Note: Jennifer Louis, CPA, founder of Emergent Solutions Group, LLC, has returned as a thought leader for the Business Learning Institute and has written the following article. A webcast related to this article will soon be available through the BLI catalog. See Jennifer’s extensive course listing here.
Did you know that the majority of the AICPA Peer Review Program’s identified deficiencies and the highest frequency of malpractice insurance claims reported by professional liability insurance companies relate to public accounting services other than audits? Engagements that do not provide any form of assurance at all can carry the most practice risk. CPA firms must proactively take quality-control steps to mitigate practice risk when performing non-audit services, including bookkeeping, preparing financial statements, compilations, and more.
This should include responding to client and third-party requests that may not result in any formal work product.
For example, your client’s bank calls you to ask you to verify the client’s self-employment income or authenticate that the client is turning a profit. What is the harm in responding, right?
Unfortunately, even a verbal response or an attempt to provide a written “non-answer” for any request by a third party for verification or comfort can put a CPA’s practice at risk, whether it is for breaching client confidentiality, inappropriately providing assurance on a matter of solvency, or other reason.
To be able to defend properly against possible professional liability claims, a CPA may not be able to respond to a third party’s specific request as originally presented. Instead, the CPA may need to suggest that the client or third party engage the CPA in an alternative attest or non-attest service that would meet the needs of the requesting parties, but also help the CPA manage practice risk.
For example, a CPA can’t verify that a client is not insolvent at the time debt is incurred (or whether it would become insolvent by taking on debt). However, a CPA may prepare, compile, or review a fair value balance sheet as a special purpose framework in accordance with SSARS 21.
Every CPA should evaluate the malpractice and quality risks associated with any service provided – especially when providing non-audit services that may carry the highest risk.