Some lawyers may create more potential professional liability over the coming months by drafting a single letter in response to their client’s independent auditor’s request for information than they will throughout the entire rest of the year.
The problem arises primarily because after 40 years of writing these letters to independent auditors, too many attorneys and auditors have concluded the entire process is a colossal waste of time.
As a result, too many, especially solo attorneys and small- to mid-size law firms, have failed to develop and implement appropriate internal policies to insure they handle these auditor’s requests according to the professional standards required of them.
Consequently, a sizable number of attorneys remain blissfully unaware of the specific duties owed and the professional liability created when done so improperly, leading to a waiver of client confidentiality, misleading financial reports, and host of other problems.
The American Bar Association issued its first “Statement of Policy Regarding Lawyers’ Responses to Auditors’ Requests for Information” on January 7, 1976, and have updated it twice since in 1998 and 2003.
And yet, outside of a very few attorneys in the large, downtown corporate law firms, few attorneys responding to these requests have ever read the ABA Statement of Policy, much less the American Institute of Certified Public Accountant (AICPA) rules.
The auditor’s request for information to a client’s attorney arises from the generally accepted accounting principles (“GAAP”) with respect to loss contingencies set forth in Accounting Standards Codification (“ASC”) 450-20 (formerly Statement of Financial Accounting Standards No. 5).
The AICPA requires an attorney’s client to account for a loss contingency if two conditions are met:
- “Information available before the financial statements are issued or are available to be issued . . . indicates that it is probable that an asset had been impaired or a liability had been incurred at the date of the financial statements” and
- “The amount of loss can be reasonably estimated.” Six factors should be considered when the accountant assesses the probability of an unfavorable outcome for the contingency;
- The nature of the litigation, claim, or assessment;
- The progress of the case (including progress after the date of the financial statements but before those statements are issued or are available to be issued);
- The opinions or views of legal counsel and other advisers, although, the fact that legal counsel is unable to express an opinion that the outcome will be favorable to the entity should not necessarily be interpreted to mean that the condition [for accrual] is met;
- The experience of the entity in similar cases;
- The experience of other entities;
- Any decision of the entity’s management as to how the entity intends to respond to the lawsuit, claim, or assessment (for example, a decision to contest the case vigorously or a decision to seek an out-of-court settlement).
If any one of the conditions are not met, the accounting standard requires the client to disclosure the contingency only if it is reasonably possible that a loss may have been incurred. In such case, the disclosure must include an estimate of the loss, but only if the loss is estimable. No disclosure is required if the loss is remote.
The client owes no duty to disclose a loss contingency of an unasserted claim “if there has been no manifestation by a potential claimant of a possible claim or assessment” unless: (1) it is considered probable that a claim will be asserted; and (2) there is a reasonable possibility that the outcome will be unfavorable.
In response to the AICPA’s standards, the ABA issued its own “Statement of Policy Regarding Lawyers’ Responses to Auditors’ Requests for Information” (the “ABA Statement of Policy”). Together, the two documents, often referred to as the Treaty.
The two standards seek to balance the client’s auditor’s need for information with the client’s attorney’s duty to protect the client’ confidential information.
It should be noted, however, that the accounting profession continues to insist that the ABA Statement of Policy does not control, and it is the AICPA standards that govern the auditor’s request for information.
The ABA Statement permits an attorney to ethically comply with an auditor’s request for information under limited circumstances. First, no attorney should ever disclose information to the client’s outside auditor without the client’s written consent.
The attorney, however, shall not disclose to the auditor a confidence, a secret, or an evaluation of a claim. The ABA Statement cautions that an adverse party may assert that any evaluation of a potential liability is an admission by the client.
The attorney must always be cognizant that a client’s voluntary request for disclosure to its accountant almost always waives the attorney-client privilege. United States v. Deloitte, 610 F.3d 129, 139-40 (D.C. Cir. 2010).
