naplia risk management presentation 2014

Risk ManagementRisk Management

John Raspante, CPA

NAPLIA

Important Disclaimers• The content of this presentation and these slides is intended solely for

general educational purposes, to give accounting/tax professionals a broad outline of the laws, legal concepts, and professional standards discussed herein.

• It is not intended for the purpose of providing specific legal, accounting, or other professional advice to any particular recipient for use in the recipient’s practice or in advising the recipient’s clients, or with respect to any particular jurisdiction.

• The author /presenter of said content (1) makes no representations, warranties, or guarantees as to its technical accuracy or compliance with any law (federal, state, or local) or professional standard; and, (2) assumes no responsibility to any recipient of the content to correct or update it for any reason, including changes in any law or professional standard.

• Recipients should not rely on the content of this presentation and these slides. Rather, before taking any action in connection with the laws, legal concepts, and professional standards discussed herein, recipients should consult the actual text of those provisions, and obtain specific legal and/or accounting advice.

• No warranties as to merchantability or fitness for a particular purpose are expressed or implied. Application and use of the laws, legal concepts, and professional standards discussed herein, and these slides, is solely the responsibility of the reader.

Objectives of Risk Management

• Gain Control:– Over risks in practice environment– Not to eliminate those risks

• Claims:– Prevent them– Make them more defensible

The Risk EnvironmentThe Risk Environment

Percentage of Total Claims(By Service)

Percentage of Total Dollar Losses(By Service)

Percentage of Tax Claims(By Type of Client)

Percentage of Audit Claims(By Source of Claim)

Fraud detectionDetection of Occupational Fraud

0% 5% 10% 15% 20% 25% 30% 35%

Police

External Audit

Internal Controls

Internal Audit

Accident

Percent of cases

*The sum of percentages in this chart exceeds 100% because in some casesrespondents identified more than one detection method.

Defending Claims:Defending Claims:The BasicsThe Basics

Statutes of Limitation( Varies By State )

• Malpractice limitation period

• Discovery rule

• Action

• Reliance

• Injury

Principal Exposures

• Exposure to clients:– Civil suits for damages– Complaints to State Board

• Exposure to third parties:– Civil suits for reliance damages– Government investigations

Exposure to ClientsExposure to Clients

Theories of Liability

• Negligence– Errors– Omissions

• Violation of professional ethics– Conflict of interest– Breach of confidentiality– Withholding client documents

• Breach of contract– Fee dispute– Failure to render agreed services

• Violation of consumer protection statute– Breach of fiduciary duty– Fraud– Other egregious behavior

Negligence(Elements of Claims)

• Client must prove:– Liability—Existence of negligence

• Duty—Standard of care• Breach of duty

– Damages• Actual harm suffered by client

– Causation• Sufficient connection between negligence and

harm • Failure to prove any one element will defeat claim

Standard of Care—Duty

• Reasonableness standard

• What would the reasonably prudent accountant have done under similar circumstances?

• Objective standard—Expert testimony needed

• Compliance with professional standards does not insulate the firm from liability

A&A Services—Negligence(Most Common Complaint)

• Failure to detect:– Actual embezzlement– Risk of embezzlement:

• Control environment:– Significant deficiencies– Material weaknesses

• Range of engagements:– From audit to write-up services– Management advisory services

• Resulting in loss to client

Who Commits Fraud

60Percent

Employees Management Owners

Position in the Organization

Who Commits Fraud

Median Loss by Position

Types of Occupational Fraud

Category Description Examples % of cases

Median Loss

Asset Misappropriation

Theft or misuse of organizations assets

-Fraudulent invoicing-Payroll fraud-Skimming revenues

91.5% $150,000

Corruption Influence in business transaction or obtain unauthorized benefit

-Accepting or paying bribe

-Undisclosed conflict of interest

30.8% $538,000

Fraudulent Statements

Falsification of financial statements

-fictitious sales

-recording expenses in wrong period

10.6% $2,000,000

*The sum of percentages in this chart exceeds 100% because several cases involved schemes that fell into more than one category.

