Download - NAPLIA Risk Management Presentation 2014
![Page 1: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/1.jpg)
www.naplia.comCopyright 2012
Risk ManagementRisk Management
John Raspante, CPA
NAPLIA
![Page 2: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/2.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Important Disclaimers• The content of this presentation and these slides is intended solely for
general educational purposes, to give accounting/tax professionals a broad outline of the laws, legal concepts, and professional standards discussed herein.
• It is not intended for the purpose of providing specific legal, accounting, or other professional advice to any particular recipient for use in the recipient’s practice or in advising the recipient’s clients, or with respect to any particular jurisdiction.
• The author /presenter of said content (1) makes no representations, warranties, or guarantees as to its technical accuracy or compliance with any law (federal, state, or local) or professional standard; and, (2) assumes no responsibility to any recipient of the content to correct or update it for any reason, including changes in any law or professional standard.
• Recipients should not rely on the content of this presentation and these slides. Rather, before taking any action in connection with the laws, legal concepts, and professional standards discussed herein, recipients should consult the actual text of those provisions, and obtain specific legal and/or accounting advice.
• No warranties as to merchantability or fitness for a particular purpose are expressed or implied. Application and use of the laws, legal concepts, and professional standards discussed herein, and these slides, is solely the responsibility of the reader.
![Page 3: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/3.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Objectives of Risk Management
• Gain Control:– Over risks in practice environment– Not to eliminate those risks
• Claims:– Prevent them– Make them more defensible
![Page 4: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/4.jpg)
www.naplia.comCopyright 2012
The Risk EnvironmentThe Risk Environment
![Page 5: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/5.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Percentage of Total Claims(By Service)
![Page 6: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/6.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Percentage of Total Dollar Losses(By Service)
![Page 7: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/7.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Percentage of Tax Claims(By Type of Client)
![Page 8: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/8.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Percentage of Audit Claims(By Source of Claim)
![Page 9: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/9.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Fraud detectionDetection of Occupational Fraud
0% 5% 10% 15% 20% 25% 30% 35%
Police
External Audit
Internal Controls
Internal Audit
Accident
TipD
etec
tion
Met
hod
Percent of cases
34.2%
25.4%
20.2%
19.2%
12.0%
3.8%
*The sum of percentages in this chart exceeds 100% because in some casesrespondents identified more than one detection method.
![Page 10: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/10.jpg)
www.naplia.comCopyright 2012
Defending Claims:Defending Claims:The BasicsThe Basics
![Page 11: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/11.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Statutes of Limitation( Varies By State )
• Malpractice limitation period
• Discovery rule
• Action
• Reliance
• Injury
![Page 12: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/12.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Principal Exposures
• Exposure to clients:– Civil suits for damages– Complaints to State Board
• Exposure to third parties:– Civil suits for reliance damages– Government investigations
![Page 13: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/13.jpg)
www.naplia.comCopyright 2012
Exposure to ClientsExposure to Clients
![Page 14: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/14.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Theories of Liability
• Negligence– Errors– Omissions
• Violation of professional ethics– Conflict of interest– Breach of confidentiality– Withholding client documents
• Breach of contract– Fee dispute– Failure to render agreed services
• Violation of consumer protection statute– Breach of fiduciary duty– Fraud– Other egregious behavior
![Page 15: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/15.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Negligence(Elements of Claims)
• Client must prove:– Liability—Existence of negligence
• Duty—Standard of care• Breach of duty
– Damages• Actual harm suffered by client
– Causation• Sufficient connection between negligence and
harm • Failure to prove any one element will defeat claim
![Page 16: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/16.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Standard of Care—Duty
• Reasonableness standard
• What would the reasonably prudent accountant have done under similar circumstances?
• Objective standard—Expert testimony needed
• Compliance with professional standards does not insulate the firm from liability
![Page 17: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/17.jpg)
www.naplia.comCopyright 2012 Copyright 2012
A&A Services—Negligence(Most Common Complaint)
• Failure to detect:– Actual embezzlement– Risk of embezzlement:
• Control environment:– Significant deficiencies– Material weaknesses
• Range of engagements:– From audit to write-up services– Management advisory services
• Resulting in loss to client
![Page 18: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/18.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Who Commits Fraud
0
10
20
30
40
50
60Percent
Employees Management Owners
Position in the Organization
![Page 19: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/19.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Who Commits Fraud
0
100
200
300
400
500
600
700
800
900
Employees Management Owners
Median Loss by Position
![Page 20: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/20.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Types of Occupational Fraud
Category Description Examples % of cases
Median Loss
Asset Misappropriation
Theft or misuse of organizations assets
-Fraudulent invoicing-Payroll fraud-Skimming revenues
91.5% $150,000
Corruption Influence in business transaction or obtain unauthorized benefit
-Accepting or paying bribe
-Undisclosed conflict of interest
30.8% $538,000
Fraudulent Statements
Falsification of financial statements
-fictitious sales
-recording expenses in wrong period
10.6% $2,000,000
*The sum of percentages in this chart exceeds 100% because several cases involved schemes that fell into more than one category.
