The AICPA Code of Professional Conduct acknowledges that CPAs in both public practice and business may be faced with conflicts of interest when performing professional services. However, specific guidance provided in the code has been limited. Historically, the code merely indicated that if the CPA believed that the professional service could be performed with objectivity, the relationship was disclosed to relevant parties, and consent was obtained, the services could be performed.
Recently, however, the AICPA Professional Ethics Executive Committee (PEEC) approved two interpretations on conflicts of interest, Interpretation 102-2, “Conflicts of Interest for Members in Public Practice,” and Interpretation 102-7, “Conflicts of Interest for Members in Business,” which provide expanded guidance on conflicts of interest. These interpretations are codified in the December 15, 2014, version, available at http://pub.aicpa.org/codeofconduct/Ethics.aspx. Consistent with the revised format of the code, guidance is now provided separately for CPAs in public practice and CPAs in business. A framework to deal with conflicts of interest is provided: 1) Identify the conflict of interest; 2) evaluate the conflict; and 3) consider matters relative to disclosure and consent. This article provides an overview of this new guidance.
Background, Definitions, and Examples
The AICPA Integrity and Objectivity Rule serves as the foundation for the new interpretations. It can be found in Code of Professional Conduct sections 1.100.001.01 for CPAs in public practice and 2.100.001.01 for CPAs in business. These sections both state that “in the performance of any professional service, a member shall maintain objectivity and integrity, shall be free of conflicts of interest, and shall not knowingly misrep-resent facts or subordinate his or her judgment to others.” “Professional services” are defined in code section 0.400.40 as “all services requiring accountancy or related skills for a client, an employer or on a volunteer basis.” CPAs are considered in violation of the integrity and objectivity rule if they cannot demonstrate that safeguards have been applied that eliminate or reduce significant threats to an acceptable level (see sections 1.100.005.02 and 2.100.005.02).
While the revised Code of Professional Conduct does not provide a definition for conflicts of interest, it describes them as situations that create adverse interest or self-interest threats to the CPA’s compliance with the Integrity and Objectivity Rule. In this context, threats are circumstances or relationships that could jeopardize one’s integrity and objectivity. For a CPA in public practice, threats may exist with respect to the interest of one client versus another, or to the CPA’s or firm’s interest versus a client’s. For CPAs in business, threats may exist with respect to the interest of the CPA, the employer, owners of the employing entity, management of the employing entity, or a number of other relevant parties. In discussing integrity and objectivity, the preface to the code references the CPA’s obligation to do what is right and just and the obligation to be impartial and intellectually honest. CPAs are urged to use their professional judgment and take into account whether a reasonable and informed third party who is aware of the relevant information would conclude that a conflict of interest exists. Exhibit 1 lists examples of conflicts of interest for CPAs in public practice, while Exhibit 2 lists examples of conflicts of interest for CPAs in business.
Examples of Conflicts of Interest for CPAs in Public Practice
Examples of Conflicts of Interest for CPAs in Business
The AICPA Integrity and Objectivity Rule serves as the foundation for the new interpretations.
Identification of Conflicts of Interest
The Code of Professional Conduct places an affirmative duty on CPAs to take reasonable steps to identify circumstances that might create a conflict of interest before accepting a new client relationship, engagement, or business relationship. Specifically, CPAs should consider the following:
- The nature of the relevant interests and relationships between the parties involved, and
- The nature of the service and its implication for relevant parties (section 1.110.010.05).
Moreover, CPAs in public practice should remain alert after forming new relationships, because circumstances might change and a conflict could possibly develop during the course of the engagement. This could easily happen when what used to be a harmonious relationship between two of a CPA’s clients becomes adversarial.
In order to comply with the new guidance, CPAs in public practice should have an ongoing and effective conflict identification process in place to assist in identifying actual or potential conflicts of interest, both prior to accepting and throughout an engagement. Components of such a process should cover client acceptance, assignment of professionals, client continuation, completion of questionnaires by professionals at regular intervals, and required CPE on conflicts of interest at regular intervals. While an actual conflict identification process is not presented in the interpretations, CPAs are urged to consider several factors in developing one, including the following:
- The nature of the professional services provided,
- The size of the firm,
- The size and nature of the client base, and
- The structure of the firm, such as the number and location of offices (section 1.110.010.07).
CPAs are urged to use their professional judgment and take into account whether a reasonable and informed third party would conclude that a conflict of interest exists.
A CPA associated with a network CPA firm is not required to take specific steps to identify a conflict of interest as it relates to other network firms. But if the conflict is known or the CPA has reason to believe that it may exist or might arise due to interests and relationships between or among the network firms, the CPA should address the conflict (section 1.110.010.08).
