AICPA Ethics Committee Weighs In On Outsourcing

On Aug. 9, the AICPA Professional Ethics Executive Committee issued an exposure draft regarding the responsibilities of businesses to disclose to their customers and clients when they outsource services.

The boom in offshore outsourcing has been a lightening rod for policy makers and unions and recent months, and has become a corporate governance issue through shareholder resolutions at IBM and other companies.

The AICPA's exposure draft focuses on the issues of disclosure and confidentiality. Currently, AICPA members can chose whether or not to inform clients that their services may be outsourced, even though the members are ultimately responsible for all the work done.

Among the proposed changes to the organization's Code of Professional Conduct are the following subjects:

Integrity and Objectivity—Would require that a member inform the client that he or she may be using a third-party service provider when providing professional services to the client, prior to sharing confidential client information with the service provider;

Standards and Compliance—Would clarify the application of certain rules to members who use a third-party service provider in providing professional services to clients, and make clear the committee’s position that the member is responsible for all work performed by the service provider;

Broader Definition—Would update and broaden the application of the ethics ruling beyond that of an outside tax service bureau and make it applicable to any third-party service provider used by the member.

Confidential Client Information—Would clarify that disclosing confidential client information to a third-party service provider for the purpose of providing professional services to clients or for administrative support purposes would not be in violation of AICPA rules; however, the member would be required to enter into a contractual agreement with the third-party service provider to maintain the confidentiality of the client’s information, and use reasonable care in determining that the third-party service provider has appropriate procedures in place to prevent the unauthorized release of confidential client information.

A complete version of the AICPA's exposure draft is available in the box above, right.