In February the AICPA
Professional Ethics Executive
Committee (PEEC) reproposed
their March 2017 Interpretation,
Responding to Noncompliance with Laws and Regulations (NOCLAR), in a
complementary effort with the Auditing
Standards Board and their exposure draft
titled Inquiries of the Predecessor Auditor Regarding Fraud and Noncompliance with Laws and Regulations (amendment of AU-C section 210). This reproposal is part of PEEC’s
international convergence efforts to more closely
align with the standards of the International Ethics
Standards Board for Accountants (IESBA).
Under the current AICPA Code of Professional Conduct, there is
no specific guidance for members who encounter noncompliance
with laws or regulations or suspected NOCLAR during the
provision of services to a client, or as an employee of a business.
PEEC believes the public interest is served with the inclusion of
the robust guidance in the reproposed interpretations, which
sets forth a member’s responsibilities when encountering a
NOCLAR at a client or within the employing organization. The
general objective of members who encounter a NOCLAR is to
alert the appropriate parties to enable a client’s or employing
organization’s management and those charged with governance
to rectify the NOCLAR, mitigate the effects of the NOCLAR, or
deter the commission of the NOCLAR.
The interpretations state that a NOCLAR comprises acts of
omission or commission — intentional or unintentional — contrary
to the prevailing laws or regulations that are committed by a
client, an employer, or those charged with governance, by
management, or by other individuals working for or under the
direction of a client or employer.
Though the proposed interpretations require a member to obtain
an understanding of the matter when a NOCLAR is discovered,
the member is only expected to have a level of knowledge
and understanding of laws and regulations necessary for the
professional service for which the member was engaged or
was employed to perform.
Under this reproposal, there are a number of issues that CPAs
need to be aware of:
- There are separate requirements for members providing
financial statement attest services and members providing
services other than financial statement attest services. The
requirements are less restrictive for members providing
services other than financial statement attest services.
- The member’s responsibility throughout the proposed
interpretation would be exclusively to the “engaging entity,”
if not the same as the “subject entity.” If the engaging entity
and the subject entity are different, the term “client” in the
standard would refer to the engaging entity.
- The proposed interpretation would not apply to a litigation
or investigation engagement performed in accordance with
the AICPA Statement on Standards for Forensic Services
No. 1 or to tax services subject to the protection of Internal
Revenue Code Sec. 7525.
- Members in business would be permitted to report a
NOCLAR to an appropriate authority unless prohibited by
laws or regulations.
PEEC believes it would be in the public interest for members
in business to have the ability to communicate a NOCLAR to
an appropriate authority and, unlike the “Confidential Client
Information Rule” applicable to members in public practice,
the “Confidential Information Obtained From Employment or
Volunteer Activities” interpretation (ET sec. 2.400.070) of the
“Acts Discreditable Rule” (ET sec. 2.400.001) permits a member
in business to disclose confidential employer information if “there
is a professional responsibility or right to disclose information,
when not prohibited by law, to … comply with professional
standards and other ethics requirements.” PEEC revised the
original proposed interpretation to allow both senior professional
accountants in business and other professional accountants in
business to report a NOCLAR to a regulatory body.
As Chair of the AICPA Uniform Accountancy Act Committee,
I was invited to observe the deliberations on this proposed
interpretation over the last two plus years. This reproposal
is the result of that process. But I would be remiss if I did not
caution CPAs in Washington State about this Interpretation.
Under current Washington State Board of Accountancy
Rule, WAC 4-30-050, disclosure of client confidential
information without the consent of the client is prohibited.
If this reproposed Interpretation is adopted by PEEC, CPAs
in Washington State should take care in deliberating the
reporting of a NOCLAR, as it could put the CPA in violation of
State Board Rule. This would be another area where the AICPA
Code of Professional Conduct, which is a set of standards
that Washington licensees are required to comply with as
noted in WAC 4-30-048, is contradictory to Board Rule.
During the course of providing services to clients or as
an employee of an organization, should you encounter
a NOCLAR, you should seek guidance regarding your
responsibilities under professional standards, State Board
rule, and potentially seek legal advice as well. Until there
are changes in State Board rule around client confidentiality,
this interpretation potentially creates a trap for the unwary.
Thomas Neill, CPA, is principal at Finney, Neill &
Company, P.S. in Seattle. You can contact him at
tom@finneyneill.com.
This article appears in the spring 2021 issue of the Washington CPA magazine. Read more here.