The code does not place an affirmative duty on CPAs in business to formally establish a process to search for circumstances that might create a conflict of interest or search for a formal conflict identification process. For CPAs in business, an employer will often handle such matters. Nonetheless, when undertaking a professional service, CPAs in business should be aware that they may encounter a conflict of interest regarding their employer, a vendor, a customer, a lender, a shareholder, or another party. These CPAs should also remain alert to circumstances that may change over time. Once a CPA in business identifies a conflict of interest, that CPA has the same obligation as a CPA in public practice to evaluate the conflict of interest (i.e., to determine the nature of the relevant interests and relationships between the parties involved, the nature of the services, and its implication for relevant parties) as described below (section 2.110.10).
The interpretations urge CPAs to consider both qualitative and quantitative factors.
Evaluation of Conflicts of Interest
Upon identification of an actual conflict of interest, CPAs in public practice and business should evaluate the significance of the threats to integrity or objectivity created by performing the professional services in question. The primary issue is whether threats are at an acceptable level—that is, whether a reasonable and informed third party who is aware of the relevant information would conclude that the CPA’s compliance with the Integrity and Objectivity Rule is not compromised. In making this determination, the interpretations urge CPAs to consider both qualitative and quantitative factors. More specifically, CPAs should consider the significance of 1) relevant interests or relationships and 2) threats created by performing the professional services. Generally, the more direct the connection between the professional service and the matter on which the parties’ interests are in conflict, the more significant the threat (sections 1.100.010.09 and 2.110.010.08). CPAs should also factor in the extent to which safeguards have already been used to reduce threats to an acceptable level.
CPAs in public practice and business must disclose conflicts of interest identified and obtain consent to perform the related professional services.
Safeguards are defined by the code as “actions or other measures that may eliminate a threat or reduce a threat to an acceptable level” (section 0.400.43). For example, in a case where the conflict of interest relates to confidential information, one such safeguard could be using personnel who are not privy to that confidential information to handle the matter, if the firm is large enough to do so.
If a CPA concludes that threats are not at an acceptable level, the CPA should consider adding safeguards not already used, if they are available. Exhibit 3 and Exhibit 4 contain examples of safeguards commonly used to eliminate conflict of interest threats or reduce them to an acceptable level. If a CPA concludes that threats are not at an acceptable level and additional safeguards are not available or cannot be implemented, the CPA should 1) decline to perform or discontinue the professional service or 2) terminate the relationships or dispose of the interests to eliminate the threat or reduce it to an acceptable level (section 1.110.010.11).
Examples of Safeguards for CPAs in Public Practice
Examples of Safeguards for CPAs in Business
Disclosure and Consent
CPAs in public practice and business must disclose conflicts of interest identified and obtain consent to perform the related professional services. The new guidance in the Code of Professional Conduct is clear that disclosure is required even if the CPA concludes that threats are at an acceptable level.
For CPAs in public practice, disclosure should be made to the client and other relevant parties. CPAs in public practice must exercise professional judgment in determining which form of disclosure and consent is most appropriate, whether general or specific. For example, general disclosure would likely be appropriate when the firm is considering accepting a new client that is a competitor of an existing client or clients. The firm might disclose in the engagement letter terms and conditions that it does not provide services exclusively for any one client in a particular market sector while refraining from mentioning the name of the competitor. The client’s acceptance of this term would effectively constitute consent. In a more sensitive situation, specific disclosure and specific consent would likely be more appropriate. The CPA would communicate to each party an explanation of the conflict and any planned safeguards in sufficient detail to allow the parties to make an informed decision on whether to provide consent. If specific consent is refused, the CPA may apply additional safeguards (if available), terminate the relevant relationship, dispose of the relevant interest, or some combination thereof so that consent can be obtained. If consent cannot be secured under any circumstances, the professional services should not be performed.
For CPAs in business, relevant parties to which disclosure should be made would include the appropriate levels within the employing organization. These CPAs are encouraged to seek guidance from within the employing organization, as well as from others, such as a professional body, legal counsel, or another CPA.
CPAs are encouraged to document the disclosure and consent process, including the nature of the conflict of interest, the safeguards applied, and the consent obtained. In addition, CPAs should be aware that the code restricts disclosure of certain confidential information to third parties unless consent has been obtained (see sections 1.400.070, 1.700.001, and 2.400.070). Federal, state, or local statutes or regulations concerning confidentiality of client information may be more restrictive than those included in the new guidance and take precedence over the Code of Professional Conduct. Finally, CPAs should note that conflicts of interest fall under the code’s Integrity and Objectivity Rule, not the Independence Rule. Unlike a conflict of interest, an independence impairment cannot be eliminated by disclosure and consent.