Many CPAs fondly remember toy wooden blocks of their early childhood, colorfully displaying the letters of the alphabet. As children, future CPAs may have spent more playtime counting and organizing the blocks, rather than spelling with them. Regardless, those toy alphabet blocks helped develop a foundation for future learning and growth. Similarly, there are fundamental risk management practices CPA firms can follow to establish a foundation for quality and growth.
The ABCs of Risk Management
A is for acceptance (and continuance)
A CPA firm’s first opportunity to develop a commitment to quality and good risk management, rests with the client and engagement acceptance process. Before ever receiving a request for services or proposing on an engagement, a CPA firm first has to determine its appetite for risk and the services it will provide. Based upon these factors, which may encompass specific areas of expertise, industry or service niches, the firm can develop an ideal client profile, against which all prospective clients and engagements may be evaluated.
Some clients may clearly be a good fit for the firm. Some clients may stray far from the ideal client profile and present too high of a risk to accept. Other clients may require a thoughtful acceptance decision to understand and identify risks. In such situations, the firm could implement procedures to manage identified risks. For example, a retainer could be collected for an accepted client that has a risk of non-payment of fees. The client acceptance process should, at a minimum, involve consideration of the following:
- client integrity;
- client financial stability;
- independence, where required;
- potential conflicts of interest; and
- alignment of client and firm’s expectations of the services to be provided.
Client and engagement acceptance procedures should be consistently applied across the firm. Acceptance decisions related to higher risk clients and prospective client, such as high net worth individuals, public companies, financial institutions, or companies with negative cash flow indicators, may need to be elevated for additional consultation or approval.
The client continuance process is simply an extension of the client acceptance process. The firm addresses many of the same questions with the added benefit of additional information about the client. All clients should be subjected to a continuance analysis, or re-accepted, at least be annually and more frequently if there has been a significant change at the client or firm. Clients or engagements with identified risks should receive additional focus to ensure continuation of quality services or be considered for termination.
B is for billing practices
Many CPAs dread the billing process, perceiving it as an administrative task that diverts time and resources away from the performance of client services, rather than getting paid for a job well done. However, when it comes to risk management, billing practices have more value than just collecting fees.
In the event of a professional liability claim, billing records can provide important support for the scope and timing of services performed. For example, billing a client for the services outlined in an engagement letter helps support the defined scope of the engagement. Further, billing practices can be a preventative risk management tool. Billing and collecting at regular intervals can help identify cost overruns which may be a sign of scope creep. Discussing a bill with the client could identify a client’s dissatisfaction with service while there is time for correction.
Consider implementing the following tips in your billing practices:
C is for communication
- use retainers to manage collection risks;
- monitor outstanding receivables and suspend work for non-payment;
- bill early and often; and
- attach a copy of the engagement letter to support the billing narrative.
Client communication is essential to the success of a CPA firm. Through oral, written and electronic communication, CPAs gather, analyze and report on information to the client. A breakdown in communication between the client and CPA could lead to differing service expectations or, potentially, to errors in a deliverable.
Clear, concise and professional communication can do a great deal to help reduce professional liability risk. The reverse concept is true of unprofessional or vague communications. In the event of a professional liability claim, such communications could call the CPA’s independence or objectivity into question or argue that the CPA did not meet service expectations.
Important tips for appropriate communication with clients include:
- maintenance of regular communications throughout the engagement;
- elevation of issues to the client without hesitation;
- documentation of oral discussions in a memo to the file or follow-up e-mail to the client; and
- limiting, or, better yet, avoiding, communications with third parties.
Policies governing appropriate communication with clients, including use of e-mail, text messaging and social media, can assist firm personnel in navigating this sensitive component of practice management. If properly addressed, communication can create strong, long-term client relationships and further enhance a firm’s reputation for quality.
D is for documentation
Documentation is a vital component of any engagement, whether it be an attest, tax or consulting engagement. It is so engrained in the profession that it is specifically addressed in multiple professional standards. Despite this prominent position in the profession, the level documentation often falls short.
Weak or inadequate documentation can be detrimental in the event of a professional liability claim. If it is not documented, it did not happen. Conversely, strong documentation may reduce the likelihood of a client dispute rising to the level of a claim. For example, an e-mail reminding a client of their responsibility to provide supporting documents by a certain date in order to complete services by a deadline could be useful if the deadline was missed due to the client’s procrastination.
Good documentation should include:
- nature, timing and extent of procedures (when applicable);
- assumptions, whether made by the client or CPA;
- important client conversations;
- departures from engagement parameters; and
- conclusions reached.
Documentation is a CPA’s ally and should be a primary focus of any engagement. Good documentation and quality services go hand in hand.
E is for engagement letter
The significance of having an engagement letter for every engagement should not be underestimated. This document memorializes the agreement between a CPA firm and its client, defines the parameters of the service to be performed and guides the engagement from beginning to end.
An engagement letter helps align firm and client expectations, demonstrate compliance with professional standards, provides for the efficient resolution of client disagreements, or may even identify opportunities to provide a client with additional services. Consider a tax preparation client that requests assistance planning for the following tax year. Without a clearly defined scope of services, limiting the engagement to tax compliance only, fees for a tax consulting work could have been lost as part of the existing tax preparation service. When services expand beyond the scope of the original engagement, an amended or a new engagement letter should be issued.
CPA firms can reduce the administrative time to draft engagement letters by maintaining engagement letter templates to be customized for each engagement. Sample templates are available from your professional liability insurer, the AICPA or paid providers, and can help get you started. A well drafted engagement letter should, at a minimum, include:
- a detailed scope of services;
- the client’s and CPA’s respective responsibilities;
- any limitations of services;
- a description of the deliverable or work product and any limitations on its use;
- the timing of the engagement; and
- the fee for services.
Additional engagement letter provisions, such as alternative dispute resolution or limitation of liability, where permitted, can be included to allocate risk between the CPA and client.
Now we know our ABCs…
Public accounting is a complex and evolving profession that requires continuous improvement to meet challenges. Yet every firm, whether new or well established, can focus on the fundamentals and learn their ABCs (and Ds and Es) of risk management, helping to blaze a path to success.
For more information about this article, contact firstname.lastname@example.org.
This information is produced and presented by CNA, which is solely responsible for its content. Continental Casualty Company, a member of the CNA group of insurance companies, is the underwriter of the AICPA Professional Liability Insurance Program.
The purpose of this article is to provide information, rather than advice or opinion. It is accurate to the best of the authors’ knowledge as of the date of the article. Accordingly, this article should not be viewed as a substitute for the guidance and recommendations of a retained professional. In addition, CNA does not endorse any coverages, systems, processes or protocols addressed herein unless they are produced or created by CNA.
Any references to non-CNA websites are provided solely for convenience, and CNA disclaims any responsibility with respect to such websites.
Examples are for illustrative purposes only and not intended to establish any standards of care, serve as legal advice, or acknowledge any given factual situation is covered under any CNA insurance policy. The relevant insurance policy provides actual terms, coverages, amounts, conditions, and exclusions for an insured. All products and services may not be available in all states and may be subject to change without notice.
“CNA” is a registered trademark of CNA Financial Corporation. Certain CNA Financial Corporation subsidiaries use the “CNA” trademark in connection with insurance underwriting and claims activities. Copyright © 2021 CNA. All rights reserved.