This article is provided as member benefit by CAMICO, the OSCPA preferred provider of professional liability and employment practices liability insurance.
By Suzanne M. Holl
CPAs at times come under fire from banks and other lenders pressuring them to provide assurances regarding their clients’ financial strength. Many CPAs have shared their frustrations and concerns with CAMICO regarding veiled threats from aggressive brokers and lenders alleging that their clients will not qualify for a loan without receiving a letter from the CPA supporting the client’s loan qualifications. Some brokers have even suggested that the client should seek a “more cooperative” CPA.
Tempting as it may be for CPAs to comply with such requests, providing the requested assurances could put CPAs and their licenses at significant risk. First, CPAs may face the risk of falling below professional standards if they don’t adhere to AICPA Professional Standards. Interpretation No. 1, “Responding to Requests for Reports on Matters Relating to Solvency,” of AT-C Section 105, Concepts Common to All Attestation Engagements: Attestation Interpretations of Section 105, AT-C Section 9105, ¶¶ .01-.11), prohibits CPAs from providing any level of assurance that an entity is, or will continue to be, solvent.
Another risk is that lenders may allege that CPAs misrepresented their clients’ creditworthiness should their clients later default on the loans. In some claims situations, lenders have alleged that CPAs were negligent and misrepresented their clients’ self-employment status, financial condition or creditworthiness.
Use professional judgment
The creditworthiness dilemma is a balancing act—CPAs need to carefully evaluate the risks associated with complying with these requests. For example, since professional standards do not require CPAs to provide any letters to third parties, they need to balance the risks of saying “no” (e.g., losing the client or being sued by the client should the loan fall through) against the risks of saying “yes” (e.g., not meeting the profession’s standard of care, or becoming a “deep pocket” target for the lending institution if the client later defaults).
The following examples of requests provide some ideas on how to traverse the delicate balance of mitigating risks while managing client and third-party expectations.
Request No. 1: Verification of tax information/employment
Financial institutions often send forms directly to a prospective borrower’s CPA, requesting verification of tax information, employment or self-employment, and/or assurances that the client’s business or owner will not be affected by the contemplated loan. Typically, the form is short and already filled out, and it calls for the CPA’s response and signature verifying the information provided. CAMICO strongly encourages CPAs to be cautious when considering these requests.
After the client has provided the CPA with appropriate written consent, CAMICO encourages CPAs to draft a letter in response to the form (instead of signing it) that clearly identifies:
- the scope and limits of the services rendered to the client;
- the responsibility of the financial institution to exercise its own due diligence and to perform procedures and tests the lender deems appropriate in determining whether to extend credit; and
- the limited responses (which should be facts, as opposed to judgments) to the questions posed on the form that are relevant to the client, stating that these answers are based solely upon the information shared by the client and were not audited or otherwise verified. In order to avoid potential privity issues, this letter should also clearly state that the CPA’s response is not intended to establish a client relationship with the financial institution.
Request No. 2: Telephone verification
Another type of request that adds even more exposure to CPAs comes from the so-called “Underwriting Quality Control” divisions of large financial institutions, asking CPAs to provide verbal confirmations regarding their clients’ self-employment and/or other assurances regarding their clients’ financial information. We recommend letting the caller know that professional standards regarding client confidentiality prohibit CPAs from discussing their clients with the caller over the phone. CPAs should request that the financial institution put any questions it may have in writing and, if the CPAs receive written client consent to respond, they will address the inquiries in writing as they deem appropriate, given the scope and limitations of the services they have provided. CPAs should consider sending a letter or an email acknowledging the request and reiterating that no assurance was given during the conversation. This is excellent defensive documentation from later allegations that could suggest otherwise.
Request No. 3: Confirm information on a previously issued lender letter
CPAs should be wary if ever contacted after the fact by a third party requesting that they confirm client information previously provided to the lender on behalf of their client. These individuals may work for a mortgage insurance company or other organization as investigators trying to build a fraud case against a borrower who has defaulted on a loan. CPAs have no professional obligation to respond to these requests, and they would breach client confidentiality if they responded to this them without written client consent. We strongly recommend that CPAs not sign or make any statements in writing, over the phone or in person, to requests of this nature. Also, such calls typically suggest that the loan was selected at random, but the loans are typically nonperforming loans.
Tips when responding to third-party requests
Before CPAs tailor their own response letters they should remember the following:
- Be sure to obtain the client’s written consent before disclosing tax return information.
- The letter should be simple and clear.
- Document only facts and the services that the CPA has performed. Refrain from speculating on future events (e.g., forecast future income or contingencies) and avoid making conclusions not supported by the services performed for the client (i.e., a CPA should not make assurances regarding the accuracy or completeness of the information provided unless the scope of the services enables the CPA to provide such assurances).
- Do not provide any form of assurance regarding matters of solvency.
- Avoid using words that expand, rather than narrow, the CPA’s responsibilities.
Tips for educating clients
It’s also important to inform clients about these issues so that they understand what information CPAs can and cannot provide. Camico encourages CPAs to take the following steps:
- Have a conversation with the client regarding the scope and limits of the services the CPA performed.
- Clarify for the client what the CPA can and cannot provide under the scope and limits of the services rendered.
- Explain that professional standards prohibit the CPA from providing assurance regarding the client’s financial position when the requisite scope of services hasn’t been performed.
- State that professional standards for CPAs prohibit CPAs from offering any form of assurance regarding matters of solvency.
Following these guidelines early on in a relationship is ideal, because the client or financial institution often gives CPAs little or no time to educate their client about the issues after they make their requests.
Suzanne M. Holl, CPA, is senior vice president of loss prevention services with CAMICO (www.camico.com). With almost 30 years of experience in accounting, she draws on her Big Four public accounting and private industry background to provide CAMICO’s policyholders with information on a wide variety of loss prevention and accounting issues.