Managing the professional liability of accountants
Guidance to help members manage their risk of potential liability because of an act or omission resulting in financial loss.
Issued February 2011, updated October 2015. A pdf version of this Guidance is available as a Technical Release (09/15BL).
|1.||Disputes can arise between providers of professional services and their clients or other (third) parties for a number of reasons. Accordingly, members will wish to manage risk and the extent of their potential liability to clients and third parties when providing professional services. Sometimes disputes arise not because of any inherent defect in professional work performed but due to misunderstandings regarding the scope of the work that has been agreed or responsibility for matters relevant to that work or parts of it. The purpose of this guidance is therefore to assist members in managing their risk of liability to clients and third parties.
|2.||This guidance is concerned only with the potential liability which a member may incur because of an act or omission which results in financial loss to a person to whom a duty of care is owed. It does not deal with potential liability arising from other causes (for example criminal acts, breaches of trust, breaches of statutory duty or breaches of contract other than the negligent performance of its terms). Members face other risks, including those arising from regulatory activity and damage to reputation. Professional negligence is however the most common basis for claims against members.
|3.||It is not possible to guard against every circumstance in which a member might incur liability for professional negligence. However, there are opportunities available to members to assist them in managing their risk, and many of these opportunities can be used as a package, in combination with each other. The most effective way for a member to manage liability to clients is to perform work of quality with professional competence and due care. In addition, members make arrangements for professional indemnity insurance cover , and may consider other possible methods of managing risk, such as the way in which a member is structured, or incorporation. This guidance discusses principles rather than providing example wordings for use by members. In relation to certain issues discussed in this guidance, some illustrations for members’ consideration or consultation with legal or other professional advisers are available separately or can be found in documents noted in footnote references or in the publications listed in Appendix 3.
|4.||Members are reminded that, even if they adopt all the measures discussed in this guidance, they may still be exposed to disputes with clients or third parties. Disputes might give rise to allegations, complaints or claims against members. When providing professional services, risk may be managed but cannot be eliminated. The possibility of disputes involving providers of professional services is a feature of professional life. Whether or not allegations, complaints or claims made against members have merit, members will wish to establish proper procedures  to handle allegations or complaints and to deal with all claims promptly, to notify their insurers and to seek appropriate legal advice.
Section A: Client acceptance
|5.||Standard 2: Client acceptance and disengagement of the Practice Assurance standards states: ‘A firm should agree to act for a client only if, in so doing, it does not contravene ICAEW’s regulations, standards and guidance’. Members may therefore find it helpful to establish policies and procedures for deciding whether to accept or continue a client relationship and whether to perform an engagement. These policies and procedures are designed to provide members with comfort that association with a client (or an engagement) that presents an otherwise unacceptable risk is managed.|
|6.||The establishment of such policies and procedures by a member does not imply that the member vouches for the integrity or reliability of a client, nor does it imply that the member has a general duty to anyone but itself with respect to the acceptance, rejection, or retention of clients (or engagements). Members exercise caution if other providers of goods or services request details of procedures applied by a member, to avoid inadvertently vouching for a client’s acceptability to another provider or otherwise taking on duties to another provider in respect of client acceptability.
|7.||The discussion below focuses on situations in which a member is considering an engagement for a new client. Many of the factors are equally relevant when a member is considering whether to continue with an existing client relationship.
There are various factors for a member to consider when deciding whether to accept a new client or to continue an existing client relationship by accepting a new engagement. For the purposes of managing professional risk, the following considerations are likely to be particularly relevant when assessing client (or engagement) acceptance:
|9.||Members may find it helpful to document the decision to accept a client and an engagement and the consideration of relevant factors in case a decision is reviewed at a later date. Members may use checklists (either on paper or in software) so that relevant factors are assessed on a consistent basis by those responsible for making client (or engagement) acceptance decisions. This documentation is in addition to, but may be created at the same time as, documentation of the member's performance of anti-money laundering and client identity checks. 
|10.||The considerations listed above are discussed in more detail below. Some are relevant also to engagement acceptance considerations.
The reputation and integrity of the client
|11.||A member obtains information about the client to assist the member in making an informed judgement on the reputation and integrity of that client.
|12.||Typically, members will have regard to the following: 
|13.||The amount of information which members may wish to obtain about a client’s reputation and integrity will depend on the nature of the client and the member's perception of its exposure to reputational risk as a result of association with the client (or the engagement). Members may also wish to have regard to any sanctions that might apply to the country in which a client is based and may wish to seek legal or other professional advice as may be appropriate on the effect that sanctions might have on members’ professional indemnity insurance arrangements.
Section B: Engagement acceptance
|14.||Many of the considerations discussed above in the context of client acceptance are relevant also to the question of engagement acceptance.
|15.||Where a member is to replace an existing accountant, the Code of Ethics, Section 210, Professional Appointment will apply.
|16.||Where a member is not to replace an existing accountant, the member may take account of the source of the engagement. For example, where the opportunity arises from a referral or recommendation by another professional, the member may consider whether the rules governing the conduct of members of its professional body provide the member with assurance as to the integrity of the client. However, in relation to client identification and anti-money laundering checks, members remain fully responsible for making their own enquiries.
The engagement risk, available safeguards and the member's experience
|17.||To err is human and any engagement presents the risk of error giving rise to disputes.
|18.||The risks of error and disputes can be managed to some extent by the application of effective quality control measures. Members' willingness to accept these risks will differ, depending on the circumstances.
|19.||Where a member has recent experience of providing the service requested by the client, the member may consider itself well placed to assess the risks of error and disputes and the steps that may be taken to manage those risks. For example, in addition to quality control measures, exposure to disputes arising from error may be controlled through measures such as liability limitation provisions or by limiting the number of parties who may be able to rely on the service provided by the member.