Federal law, and few states, provide any confidentiality protection to an accountant’s work-product. United States v. Arthur Young & Co., 465 U.S. 805 (1984). Even an attorney’s oral communications to the auditor are not privileged if the auditor includes the discussions in its work papers. United States v. Deloitte, 610 F.3d at 143.
Otherwise, the attorney may disclose information to the auditor without further client consent for:
- overtly threatened or pending litigation, whether or not specified by the client. The ABA Statement of Policy defines “overtly threatened litigation” to mean that “a potential claimant has manifested to the client an awareness of and present intention to assert a possible claim or assessment unless the likelihood of litigation (or of settlement when litigation would normally be avoided) is considered remote.”
- a contractually assumed obligation when the client specifically identifies and requests disclosure in the inquiry letter;
- an unasserted possible claim or assessment the specifically identifies and requests disclosure in the inquiry letter. “Unasserted claims” are matters “where there has been no manifestation by a potential claimant of an awareness of and present intention to assert a possible claim or assessment.” Disclosure of an unasserted possible claim is required only if the enterprise concludes that (1) it is probable that a claim will be asserted, (2) there is a reasonable possibility, if the claim is in fact asserted, that the outcome will be unfavorable, and (3) the liability resulting from such unfavorable outcome would be material to the client’s financial condition.
The ABA Statement of Policy requires an attorney responding to an auditor’s request for information should only offer an opinion on the outcome of litigation, in the rare case, when the outcome is “probable” or “remote.”
An unfavorable outcome for the client is “probable” if the prospects of the claimant not succeeding are judged to be extremely doubtful and the prospects for success by the client in its defense are judged to be slight.
An outcome is “remote” if the prospects for the client not succeeding in its defense are judged to be extremely doubtful and the prospects of success by the claimant are judged to be slight. The commentary in the ABA State provide examples of such situations, including the following:
- a catastrophe, accident or other similar physical occurrence in which the client’s involvement is open and notorious;
- an investigation by a government agency where enforcement proceedings have been instituted or where the likelihood that they will not be instituted is remote, under circumstances where assertion of one or more private claims for redress would normally be expected, or
- a public disclosure by the client acknowledging (and thus focusing attention upon) the existence of one or more probable claims arising out of an event or circumstance.
An attorney should never provide an estimate of the amount or range of a potential loss unless the attorney believes that the probability of inaccuracy of the estimate is slight. The ABA Statement of Policy also requires that the attorney must confirm to the auditor:
“the client’s understanding that, if in the course of performing legal services for a client with respect to an unasserted claim which may call for financial statement disclosure, the lawyer has formed a conclusion that the client must disclose or consider disclosure concerning the unasserted claim, the lawyer, as a matter of professional responsibility to the client, will so advise the client and consult with the client concerning the question of such disclosure and the requirements of ASC 450-20.”
The ABA Statement provides different illustrative examples of response letters for “inside” and “outside” counsel. In general, the outside counsel may limit its response to particular matters to which it provided substantive attention or representation; whereas the inside general counsel represents he has general supervision for the company’s legal affairs and has “reviewed litigation and claims threatened or asserted involving the Company and [has] consulted with outside legal counsel” where appropriate.
The ABA Statement does not specifically address government investigations of a client. Attorneys should consider most government investigations unasserted claims. The investigation may well constitute potential for a claim, however, the investigation has not ripened into an overt threat of litigation, claims, or assessments. The ABA Statement only requires the attorney disclose unasserted claims when the client specifically identifies them and asks the lawyer to comment.
The client may, however, request the attorney to report all investigations in the same manner the attorney would report pending litigation. Even where the client requests it, however, the Committee noted that in most cases, “the lawyer will not be able to provide any information to the auditor concerning the investigation other than the existence thereof and the fact of the client’s involvement.”
The Committee advised that whichever approach to reporting is adopted, the “approach should be consistently followed with respect to such client until the auditor has been advised of a change in approach.”
