We had another great webinar presented by Michael Hoffner (Partner) and Elaine Nissley (Principal) with McKonly & Asbury with McKonly & Asbury! Thank you to everyone that attended and received CPE credit.
We discussed the application of ethics from a professional standards perspective. We also highlight the Codes of Professional Ethics including American Institute of Certified Public Accountants (AICPA), The Institute of Internal Auditors (IIA), and Information Systems Audit and Control Association (ISACA).
Check out our Upcoming Events page for news and updates on our future seminars and webinars.
For more information on this topic or to submit a question for Mike or Elaine, use our contact page at www.macpas.com/contact.
www.macpas.com/webinar-recap-professional-ethics
3. PROFESSIONAL
ETHICS
MICHAEL HOFFNER (CPA)
PARTNER
ELAINE NISSLEY (CISA, CCSA, PMP, CRISC, CRMA)
PRINCIPAL
3
01
8/2
4/1
4. A BIT ABOUT US
Michael Hoffner
• Partner
• Audit
• CPA Elaine Nissley
• Principal
• Audit and Consulting
• MBA, CISA, PMP, CRISC
5. AGENDA
Governing Standards for CPA’s
• AICPA Code of Professional Ethics
• PICPA and Other Standard Setters
Standards for Internal Audit
• Institute of Internal Auditors (IIA)
• Information Systems Audit & Control Association (ISACA)
7. GOVERNING STANDARDS FOR CPA’S
AICPA Code of Professional Conduct
Specific statutes/rule makers
• U.S. Government Accountability Office (GAO)
• Department of Labor (DOL)
• Public Company Accounting Oversight Board (PCAOB)
• U.S. Securities & Exchange Commission (SEC)
• Others
8. AICPA CODE OF PROFESSIONAL CONDUCT
The Principles
• Department of Labor (DOL)
The Rules
• Govern the performance of professional services by members
9. AICPA CODE OF PROFESSIONAL CONDUCT
The Principles
• Article I: Responsibilities
• Article II: The Public Interest
• Article III: Integrity
• Article IV: Objectivity and Independence
• Article V: Due Care
• Article VI: Scope and Nature of Services
10. AICPA CODE OF PROFESSIONAL CONDUCT
The Rules – ET Section 100
Rule 101 (Independence)
• Covers general rules regarding independence relative to
attest services
• Clarifies application to member as well as family members
• Numerous interpretations
Rule 102 (Integrity and Objectivity)
• Speaks to conflicts of interest, knowing misrepresentations,
and providing advisory services
11. AICPA CODE OF PROFESSIONAL CONDUCT
The Rules – ET Section 200
Rule 201 (General Standards)
• Competence, Due Professional Care, Planning and Supervision, Sufficient
Relevant Data
Rule 202 (Compliance with Standards)
Rule 203 (Accounting Principles)
• Clarifies the CPA’s responsibilities regarding providing an opinion on financial
statements purported to be in accordance with GAAP
12. AICPA CODE OF PROFESSIONAL CONDUCT
The Rules – ET Section 300
Rule 301 Confidential Client Information
• Prohibited to disclose confidential client information without consent
• Does not relieve requirement to respond to a subpoena or summons
Rule 302 Contingent Fees
• Prohibits contingent fees for clients receiving an audit or review, most
compilations, and related to certain tax situations
13. AICPA CODE OF PROFESSIONAL CONDUCT
The Rules – ET Section 400
• “Responsibilities to Colleagues” – reserved
The Rules – ET Section 500
• Rule 501 Acts Discreditable
• Negligence, employment practices, general ethics matters, false or misleading
marketing, etc.
• Rule 502 Advertising
• Rule 503 Commissions and Referral Fees
• Rule 505 Form of Organization and Name
14. FOCUS ON INDEPENDENCE
Independence
Implies one’s ability to act with integrity and exercise objectivity and
professional skepticism
To help provide clarity and simplify the concepts contained in Rule 101, the AICPA publishes
“AICPA Plain English Guide to Independence”
http://www.aicpa.org/interestareas/professionalethics/resources/tools/downloadabledocuments/plain%20english
%20guide.pdf
15. FOCUS ON INDEPENDENCE
The Plain English Guide
• 43 page document updated regularly
• Links AICPA standards to PCAOB and SEC rules that may differ from AICPA rules
• Clarifies that Independence means:
• Independent in Mind
• Independent in Appearance
• Provides numerous definitions, illustrations of application, and frequently asked
questions
16. FOCUS ON INDEPENDENCE
Things of note
• Clarity on accepting employment or a board position with a client
• Network vs. Association Firm
• When family members are subject to the rules
• What if I receive an inheritance that impairs my independence?