ACFE 2006 Report to the Nation on Occupational Fraud & Abuse www.acfe.org

Employee Fraud(Motive)

• High personal debts• Unusual financial losses• Inadequate income• Lives beyond means• Extensive investment speculation• Excessive gambling• Substance abuse• Extra-marital involvement• Job frustration/resentment of superiors

Employee Fraud(Opportunity)

• Experienced employee– Knowledge of business/systems– Trusted by management

• Lack of segregation of duties– Multiple inconsistent tasks– Broad computer system access

• Uninterrupted service– Annual vacations not required

• Weak management oversight– Understaffed at management level– Lack of management continuity/Excessive turnover– Overburdened/Crisis-mode environment

Managing Risk—During Engagement(“Failure-to-Detect” Claims)

• At the client-selection stage– Clients with healthy organizations– Document—Engagement letter

• At the planning stage– Be observant, inquisitive– Focus on internal controls– Document—Forms, checklists, memos

• During performance stage– Be thorough, objective, skeptical– Confront clients when needed– Document—Work papers, correspondence

• At conclusion– Document—Management letters

Defending the Claim(Failure-to-Detect Embezzlement)

• Limited scope of engagement

• Reasonableness:– Compliance with professional standards

Case Study--Embezzlement

ABCMoving

Bookkeeper

Opportunity $3 Million

Exposure to Third Exposure to Third PartiesParties

Theories of Liability

• Negligent misrepresentation– Errors– Omissions

• Violation of professional ethics– Conflict of interest

• Violation of statutes/regulations– Fraud

Negligent Misrepresentation (Elements of Claims)

• Third party must prove that you:– Made false statement of fact– Had no reasonable basis to believe it to be true– Intended to induce third party to rely on it

• Third party must prove that it:– Believed statement and reasonable relied on it– Suffered harm flowing from that reliance

• Failure to prove any one element will defeat the claim• Third party must also have standing to bring claim

Standard of Care

• Reasonableness:– After exercising reasonable prudence– Would another accountant– Under similar circumstances– Believe statement to be true?

• Objective standard– Expert testimony usually required

Negligent Misrepresentation(Most Common Complaint)

• Failure to detect:– Errors– Fraud– Illegal acts– Internal control issues:

• Significant deficiencies• Material weaknesses

• Resulting in material misstatements

Managing Risk—During Engagement(Failure-to-Detect Claims)

• At the client-selection stage– Clients with integrity– Firm has sufficient expertise– Document—Engagement letter

• At the planning stage– Be thorough, objective, skeptical– Document—Forms, checklists, memos

• During performance stage– Be thorough, objective, skeptical– Confront clients when needed– Document—Work papers, correspondence

• At conclusion– Additional layer of review– Document—Management letters

Case Study(Confrontation and Communication)

Accountant

Partner #1 was taking money out of the partnership without the knowledge of the other partners.

Partnership Tax Return

3 Partners

Who Commits Fraud?

60Percent

Position in the Organization

Who Commits Fraud?

Median Loss by Position

Management Fraud(Motives)

• Unfavorable economic conditions• Heavy investments or losses• Insufficient working capital• High debt/credit problems• Unusually heavy competition• Profit “squeeze”• Need to cover up a bad situation

Management Fraud(Opportunity)

• Related party transactions• Ineffective or no internal audit staff• Frequent changes in auditors• Use of several auditors simultaneously• Reluctance to provide requested data• Last minute provision of data• Numerous adjusting entries

Defending the Claim(Negligent Misrepresentation)

• Limited scope of engagement• Compliance with professional standards• Proportionate responsibility

– Demonstrating plaintiff’s fault• Unreasonable reliance• Lack of due diligence

• No causation– Plaintiff’s harm caused by other factors

• Plaintiff’s lack of standing

Standing to Bring Claim(Three Doctrines)

