- Confidentiality underpins public trust in accountants, yet it’s a common source of complaints.
- Some situations are more prone to breaches of confidentiality than others.
- The key is to always ask for the authority to pass information on to a third party.
Confidentiality is a fundamental principle for all chartered accountants and one that applies regardless of whether CAs are working in public practice or commerce. The Code of Ethics is quite prescriptive about how it works. Members must respect the confidentiality of information acquired through professional or business relationships, and not disclose without proper and specific authority.
There are exemptions to the confidentiality requirements. However, CA ANZ’s Rebecca Stickney, leader of the Professional Conduct team in New Zealand, sums up the core principle: “members must not disclose confidential information or use it to advantage themselves or others. That’s the primary obligation”.
The confidentiality provisions may appear straightforward, yet allegations of breach of confidentiality often feature in complaints about members. A danger area occurs when a member’s sense of objectivity becomes clouded during the engagement.
The situation can be especially complex when a client wears several hats. In these circumstances, a member may be unsure if there is an obligation to keep certain information confidential. Stickney and her Australian counterpart, Kate Dixon, both agree that the key is consent, namely, that a member must always gain approval from the other party before passing on information.
Caught between warring parties – a key danger zone
“Members can be most vulnerable to breaches of confidentiality when they get caught up in something like a matrimonial dispute or find themselves in the middle of warring shareholders,” Dixon points out.
“Members want to be helpful, but they don’t protect themselves by insisting they get authority to disclose information from both clients. Alternatively, rather than volunteering confidential information, a member could suggest that the party seek an order that the information be produced.”
Stickney cites a recent example where a member was sanctioned by the Professional Conduct Committee for breach of confidentiality. In this instance, the member spoke with a client about concerns that the client’s former wife used jointly-held company assets for private transactions. Adding to the problem, the member gained this information from a separate and unrelated client. The member then compounded the error by disclosing details about the third-party client to the existing client.
“This was an example where things got very messy. First, the member spoke about the matter with the husband without consulting the ex-wife to make sure he had proper authority,” says Stickney. “She was the sole director and a client of the firm.
“In addition, the member was disclosing information provided by, and about, the third-party client. The member was in a very difficult position because the wife may have been trying to push the husband out of the transaction. But no steps were taken whatsoever to discuss the issue with her or ascertain the veracity of the information.”
Related: CA Advisory Group
CAAG provides counselling and support for CAs facing ethical dilemmas or weighing career decisions.
In another instance, again a relationship break-up, a former wife, who had changed her name, contacted a CA for information regarding shares in a joint company. The member subsequently went back to the husband asking for the information.
Stickney explains the problem: “The exchange of information was too fluid. The member should have confirmed who this person was, and then made it clear that the request for information first needed to be discussed with the woman’s former husband.”
Making judgement calls in the heat of the moment
Part of the challenge for members meeting their confidentiality requirements is the need to make decisions about what can or should be said in what could be a pressure-cooker environment. Stickney cautions: “The rules may not always seem clear-cut in the heat of the moment.”
She cites the situation of a CA who was being cross-examined in court. “The member gave evidence which volunteered information beyond the scope of what was being asked, and in doing so breached the principles in relation to confidentiality. It became a significant allegation for our disciplinary tribunal, and it highlights the way that members have to use their discretion and not go further than necessary.” It also highlights the importance of getting legal advice where appropriate.
Breaches of confidentiality have also occurred in the context of employment disputes. In one case that appeared before the Professional Conduct Committee, a member whose working relationship with his employer was strained, recorded a confidential meeting without the knowledge or authority of those present. The member then provided a copy of the recording to another former employee, along with a copy of a confidential letter between his employer and a third party, which he had improperly retained.
“This gave rise to serious breaches of the confidentiality provisions,” says Stickney. “And what’s interesting is how people can justify it to themselves. In this instance, the Conduct Committee accepted that the employment relationship had soured to an untenable level, and the member was trying to protect themselves and negotiate a way out of a difficult employment situation. Nevertheless, the behaviour went way beyond the realm of what is acceptable.”
You can't, yourself, be associated with any dishonest communications to the Tax Office
Even when there is no apparent pressure, members can unwittingly sail close to breaches of confidentiality. Dixon cautions: “There are provisions in the Code around maintaining confidentiality, including in social environments, and even being alert to the possibility of inadvertent disclosure, particularly to a close business associate or a close or immediate family member.” Even in this situation, a failure to comply with confidentiality obligations in these circumstances can result in complaints.
Two broad exemptions
As mentioned earlier, there are two broad exemptions from the professional ethics regarding confidentiality, and these centre around a legal or professional right or duty to disclose information. If, for instance, a member is subpoenaed during legal proceedings, the ensuing legal obligations override the Code.
A professional right or duty includes disclosure to comply with a review or investigation by CA ANZ or another regulator, or to protect the member’s professional interests in legal proceedings. That said, there can be grey areas, particularly if there are legal duties not to disclose. The Code of Ethics recommends that members seek legal advice whenever they are in doubt about where they stand, and we would strongly encourage members to do so. Members could also discuss the issue with a member of the CA Advisory Group.
Related: Crime and accountants - the rules get tougher
Will the new NOCLAR changes help CAs in the fight against crime?
Dixon provides an example here, saying: “If you have serious concerns for instance, about a tax engagement where your client is trying to be dishonest about their revenue, we recommend telling your client what the ground rules are for your continued involvement. You can't, yourself, be associated with any dishonest communications to the Tax Office. And if the client wishes you to do so, you have to seriously consider ending the client relationship.” You may also need to obtain legal advice about any other obligations you may have in this situation.
Confidentiality in the context of NOCLAR
A further issue to bear in mind in terms of confidentiality, is the NOCLAR (non-compliance with laws and regulations) provisions that came into effect in Australia on 1 January 2018, after having been introduced in New Zealand in July 2017.
The new standard applies to all accountants, not just auditors, and introduces a requirement for accountants to set aside their duty of confidentiality when they come across substantive non-compliance.
The profession’s Code of Ethics has been amended to incorporate NOCLAR, and it is worth reiterating that it requires members to speak up when it appears that laws and regulations are not being followed by a client or employer. Disclosure of NOCLAR to appropriate public authorities is permitted where there is a strong public interest reason. However, disclosure may not always be appropriate, especially if it is contrary to law or regulation. There is a materiality/serious harm threshold which members must consider before acting. The Code of Ethics provides a detailed explanation as to when disclosure is required and how members should go about it, which is dependent on their role and seniority.
The bottom line is that members face strict confidentiality requirements designed to raise the reputation of, and the value society places on, the profession. This calls for members to stop and consider whether there is an obligation not to disclose information, and if they need authority to provide information. If in doubt, refer to the Code, or seek advice. It may seem onerous but when it comes to confidential details, it’s better than letting the genie out of the bottle.