New conceptual frameworks recently introduced into the AICPA’s ethics rules may change the landscape both for CPAs practicing public accounting and those working in business. Culminating a six-year project, the AICPA Professional Ethics Executive Committee issued a revised AICPA Code of Professional Ethics, completely restructuring the guidance and also introducing new concepts. (“New Code”).
Many have focused on the project’s organizational changes, the wholesale restructuring of principles, rules, interpretations and rulings into a codification intuitively organized by topic — a huge improvement that facilitates research and application. Substantive changes were not intended in this part of the codification project. Although some changes in specific requirements were ultimately made (explicitly noted in the codification), the more significant impact of the New Code will result from two new conceptual frameworks, one for members in public practice and one for members in business. The New Code becomes effective December 15, 2014, with a one-year delay to December 15, 2015 for the new conceptual frameworks. Early adoption is encouraged.
A Wider Reach
While there has been a Conceptual Framework for Independence issues since 2006, the new Conceptual Framework for Members in Public Practice applies to all engagements CPAs perform. The Framework will need to be applied for tax, accounting services, litigation, and consulting assignments, bringing in considerations not previously required. Likewise, the Conceptual Framework for Members in Business introduces a whole new set of factors that CPA CFOs, controllers, accounting personnel, and others working in corporations must consider when evaluating whether they are in compliance with AICPA ethics rules.
The conceptual frameworks are risk-based, using the so-called “threats and safeguards” approach. For circumstances not addressed by the specific rules and interpretations in the codification, the risk-based approach requires evaluating the risk that the CPA would not be in compliance with ethics rules, or perceived as not being in compliance by a reasonable and informed third party with knowledge of all relevant information. It requires a three-step approach:
1. Identify threats to complying with the ethics rules;
2. Evaluate the significance of a threat to determine whether it is at an acceptable level; and
3. Identify and apply safeguards to eliminate the threat or reduce it to an acceptable level.
If a threat cannot be eliminated or reduced to an acceptable level, providing the specific professional services would compromise the CPA’s compliance with the AICPA ethics rules.
Threats fall into categories. Adverse interest, advocacy, familiarity, self-interest, self-review, and undue influence apply to both members in public practice and in business. Management participation is an additional threat applicable to members in public practice. For each threat, as defined in the New Code, examples are provided. While all threats and related examples should be examined, some examples in both the public practice and business conceptual frameworks for advocacy, familiarity, and self-interest especially give pause. These examples present matters that previously were not commonly considered.
Examples and Their Significance – CPAs in Public Practice
For members in public practice, under the advocacy threat category, the Conceptual Framework identifies as a threat providing forensic accounting services to a client in litigation or a third party dispute. Pre-existing rules discussed forensic services as they related to independence, specifically stating that expert witness engagements impair independence and providing guidelines for other forensic services. Now, one must consider the threat that providing forensic accounting services to non-attest clients may compromise objectivity.
Familiarity threats must now be evaluated. These threats include a member’s close friend being employed by a client, senior personnel having a long association with a client, or a member having a close business relationship with an officer, director or 10 percent shareholder of a client. These clients would include tax clients.
The Larger Impact – CPAs in Business
While the examples of threats for members in public practice present new considerations, the larger impact of the new conceptual frameworks will likely be on CPAs working in business enterprises. Members in business may be surprised to discover that a threat to compliance with ethics rules exists if they hold a financial interest, such as shares or share options in the employing organization, and the value of that interest is directly affected by their decisions. This would be a self-interest threat. This threatalso applieswhen the CPA is eligible for a profit or other performance-related bonus, and the value of that bonus is directly affected by his or her decision.
Familiarity threat examples for members in business explain that compliance with ethics rules may be compromised by the member’s accepting an individual’s work product with little or no review because the individual has been producing acceptable work for an extended period. Further, advocacy threats must be considered, such as the possibility that a member will promote an employing organization’s interests or position to the point that his or her objectivity is compromised. Examples of advocacy-threat considerations for CPAs working in business enterprises include:
(i) obtaining favorable financing or additional capital that is dependent upon the information that the member includes in, or excludes from, a prospectus, an offering, a business plan, a financing application, or a regulatory filing; and
(ii) failing to give information that the member knows will unduly influence the conclusions reached by an external service provider or other third party.
Identify and Evaluate Safeguards
Of course, the existence of a threat does not automatically result in failure to comply with the AICPA Code of Professional Conduct. After identifying and evaluating a threat, a member identifies and applies safeguards that may eliminate the threat or reduce it to an acceptable level. The New Code explains that safeguards fall into broad categories:
(i) safeguards created by the profession, legislation, or regulation;
(ii) safeguards implemented by the firm/employing organization; and, for members in public practices,
(iii) safeguards implemented by the client in combination with other safeguards.
The New Code provides examples of each of these types of safeguards.
The question of how the new Conceptual Frameworks will impact CPAs’ ethics decisions and enforcement is yet to be answered. Clues may reveal themselves in the toolkit the AICPA Ethics Division is developing on how to apply the new guidance.
New Structure and Online Portal
In contrast, the restructuring and codification part of the project is not controversial and is indeed highly welcomed. It represents an enormous enhancement to the previously difficult to navigate ethics code. The New Code is intuitively organized by topic, facilitating both easier comprehension and research. In addition, the New Code is housed on a new dynamic online platform, enabling users to navigate quickly and perform research more efficiently.
The New Code is organized into three parts: The Preface applies to all members; Part 1 applies to members in Public Practice; and Part 2 is for members in Business. The first digit of the codification, 0, 1, 2, respectively, signifies the part. This single digit is followed by two sets of three-digit numbers that identify the topics and, when applicable, subtopics or sections. While users accustomed to the old ET Section numbers will experience a learning curve, ultimately, the new, intuitively organized structure will be easier to use. Also helpful, the codification includes references to non-authoritative guidance. All in all, CPAs and their advisors will find it easier to know how to comply with the AICPA ethics rules.
Without question, CPAs and their counsel need to take heed of the new AICPA Code of Professional Conduct. Not only does it restructure and codify the extant ethics rules, the part of the six-year long project that has received more notice, but it adds two new Conceptual Frameworks that could make a significance difference. CPAs in public practice must apply the Conceptual Framework to all types of engagements, not just attest engagements requiring independence. And, even more significantly, CPAs working in business enterprises must address many more considerations.
This alert provides practitioners with an overview of just some of the parameters to consider. If you have questions, please contact Sally Hoffman, Senior Advisor, Berdon LLP Litigation, Valuation & Dispute Resolution Services at 212.331.7524 | email@example.com
 The AICPA Code of Professional Conduct applies to members of the AICPA. Most state societies of CPAs have adopted similar, if not identical, ethics requirements. And, state licensing boards also have generally followed the AICPA’s lead for their ethics standards. However, specific requirements by state should be checked for applicable rules.
 The concept of threats and safeguards was previously included in a non-authoritative AICPA Guide for Complying with Rules 102-505, in which a few examples were provided. None of those examples addressed the situations in the examples discussed in the following paragraphs.