• News & Resources
• Technical Resources
  • Tax
    • American Rescue Plan Act Conformity Guide (2021)
    • CCH Online Tax Research
    • SALT Resources
    • Tax Podcasts
    • CCH Tax Deadline Calendar
    • Tax Communities
  • Audit
    • Single Audit Resources
  • Beneficial Ownership Information
  • Cannabis
  • QM Standards
• Business Resources
  • Human Resources
    • HR Hotline
    • HR Webinar Archive
    • HR Assessment
    • HR Articles
    • Sample HR Documents
    • Return to Work Resources
  • Disaster and Pandemic Planning
  • Data Privacy and Protection
• Accounting Firm Management
  • Small Firm Special Interest Section
  • Client Letters
  • Engagement Letters
  • Client Record Retention Guidelines
  • MAP Survey
    • Download Results
  • Customized CPE Training
  • Career Center
• Publications
  • Footnote
    • Issue Archive
    • Regular Columns
    • Articles by Topic
    • Write for the MNCPA
  • eNewsletters
    • This Just In
    • Legislative Digest
    • Firm Administrator Bulletin
    • Accounting Educator
    • Student eNews
  • CPA Stories
  • MNCPA Perspectives
    • Topics
    • Authors
    • Archive
  • Tax Podcasts
    • Archive
• Areas of Interest
  • Focus Features
    • Cybersecurity
    • Emerging Technologies
    • Cannabis
    • Automation
• Wellness Resources
  • Step Challenge
    • Step Challenge FAQs
  • Wellness Webinars
• Knowledge Hub
• Webinar Archive
• Rules & CPA Certification
  • CPE Log
  • CPE Rules
  • CPA Certificate Information
    • Applying for Your Certificate
    • First Year Requirements
    • Certificate Renewal
    • 2020 CPE deadline extension
  • Certificate Status
    • Active vs. inactive: What's the Difference?
    • Convert to Active CPA
    • Love Your CPA Letters?
    • Retired CPA Status
    • Videos
  • Firm Requirements
    • Firm Permit Renewal
    • Firm Name Changes
  • MNCPA and BOA Differences
  • Preparing for the CPA Exam
    • Educational Requirements
    • Experience Requirements
    • Applying to Take the Exam
    • Becoming a CPA FAQ
  • FAQ
• Peer Review
  • PRIMA info
  • Review Process
  • Fees
  • Pay Peer Review Invoice
  • Find a Reviewer
  • Become a Peer Reviewer
  • AICPA Resources
  • FAQ
• Press Room
  • MNCPA Overview
    • About the MNCPA
    • Leadership Bios
      • Board Chair
      • President and CEO
    • About Minnesota CPAs
  • MNCPA in the News
  • Connect with a Media Spokesperson
  • MNCPA Logo Usage
• Professional Ethics
  • Ask an Ethics Question
  • Filing an Ethics Complaint
  • Responding to an Ethics Complaint
  • Professional Ethics Resources

Malpractice risks increase during difficult economic times

By Suzanne M. Holl, CPA

September 21, 2021

Economic conditions have long had a significant impact on CPA professional liability claims. In light of the current economic challenges, CPAs will need to be prepared and vigilant to minimize the potential for additional liability exposures.
 
Jury research shows that the public, including clients, perceive that a CPA’s fundamental job is to advise clients about opportunities and to warn them about risks. Juries believe the CPA’s “advising and warning” antennae should be hyper-sensitive during economic downturns. Some even believe “anyone can do a CPA’s job when times are good, but during difficult times — that’s when the CPA really needs to bear down.” In other words, expectations are elevated when economic times are challenging.
 
For example, when a business experiences a problem during difficult economic times, that client may perceive the CPA as having failed to provide crucial advice and warning. This could cause the client to misplace blame and deflect responsibility.
 
