This article originally was published in the March 2015 Journal of Accountancy. Advice provided in this article has been reviewed and remains current.
Seemingly disparate services such as investment advisory, bill-paying, and estate planning all have a common denominator: the CPA’s involvement with other people’s money. Claim history of the AICPA Professional Liability Insurance Program has demonstrated that the more money involved, the greater the risk. Consider the following claim scenario.
The pro athlete
A CPA firm provided tax and compilation services to a professional baseball player. Over the course of the engagement, the firm expanded its scope of service and began providing bookkeeping and bill-paying services and dealing with the athlete’s vendors. One of the vendors was the athlete’s attorney, who served as an investment adviser and assisted the athlete with real estate transactions and estate planning.
The attorney invested the athlete’s funds in numerous privately held real estate partnerships. After the partnerships were deemed worthless, an investigation showed the attorney had self-dealings and committed fraud, resulting in the athlete’s losing more than $5 million. The athlete brought a claim against the CPA firm as well as the attorney, asserting the firm was engaged to “watch over his funds” and supervise the activities of the vendors.
Pretrial investigation revealed that the CPA firm:
- Received all client brokerage statements;
- Sent the athlete’s quarterly financial statements directly to the attorney;
- Met regularly with both the attorney and athlete; and
- Corresponded directly with the attorney rather than the athlete when questions arose.
While the engagement letter signed by the athlete stated that the CPA firm was not responsible for detecting theft or fraud, the regular meetings with the attorney and client were not included in an engagement letter, and the scope creep proved problematic. The attorney was primarily responsible for the losses, and the athlete shared responsibility by failing to maintain oversight of his investments. However, since defending the CPA’s actions would have been difficult, the claim was settled before trial.
Here are some techniques CPAs can use to help mitigate the risks of a professional liability claim associated with other people’s money.
Client acceptance and continuance
Client acceptance and continuance is important because some clients who experience losses may not take responsibility for their actions. The articles “Client Acceptance: A Liability Gatekeeper
” and “Take a Hike: Ending Client Relationships
” contains recommendations related to client acceptance and continuance. Additional considerations are warranted when services related to responsibility for other people’s money are delivered. These include:
- Evaluating the circumstances surrounding the engagement. Longtime clients may present elevated risk when confronting financial distress, family problems, illness, or other significant troubles. They are more likely to assert that they lacked the knowledge to take action and relied on the CPA to bring such matters to their attention.
- Determining if the client or prospect is litigious. Lack of personal accountability for results typically increases the risk that a professional liability claim will arise.
- Assessing the financial sophistication of the client or prospect. Uninformed clients may be less likely to take personal responsibility and more likely to contend that they did not understand the impact of a costly decision.
- Confirming client references, including from bankers and attorneys.
- Investigating the background of high-net-worth individuals, such as C-suite executives.
Obtaining a signed engagement letter is especially important when other people’s money is involved. The article “Buckle Up: Crafting Effective Engagement Letters
” discusses the importance of using engagement letters and common engagement letter components. When drafting an engagement letter, the following elements are recommended:
- Define the scope of services as narrowly as possible.
- Issue a new engagement letter or change order if the scope of services changes.
- Ensure the engagement letter emphasizes that the client is responsible for implementation of recommendations made and their outcome.
- Include a provision that the client is responsible for supervising other professional service providers engaged by the client.
- Disclaim responsibility to detect theft or fraud.
Well-documented files are one of a CPA’s best defenses, especially when claims involve other people’s money. The article “Write it Down: The Importance of Documenting Oral Advice
” (JofA, Oct. 2013) contains many tips. Recommended file documentation includes:
Access to client funds
- All client decisions regarding investments and disbursements.
- Contact with the client, including unsuccessful attempts.
- Client responsibility for making decisions and the related consequences. In other words, walk the walk—if the engagement letter states that the CPA will not be making management decisions, do not permit the client to believe you are. Written materials should identify the firm’s recommendations, if any, and the client’s responsibility for the final decision and implementation. Likewise, oral communications should emphasize that the firm makes recommendations to the client for his or her consideration, not decisions. If the client indicates that it is the firm’s decision, correct him or her.
Direct access to a client’s bank or investment account can be an invitation for trouble if proper controls are not in place. The article “All in a Dishonest Day’s Work
” contains several recommendations for reducing this exposure. Consider the following:
- Perform annual background checks on all individuals at the CPA firm with access to client funds;
- Ensure the client has adequate internal controls; and
- Segregate duties and implement controls at the CPA firm to reduce the risk of theft by an employee or partner.
By implementing these risk management strategies, CPA firms can help minimize the risk of a costly and time-consuming claim, as demonstrated in the following scenario.
A CPA prepared tax returns for a married couple. Upon his wife’s death, the husband asked the CPA, a registered investment adviser, to manage his portfolio. The CPA issued an engagement letter that narrowly defined the CPA’s scope of services and placed the responsibility on the client to implement any investment strategies.
After the signed engagement letter was received, the CPA met with the client and discussed his financial goals, including completion of a risk-tolerance questionnaire before recommending investments. The client agreed with the CPA’s recommendations and made the investments. The CPA sent the client a follow-up email to confirm the decisions made and included a disclaimer that the CPA was not responsible for updating the advice due to changes in the law or the client’s circumstances.
The CPA attempted to contact the client to update the initial risk-tolerance questionnaire on multiple occasions after the client’s premature retirement. These efforts were documented.
The value of the client’s portfolio decreased substantially over several years. When the client realized the declining value of his investments, he sued the CPA, alleging that an inappropriate and aggressive investment strategy was used during the economic downturn. Moreover, the client asserted that the CPA was aware of the client’s retirement but took no action to reassess the client’s risk tolerance and recommend changes to the investment portfolio.
After the strong engagement letter and well-documented workpapers were identified during discovery, the claim was withdrawn.
Deborah K. Rood is a risk control consulting director at CNA. For more information about this article, contact firstname.lastname@example.org.
This information is produced and presented by CNA, which is solely responsible for its content. Continental Casualty Company, a member of the CNA group of insurance companies, is the underwriter of the AICPA Professional Liability Insurance Program.
The purpose of this article is to provide information, rather than advice or opinion. It is accurate to the best of the authors’ knowledge as of the date of the article. Accordingly, this article should not be viewed as a substitute for the guidance and recommendations of a retained professional. In addition, CNA does not endorse any coverages, systems, processes or protocols addressed herein unless they are produced or created by CNA.
Any references to non-CNA Web sites are provided solely for convenience, and CNA disclaims any responsibility with respect to such websites.
Examples are for illustrative purposes only and not intended to establish any standards of care, serve as legal advice, or acknowledge any given factual situation is covered under any CNA insurance policy. The relevant insurance policy provides actual terms, coverages, amounts, conditions, and exclusions for an insured. All products and services may not be available in all states and may be subject to change without notice.
“CNA” is a registered trademark of CNA Financial Corporation. Certain CNA Financial Corporation subsidiaries use the “CNA” trademark in connection with insurance underwriting and claims activities.
Copyright © 2021 CNA. All rights reserved.