Availability of competent resources
|20.||Members will wish to consider the competencies of those persons to be assigned to perform any engagement, and the following:
|21.||Relevant skills and experience for members approached to prepare wills will extend to specialist drafting competencies. If contemplating the provision of services related to probate, members will wish to consider their authorisation or licence to provide services amounting to ‘authorised work’ under the ICAEW’s Probate Regulations, defined in the Probate Regulations as ‘probate work’ or ‘estate administration’ services. Members approached to prepare wills or to perform ‘authorised work’ or to provide estate administration services outside of the Probate Regulations will also wish to consider the implications arising from such clients invariably being consumers. 
|22.||This guidance is not designed for will drafting or estate administration sevices or ‘authorised work’ but many of the principles set out here will be relevant to members performing such services or such ‘authorised work’. In particular, members drawing up wills or providing estate administration services or performing ‘authorised work’ as defined in the Probate Regulations will encounter inherent third party risks. A member engaged by a testator to prepare a will takes on duties to the intended beneficiaries.  Yet the intended beneficiaries will not be parties to the contract formed by the member’s engagement letter with the testator, so the terms and conditions agreed with the testator (including any limitation on the member’s liability) will not apply to the intended beneficiaries, who will therefore be third parties. A similar risk in respect of intended beneficiaries under a will is likely to arise where members provide estate administration services or services amounting to ‘authorised work’ under the ICAEW’s Probate Regulations.
|23.||For such members, the safeguards discussed below (in Section F: Managing third-party risk) will not be appropriate and members engaged for such services may feel that they have no choice and have to accept the inherent third party risks. Members accepting engagements to perform will drafting or estate administration services or ‘authorised work’ as defined in the Probate Regulations may therefore wish to consider or seek legal or other professional advice as may be appropriate on whether use of the Contracts (Rights of Third Parties) Act 1999 in their engagement letters for such engagements might provide a safeguard against taking on unprotected third party risks.
|24.||Members will wish to consider the Code of Ethics, Section 100, Introduction and Fundamental Principles, and Section 130, Professional Competence and Due Care, before accepting engagements if they might not have the skills or available resources to provide the services desired by the client. 
|25.||Where the timing requirements expressed by the client are challenging, members may find it helpful to discuss these with the client before the engagement is accepted so that any conflict with resource availability or other quality considerations can be resolved with the client. 
|26.||Members and clients will often have differing views about the fees that are appropriate for an engagement. A degree of negotiation is normal regarding the amount of a fixed fee, or an upper limit on a flexible fee, or rates that are to be charged for a time-based fee, or different bases for charging that might be linked to an event or outcome, such as contingent fees or success fees. Whatever is agreed in relation to fees and the basis for charging, members will find it helpful to state clearly what is being provided for an agreed fee and where appropriate what will trigger payment. Clarity in relation to the scope, nature and complexity of an engagement and any other matters relevant to fees, will help to avoid misunderstandings.
|27.||Members negotiating with clients who are consumers will wish to exercise caution in respect of what is said or written before the engagement letter is signed by the client. Although a consumer client’s reliance on such statements will be subject to any qualifications made at the time of the relevant statement and any change expressly agreed, members may wish to concentrate on being clear and assume that consumer clients will rely on what is said or written about the member or the service before the engagement letter is signed. 
Conflicts of interest
|28.||Members act with integrity at all times and members will therefore wish to avoid accepting or continuing engagements that present an actual or perceived conflict of interest, whether between a member’s own interests and a client’s interests or between the interests of different clients, unless they are satisfied that adequate safeguards can be implemented and each affected client agrees. More guidance on the identification and management of conflicts of interest is available in the Code of Ethics, Section 220, Conflicts of Interest and in Technical Release TECH06/14BL, Guidance on Managing Conflicts of Interest.
Section C: Engagement contracts
Members will find that difficulties are more likely to be avoided if the terms of their contract with their client are recorded in writing, either in an engagement letter that is counter-signed by the client to demonstrate agreement, or in some other written form. Whatever written form the engagement contract may take, it is described in this guidance as an engagement letter. The approach of recording the agreement in writing is designed to manage the risk of future disputes with the client by reducing the scope for misunderstandings as to:
An engagement letter produced on paper, bearing the member’s and the client’s ink signatures, is likely to form the best evidence of agreement but agreement in writing can also be recorded electronically. See further below, Section H: Forming contracts electronically. Members engaged by consumer clients to provide services will also wish to take into account the rights of consumer clients to rely on statements made orally or in writing about the member or the service before the engagement letter is signed. 
|30.||Members will note that International Standards on Auditing (UK & Ireland) 210, Terms of audit engagements, paragraph 2-1, and Standards for Investment Reporting 1000, Investment reporting standards applicable to all engagements in connection with an investment circular, paragraph SIR 1000.3, require engagements to which those Standards apply to have terms of engagement that are recorded in writing. It is likely that the requirement in those Standards for a written record will be met if the written form is documented electronically, provided that any other components required by those Standards are present.
Engaging with all parties to benefit from the services
|31.||The general principle is that a member will wish to enter into an engagement letter with each party to whom the member is prepared to accept a duty of care. However, this may not always be possible. For example, a party may be entitled by statute to rely on a member’s report without contracting with the member to deliver it (as is the case with the statutory audit engagement for a company, where the audit report is addressed to the shareholders of the company even though they are not a party to the engagement letter). There may also be practical constraints in obtaining signatures to an engagement letter from all relevant parties.
|32.||One approach in relation to engagements with multiple parties, such as groups of companies, is to have a single composite engagement letter, with each relevant party being both an addressee and signatory to the letter. An alternative approach is to have one party signing the engagement letter as agent for the others, or to have a separate engagement letter for each party. Where an agency approach is adopted, the member will wish to be satisfied that the addressee and signatory is suitably authorised. A further alternative might be to use the Contracts (Rights of Third Parties) Act 1999, which enables contracting parties to confer benefits on non-contracting parties, but members may wish to seek legal or other professional  advice before using that Act.
