Accounting
Balancing the interests between attorney-client privilege and the auditor’s need to know
Companies often face the tricky task of producing privileged and confidential information to their independent auditors for audit purposes.
This article first examines a company’s dilemma regarding whether to disclose any privileged information to its independent auditors. Next, it provides an overview of the existing law, which addresses when the attorney-client privilege and work product protection could be waived when documents are voluntarily disclosed to an independent auditor for the audit. Finally, we’ll examine how to successfully manage the conflict between an auditor’s need to know and a company’s need to protect privileged and confidential information.
A company’s dilemma: To disclose or not to disclose?
Corporations hire independent auditors to perform financial audits and comply with the applicable SEC requirements, shareholder demands, banking regulations and other obligations. In the course of such audits, independent auditors review and test the corporation’s financial statements, detailed books and records, and internal controls. Auditors may also request to review certain privileged information that the corporation prepared for any ongoing or anticipated litigation, including internal investigation reports, attorney memoranda evaluating possible liabilities, tax position papers, and other materials.
Auditors may request privileged materials for several reasons – for example, to verify financial disclosures; to investigate potential “illegal acts” by a company under Section 10A of the Securities Exchange Act of 1934; or to avoid liability under the recent
Companies may comply with the auditor’s request for privileged information. The potential downside to such compliance is that a third party may argue that the documents are no longer privileged because they were disclosed to a third party — the company’s independent auditor. The privilege protecting such documents could be waived and such materials may become discoverable by third parties, including government agencies and a corporation’s litigation adversaries. Conversely, companies may choose to decline to disclose the privileged information to their auditors. With access to less information, a company runs the risk that the auditor could be unable or unwilling to opine on the company’s financial statements.
In June 2023, PCAOB proposed a new audit standard — Noncompliance with Laws and Regulations — that would require auditors to identify and respond to NOCLAR instances, including whether a company is complying with all the laws and regulations or committing any fraud (see
In a surge of comments on the PCAOB’s proposal, companies said the new rule could mean more correspondence with lawyers would have to be shared with auditors, with the result that it loses its legal privilege and could become evidence in litigation (see
Applicable law: Privileges and work product doctrines
The attorney-client privilege is designed to protect communications between clients and their attorneys. Depending on the circumstances, the protection can be waived when documents or communications are voluntarily disclosed to an independent auditor for audit purposes. In a 2019 case
Unlike the attorney-client privilege, a voluntary disclosure of work product to an independent auditor does not automatically waive work product protection (see
There are two categories of work product, each of which is afforded a different level of protection. First, there is “ordinary” work product, which includes facts and evidentiary documents prepared for an ongoing or anticipated litigation. Ordinary work product is generally subject to protections from discovery, but those protections can be overcome by the opposing party upon a showing of “substantial need” and “undue hardship.” Second, “opinion” work product consists of work product that is narrowly confined to the attorney’s legal analysis, mental impressions, conclusions, opinions or legal theories. Because opinion work product reflects the attorney’s analysis of the client’s legal position, courts typically afford it near-absolute protection from disclosure to third parties. Determining whether the work product is ordinary or opinion involves a fact-intensive inquiry.
There is a split among the courts regarding waiver of work product doctrine for materials shared with auditors. Under the majority view, auditors are not considered “adversaries” and any disclosure of work product to them does not waive protection. In other words, a corporation’s disclosure of privileged information to its independent auditor does not waive work product protection, because an auditor’s role — including scrutiny and investigation of a corporation’s records and bookkeeping practices – does not constitute an adversarial relationship. In a 2010 case,
In the event that an opinion work product is disclosed to an auditor, courts are not likely to deem it a waiver and will protect the opinion work product from disclosure to third parties. The same level of protection may not apply to ordinary work product shared with auditors, although the majority rule still would likely provide some protection from disclosure to third parties.
Managing the conflict: Planning, balancing and taking charge
As in any conflict situation, the means to a successful resolution is understanding the needs of all interested parties and narrowing the areas of dispute to the core issues. The key to achieving this includes planning ahead, balancing the needs of the interested parties, and taking charge of the situation.
First, consider negotiating a strong confidentiality and non-waiver agreement in an audit engagement letter from the outset. Before a company receives a request for production of any privileged materials by its auditor, the objectives of the auditor’s engagements and responsibilities should be clearly defined. Any engagement letters, work plans and other documents should memorialize the scope of the auditor’s confidentiality requirements. The corporation and auditor should have a mutual understanding that any information sent to the auditor would remain confidential and any disclosure to the auditor is not intended to waive any applicable privileges.
Second, balancing the auditor’s need to know with the attorney’s need to protect is crucial. Blanket demands by auditors for all information possessed by counsel are intrusive and unnecessary. Equally unhelpful is the counsel who refuses to understand that the client’s interests are best served by working with the auditors to help them discharge their audit responsibilities. It is essential that the auditor and the counsel communicate in detail and plan an approach that allows the auditor to gather the maximum amount of information independent of counsel, thereby lessening the burden and reliance on privileged communications and protected materials. This may involve the auditor’s review of historical information and third-party documents that are not privileged. The auditor should also confer with the audit team and company counsel, and find ways of mitigating the audit’s need for privileged materials.
