Contingent on Mortgage Commitment
[.021–.022] [Deleted June 1991]
[12.] Fee as Percentage of Tax Savings
[.023–.024] [Deleted June 1991]
[13.] Contingent Fees to Fire Adjuster
[.025–.026] [Deleted June 1991]
14 Use of Confidential Information on Management Consulting Service Engagements
.027 Question—In the course of performing a feasibility study a nonclient outside source has provided pertinent information to the member's firm with the understanding that the source and the details of the information will not be disclosed. The information, which the firm believes is pertinent, directly affects its conclusions and recommendations. How may this information be utilized in connection with the feasibility study engagement and related conclusions and recommendations?
.028 Answer—Rule of conduct 301 [ET section 301.01] regarding confidential client information is not directly applicable to the circumstances described; however, Rule of conduct 501, Acts Discreditable [ET section 501.01], is applicable to situations involving confidential relationships with non-clients. For an engagement in which it appears likely that the development of pertinent information will have to come from outside non-client sources, and such information must remain confidential, the terms of the engagement with the client should specify that the confidences of outside non-client sources will not be divulged by the member's firm even when they might affect the outcome of the engagement. If the use of confidential outside sources is necessary and the terms of the engagement are silent regarding disclosure of source and details, the member should promptly seek the approval of the client to present his or her recommendations without making disclosures that include confidential information. If the client does not agree to this, the member should withdraw rather than breach a confidence or improperly limit the inclusion of information in his or her final recommendation.
15 Earlier Similar Management Consulting Service Study With Negative Outcome
.029 Question—A prospective client has asked a member's firm to study the desirability of his or her using a newly developed electronic ticketing system for his or her business. A recent study made for another client leads the member's firm to believe that the system would not be desirable for him or her. Must the firm state its reservations at the risk of disclosing information acquired while performing an assignment for a client competitor?
.030 Answer—Rule of conduct 301 [ET section 301.01] provides that a member shall not disclose any confidential information obtained in the course of a professional engagement except with the consent of the client. Knowledge and expertise which results in a special competence in a particular field can be provided to a client without violating the confidence of another client. Reservations that the firm may have concerning the electronic ticketing system should be communicated to the prospective client provided the details of the other client's engagement are not disclosed. If, however, circumstances are such that the prospective client would clearly know the origin of the information on which the member's reservations are based, and such information is sensitive, the engagement should not be accepted without clearance with the first client.
16 Disclosure of Confidential Client Information
.031 Question—A member has prepared a married couple's joint tax returns for several years. The member was engaged by and has dealt exclusively with spouse A. Divorce proceedings are now under way and spouse B has approached the member with requests for confidential information relating to prior tax returns. Spouse A has directed the member not to comply with spouse B's requests. Would release of this information by the member to spouse B constitute a violation of rule 301 [ET section 301.01]?
.032 Answer—As defined by the Code of Professional Conduct, spouse B would be considered to be a client with respect to the prior tax returns in Question. Therefore, release of the requested information to spouse B would not be prohibited by rule 301 [ET section 301.01]. The member should consider, however, reviewing the legal implications of such a disclosure with an attorney.
17 Definition of the Receipt of a Contingent Fee or a Commission
.033 Question—Rules 302 [ET section 302.01] and 503 [ET section 503.01] prohibit, among other acts, the receipt of contingent fees for the performance of certain services and the receipt of a commission for the referral of products or services under certain circumstances. When is a contingent fee or commission deemed to be received?
.034 Answer—A contingent fee or a commission is deemed to be received when the performance of the related services is complete and the fee or the commission is determined. For example, if in one year a member sells a life insurance policy to a client and the member's commission payments are determined to be a fixed percentage of future years' renewal premiums, the commission is deemed to be received in the year the policy is sold.
18 Bank Director
.035 Question—May a member in public practice serve as a director of a bank?
.036 Answer—Yes; however, before accepting a bank directorship, the member should carefully consider the implications of such service if the member has clients that are customers of the bank.
These implications fall into two categories:
a Confidential Client Information—Rule 301 [ET section 301.01] provides that a member in public practice shall not disclose any confidential client information without the specific consent of the client. This ethical requirement applies even though failure to disclose information may constitute a breach of the member's fiduciary responsibility as a director.
b Conflicts of Interest—Interpretation 102-2 [ET section 102.03] provides that a conflict of interest may occur if a member performs a professional service (including service as a director) and the member or his or her firm has a relationship with another entity that could, in the member's professional judgment, be viewed by appropriate parties as impairing the member's objectivity. If the member believes that the professional service can be performed with objectivity and the relationship is disclosed to and consent is obtained from all appropriate parties, performance of the service shall not be prohibited.
In view of the above factors, it is generally not desirable for a member in public practice to accept a position as bank director where the member's clients are likely to engage in significant transactions with the bank. If a member is engaged in public practice, the member should avoid the high probability of a conflict of interest and the appearance that the member's fiduciary obligations and responsibilities to the bank may conflict with or interfere with the member's ability to serve the client's interest objectively and in complete confidence.