Engagement contract formalities
|33.||The engagement letter will not form a binding contract unless the client demonstrates agreement to its terms, ideally by counter-signing it. Members may find it helpful to clarify agreement by requiring the client’s signature to the engagement letter before carrying out any work and certainly before providing the client with any work product, such as a report. A signed engagement letter demonstrates that the client has accepted the terms of the engagement. Members will wish to satisfy themselves that the person signing the letter on behalf of a corporate client has the authority to accept the terms.
If the client does not sign the engagement letter and there is a dispute concerning the engagement, there is a risk that a court may rule that:
Members may wish to try to manage these risks by catering in advance for circumstances where a signed engagement letter cannot be obtained from the client despite efforts to achieve this. Members attempting to address such matters as a pre-emptive safeguard may wish to consider clarifying in their engagement letter that client activity responding positively to the engagement letter will be treated by the member as behaviour that demonstrates acceptance of the engagement letter. Such activity might include:
What amounts to a reasonable period for a client to consider an engagement letter will depend on the circumstances, including (for example) the client’s availability, the complexity of the engagement letter, and the nature of the services. Members who include such clarification in an engagement letter and who specify a period for responding will therefore wish to take account of such circumstances as may apply.
|35.||Different terms and conditions may apply to the engagement where, for example, the engagement results from a successful proposal submitted in response to an invitation to tender issued by the client. This may arise where the invitation to tender to which the member responds contains terms and conditions that will apply if a contract is awarded and the member presents an engagement letter which the client does not sign. Members responding to invitations to tender will wish to read the invitation carefully and submit a proposal on a ‘subject to contract’ basis if they wish to qualify the proposal in relation to contract issues.|
|36.||If a client that has signed an engagement letter subsequently asks the member to carry out any additional tasks, or in any other way wishes to vary the terms of the engagement, members will find it helpful to document the changes in writing and to obtain acceptance in writing from the client. Disputes may arise if changes are not documented and agreed in writing.
The content of the engagement letter
Members and their clients will find it helpful if engagement letters are clear and informative. Such engagement letters will typically cover various points, such as those listed below. Members are also referred to paragraph 40 below for additional standard terms and conditions that members may wish to include in the engagement letter or in an appendix.
|38.||Members might be retained as general tax or other advisers, with certain terms being set out in an engagement letter which confirms the client’s retainer of the member. Any such general retainer does not give rise to any duties until any advice or other service has been requested and the scope has been agreed, which will then clarify the duties arising. Members might find it helpful to clarify in an engagement letter which confirms a general retainer that no advice or other service will be provided unless it has been requested and the scope has been agreed and that therefore no duty to volunteer advice or any other service will apply. Members will also wish to avoid agreement on scope being implied by a course of conduct or other behaviour, since this can give rise to misunderstandings and expectation gaps (about the general or specialist nature of advice requested or promised, for example) and the risk of complaints or claims. Members will therefore wish to take steps to document and agree the scope of advice or other service requested and to be performed under a retainer arrangement. When documenting agreed scope, whether before performance or at the time of delivery, members will find it helpful to confirm that the relevant engagement letter applies.
|39.||Some of these points for engagement letters are considered in further detail below. With the exception of any limitation on the member’s liability, these points are not designed to exclude or limit the member’s liability for loss arising from errors in work performed. Their objective is to clarify the scope of work to be undertaken, including any limitations on that scope, the purpose for which the client is entitled to rely on that work, and other matters that might be important. Such measures can help to protect a member from disputes relating to the services provided.|
A member may also wish to include, either in the engagement letter or in an appendix enclosed with the engagement letter, additional terms and conditions dealing with matters that the member considers applicable to the engagement, such as:
Members may find it helpful, with the benefit of legal or other professional advice as may be appropriate, to develop an appendix that sets out standard terms applicable to the member’s work.
Master services and framework agreements
|41.||Some corporate clients may prefer members to enter into master services or framework agreements, containing the client’s own terms and conditions, which provide a contracting framework for any work to be carried out for that client. It is common, however, to have a separate engagement letter (which might be described as a ‘work order’ or ‘statement of work’) with the client for each piece of work carried out under the master services or framework agreement.
|42.||Certain organisations (such as major banks, large corporates and public authorities) may have created their own standard terms and may present these to members for agreement. Members may wish to negotiate changes to these standard terms or alternative terms of engagement. In some cases this may be difficult, but such standard terms are not binding on members unless they are accepted.
Section D: Limiting liability to members' clients
|43.||The provision by members of professional services can give rise to disputes with clients and other (third) parties, which, in the absence of safeguards, may expose members to unlimited liability. Potential liability to third parties is dealt with elsewhere in this guidance.  This section deals with limiting or excluding liability to members’ clients.