• Can I have a loan or bank account with a client?
• May I give or accept gifts or entertainment to/from a client?
17. FOCUS ON INDEPENDENCE
Things of note (cont.)
• Service on an Advisory Board or as an honorary director/trustee for
a client is permitted, as long as specific as to function
• What non attest services are permitted, and which are not?
• May not make operational or financial decisions, or perform management functions
for the client
• May not authorize or execute transactions, prepare source documents (i.e. purchase
order), or have custody of assets
• Client MUST assume management responsibility and accept responsibility for results
of the services
18. PICPA CODE OF PROFESSIONAL CONDUCT
Principles of Professional Conduct
• Article I – Responsibilities
• Article II – The Public Interest
• Article III – Integrity
• Article IV – Objectivity and Independence
• Article V – Due Care
• Article VI – Scope and Nature of Services
19. PICPA CODE OF PROFESSIONAL CONDUCT
Rules of Conduct and Interpretations
101 – Independence 400 – Responsibilities to Colleagues [Reserved]
102 – Integrity and Objectivity 501 – Acts Discreditable
201 – General Standards 502 – Advertising and Other Forms of Solicitation
202 – Compliance with Standards 503 – Commissions and Referral Fees
203 – Accounting Principles
505 – Forms of Practice & Name
301 – Confidential Client Information
302 – Contingent Fees
20. OTHER RULEMAKING BODIES
Public Company Accounting Oversight Board
• Initially adopted AICPA Rule 101 and 102 (Independence, Integrity and
Objectivity)
• Adopted specific, more restrictive (in many cases) rules regarding Auditor
Independence, Contingent Fees, Tax Services, Requirements for Audit Committee
Approval of Services, and other Independence Standards
21. OTHER RULEMAKING BODIES
GAO (US General Accounting Office)
• Ethical principals and independence rules related to Yellow Book (Governmental) audit
and attest work
• Many similarities to AICPA Code of Conduct
• Includes seven specific safeguards which must be in place for non audit services to be
allowed
DOL (Dept of Labor)
• More restrictive than AICPA in most definitions
• Require independence for a more restrictive time period
23. IIA CODE OF ETHICS
Integrity
Honesty, diligence, responsible, and lawful
Objectivity
Avoid conflict of interest or bias
Disclose all material facts
Confidentiality
Do not disclose information without authorization
Competency
Maintain professional competency
24. ISACA CODE OF PROFESSIONAL ETHICS
Support Compliance with IS Governance
Objectivity, and Due Diligence
Honest, Lawful, Good Character
Maintain Privacy and Confidentiality
Maintain Competency
Report all Significant Facts
Support Education of Stakeholders
25. COMMON PROFESSIONAL ETHICAL OBJECTIVES
Honesty and Integrity
“Integrity is telling myself the truth and honesty is telling the truth to other people.”
Spencer Johnson
Transparency and Confidentiality
“One man’s transparency is another’s humiliation.” Gerry Adams
Competency and Due Diligence
“The expectations of life depend upon diligence; the mechanic that would perfect
his work must first sharpen his tools.” Confucius
26. GENERATIONAL DIFFERENCES
Traditionalists Baby Boomers Generation X Millennials
Birth Years 1900-1945 1946-1964 1965-1980 (1977-1994)
1981-2000
Current Age 63-86 44-62 28-43 8-27
Work Ethic and Values Adhere to rules Challenge authority Like a casual work Want long-term
Dedicated work ethic Dislike conformity and environment relationships with
Value due process and rules Looking for meaningful employers, but on their
fair Value Equality work and innovation own terms
play Value Personal Move easily between Recognize that people
Value Honor fulfillment/gratification jobs and criticized for make the company
Value compliance Willing to take risks having no attachment to successful
Work efficiently a particular Understand importance
job/employer of great mentors
28. SEGREGATION OF DUTIES
An auditor observes that a receivables clerk has physical
access to and control of cash receipts. The auditor is a
good friend of the clerk and has a high level of trust in
the individual. Accordingly, the auditor notes in the
working papers that controls over receipts are
adequate.
29. WHISTLE BLOWING
During the course of an audit, the auditor learned that
certain individuals in the organization were involved in
dumping toxic wastes in a nearby stream. The auditor
has decided to report her findings to the appropriate
individuals within the organization.