ACFE 2006 Report to the Nation on Occupational Fraud & Abuse www.acfe.org
![Page 21: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/21.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Employee Fraud(Motive)
• High personal debts• Unusual financial losses• Inadequate income• Lives beyond means• Extensive investment speculation• Excessive gambling• Substance abuse• Extra-marital involvement• Job frustration/resentment of superiors
![Page 22: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/22.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Employee Fraud(Opportunity)
• Experienced employee– Knowledge of business/systems– Trusted by management
• Lack of segregation of duties– Multiple inconsistent tasks– Broad computer system access
• Uninterrupted service– Annual vacations not required
• Weak management oversight– Understaffed at management level– Lack of management continuity/Excessive turnover– Overburdened/Crisis-mode environment
![Page 23: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/23.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Managing Risk—During Engagement(“Failure-to-Detect” Claims)
• At the client-selection stage– Clients with healthy organizations– Document—Engagement letter
• At the planning stage– Be observant, inquisitive– Focus on internal controls– Document—Forms, checklists, memos
• During performance stage– Be thorough, objective, skeptical– Confront clients when needed– Document—Work papers, correspondence
• At conclusion– Document—Management letters
![Page 24: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/24.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Defending the Claim(Failure-to-Detect Embezzlement)
• Limited scope of engagement
• Reasonableness:– Compliance with professional standards
![Page 25: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/25.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Case Study--Embezzlement
ABCMoving
ABCMoving
ABCMoving
ABCMoving
ABCMoving
Bookkeeper
Opportunity $3 Million
![Page 26: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/26.jpg)
www.naplia.comCopyright 2012
Exposure to Third Exposure to Third PartiesParties
![Page 27: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/27.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Theories of Liability
• Negligent misrepresentation– Errors– Omissions
• Violation of professional ethics– Conflict of interest
• Violation of statutes/regulations– Fraud
![Page 28: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/28.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Negligent Misrepresentation (Elements of Claims)
• Third party must prove that you:– Made false statement of fact– Had no reasonable basis to believe it to be true– Intended to induce third party to rely on it
• Third party must prove that it:– Believed statement and reasonable relied on it– Suffered harm flowing from that reliance
• Failure to prove any one element will defeat the claim• Third party must also have standing to bring claim
![Page 29: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/29.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Standard of Care
• Reasonableness:– After exercising reasonable prudence– Would another accountant– Under similar circumstances– Believe statement to be true?
• Objective standard– Expert testimony usually required
![Page 30: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/30.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Negligent Misrepresentation(Most Common Complaint)
• Failure to detect:– Errors– Fraud– Illegal acts– Internal control issues:
• Significant deficiencies• Material weaknesses
• Resulting in material misstatements
![Page 31: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/31.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Managing Risk—During Engagement(Failure-to-Detect Claims)
• At the client-selection stage– Clients with integrity– Firm has sufficient expertise– Document—Engagement letter
• At the planning stage– Be thorough, objective, skeptical– Document—Forms, checklists, memos
• During performance stage– Be thorough, objective, skeptical– Confront clients when needed– Document—Work papers, correspondence
• At conclusion– Additional layer of review– Document—Management letters
![Page 32: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/32.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Case Study(Confrontation and Communication)
Accountant
Partner #1 was taking money out of the partnership without the knowledge of the other partners.
Partnership Tax Return
3 Partners
![Page 33: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/33.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Who Commits Fraud?
0
10
20
30
40
50
60Percent
Employees Management Owners
Position in the Organization
![Page 34: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/34.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Who Commits Fraud?