Like many other providers of goods or services, members may limit their potential liability to their clients by including limitations or exclusions of liability in their engagement letters. The validity of any limitation or exclusion clause will be subject to legal restraints. Accordingly, some uncertainty cannot be avoided.  However, members will wish to have the following in mind:
Any limitation or exclusion clause is more likely to be enforceable if it is fair and reasonable
|45.||A limitation or exclusion clause may be unenforceable if it is not fair and reasonable. What is fair and reasonable will depend on all the circumstances, with particular regard to factors that are discussed in Appendix 1 to this guidance, which applies to all clients including any who are consumers.
|46.||Where a member has performed work for a fee, it is not likely to be fair and reasonable for a member to seek to exclude liability entirely to the client. A more common approach is to limit in the engagement letter a member’s liability to a fixed amount (often described as a ‘cap’ on liability). A cap set at a reasonable level is more likely to be enforceable and to protect the member than a total exclusion of the member’s liability to the client.  If a court finds that the amount of a liability cap is unreasonable, the court will not vary the cap to make it reasonable and it will remain unenforceable.|
|47.||Members are free to negotiate suitable engagement terms and conditions with their clients but, having regard to applicable legal restraints, members may wish to adopt a pragmatic approach when negotiating limitations or exclusions of liability. Clients can sometimes exert commercial pressure on members. Members are entitled to be robust in their negotiations given the importance of limiting liability but will wish to avoid being perceived as unfair or unreasonable. Equally, members avoid taking unfair advantage of clients who might be unsophisticated or not commercially aware. In deciding what negotiating position to adopt, members will wish to take into account the nature of the client and the engagement and the overall commercial risk and reward analysis.
|48.||Caps on liability that clients have been given an opportunity to consider and that have been discussed and negotiated are generally more likely to be regarded as reasonable. Where a cap on liability is accepted without discussion, it is not necessary for members to try to compel negotiation by clients. It would however be unusual for a client to be given no reasonable opportunity to consider a liability cap, to take advice, and to negotiate, if desired by the client.
|49.||If negotiations on limitation do take place, eventually a deal will have to be reached. This may require a member to make concessions, which may include upward adjustment to a limitation amount initially proposed. 
The importance of any exclusion or limitation of liability being clear and agreed by the client
|50.||Members will wish a limitation of liability agreed with the client to be set out clearly in the engagement letter. Where a member’s engagement letter comprises the member’s standard terms together with a covering letter, it may help to draw attention to the cap on liability by referring to the cap on liability in the covering letter as well as in the standard terms.|
Members may wish to take their own legal advice on the formulation of a clause in the engagement letter limiting liability.  The following points of principle may assist members:
The possible application of statutory or regulatory rules, or industry or market practices
|52.||Members appointed as auditors under the Companies Act 2006 may limit their liability provided that shareholder approval is obtained and then only to the extent that the limitation is ‘fair and reasonable’ in the particular circumstances. To give effect to an agreed limitation, the auditor must enter into an auditor liability limitation agreement with the company, after following a prescribed procedure. |
|53.||Members who audit bodies other than companies will wish to consider the framework under which their appointment to audit the body concerned has been made and the audit is to be performed. The audits of some bodies (such as building societies) are governed by legislation that prevents members from limiting their liability for their audit work. Frameworks governing other audits (such as audits of limited liability partnerships) may permit limitations on the auditor’s liability to be agreed.|
|54.||The acceptability of any limitation or exclusion of liability may be affected by applicable market expectations or common practices. |
|55.||There is an 'interim moratorium' on limiting or excluding liability where members are engaged to issue reports for or relating to public transactions by listed companies. Details of this moratorium are set out in an agreement reached in 1995 between what was then the London Investment Bankers’ Association (now the Association for Financial Markets in Europe) and representatives of what was then the ‘Big 6’ accountancy firms. Although this moratorium is described as interim, there is currently a market expectation that members will not seek to limit their liability when issuing reports for use in such public transactions. |
|56.||In respect of private equity/debt finance transactions where members are providing due diligence services, the market expectation is that the limitation of the member’s liability is to be determined by reference to a formula developed in 1998 by the Big 6 accountancy firms with the British Venture Capital Association (‘BVCA’). The development of the formula resulted in a Memorandum of Understanding being issued by the BVCA to its members recommending adoption of the formula in such transactional work. The formula is widely used for such work. |
|57.||Members providing reports in connection with the Civil Aviation (Air Transport Organisers’ Licensing) Regulations 1995 (as amended) and the Civil Aviation (Contributions to the Air Travel Trust) Regulations 2007 will be familiar with the guidance set out in Technical Release AAF 07/12, Revised arrangements for accountants reporting to the Civil Aviation Authority. The guidance in AAF 07/12 includes model engagement terms which make provision for a reporting member’s liability to be limited to an amount to be agreed or calculated in accordance with a formula, which is set out in the Technical Release. The formula has been published by the Civil Aviation Authority, which has offered to accept a limitation on a reporting member’s liability in an amount that arises from application of the formula. |
|58.||Members who are authorised and regulated by the Financial Conduct Authority (FCA) in respect of the performance of 'regulated activities' under the Financial Services and Markets Act 2000 are prevented from limiting or excluding liability to their clients for any such regulated activities. In respect of other services, an FCA authorised and regulated member may not limit or exclude liability 'unless it is honest, fair and professional for it to do so'. Members who are FCA authorised and regulated may find it helpful to have regard to the principles discussed in this guidance if considering whether it is honest, fair and professional to limit or exclude liability for services that do not amount to 'regulated activities'.
