Chapter 16 Flashcards
What are the two key considerations for accountants considering confidentiality?
- Information obtained in a business relationship is not disclosed outside the firm unless there is a proper and specific authority, or there is a legal or professional right or duty to disclose.
- Confidential information acquired is not used to personal advantage.
What data protection regulations do accountants need to follow?
- Data Protection Act 2018
- General Data Protection Regulation (GDPR)
What is GDPR?
regulation in EU law on data protection and privacy that aims to give individuals control over their personal infomation
what is the data protection act 2018
extends domestic data protection laws to areas which are not covered by the GDPR
what are the rules under GDPR and data protection act?
- anyone who processes personal information must ensure that it is protected
- individuals have the right to access both their personal data and information about how it is being processed
- personal data can only be held if there is a lawful reason to do so, or individual has opted in
When is it important to keep client information confidential?
- in social environments
- within the firm
- after the end of the business relationship
- when changing employment or acquiring a new client
In order to ensure disclosure doesnt happen safeguards are put in place to protect confidentiality what are these?
- Access controls: Physical and electronic security measures, such as passwords and encryption, should be put in place to restrict access to data and so avoid unwanted disclosure.
- Training i.e. in confidentiality
When can client confidentiality be disclosed? (right to disclose)
- client permission is obtained
- where disclosure is in the public interest
- to defend the firm in a negligence claim
When can client confidentiality be disclosed? (duty to disclose)
- if order to by court
- if required by a regulator
- suspicions of money laundering
- suspicions of terrorist activity
Which three of the following are situations where there is a legal duty to disclose confidential information
a) When a fraud has taken place, it should be reported to the police.
b) When terrorist activity has taken place, it should be reported to the police.
c) When regulatory breaches have taken place at a charity, it should be reported to the Charities Commission.
d) When money laundering is suspected, it should be reported to the National Crime Agency (NCA)
b, c, d
what is the name of the money laundering regulator?
Money Laundering Regulations 2007
what are examples of money laundering?
- keeping customers overpayments
- non-compliance with a regulation to save costs
- criminal offenses under the companies act e.g. an illegal loan to a director
What are important things an audit firm need to remember when it comes to money laundering?
- reporting money laundering is not a breach of confidence
- Cannot tell client you have reported
- firms must have a money laundering officer and money laundering compliance principle (these can be the same people)
- nominated offers responsibility to receive reports and report to National Crime agency (NCA)
What is the ICAEW Code of Ethics guidance when there is a conflict of interest with 2 clients of the firm?
- notify the relevant clients of the situation
- seek their consent to continue to act for both parties
What should the firm do if it acts for 2 clients who have conflicts of interest?
- separate teams
- information barriers:
- no overlap in people
- physical separation in teams
- security of paper and electronic records - confidentiality agreements
