New York (Aug. 10, 2004) -- Weighing in on the profession-wide debate over outsourcing, the Professional Ethics Executive Committee of the American Institute of CPAs has proposed a rule that would require institute members to disclose to clients the outsourcing of professional services.
Susan Coffey, AICPA vice-president of self regulation, said that the proposed rule would clarify the AICPA’s requirements for its members. The PEEC convened a task force earlier this year to examine the issues surrounding the outsourcing of services.
“Currently, it is the decision of our members whether they wish to inform their clients that services may be outsourced,” Coffey said. “However, the institute’s long-standing policy with regard to outsourcing is that our members are ultimately responsible for the quality of any work performed by a third-party provider.”
The exposure draft proposes three new rulings for the institute’s Code of Professional Conduct. Rule 102, Integrity and Objectivity, would require members to inform clients of the use of a third-party service provider prior to sharing confidential client information with that provider.
The proposed ethics ruling under Rule 201, General Standards, and Rule 202, Compliance with Standards, would clarify the application of Rules 201 and 202 to members who use a third-party service provider in providing professional services to clients and would make clear the committee’s position that the member is responsible for all work performed by the service provider.
Rule 301, Confidential Client Information, would revise Ethics Ruling No. 1, Computer Processing of Clients’ Returns, to update and broaden the application of the ethics ruling beyond that of an outside tax service bureau and make it applicable to any third-party service provider used by the member. The revised ethics ruling also would clarify that disclosing confidential client information to a third-party service provider for the purpose of providing professional services to clients or for administrative support purposes would not be in violation of Rule 301. However, the member would be required to enter into a contractual agreement with the third-party service provider to maintain the confidentiality of the client’s information, and use reasonable care in determining that the third-party service provider has appropriate procedures in place to prevent the unauthorized release of confidential client information.
The exposure draft, “Omnibus Proposal of Ethics Division Interpretations and Rulings,” is available at
-- WebCPA staff