Exclusion of liability for certain types of loss
Some members might wish to exclude liability for certain types of loss altogether. Common examples are:
Section E: Managing risks arising during the engagement
|60.||There are steps available to members who wish to manage risks that can arise during performance of an engagement. Some of these steps can be taken in advance of performance and others can be taken during performance.|
|61.||Members will wish to prepare engagement letters that set out clearly the services to be provided and any specific tasks to be undertaken by the member. Members may also find it helpful to exclude those tasks which are not to be undertaken where uncertainty might otherwise arise. The level of detail appropriate for each engagement will depend upon the nature of the tasks to be undertaken by the member.
|62.||Members may find it helpful to monitor the tasks that they have agreed to undertake during the course of the engagement. Members may also wish to make clear in any work product, such as a report, the agreed scope of the work undertaken and check that the description of work set out in any invoice sent to the client is consistent with the engagement letter, any changes agreed in writing and any work product. |
|63.||Members may also wish to clarify in the engagement letter the client’s obligations and responsibilities. For most engagements members will be reliant on the client providing or giving access to relevant information. It may be appropriate for the accuracy or completeness of information provided by the client to be confirmed by the client signing a factual accuracy letter or providing a letter of representation. There may be other specific tasks to be performed by the client and these can be stated in the engagement letter for clarity.
Making each party aware of its responsibilities is designed to help manage the risk of any subsequent dispute in this regard. If, during the engagement, the member does not obtain the expected information or cooperation from the client, the member may wish to take this up with the client and may wish to consider:
|65.||Where the client has agreed that certain procedures are to be performed, and is responsible for determining the sufficiency of those procedures for the client’s purposes, it is helpful for the engagement letter to reflect that.
Specifying any limitations on the work to be undertaken
|66.||Members may find it helpful if the engagement letter includes any limitations on the scope of the member’s work. One common example is where the client requires an immediate answer to a complicated problem. There could also be limitations on the information to which the member is to be allowed access.
|67.||In such circumstances members may wish to consider whether it is appropriate to accept the engagement at the outset. If the member does accept the engagement, the engagement letter will include the nature of the limitations with which the member is faced and how these might impact on the member’s performance of the agreed work. For example, where the member is being asked to report on a complicated problem within a short timeframe, the member may wish to make clear in the engagement letter that: the problem is a complex one; that it has been given very little time in which to report; that further time would enable the member to consider it in greater depth; and that the member’s report might well be different if further time were available. Factors such as these might also influence the amount of any limitation on liability which the member is willing to accept.|
|68.||Members may also wish to set out in the engagement letter limitations on the work to be carried out by the member where, for example, additional procedures are or might be necessary to enable the client to reach a conclusion in relation to the member’s work, or where the member is to perform agreed-upon procedures (that may not involve verification of data), or where the client is separately to obtain legal advice on matters to which the member’s work relates.|
|69.||Members who are authorised or licenced to provide services amounting to ‘authorised work’ under the ICAEW’s Probate Regulations, or who are separately authorised by the Solicitors Regulation Authority to perform regulated legal activity, may provide clients with information that is protected by legal professional privilege. In addition, these or other members might receive or hold information for which the client will claim the protection of legal professional privilege: this might arise where, for example, solicitors representing a client engage a member on the client’s behalf. Legal professional privilege provides a form of super confidential protection to affected information and where it applies, the privilege attaching to the information belongs to the client. Members respect the privilege and avoid releasing any privileged information to anyone except the client, even if required to do so by a court or a regulator, without the affected client’s consent. Members may wish to seek legal or other appropriate professional advice where issues of legal professional privilege arise.
Section F: Managing third-party risk
|70.||In some circumstances, it is not just the addressees of the engagement letter that will wish to rely on members’ work or their work products, such as reports. Third parties will frequently wish to have sight of a member’s report or other work product. Examples include parties to a transaction wishing to place reliance on an audit report on a target company, or clients wanting to share the member’s assurance report on systems and controls with its customers. Where members are aware of this possibility when they accept the engagement, it could be assumed by a third party that they have taken on a duty of care and responsibility in law to the third party on a voluntary basis, thereby providing the third party with a basis for a claim against the member. Since the third party will not be a party to the engagement letter it will be difficult to argue that the third party is bound by any cap on liability or other protections contained in the member’s engagement letter. The absence of any fee payment by the third party is not likely to be conclusive as to whether or not any duty is owed.
|71.||Members will therefore wish to guard against this ‘third-party risk’. As a first step, members may wish to include, in the engagement letter, terms that restrict the disclosure by the client of the member’s work product, such as reports and advice, to third parties. A common approach is to include a provision in the engagement letter such that the client must seek the member’s consent before disclosing any such work product to a third party. This gives members a degree of control over whether a work product is disclosed, and whether conditions might be applied if it is disclosed (discussed further below).
|72.||In some circumstances, members may wish to refuse consent for disclosure, for instance if the number of intended recipients is large or the class of recipients ill-defined, or the circumstances are such that disclosure presents unmanageable risk. Members may also wish to undertake a risk/reward analysis in respect of the request: although often the client will want the member to consent to disclosure, the member will rarely get any additional fees in return for consenting. Members may also wish to avoid disclosure if the report contains intellectual property that the member wishes to preserve as confidential.
|73.||If a member is willing to consent to disclosure of its work product, such as a report, to third parties, the member will wish to consider what protection is put in place to manage the risk of assuming a duty of care and responsibility to the third parties in question. The most common methods for doing this are (i) release or ‘hold harmless’ letters; (ii) ‘duty of care’ letters; (iii) indemnities obtained from the client; and (iv) clarification statements in the work product. Each of these methods is discussed below.