0
100
200
300
400
500
600
700
800
900
Employees Management Owners
Median Loss by Position
![Page 35: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/35.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Management Fraud(Motives)
• Unfavorable economic conditions• Heavy investments or losses• Insufficient working capital• High debt/credit problems• Unusually heavy competition• Profit “squeeze”• Need to cover up a bad situation
![Page 36: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/36.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Management Fraud(Opportunity)
• Related party transactions• Ineffective or no internal audit staff• Frequent changes in auditors• Use of several auditors simultaneously• Reluctance to provide requested data• Last minute provision of data• Numerous adjusting entries
![Page 37: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/37.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Defending the Claim(Negligent Misrepresentation)
• Limited scope of engagement• Compliance with professional standards• Proportionate responsibility
– Demonstrating plaintiff’s fault• Unreasonable reliance• Lack of due diligence
• No causation– Plaintiff’s harm caused by other factors
• Plaintiff’s lack of standing
![Page 38: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/38.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Standing to Bring Claim(Three Doctrines)
• Privity– Most restrictive to third parties– Need agreement/close contact with accountant– Old majority—No longer
• Restatement– Middle ground– Plaintiff—member of class expected to rely– Majority rule—Trend is in this direction
• Foreseeability– Least restrictive to third parties– Plaintiff must only be foreseeable user of work product– Minority rule—Once very popular – Only MS and WI appear to still follow this doctrine
![Page 39: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/39.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Lenders’ Requests for Assurance (Example Response—Part One)
• Firm has client’s consent • Firm prepared client’s returns for specified tax years• Returns included ___________ • Firm’s services based on documents and information
provided by client• Firm did not audit, review, or otherwise verify
documents or information• Firm expresses no opinion and gives no form of
assurance
![Page 40: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/40.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Lenders’ Requests for Assurance(Example Response—Part Two)
• Response doesn’t establish relationship with lender • Lender should not rely on response• Lender should perform due diligence• Lender solely responsible for use of response• Firm has no continuing obligation to
correct/supplement response• Lender acknowledges terms
![Page 41: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/41.jpg)
www.naplia.comCopyright 2012
Client Risk Client Risk AssessmentAssessment
![Page 42: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/42.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Client-Risk Assessment• First Line of defense
– Whether to accept prospect or continue with client
• New-client acceptance forms– Prepare for all prospective clients– Prepare before decision is made
• Predecessor accountants– Contact before decision is made
• Background checks– Outside investigator– On-line investigation
![Page 43: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/43.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Client-Risk Assessment(Continued)
• Risk assessment committee– Centralized approval
• New prospects• Further services for existing clients
– Monitoring of high-risk engagements– Disengagement:
• Decisions• Letters
• Must be willing to reject prospects and terminate existing clients
![Page 44: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/44.jpg)
www.naplia.comCopyright 2012
Engagement LettersEngagement Letters
![Page 45: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/45.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Engagement Letters
• Second line of defense
• Comprehensive contract– Not just a fee agreement
• Purposes:– Define scope of engagement– Mutual responsibilities– Provide for contingencies– Prevent differing expectations
![Page 46: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/46.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Case Study(Dangers of Differing Expectations)
Accountant Operating Account Escrow Account
Busy Lawyer Real Estate Clients Office Manager
![Page 47: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/47.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Engagement Letter Policies
• Develop standardized templates for firm-wide use• Obtain for all services• Don’t commence services without signature
– Negative assurance OK for 1040s• Be willing to negotiate with client over provisions
– Will make letter more enforceable• Carefully identify client
– Consider need for multiple letters– Multiple entities– Entities and individuals
• When performing multiple services for client:– Include comprehensive language for each service– Consider using multiple letters
![Page 48: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/48.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Engagement Letter Contingencies• Suspension/disengagement
– As consequences– Scope limitation, non-cooperation, non-payment, etc.
• Claims– Mediation– Venue/choice of law– Statute of limitations– Liquidated damages
• Document issues– Ownership of files– Firm’s procedure for granting access to its files– Retention policy
• Subpoenas– Compensation for time/out-of-pocket expenses
• Communications– Contact person for business client– Communicating with joint clients
![Page 49: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/49.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Engagement Letters(Provisions Bearing on Independence)
• Indemnity
• Mediation
• Liquidated damages
• Statute of limitations
![Page 50: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/50.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Disengagement Letters• Send immediately
• Keep it brief and unambiguous
• Address it carefully– Who is the client?– Need for multiple letters?