• Privity– Most restrictive to third parties– Need agreement/close contact with accountant– Old majority—No longer

• Restatement– Middle ground– Plaintiff—member of class expected to rely– Majority rule—Trend is in this direction

• Foreseeability– Least restrictive to third parties– Plaintiff must only be foreseeable user of work product– Minority rule—Once very popular – Only MS and WI appear to still follow this doctrine

Lenders’ Requests for Assurance (Example Response—Part One)

• Firm has client’s consent • Firm prepared client’s returns for specified tax years• Returns included ___________ • Firm’s services based on documents and information

provided by client• Firm did not audit, review, or otherwise verify

documents or information• Firm expresses no opinion and gives no form of

assurance

Lenders’ Requests for Assurance(Example Response—Part Two)

• Response doesn’t establish relationship with lender • Lender should not rely on response• Lender should perform due diligence• Lender solely responsible for use of response• Firm has no continuing obligation to

correct/supplement response• Lender acknowledges terms

Client Risk Client Risk AssessmentAssessment

Client-Risk Assessment• First Line of defense

– Whether to accept prospect or continue with client

• New-client acceptance forms– Prepare for all prospective clients– Prepare before decision is made

• Predecessor accountants– Contact before decision is made

• Background checks– Outside investigator– On-line investigation

Client-Risk Assessment(Continued)

• Risk assessment committee– Centralized approval

• New prospects• Further services for existing clients

– Monitoring of high-risk engagements– Disengagement:

• Decisions• Letters

• Must be willing to reject prospects and terminate existing clients

Engagement LettersEngagement Letters

Engagement Letters

• Second line of defense

• Comprehensive contract– Not just a fee agreement

• Purposes:– Define scope of engagement– Mutual responsibilities– Provide for contingencies– Prevent differing expectations

Case Study(Dangers of Differing Expectations)

Accountant Operating Account Escrow Account

Busy Lawyer Real Estate Clients Office Manager

Engagement Letter Policies

• Develop standardized templates for firm-wide use• Obtain for all services• Don’t commence services without signature

– Negative assurance OK for 1040s• Be willing to negotiate with client over provisions

– Will make letter more enforceable• Carefully identify client

– Consider need for multiple letters– Multiple entities– Entities and individuals

• When performing multiple services for client:– Include comprehensive language for each service– Consider using multiple letters

Engagement Letter Contingencies• Suspension/disengagement

– As consequences– Scope limitation, non-cooperation, non-payment, etc.

• Claims– Mediation– Venue/choice of law– Statute of limitations– Liquidated damages

• Document issues– Ownership of files– Firm’s procedure for granting access to its files– Retention policy

• Subpoenas– Compensation for time/out-of-pocket expenses

• Communications– Contact person for business client– Communicating with joint clients

Engagement Letters(Provisions Bearing on Independence)

• Indemnity

• Mediation

• Liquidated damages

• Statute of limitations

Disengagement Letters• Send immediately

• Keep it brief and unambiguous

• Address it carefully– Who is the client?– Need for multiple letters?

• Components:– When is disengagement effective?– What services are involved?– Why is disengagement necessary?– Caution client of impending deadlines– Documents to be returned to client– Cooperation with successor– Fees outstanding must still be paid

Files & ConfidentialityFiles & Confidentiality

File Retention—Content of Files• Client records

– Originals– Copies

• Work papers• Work product

– Attest reports– Tax returns– Consulting reports– Research materials

• Other– Correspondence– Email– Review notes

File Retention—Ownership

• File contents are firm’s property

• Except:– Original client records– Work product that client has paid for

• Must honor reasonable client request for:– Original client records– Work product– Work papers that are deemed client records