Release or 'hold harmless' letters
|74.||Release or ‘hold harmless’ letters are letters used by members to facilitate the release of confidential information to a third party at the request of a client. The information might be a member’s report that is confidential to the client and prepared for the client alone, the information might extend to oral explanations to be provided by the member about the member’s report, or it might be the member’s own working papers which contain information that is confidential to the client but which have been prepared for the member’s purposes alone. The objective of the release or ‘hold harmless’ letter is to manage the member’s third party risk by securing the third party’s agreement that the information to be disclosed was not prepared for the third party, that the third party will verify the information with the client and not the member, that the member owes the third party no duty in relation to the information, that the third party will rely on the information at its own risk, that the third party will not assert any rights or bring any claims against the member in relation to the information, that the member will incur no liability to the third party arising from disclosure, and that the third party will keep the information confidential.|
'Duty of care' letters
|75.||A ‘duty of care’ letter is a device that enables a member to assume a duty of care and responsibility to a third party in respect of work performed for a client but in a controlled way through agreement with the third party. Frequently, this arises where the third party is unwilling to accept a release or ‘hold harmless’ arrangement because it wishes to rely on the member’s work (and the client consents to and may even support this). In this case, a letter may be sent to the third party containing terms that regulate the member’s relationship with the third party and clarifying the basis on which the member is willing to accept a duty and assume responsibility to the third party, which may include any limitation on the member’s liability agreed with the client. The letter will require counter-signature by the third party to demonstrate agreement.
|76.||Release or ‘hold harmless’ letters and ‘duty of care’ letters do not provide members with solutions to each and every third-party question. Sometimes members may prefer no disclosures to be made to third parties at all on any basis, even with safeguards. At other times members may feel that a release or ‘hold harmless’ letter, or a ‘duty of care’ letter, would be appropriate but it is not practical to obtain agreement and signature by the third party concerned. A further alternative is that a member can obtain a release or ‘hold harmless’ letter from the third party but the member continues to have reservations about the risks arising from disclosure.|
|77.||Where members are prepared to provide information to a third party but a release or ‘hold harmless’ letter or ‘duty of care’ letter cannot be obtained, or where a release or ‘hold harmless’ letter can be obtained but the member continues to have reservations about the risks arising from disclosure, members may wish to consider seeking an indemnity from the client as an alternative or additional safeguard. For example, in recognition of the third-party risk taken on by the member, the client might agree to indemnify the member against any loss or damage (including legal expenses) arising from claims brought or threatened against the member as a result of the provision of information by the member (which may comprise disclosure of the member’s report) to the third party. Such an indemnity could be included in the engagement letter.|
|78.||Members may find that indemnities are not attractive commercially to clients and, in any case, indemnities do not limit third parties’ ability to assert claims. Indemnities merely give the member the right to pass on the liability to the client. It follows that if the indemnity is in some way ineffective or the client does not have adequate resources to meet the liability, then the member will be left unprotected. Indemnities can also operate to relieve a member from liability that might otherwise be incurred, and if this is their effect, by excluding or limiting liability indemnities might therefore be subject to a test of reasonableness (see further, Appendix 1). It can be helpful to include in an indemnity the commercial rationale for its inclusion, such as recognition that despite the steps taken in the engagement letter to manage the member’s third party risk, there is a possibility of third party claims arising.|
|79.||It may be permissible in some circumstances to obtain indemnities from audit clients or from other clients from which members demonstrate independence but generally indemnities from such clients will present ethical difficulties for members.|
|80.||An indemnity can operate as a debt due from the paying party: by analogy, an indemnity might be seen as equivalent to the provision by the paying party of a signed blank cheque, for the receiving party to complete and have paid by the paying party’s bank when the circumstances covered by the indemnity arise. An indemnity will therefore normally provide easier recoveries for the receiving party, if the circumstances covered by the words of the indemnity arise, than if a claim for damages is made by the receiving party. Where a demand for payment under an indemnity is made, the rights of the paying party to raise defences, such as that the loss claimed is too remote to be recoverable, or that the receiving party should mitigate its loss, are not normally available to the same extent as where a claim for damages is made.|
|81.||Unless the paying party’s liability under the indemnity is clearly limited, the indemnity will give rise to unlimited liability. A payment made pursuant to a contractual indemnity is often not covered by the paying party’s professional indemnity or other insurance. Agreeing to indemnify can place the paying party close to the receiving party’s finances and in the position of insurer in respect of the loss covered by the indemnity. Indemnities give rise to particular ethical and commercial difficulties for members who are asked to indemnify audit clients or other clients from which members are required to demonstrate independence.|
|82.||From the receiving party’s perspective, an indemnity can be seen as providing robust protection if the circumstances covered by the indemnity arise. In some cases an indemnity is an appropriate form of protection for members. However, having regard to the issues discussed above, it will rarely be desirable or appropriate for a member itself to agree to indemnify and members will wish wherever possible to avoid giving indemnities.|
Clarifying the purpose of work performed and for whose benefit work has been performed
|83.||Members will find it helpful to clarify in the engagement letter the purpose for which and for whom the work is to be performed and that the work product, such as a report, may not be used by any other person or for any other purpose. The engagement letter speaks to the client only but clarifying in this way may help to manage the risk of the client using or relying on work performed or a work product for purposes that have not been envisaged and for which the work may not be suitable.|
|84.||Members will also find it helpful to provide similar clarification in their work product, such as a report. When doing so, members may wish to read the clarification as if it is speaking not only to the client but also to a third party who might obtain access to the report. Members reading a clarification in this way will consider the message conveyed to the third party whether or not the third party obtains access to the report on a permitted basis or contrary to disclosure restrictions that may have been agreed in the engagement letter.|
Members may wish to prepare a clarification paragraph (sometimes called a disclaimer of liability) in a report that captures the following points:
Members may wish to include other caveats or restrictions in reports, depending on the circumstances of the engagement, and will position the clarification paragraph in a suitably prominent position, such as the beginning, so that it is not missed by readers. 