Also, looking at events in hindsight means history can be rewritten to benefit the client: “Why didn’t my CPA warn me about what was going to happen? I was relying on my CPA’s expertise for financial help.”
 
Professional skepticism must increase, not only to protect yourself and your client, but to protect other key stakeholders (e.g., the readers of the financial statements, lenders). History has proven that desperate times will cause some clients to take desperate measures, leading to deceit.

Loss prevention tip: Do not carry the burden of your client’s problems and permit yourself to become a victim of your clients. Loyalty to a client doesn’t take precedence over maintaining your professional standards of integrity, independence and objectivity. It is not worth jeopardizing your reputation or your own financial security in an attempt to mitigate or minimize client dilemmas.

Risk of fraud

Organizations in nearly every sector are cutting expenses and laying off workers. This can compromise existing internal controls and lead to fewer fraud prevention measures. CAMICO’s claims experience has shown that when people perceive an opportunity to commit fraud and get away with it, they are more inclined to defraud.
 
Fraud also can have a devastating impact on CPAs if firms fail to define the scope of their services and properly respond when fraud is identified or suspected. The public expects CPAs to have a nose for fraud, regardless of the limitations of the engagement. The expectation that CPAs will detect fraud is extremely difficult to meet, but the expectation to advise and warn is much less difficult. By advising and warning clients of their fraud/defalcation exposures and responsibilities, CPAs can minimize their liability.
 
Regardless of the services performed, CPAs cannot provide absolute assurance that fraud has not been committed.
 
CAMICO recommends that CPA firms address difficult economic times by:

• Identifying clients that may pose higher risk.
• Increasing the level of professional skepticism.
• Prioritizing defensive documentation, including the engagement letter and written memorialization of significant client meetings and conversations.

Social engineering scams/fraudulent wire transfers

CPAs continue to be at high risk of social engineering attempts due to the type of information firms gather and store, and CAMICO has observed an uptick in the frequency of these attempts. Phishing is one of the more common social engineering scams.
 
CAMICO has also observed a rise in fraudulent email requests for wire transfers. Fraudulent wire transfers frequently cause large dollar losses. If the fraudster controls the client’s and the firm’s email — commonly referred to as a “man in the middle” attack — and the fraudulent request mimics previous legitimate requests, it is very difficult for the firm to identify the request as illegitimate. When the fraud is discovered after the transfer, the funds are usually not recoverable.
 
Use your professional skepticism to avoid being lulled into a false sense of security. Any requests for money to be transferred to a bank account unfamiliar to you should be a red flag, especially if the new account is in another country. If the firm’s protocol with clients is to permit requests for wire transfers to be made via email, then establish and follow procedures to confirm requests using a mechanism other than email and proceed with the transfer only after confirming with the client (by phone or in person) that the request is legitimate. This includes, but is not limited to, confirming the dollar amounts, the name of the financial institution, and the bank account number. To validate the authenticity of the request, confirm information only known to the client; in other words, ask questions to which hackers would not know the answers.
 
Finally, here are some practical loss prevention tips to minimize fraudulent wire transfer exposure:

• Slow down. Whether working in the office or remotely, take the time necessary to validate suspicious or unexpected email.
• Establish written protocols. The firm should establish written protocols with clients for handling client funds, especially as it relates to handling wire transfer requests. Consider establishing dollar thresholds above which verbal consent would be required if clients do not want to be “bothered” to approve each request. In addition, document who the authorized client representative(s) would be for providing such consent if/when the client is not available.
• Proceed with caution. With the increased number of claims related to fraudulent wire transfers, best practice in the absence of any written protocols to the contrary would be to verbally confirm all wire transfer requests with these clients to minimize risk.

Suzanne M. Holl, CPA, is senior vice president of loss prevention services with CAMICO (www.camico.com). With almost 30 years of experience in accounting, she draws on her Big Four public accounting and private industry background to provide CAMICO’s policyholders with information on a wide variety of loss prevention and accounting issues.