At the same time, company counsel should carefully examine the materials to be disclosed to the independent auditor to reduce the risk of any waiver. Although the corporation should provide all the necessary materials required by the auditor, it should do so only after conducting a thorough review of documents to ascertain whether they are truly responsive to the auditor’s requests and whether there are nonprivileged materials that would suffice. Even though the majority rule protects work product, a company should limit disclosure to materials that are necessary for the auditors to complete their audit.
To the extent possible, attorneys should limit the amount of written work product that is shared. Where feasible, the corporation should consider oral briefings that focus on nonprivileged facts. A telephonic or in-person conversation responding to the auditor’s specific questions might limit the amount of written work product that needs to be disclosed. It is important to note that counsel should exercise caution even when presenting work product orally, as an auditor’s notes from an oral presentation might be subject to discovery.
If litigation arises and the auditor is subpoenaed, company counsel should closely work with the auditors and review any materials that may contain privilege or work product before they are produced. Being proactive and working cooperatively with the auditors will mitigate and avoid unnecessary disclosures.
The year-end CPE cram. It’s as cyclical as the busy season and as predictable as a client giving you the supporting documents you requested one day before the deadline while asking, “Do you think you can get this done in time?”
With all of these circumstances, we know the event is coming. We’ve been here before. We’re ready for it. Yet, like the Same-As-Last-Year accountants we are, we rarely change any behavior, simply chalking it up to “it is what it is.”
But what if it didn’t have to be that way?
If you haven’t picked up on the transformation that the accounting industry is undergoing, you probably haven’t been reading any articles here, or anywhere on the internet for that matter, which have been published regarding all of the shifts finally catching up to the profession.
Look, let’s call a spade a spade. We understand our personalities. We aren’t going to be the folks who dive head first into a pond with murky water. It’s this risk averse nature that makes us the ultimate professional skeptics, with maximum reliability to the public and stakeholders, focused on attention to detail, and ideal most trusted financial advisors.
However, it’s this same risk averse nature that stereotypes us as a boring, backward-looking, and late to the game profession. We were quick to tell clients that they should be moving to the cloud, but how long did it take most of our large firms to make that move?
This piece isn’t to bash our hesitancy to move forward with innovation; in fact, I would argue that our steady and cautious nature is a superpower of sorts, as we don’t just follow the untested trends that every other industry jumps on and hopes for the best. All that being said, it feels like we are making great positive strides to change in necessary ways that can catch us up to speed, so we aren’t lagging as far behind other professions in advancement.
We’ve got the 150-credit hours rule going through an evolution due to necessary adaptation, to make earning the CPA license more feasible and practical (let’s be real: work experience is where you learn the job, not in a classroom). Accounting software companies seem to be trending among the venture capitalists, as money pours into building technology solutions that address the various needs accounting departments face, and have faced for years without a non-burnout-inducing option. Even the business structure of public accounting firms is shifting, as private equity money floods these traditional partnerships. Even the CPA exam, with
So don’t you think it’s only natural that the continuing professional education, which is supposed to be how we develop our professionals, evolves and adapts too?
If you never try, you’ll never know
Yes, that’s lyrics from Coldplay’s “Fix You,” but it also leans into this proposition.
What if instead of being a tedious, burdensome, annual maintenance chore, continuing professional education was, like a college degree or technical credential, something that enabled you to advance in your career?
The thing is, it already can be. That just isn’t how we as a profession have been using it, and now we’re in this unique predicament: Is most CPE content not good because nobody cares enough to make investing in it worthwhile, or does nobody care about CPE because nobody has invested in making the content good enough to consume?
Don’t get me wrong — there is a lot of CPE content out in the market that provides immense value, whether it’s live webinars, self-study courses or in-person conferences. The issue is we haven’t embraced the shift to experiential learning in the way that only the top educators have.
The content needs to be more relevant, more directly applicable and offer a better experience. But most importantly, we need to tell a better story. The technical topics are not something that should be overshadowed in pursuit of more fun topics, but the way these courses are marketed and how they are delivered needs to improve.
There are plenty of ways to do this, but if organizations don’t try to consciously work on making better content, most professionals will rarely feel compelled to really prioritize their professional learning and development.
Some more ambitiously innovative aspirations
Anybody who knows me is aware that I have no shortage of innovative ideas. Back when I was working at Grant Thornton on the Northeast regions innovation council, our regional managing partner had the small elite task force read “The Innovators DNA” — I took that book to heart.
So while these may not be practical in the short term, these are some aspirations I have for the potential future of CPE.
