Identification or suspicion of a client’s or employer’s noncompliance with laws or regulations (NOCLAR) is one of the most challenging ethical issues a CPA can face, and complementary proposals issued by two AICPA committees are designed to provide clarity for these circumstances.
The AICPA Professional Ethics Executive Committee (PEEC) and the AICPA Auditing Standards Board (ASB) separately proposed standards that were created in part to bring the AICPA standards in line with those of the International Ethics Standards Board for Accountants. The PEEC proposal was drafted after consideration of responses to a 2017 exposure draft.
Comments on the proposals are due June 30.
PEEC’s ED, Responding to Noncompliance With Laws and Regulations, includes guidance for professional accountants in business as well as public accountants serving clients. The ASB’s ED would amend AU-C Section 210, Terms of Engagement, and focuses on a particular matter related to interactions between a predecessor auditor and a successor auditor.
What is NOCLAR?
PEEC’s proposed interpretation defines NOCLAR as acts of omission or commission, intentional or unintentional, committed by a client or an employer or those charged with governance, by management or other individuals working for or under the direction of the client or the employer, which are contrary to prevailing laws and regulations.
Materiality is an important trigger in the proposal, which applies to laws and regulations that relate to the determination of material amounts in disclosures and financial statements. The proposal also applies to laws that don’t have a direct effect on the material amounts and disclosures but may be fundamental to the operating aspects of the client’s business or the employer of a professional accountant in business, including its ability to continue in business or avoid material penalties.
“It’s a very carefully crafted definition intended to give guidance and to be detailed enough to provide guidance about when it applies and when it doesn’t apply,” said Bob Denham a public member of PEEC.
PEEC also was careful to define the client as the entity that engages the member, as the proposed guidance applies only to noncompliance by the client. If the client is an attorney, an underwriter, or a potential acquirer retaining the accountant to perform due diligence, the client will expect the member to owe responsibility exclusively to them.
“If accountants can’t assure that client of loyalty to them, that would put accountants at a disadvantage in providing these kinds of services, such as forensic, some kinds of tax advising, or due diligence services,” Denham said.
Certain exemptions provided
Certain specified services would be exempted from the requirements under PEEC’s proposal. PEEC’s ED would exempt:
- Litigation or investigation engagements as defined in and subject to AICPA Statement on Standards for Forensic Services No. 1.
- Tax engagements where confidentiality and client privilege are protected under IRC Sec. 7525.
This is a concern that was addressed in response to comments on the 2017 ED.
“We concluded that there were good reasons to rely on the existing standards and the Internal Revenue Code guidance in the tax situation for the members’ responsibilities in those areas, and PEEC did not need to supplement them,” Denham said.
Professional accountants in business
PEEC’s proposal makes it clear that a professional accountant in business is allowed to report a NOCLAR to an appropriate authority unless prohibited by laws and regulations.
“There’s no longer any implication or any actuality of ethical rules of the AICPA interfering with that reporting,” Denham said.
Under the proposal, a professional accountant in business is required to disclose a NOCLAR to external auditors if the member in business determines that disclosure is necessary to provide information that’s needed for performance of the audit.
The proposal also treats members in business in senior positions the same way as members in business that are not in senior positions with respect to disclosure of a NOCLAR to an appropriate party and external auditors.
Financial statement attest services
Public accountants serving clients would have different responsibilities under the proposal, depending upon whether they are performing financial statement attest services.
The differences take into account the level of access a member would have based on the services they are providing.
“Often a member who’s providing services other than financial statement attest services may not have access to the senior management,” Denham said, “whereas the accountant providing financial statement attest services would be expected to have access to at least some component of senior management.”
For financial statement attest services, a member discovering a NOCLAR would be required to obtain an understanding of the matter, including the nature of the act and the circumstances surrounding it. The member would then be required to discuss the matter with an appropriate level of management and, if appropriate, those charged with governance.
The member would be required to advise the client to take appropriate actions to rectify or remediate, and disclose the matter to an authority where required by law or regulation. And if the member determines management’s response was not appropriate, the member is required to consider whether withdrawing from the engagement is necessary unless prohibited by law or regulation.
Documenting actions related to NOCLAR would be necessary as well.
Other client services
In engagements other than financial statement attest services, a member would be required only to seek to obtain an understanding of the NOCLAR matter, rather than to obtain an understanding.
Addressing the matter would be limited to communicating it to the appropriate level of management and, when appropriate, those charged with governance if the member has access to them. A member would be required to advise management to take action to address a NOCLAR and would be required to consider whether it’s necessary to withdraw from an engagement if the member believes management has not taken appropriate action.
But for these services, a member would be encouraged rather than required to document these actions.
Denham said the proposed requirements are based on what’s reasonable to expect of a member performing different kinds of services.
“A NOCLAR may often be material to the work the member is being asked to do in providing a financial statement attest service,” he said, “whereas it may be more tangential to what the member not providing financial statement attest services does. For financial statement attest services, the NOCLAR may well go to the heart of the attest function.”
For engagements other than financial statement attest services, communication of the NOCLAR to the financial statement auditor would be required if the member is employed by the same firm or network of firms as the financial statement auditor. Otherwise, this communication would not be required.
Predecessor and successor auditors
The ASB’s objective in its consideration of NOCLAR was to increase the transparency and sharing of information between predecessor and successor auditors as part of the successor auditor’s client acceptance process.
The goal is to facilitate a knowledge transfer between the predecessor and the successor auditor so that the client cannot avoid the audit consequences of NOCLAR simply by changing auditors. Under the ASB proposal, after management authorizes the predecessor to respond to inquiries, the successor would be required to ask the predecessor about matters involving NOCLAR as well as fraud the predecessor identified or suspected. Absent unusual circumstances, the predecessor would be required to respond to the successor’s inquiries.
If management refuses to permit the predecessor and successor auditors to speak, the ASB views that as a serious red flag that the successor would consider in determining whether to accept the engagement.
“Those conversations between predecessor and successor are so foundational to that transition and that transfer of information,” said Harry Cohen, CPA, a member of the ASB and chair of the ASB’s NOCLAR Task Force. “NOCLAR is only one piece of that, but it’s so critical that in the case of a prospective client’s unwillingness to allow for that, a potential successor auditor would really need to consider for themselves what that means related to their willingness to accept that engagement.”
Cohen said the ASB is mindful of how people are reading its ED and wants to make sure there are no unintended consequences related to the underlying objective of the transparency and sharing that would be required of the predecessor and successor auditors.
Denham said PEEC is particularly interested in comments on what it decided to carve out since the first
ED and whether more (or fewer) carveouts need to be made.
“We’re also interested in the reaction to the guidance that we’re giving about when and how a member is expected to communicate to clients about a NOCLAR,” Denham said.
Identification or suspicion of noncompliance with laws and regulations can create a delicate balancing act for CPAs as they work to uphold their responsibilities to their clients or employers, the public, and their own professional success.
The NOCLAR proposals are intended to help CPAs find the right balance and find professional success as a result.
— Ken Tysiac (Kenneth.Tysiac@aicpa-cima.com) is the JofA’s editorial director.