The general knowledge and experience of CPAs in public practice may be very helpful to a bank in formulating policy matters and making business decisions; however, in most instances, it would be more appropriate for the member as part of the member's public practice to serve as a consultant to the bank's board. Under such an arrangement, the member could limit activities to those which did not involve conflicts of interest or confidentiality problems.
19 Receipt of Contingent Fees or Commissions by Member's Spouse
.037 Question—May a member's spouse provide services to the member's attest client for a contingent fee or refer products or services for a commission to or from the member's attest client without causing the member to be in violation of rule 302 [ET section 302.01] or rule 503 [ET section 503.01]?
.038 Answer—Yes, if the activities of the member's spouse are separate from the member's practice and the member is not significantly involved in those activities. The member, however, should consider whether a conflict of interest may exist as described in rule 102 [ET section 102.01] and interpretation 102-2 [ET section 102.03].
20 Disclosure of Confidential Client Information to Professional Liability Insurance Carrier
.039 Question—A member has learned of a potential claim that may be filed against the member. The member's professional liability insurance policy requires that the carrier be promptly notified of actual or potential claims. If the member notifies the carrier and complies with its request for documents that would constitute confidential client information without the client's permission, would the member be in violation of rule 301 [ET section 301.01]?
.040 Answer—No. Rule 301 [ET section 301.01] is not intended to prohibit a member from releasing confidential client information to the member's liability insurance carrier solely to assist the defense against an actual or potential claim against the member.
21 Member Providing Services for Company Executives
.041 Question—A member has been approached by a company, for which he or she may or may not perform other professional services, to provide personal financial planning or tax services for its executives. The executives are aware of the company's relationship with the member, if any, and have also consented to the arrangement. The performance of the services could result in the member recommending to the executives actions that may be adverse to the company. What rules of conduct should the member consider before accepting and during the performance of the engagement?
.042 Answer—Before accepting and during the performance of the engagement, the member should consider the applicability of Rule 102, Integrity and Objectivity [ET section 102.01]. If the member believes that he or she can perform the personal financial planning or tax services with objectivity, the member would not be prohibited from accepting the engagement. The member should also consider informing the company and the executives of possible results of the engagement. During the performance of the services, the member should consider his or her professional responsibility to the clients (that is, the company and the executives) under Rule 301, Confidential Client Information [ET section 301.01].
[22.] Member Removing Client Files From an Accounting Firm
[.043–.044] [Deleted December 1998]
23. Disclosure of Confidential Client Information in Legal or Alternative Dispute Resolution Proceedings
.045 Question—A member discloses confidential client information to the member's attorney or a court or in documents or proceedings in connection with an actual or threatened lawsuit or alternative dispute resolution proceedings relating to that client. Would the member be in violation of the rule 301 [ET section 301.01] of the Code of Professional Conduct?
.046 Answer—No. Rule 301 [ET section 301.01] is not included to prohibit a member from disclosing the information necessary to initiate, pursue or defend himself or herself in such proceedings.
This ruling is not intended to prohibit a member's compliance with applicable federal or state laws or regulations.
24 Investment Advisory Services
.047 Question—A member or member’s firm (“member”) provides investment advisory services for an attest client for a fee based on a percentage of the client’s investment portfolio. Would the member be considered to be in violation of rule 302, Contingent Fees [ET section 302.01]?
.048 Answer—Yes. However, the fee would not be contingent upon portfolio performance and, therefore, would not be in violation of rule 302 [ET section 302.01] if all of the following conditions are met:
1 The fee is determined as a specified percentage of the client’s investment portfolio.
2 The dollar amount of the portfolio on which the fee is based is determined at the beginning of each quarterly period (or longer period of time as may be agreed upon) and is adjusted only for additions or withdrawals made by the client during the period.
3 The fee arrangement is not renewed with the client more frequently than on a quarterly basis.
When performing such services, the member should also consider Rule 101, Independence [ET section 101.01], especially interpretation 101-3 [ET section 101.05].
25 Commission and Contingent Fee Arrangements With Nonattest Client
.049 Question—A member or member’s firm (member) provides for a contingent fee investment advisory services, or refers for a commission products or services of a nonclient or a nonattest client, to the owners, officers, or employees of an attest client or to a nonattest client employee benefit plan sponsored by an attest client. Would the member be considered to be in violation of either rule 302 [ET section 302.01] or rule 503 [ET section 503.01]?
.050 Answer—No. The member would not be in violation of either rule 302 [ET section 302.01] or rule 503 [ET section 503.01] provided that, with respect to rule 503 [ET section 503.01], the member discloses the commission to the owners, officers, or employees or to the employee benefit plan. The member should also consider the applicability of interpretation 102-2, Conflicts of Interest [ET section 102.03], and his or her professional responsibility to clients under Rule 301, Confidential Client Information [ET section 301.01].