|86.||A clarification paragraph in a member’s report will not act as a barrier to a third-party claim but will normally present a hurdle which a third party will have to clear in order to establish a duty of care owed by the member to the third party. The absence of a clarification paragraph that speaks to third parties may, depending on the circumstances, give rise to an inference that the member could have clarified but chose not to do so and has assumed responsibility to third parties as well as to the client.|
|87.||Members including such paragraphs will wish to avoid the clarification being overridden by words or actions that are inconsistent. For example, a clarification paragraph that denies a duty to any third parties might be overridden in relation to a particular third party if the member engages in discussions with or provides the report to the third party without confirming clearly and securing the third party’s acceptance that the clarification paragraph is not affected. |
|88.||Members may wish to refer to available guidance for a clarification paragraph to be included in statutory audit reports. |
Restricting use of a member’s name
|89.||Members may wish to avoid any statement or document issued by their client (other than statements or documents that in accordance with applicable law are to be made public, such as financial statements in the form in which they have been reported on by a member as auditor) bearing the member’s name unless the member’s prior written consent has been obtained. A restriction can be achieved by including a suitable paragraph in the engagement letter.|
|90.||There have been occasions when the use of a member’s name in a client document has been interpreted by third parties as implying that the client is financially sound or that the member is in some way endorsing the content of the client document, or giving some other form of assurance, whether or not this is in fact the case.|
|91.||If a member becomes aware that a client proposes to use the member’s name, the member may wish to inform the client that permission must first be obtained, in order that the member may approve the form in which the member’s name is to be mentioned and the context in which it is to be used, and in appropriate cases the member may wish to withhold permission.|
Section G: Managing the risk of informal reporting
|92.||Members may provide advice or reports or other work products in draft or interim form, or orally. There may be a risk of the client placing reliance on matters stated that have not been finalised, that may be subject to change, or that have not been checked and reviewed for quality to the same degree as final, written work products. This may give rise to uncertainty or expectation gaps or disputes with the client over the purpose of matters stated in draft, interim or oral form.|
|93.||The risk of the client placing such reliance or of disputes arising may be managed with suitably clear labelling of draft or interim work products and by qualifying oral comments at the time. Doing so will help to draw attention to the draft, interim or oral status of such advice or reports. Members may also find it helpful to clarify at an early stage in an engagement that final, written work products will always prevail over any draft, interim or oral statements, and that on request by the client, written confirmation of matters stated orally will be provided. Engagement letters may provide a suitable method for conveying such clarifications. Members may also wish to clarify such matters at the time of providing draft or interim work products or oral comments.|
|94.||Uncertainty or disputes with clients over the purpose of matters stated in draft, interim or oral form might also arise if no final, written work products are issued, or if a final, written work product is issued but after a client’s deadline has passed and the client has acted in reliance on a draft or interim work product, or if no written confirmation of matters stated orally is provided. Members may wish therefore to manage the provision of their services to avoid such uncertainty or disputes.|
|95.||Members may also be asked to provide information orally to a third party. Doing so might in some circumstances give rise to a duty of care being owed to the third party in respect of the matters stated orally unless a suitable safeguard is put in place. A suitable safeguard might be a statement at the time to the third party that no duty is being accepted to the third party through the provision of information orally. An alternative suitable safeguard might be a release or ‘hold harmless’ letter, to be signed by the third party before anything is stated orally, supported by oral confirmation at the time that everything stated orally is subject to the terms of the release or ‘hold harmless’ letter that has been signed by the third party.|
Section H: Forming contracts electronically
|96.||When forming an agreement with a client or a third party, as discussed in particular in Section C: Engagement contracts and in Section F: Managing third-party risk above, an agreement produced on paper, bearing ink signatures, is likely to form the best evidence of the relevant agreement but contracts can also be formed electronically.  In this form, the terms of the agreement are stored on an electronic device and visible on screen, often with a printing capability, with each party ‘signing’ electronically. Typically this will capture terms or documents (or both) exchanged by e-mail or available for viewing on websites with ‘signed’ acceptances being demonstrated by ‘clicking’ on a suitable button or icon.|
|97.||Members will in any case of electronic interaction wish to exercise caution, including in their e-mails and in relation to terms that members accept on websites by clicking, to avoid inadvertently forming agreements in circumstances or to terms that members might wish to avoid. The discussion below concentrates on engagement letters but the principles can be applied to other agreements, such as variations to engagement letters or letters discussed in Section F: Managing third-party risk above.|
|98.||An engagement letter in electronic form will be enforceable as evidence of a member’s agreement with a client if it records the ingredients necessary to establish a contract. Those ingredients are offer, acceptance, an intention to create legal relations (meaning that the parties are serious about making enforceable promises) and consideration (what each party receives from the other in return for promises made). Some form of execution or signature to ratify the terms agreed and to confirm the names of the contracting parties is also required.|
|99.||An engagement letter in Portable Document Format (‘PDF’) is an engagement letter in electronic form. An e-mail sent to a client attaching an engagement letter in electronic form with a member’s signature will amount to an offer to provide services and the client’s return by e-mail of the engagement letter in electronic form bearing the client’s signature will be acceptance. The member’s promise to provide the services in return for the client’s promise to pay will form consideration. Promises of this nature in the context of business will create legal relations between the parties.|
|100.||In the absence of the original engagement letter with ink signatures of the member and the client, an electronic version exchanged by e-mail can form the best evidence of agreement. It will therefore be important to ensure that the electronic version is clear and complete, with any necessary appendices being included, as well as showing signatures by the member and by the client.|