The attorney should clearly disclose to the auditor the limited scope of its engagement by the client, and that he is only disclosing terms considered material.
The attorney also should always provide the date on which any information is provided, and disclaim any ongoing agreement to update the information even when the attorney becomes of aware of changed facts or circumstances.
The ABA Statement contemplates that the attorney may incorporated the Statement by reference in the lawyer’s response by the following statement:
“This response is limited by, and in accordance with, the ABA Statement of Policy Regarding Lawyers’ Responses to Auditors’ Requests for Information (December 1975); without limiting the generality of the foregoing, the limitations set forth in such Statement on the scope and use of this response (Paragraphs 2 and 7) are specifically incorporated herein by reference, and any description herein of any ‘loss contingencies’ is qualified in its entirety by Paragraph 5 of the Statement and the accompanying Commentary (which is an integral part of the Statement).”
While incorporating the ABA Statement by reference is permitted by Paragraph 8, the attorney, however, should consider instead stating clearly that the auditor alone shall use the letter solely in connection with the audit of the client.
The attorney also should state the letter shall not be quoted in any financial statements of the client or related documents. The attorney also must state that no one, including the client, should file it with any governmental agency or other person, without the attorney’s prior written consent.
As discussed above, the ABA acknowledges that an auditor may assume the lawyer, as a matter of professional responsibility to the client, will advise the client concerning the question of such disclosure is required and of the applicable requirements of FAS 5.
The ABA makes clear that every attorney owes a professional obligation to not knowingly participate in any violation by the client of the disclosure requirements of applicable securities laws.
The ABA or applicable state code of professional responsibility also may require the attorney to resign his engagement under some circumstances if his advice concerning disclosures is disregarded by the client. The ABA Statement says withdrawal is very undesirable.
For more than a decade commentators have expressed that there appears to be a continual increase in the number of inquiry letters that do not conform to the ABA-AICPA Compromise. Firms should resist responding to inquiries that are outside of the ABA-AICPA Compromise. Some recent examples of non-conforming requests include:
- Request for information regarding financing statements filed under the Uniform Commercial Code;
- Request for information regarding assignments of the client’s assets;
- Requests for examinations of income tax returns; and
- Request for information regarding compliance with fiduciary duties.
The professional liability risk created from failing to follow the ABA-AICPA Compromise is real. For example, Sarbanes-Oxley Act heightened the risk of potential firm exposure in connection with responding to inquiring letters because attorneys are covered as “persons acting under the direction” of corporate officers and directors, and therefore, can be held liable if their actions are deemed, under a negligence theory, to “result in rendering financial statement materially misleading.”
Best professional practice demands that every attorney or law firm review the ABA-AICPA requirements before responding to Auditor’s Request for Information. Every law firm should implement an internal procedure for responding to auditor’s request for information. The procedure should at minimum include:
- Development of written firm policies and procedures to insure consistent implementation;
- Review and approval of acceptance of the Inquiry Letter to insure compliance with the ABA requirements;
- Designation of a single partner in charge of overseeing the initial draft;
- Firm review, approval of the initial draft, and execution of a final draft; and
- A designated partner and internal procedure to update prior response letters.
Those law firms who do not regularly prepare such audit’s request for information letters, would be well advised to consult with outside counsel to confirm that their internal procedures are sufficient and their letters comply with their professional liability requirements as set forth in the AICPA-ABA requirements without waiving client confidentiality. Firms who do neither must beware of the risks they assume.
Timothy B. Soefje is the Managing Member and head of the professional liability section at the boutique firm of Seltzer │Chadwick │Soefje, PLLC based in Dallas, Texas. He is admitted in Texas and Oklahoma. For regular information about professional liability matters, follow him on Twitter at @TimSoefje and search #ProfessionalLiability. For more information, visit us at www.realclearcounsel.com or contact him at email@example.com.