- Learning tracks that issue a certificate or credential of some sort upon completion and passing of an exam, which isn’t just something you click through irrelevant polling questions in order to get credit for.
- Continuous learning, where it isn’t a year-end cram, but something you can do at a manageable pace. This is also a more conducive learning experience anyway.
- Applied learning experiences, or something where you are performing in real world situations that allow learning to not be a lecture, but an experience.
- The MasterClass of CPE. People all over the world are fascinated by the teachings on a variety of topics, from exciting to dull, that MasterClass provides. Let’s not forget that professional education is anything that can help us in our career development and make us better industry professionals, meaning this isn’t isolated to just “accounting” topics. Realistically, a lot of the master classes could be made CPE eligible if issued by an accredited entity.
NASBA is working on so many accounting pipeline crisis matters, but let’s not forget about the existing base of industry professionals, who I would argue can make for the strongest ambassadors of the accounting profession’s brand.
Where are we at now?
The discussion is just getting going. CPE platforms like
There is no doubt that elements from other industries, platforms and educational institutions will start to make their way into the world of CPE. As a CPA, I am personally excited for the opportunity to use my required learning time to truly enhance my depth of knowledge.
While CPE is definitely not on the top of the list for “things the accounting profession needs to address ASAP,” I would argue that the conversation starts now, or at least should, if we want to see it progress in a timely manner. Think about it — we talked about burnout for decades before it really started being taken seriously. Cloud accounting took nearly a score of years to be fully adopted. Remote work was always chatted about, but took a global crisis to really take the leap of faith.
I don’t expect CPE to change overnight, but thinking about it in the context of the future of the accounting pipeline, and how we provide a sense of “knowledge security” from the ever-daunting A.I. conversation is never too soon to start being discussed.
Can a CPE course get CPAs as hyped up as a MasterClass? I’ll be anxiously waiting to find out!
The Financial Accounting Standards Board has posted the
The FASB also announced earlier this month the availability of the
The 2025 GRT provides updates for accounting standards, including disaggregation of income statement expenses, profits interest and similar awards, and induced conversions of convertible debt instruments, and other recommended improvements.
The 2025 EBPT includes updates from the 2024 EBPT for elements specifically created for SEC Release Nos. 33–11070; 34–95025 which includes requirements for XBRL tagging of annual reports for employee stock purchase, savings and similar plans filing SEC Form 11-K.
The 2025 SRT offers improvements for elements whose underlying recognition and measurement are not specified by GAAP but are commonly used by GAAP filers and for SEC schedules related to supplemental information provided by insurance underwriters.
The DQCRT is structured from the typical design of XBRL taxonomies because it is narrowly focused on conveying the XBRL US Data Quality Committee’s validation rules, predominantly for regulator use. It isn’t intended to be used in SEC filers’ extension taxonomies. The DQCRT contains a subset of the DQC rules. The FASB Taxonomy staff evaluates the validation rules for inclusion in the DQCRT that have been available for use for more than a year, with consideration for how the DQC addressed any feedback received on a validation rule.
The 2025 MMT includes relationships focusing on accounting model information, which are viewed as helpful information for constituents. The objectives of the relationships in the MMT are to help preparers identify the proper elements for tagging their filings, assist data users in the consumption of data with additional relationship information, and assist in writing business rules that leverage the extra relationship information to help with the proper element selection and identification.
The
A federal appeals court has reversed itself, reinstating an injunction on beneficial ownership information reporting by businesses only days after lifting it.
On Monday, a panel of the U.S. Court of Appeals for the Fifth Circuit
The appeals court issued an
“The merits panel now has the appeal, which remains expedited, and a briefing schedule will issue forthwith,” said the court. “However, in order to preserve the constitutional status quo while the merits panel considers the parties’ weighty substantive arguments, that part of the motions-panel order granting the Government’s motion to stay the district court’s preliminary injunction enjoining enforcement of the CTA and the Reporting Rule is VACATED.”
Earlier this week, after the appeals court panel initially lifted the injunction, the Treasury Department
If accounting is transforming, continuing professional education should as well
RGTI, KULR, MSTR and more
What should companies do to keep bosses safe?
New 2023 K-1 instructions stir the CAMT pot for partnerships and corporations
Are American progressives making themselves sad?
U.S. Beneficial Ownership Information Registry Now Accepting Reports
-
Economics7 days agoBOI Reporting and the impact of the recent Federal Injunction
-
Economics1 week agoRussian central bank surprises markets by holding key rate at 21%
-
Technology1 week agoArtificial Intelligence and Machine Learning: Transforming the Future
-
Economics1 week agoAfter a chaotic scramble, Congress strikes a budget deal
-
Leaders7 days agoJeff Bezos Is The Architect of Modern Ecommerce
-
Finance7 days agoIndia may have fastest growing e-commerce sector
-
Economics1 week agoThe Biden administration pursued a mistaken policy on LNG exports
-
Economics1 week ago
Why Congress is so dysfunctional