30. QUESTIONS
Michael Hoffner
• Partner
• Audit
• CPA Elaine Nissley
• Principal
• Audit and Consulting
• MBA, CISA, PMP, CRISC
32. FRAUD ENGAGEMENT
FROM A TO Z
SAMUEL BOWERCRAFT, MSIS, CISA
&
DAVID HAMMARBERG,
CPA, CFE, CISSP, MCSE, WXYZ
3
01
8/2
4/1
Hinweis der Redaktion
1. Integrity The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. 1.1. Shall perform their work with honesty, diligence, and responsibility. 1.2. Shall observe the law and make disclosures expected by the law and the profession. 1.3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization. 1.4. Shall respect and contribute to the legitimate and ethical objectives of the organization. 2. Objectivity Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments 2.1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2.2. Shall not accept anything that may impair or be presumed to impair their professional judgment. 2.3. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review. 3. Confidentiality Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. 4. 3.1. Shall be prudent in the use and protection of information acquired in the course of their duties. 3.2. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization. Competency Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. 4.1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 4.2. Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing . 4.3. Shall continually improve their proficiency and the effectiveness and quality of their services.
1. Integrity The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. 1.1. Shall perform their work with honesty, diligence, and responsibility. 1.2. Shall observe the law and make disclosures expected by the law and the profession. 1.3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization. 1.4. Shall respect and contribute to the legitimate and ethical objectives of the organization. 2. Objectivity Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments 2.1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2.2. Shall not accept anything that may impair or be presumed to impair their professional judgment. 2.3. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review. 3. Confidentiality Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. 4. 3.1. Shall be prudent in the use and protection of information acquired in the course of their duties. 3.2. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization. Competency Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. 4.1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 4.2. Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing . 4.3. Shall continually improve their proficiency and the effectiveness and quality of their services.
Honesty and Integrity - adherence to moral and right conduct principles; soundness of moral character; honesty. Dictionary.com One of the fastest was to lose respect of others is to operate in a do as I say, not as I do fashion. Have you experienced this in your career? Transparency and Confidentiality - Transparency includes a quality of openness and candor which helps people to understand why decisions are made. This must be balanced with confidentiality to protect valuable or sensitive information which if disclosed with harm the organization or be in violation of laws such as HIPPA. Has anyone experience the failure to maintain this balance? Competency and Due Diligence – Not only should we as professionals maintain our competency, and only engage in activities for which we are qualified, we should also perform our duties with due diligence. We should not jump to conclusions but make sure we have sufficient evidence to support our assertions. Looking at the quote by Confucius, who wants and mechanic to work on your care if that mechanic does not know his trade and jumps to a conclusion about what is wrong with your car before taking due care to evaluate the root cause of the problem. Has anyone experienced lack of knowledge or jumping to conclusions?
There is an expectation that accountants and auditors will apply their professional judgment in a way that support the public’s interest. Both accountants and auditors are well known as whistleblowers. But quite often we find ourselves in a moral dilemma where application of our professional judgment in support of the public’s interests is at odds with our personal interests and the interests of the executives we work for. There are many examples where professionals made the choice on the side of their personal interests. For example, Sherron Watkins a CPA at Enron, who was the VP of Corporate Development and had previously worked for Arthur Anderson. She did not blow the whistle in the interest of the greater public good. She simple wrote an anonymous internal memo to chairman, Kenneth Lay relaying the fact that there were financial misstatements and she was concerned that there were whistleblowers within the company. She did end up testifying and ultimately won the 2002 Time People of the Year Award. But if she would have gone public sooner do you think there would have been less harm to the public? How do we handle these dilemmas and adequately apply our professional code of ethics? Interact with the audience. If no responses, revert back to the case of the Phantom CAE. If you have no experience in Information Systems auditing and you are requested to completed an IT audit, what should you do. (Indicate that you do not have the professional competency to complete the work unless you have guidance and assistance from a qualified IT Auditor who will need to review and sign-off on your work.)
Analysis. Auditors must maintain their independence, integrity, and objectivity. Auditors must be alert to opportunities for fraud or conditions and activities where irregularities are most likely to occur. Cash has a high degree of inherent risk and should therefore be subject to stringent control procedures. Access to cash and the record keeping functions should be separated regardless of the personal qualities of the individuals involved. The fact that the clerk is a friend of the auditor is irrelevant. Management still needs to be aware that there is inadequate internal control in receivables.
Analysis: Auditors shall report all significant facts. Has the auditor gone far enough? What obligation do they have to report this to the authorities?