In response to recent discussion and debate by members of Congress, the media and federal and state regulators about the responsibilities of businesses to disclose to customers and clients when they outsource services, the Professional Ethics Executive Committee (PEEC) earlier this year formed a task force to explore issues surrounding outsourcing to third-party service providers.

On Aug. 9, the PEEC issued an exposure draft that focuses on disclosure to clients, the member’s responsibility for all work, and maintaining the confidentiality of client information. Specifically, the proposals include a revision to Ethics Ruling No. 1 under Rule 301, “Computer Processing of Clients’ Returns” and new ethics rulings under Rule 102, “Integrity and Objectivity,” Rule 201, “General Standards” and Rule 202, “Compliance With Standards.”

The proposed ethics ruling under Rule 102, “Integrity and Objectivity,” would require that a member inform the client that he or she may be using a third-party service provider when providing professional services to the client, prior to sharing confidential client information with the service provider.

The proposed ethics ruling under Rule 201, “General Standards” and Rule 202, “Compliance With Standards,” clarifies the application of Rules 201 and 202 to members who use a third-party service provider in providing professional services to clients, and makes clear the committee’s position that the member is responsible for all work performed by the service provider.

Finally, the proposed revisions to ethics ruling No. 1 under Rule 301, “Computer Processing of Clients’ Returns,” would update and broaden the application of the ethics ruling beyond that of an outside tax service bureau and make it applicable to any third-party service provider used by the member. The revised ethics ruling also clarifies that disclosing confidential client information to a third-party service provider for the purpose of providing professional services to clients or for administrative support purposes would not be in violation of Rule 301, “Confidential Client Information;” however, the member would be required to enter into a contractual agreement with the third-party service provider to maintain the confidentiality of the client’s information, and use reasonable care in determining that the third-party service provider has appropriate procedures in place to prevent the unauthorized release of confidential client information.

Responses to the exposure draft must be received at the AICPA by Oct. 8, 2004.

Legislative & Regulatory articles brought to you by MACPA Corporate Sponsor, Secure Eco Shred.