• Components:– When is disengagement effective?– What services are involved?– Why is disengagement necessary?– Caution client of impending deadlines– Documents to be returned to client– Cooperation with successor– Fees outstanding must still be paid
![Page 51: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/51.jpg)
www.naplia.comCopyright 2012
Files & ConfidentialityFiles & Confidentiality
![Page 52: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/52.jpg)
www.naplia.comCopyright 2012 Copyright 2012
File Retention—Content of Files• Client records
– Originals– Copies
• Work papers• Work product
– Attest reports– Tax returns– Consulting reports– Research materials
• Other– Correspondence– Email– Review notes
![Page 53: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/53.jpg)
www.naplia.comCopyright 2012 Copyright 2012
File Retention—Ownership
• File contents are firm’s property
• Except:– Original client records– Work product that client has paid for
• Must honor reasonable client request for:– Original client records– Work product– Work papers that are deemed client records
• May make/retain copies of client records
![Page 54: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/54.jpg)
www.naplia.comCopyright 2012 Copyright 2012
File Retention—Outline of Policy• Scan original client records—return to client• Purge review notes when cleared• Set policy for emails with clients/third parties• Save important emails when sent/received• Purge general emails after 90 or 120 days• Scan/retain originals of key signed documents
– Engagement letters– Management representation letters– Lawyers’ letters
• Destroy/purge files after 7 years• Exceptions:
– Permanent files– Files governed by special provision – Files related to:
• Claims/potential claims against firm• Board action against firm• Client involved in litigation/investigation
![Page 55: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/55.jpg)
www.naplia.comCopyright 2012 Copyright 2012
AICPA Rule of Confidentiality
• No disclosure without client consent
• Four exceptions:– Professional reporting requirements– Subpoena, summons, statute, regulation– Peer review– AICPA or state investigation or proceeding
(AICPA Code of Professional Conduct Rule 301)
![Page 56: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/56.jpg)
www.naplia.comCopyright 2012
Government Government InvestigationsInvestigations
![Page 57: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/57.jpg)
www.naplia.comCopyright 2012 Copyright 2012
IRC §7216(And Revised Regulations)
• Applies to tax return information• Disclosure and use• Prior written consent of taxpayer required• Unless expressly excepted• Form of consent:
– Very strict for 1040-series returns– More flexibility for other returns
• Criminal and civil consequences for violation
![Page 58: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/58.jpg)
www.naplia.comCopyright 2012 Copyright 2012
No Consent Needed(Select categories of disclosure/use)
• To make disclosure to:– IRS– Others within preparer’s firm – Other preparers, auxiliary service providers, contractors– Related taxpayers—absent conflict or objection– Comply with court order or certain subpoenas– Preparer’s lawyer– Treasury Department—in investigation of preparer– Officer of court– Taxpayer’s fiduciary– Peer reviewer
• To use for purposes of:– Assisting taxpayer with other tax/accounting needs– Offering tax information to taxpayer– Offering additional tax return preparation services– Reporting commission of crime
(See 26 CFR 301.7216-2)
![Page 59: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/59.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Requirements for All Consents
• Names of preparer and taxpayer• Intended purpose of disclosure• Specific recipient (s) of tax return information• Particular use authorized• Soliciting client (other products/services)
– Identify each specific type of product/service• Specific information to be disclosed/used• Signed and dated by taxpayer
(See 26 CFR 301.7216-3)
![Page 60: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/60.jpg)
www.naplia.comCopyright 2012 Copyright 2012
1040-Series Returns(Rev. Proc 2008-35)
• Separate written document • Paper consent• Electronic consent• Mandatory statements in the consent• Affirmative consent• Signature• Incomplete consents• Multiple disclosures/uses within single consent • Disclosure of entire return • Adequate data protection safeguard
![Page 61: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/61.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Consequences(Violation of IRC §7216/Regulations)
• Criminal:– Fine—Not more than $1,000– Imprisonment—Not more than 1 year– Or both
• Civil:– Separate statute—IRC §6713(a)– $250 per disclosure and/or use– Not to exceed $10,000 in any calendar year
![Page 62: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/62.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Security of Data
• Reasonableness standard• Safeguards:
– Servers/desktops– Laptops– Web-based storage/transmissions
• Response to breach– Reporting to police– Reporting to professional liability insurer– Notifying client(s)– Notifying state?
• Red flag rules– Do they apply to accounting professionals?
![Page 63: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/63.jpg)
www.naplia.comCopyright 2012
Claims & IncidentsClaims & Incidents
![Page 64: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/64.jpg)
www.naplia.comCopyright 2012 Copyright 2012
Claim/Incident Reporting
• Reportable Claim—two components:– Allegation of error/omission– Demand for compensation/indemnity
• Reportable Incident:– No claim yet asserted– You are aware of either:
• Error and likely harm to client/third party• Client/third party’s belief that you made harmful error
![Page 65: NAPLIA Risk Management Presentation 2014](https://reader036.vdocuments.us/reader036/viewer/2022081602/54859f0eb4af9fb55d8b49d4/html5/thumbnails/65.jpg)
www.naplia.comCopyright 2012
Thank youThank youJohn F. Raspante,CPA732-216-7552 [email protected]
Stephen Vono508-656-1330; [email protected]