Confidentiality Flashcards
Where is confidentiality important (regulation)?
- In ethical codes:
IFAC
ICAEW - Regulation
GDPR (EU law)
Data protection act (Extends law)
Key factor in client/auditor relationship
Trust
(Otherwise might not provide all necessary info)
GDPR and DPA confidentiality rules
- Protection: Anyone who processes personal information must ensure it is protected
- Access: Individuals have the right to access both:
Their personal data
Information about how it is being processed - Reason: Personal data can only be held if there is a specific lawful reason to do so
Or if the individual has specifically opted in to allow storage of their data
Key confidentiality risk
Accidental disclosure
How to reduce the risk of accidental disclosure
Keep client info confidential:
In social environment’s
Within the firm
After the end of a business relationship
When changing employment
When acquiring a new client
The other confidentiality risk to avoid
Improper use of info
E.g. insider dealing
Safeguards definition
Physical and electronic security measures to avoid disclosure
What should firms ensure all who work on their behalf are trained in and understand in terms of confidentiality
- It’s importance
- Importance of identifying confidentiality and conflict of interest issues
- Procedures in place for identifying confidentiality and conflict of interest issues
2 times disclosure is permitted
- Right to disclose
- Duty to disclose
When there is a right to disclose
- Client PERMISSION obtained
- Disclosure is in PUBLIC INTEREST
- To defend the firm in a NEGLIGENCE CLAIM
When there is a duty to disclose
- Ordered by COURT
- Required by a REGULATOR
E.g. FCA, Charity Commission - Suspicions of MONEY LAUNDERING
- Suspicions of TERRORISM
Suspicions of money laundering should be reported to
National Crime Agency
Suspicions of terrorist activity should be reported to
The police
Is it a criminal offence not to report a suspicion of ML?
Yes
2 ML roles firms must have
- Money Laundering nominated officer
- MLCP
MLCP
money laundering compliance principal
Can MLNO and MLCP be the same person?
Yes
What role must the MLCP have in the firm?
On the board
Or member of senior management
What is the MLNO responsible for?
Firm’s compliance with regulations
Receiving internal reports of ML
suspected or identified
Making disclosures to the NCA
Examples of money laundering
Keeping customer payments
Non-compliance with a regulation to cut costs
Criminal offenders under the CA
E.g. illegal loan to director
Is it improper for an accountant to habe 2 clients whose interest are in conflict?
No
(Many firms use industry expertise as a selling point)
(Important that firm can demonstrate their work on one client will not adversely affect another)
ICAEW code advice when an accountant has a conflict of interest between 2 clients
- Notify those clients
- Seek their consent to continue to act for both parties
(3. Implement safeguards
To preserve confidentiality)
Safeguards to preserve confidentiality in client conflict of interest
Separate teams
Information barriers
Confidentiality agreements
Signed by employees and partners
Review of the application of safeguards
By an independent partner
Information barriers examples
No team overlap
Physical separation of teams
Procedures for maintaining security of records (paper and electronic)
What should the firm do if adequate client COI safeguards can’t be implemented?
Stop acting for one or both clients