The AICPA Professional Ethics Executive Committee (PEEC) proposed a new ethics interpretation requiring members to take certain actions when they encounter their client or employer's noncompliance with laws or regulations. The proposed rules are tailored to members in public practice and members in business (parts 1 and 2 of the AICPA Code, respectively) and mirror the scope of an international ethics standard adopted by the International Ethics Standards Board for Accountants (IESBA) in 2016. However, the proposal also departs from the IESBA standard in significant ways to account for AICPA, state accountancy and other rules and regulations that prohibit disclosure of confidential information in many cases without client or employer permission. A brief summary of the proposed standards follows:
"NOCLAR" (noncompliance with laws or regulations) is an act of omission or commission, whether intentional or not, that is contrary to a prevailing law or regulation and that: (i) directly impacts the determination of material amounts and disclosures in the client or company’s financial statements, or (ii) compliance with the law or regulation is fundamental to the client or company’s operations, its ability to continue its business, or to avoid material penalties. Examples include, among other things, laws or regs dealing with fraud, corruption, money laundering, terrorist financing, securities markets and trading. The proposed standard would apply when a member is delivering a professional service to a client or carrying out professional activities for a company and becomes aware of or suspects NOCLAR has occurred or is going to occur. Once a member learns of a matter within the scope of the standard, he or she will or may be required to consider and/or take certain actions, including: (i) discussions with the client or employer's management, including when possible and appropriate, those charged with governance; (ii) disclosure to the auditor, or other auditors within the member's firm or network, when relevant; (iii) consideration of the client or employer's actions in response to the NOCLAR, once disclosed; and (iv) based on the client or employer's response (or lack of response), withdrawal from the client or employer organization, when appropriate.
Other elements include of the proposal include:
- A member's responsibilities under the audit standards may go above and beyond and/or overlap with the member's responsibilities under the NOCLAR standard.
- Members should obtain appropriate counsel, both legal and technical, as needed, when applying the standard.
- Members in public practice would be required, and members in business encouraged, to document the matter. .
- Members are not expected to recognize NOCLAR if it is outside their expertise.
The major difference between the IESBA standard and the AICPA proposed standards is that due to US confidentiality restrictions, the AICPA standards would not require the member to consider disclosing NOCLAR to a regulatory or similar body, or an outside auditor, unless law or regulation required the disclosure.
The proposed standards are comprehensive and the above summary merely scratches the surface in terms of requirements and considerations, so members are urged to read the proposal in its entirety. Comments on the proposal are due May 12, 2017.