• May make/retain copies of client records

File Retention—Outline of Policy• Scan original client records—return to client• Purge review notes when cleared• Set policy for emails with clients/third parties• Save important emails when sent/received• Purge general emails after 90 or 120 days• Scan/retain originals of key signed documents

– Engagement letters– Management representation letters– Lawyers’ letters

• Destroy/purge files after 7 years• Exceptions:

– Permanent files– Files governed by special provision – Files related to:

• Claims/potential claims against firm• Board action against firm• Client involved in litigation/investigation

AICPA Rule of Confidentiality

• No disclosure without client consent

• Four exceptions:– Professional reporting requirements– Subpoena, summons, statute, regulation– Peer review– AICPA or state investigation or proceeding

(AICPA Code of Professional Conduct Rule 301)

Government Government InvestigationsInvestigations

IRC §7216(And Revised Regulations)

• Applies to tax return information• Disclosure and use• Prior written consent of taxpayer required• Unless expressly excepted• Form of consent:

– Very strict for 1040-series returns– More flexibility for other returns

• Criminal and civil consequences for violation

No Consent Needed(Select categories of disclosure/use)

• To make disclosure to:– IRS– Others within preparer’s firm – Other preparers, auxiliary service providers, contractors– Related taxpayers—absent conflict or objection– Comply with court order or certain subpoenas– Preparer’s lawyer– Treasury Department—in investigation of preparer– Officer of court– Taxpayer’s fiduciary– Peer reviewer

• To use for purposes of:– Assisting taxpayer with other tax/accounting needs– Offering tax information to taxpayer– Offering additional tax return preparation services– Reporting commission of crime

(See 26 CFR 301.7216-2)

Requirements for All Consents

• Names of preparer and taxpayer• Intended purpose of disclosure• Specific recipient (s) of tax return information• Particular use authorized• Soliciting client (other products/services)

– Identify each specific type of product/service• Specific information to be disclosed/used• Signed and dated by taxpayer

(See 26 CFR 301.7216-3)

1040-Series Returns(Rev. Proc 2008-35)

• Separate written document • Paper consent• Electronic consent• Mandatory statements in the consent• Affirmative consent• Signature• Incomplete consents• Multiple disclosures/uses within single consent • Disclosure of entire return • Adequate data protection safeguard

Consequences(Violation of IRC §7216/Regulations)

• Criminal:– Fine—Not more than $1,000– Imprisonment—Not more than 1 year– Or both

• Civil:– Separate statute—IRC §6713(a)– $250 per disclosure and/or use– Not to exceed $10,000 in any calendar year

Security of Data

• Reasonableness standard• Safeguards:

– Servers/desktops– Laptops– Web-based storage/transmissions

• Response to breach– Reporting to police– Reporting to professional liability insurer– Notifying client(s)– Notifying state?

• Red flag rules– Do they apply to accounting professionals?

Claims & IncidentsClaims & Incidents

Claim/Incident Reporting

• Reportable Claim—two components:– Allegation of error/omission– Demand for compensation/indemnity

• Reportable Incident:– No claim yet asserted– You are aware of either:

• Error and likely harm to client/third party• Client/third party’s belief that you made harmful error

Thank youThank youJohn F. Raspante,CPA732-216-7552 JohnR@naplia.com

Stephen Vono508-656-1330; stevev@naplia.com

naplia risk management presentation 2014

Business

risk management is good management presentation by mansoor...

risk management presentation meeting topics

risk management presentation

rta ptp risk management presentation

aliado risk management presentation v3a

risk management presentation march 11 2013

risk management presentation june 10 2013

risk management presentation powerpoint 2008

operational risk – an enterprise risk management...

gs risk management presentation

security risk management presentation

risk management presentation may 27 2013

risk management presentation july 2 2012

risk management presentation public

human resources risk management presentation

presentation risk management and plant commissioning

assignment risk management (emrm5103) - presentation

presentation 1 project risk management

risk management power point presentation 2865

3.1 presentation freeland risk management-1