|101.||Signatures shown in a PDF version of the engagement letter will be electronic. Unless the original engagement letter bearing ink signatures is preserved and provided subsequently, the original ink signatures on the original version of the engagement letter are redundant. Signature by electronic means can take various forms, including typing of a name or copying or scanning of an ink signature. The Electronic Communications Act 2000  enables parties to rely on electronic signatures.|
|102.||An exchange of e-mails without attaching an electronic version of an engagement letter can also amount to an electronic version of the engagement letter if all the relevant terms are included and if the e-mail exchange records the ingredients necessary to form a contract as outlined above, including signatures. To be confident of appending and obtaining a valid electronic signature on an e-mail, members will wish the sender to demonstrate an intention to authenticate the e-mail or series of e-mails exchanged with the recipient. The manual insertion of the sender’s name at the end of the e-mail will authenticate it, which is preferable to reliance on an automatic inclusion of the sender’s name.  As a practical safeguard members may also wish to satisfy themselves (perhaps by telephone or by meeting in person) that the client recipient with whom e-mails are exchanged is legitimate and, if corresponding for a corporate body, authorised to bind the body.|
|103.||Members might also obtain a client’s agreement to an engagement letter by publishing the engagement letter on a website and having the client ‘click’ a button or icon to demonstrate agreement. The ‘click’ would be designed to amount to an electronic signature. Members might struggle to show that the electronic signature by clicking demonstrates agreement to all the engagement letter’s terms if any terms are challenged subsequently. Such a struggle is possible unless publication on a website follows discussion and concludes negotiations like the presentation of an engagement letter in paper form for ink signature at a meeting with the client. Such a struggle is more likely if the engagement letter is published for a client to ‘click’ agreement without any prior discussion or negotiation, especially if the client’s first language is not the language of the engagement letter or if there are cultural differences between the member and the client which might give rise to misunderstandings.|
|104.||Publication of an engagement letter on a website could also give rise to concerns about the engagement letter’s confidentiality. Obtaining agreement by a ‘click’ on a website might not satisfy the requirements of applicable Standards requiring terms of engagement to be recorded in writing. |
Limiting liability to members’ clients: legal principles
This Appendix is a summary of factors relevant to members wishing to limit their liability to their clients in what is a complex area of law. While this Appendix may assist members in considering legal restraints, it is not a substitute for legal advice. As case law in this area has shown, the facts and circumstances of each case can be key in determining the outcome.
The ability of members to enforce terms excluding or limiting their liability will be governed by the Unfair Contract Terms Act 1977 (‘the Unfair Terms Act’). Members are unable to exclude or limit their liability for death or personal injury resulting from negligence. In addition, members cannot exclude or limit liability for other loss or damage resulting from negligence unless the term satisfies 'the reasonableness test' under the Unfair Terms Act. That same test will apply to an exclusion or limitation where one of the contracting parties 'deals as a consumer' or 'on the other's written standard terms of business'.
A member’s client will deal ‘as a consumer’ if the client does not make (or pretend to make) the contract in the course of a business and the member (as the other contracting party) does make the contract in the course of a business. A client will ‘deal’ with a member if the client ‘makes a deal’ with the member, regardless of any negotiations.
There is no definition in the Unfair Terms Act of what is meant by 'standard terms of business'. It is however clear that a member’s use of pre-printed or ready-prepared terms, on a regular basis as a matter of policy and routine, are standard terms of business.
There is no guidance in the Unfair Terms Act on what is meant by reference to a party that 'deals' on another party's 'written standard terms'. Traditionally this was assumed to mean contracting on standard, pre-printed terms, perhaps appearing on the back of an invoice. It is now clear that if standard terms are ‘effectively untouched’ following negotiations, even if certain provisions are amended, they will still amount to standard terms.
The Consumer Rights Act 2015 (‘the Consumer Rights Act’) will apply to members' engagement letters with consumer clients. A client who is an individual and not acting for the purposes of a business but in a private capacity will be a 'consumer'. Members might, for example, be engaged to provide services, such as tax compliance or tax advisory services, by private individuals. These are examples of clients who will be consumers. A contract term such as a limitation on a member’s liability will be regarded as unfair and will not be binding on the consumer client if, contrary to the requirement of good faith, it causes a significant imbalance in the parties’ rights and obligations under the engagement letter to the detriment of the consumer client. Fairness will be determined taking account of the subject-matter of the engagement letter and all the circumstances.
An exclusion or limitation of liability contained in standard terms could fail the fairness test under the Consumer Rights Act and ‘the reasonableness test’ under the Unfair Terms Act. However, members may feel that the application of the fairness test is likely to be the same as or equivalent to the reasonableness test under the Unfair Terms Act. There seems to be no material difference between the two.
Accordingly, if members' clients are consumers, exclusions and limitations of liability will have to pass the fairness test in the Consumer Rights Act; if clients are businesses, the exclusions and limitations will have to pass the reasonableness test under the Unfair Terms Act. The effect for members is, for practical purposes, likely to be the same but until the application of the fairness test is determined by a court, members will be faced with uncertainty. If a term could have different meanings, under the Consumer Rights Act the meaning most favourable to the consumer will prevail.
In order to satisfy ‘the reasonableness test’ under the Unfair Terms Act, a contract term must have been:
‘a fair and reasonable one to be included having regard to the circumstances which were, or ought reasonably to have been, known to or in the contemplation of the parties when the contract was made’.
Whether or not a member’s exclusion or limitation is reasonable will therefore be determined by the particular circumstances. A member claiming reasonableness or fairness will have to demonstrate this. A Schedule to the Unfair Terms Act contains ‘Guidelines’ on assessing reasonableness that are likely to apply. These include in summary the following:
All services provided by a member will to some extent at least be designed to meet the client’s particular requirements. For clients to whom a member regularly provides services, the particular requirements of that client will often be known to the member. If a client requests a service that requires the member’s normal processes and procedures to be tailored specifically for the particular client’s requirements, or if a client’s particular requirements are known to the member, these are factors that may have a bearing on what is a reasonable limitation on the member’s liability.
In addition to the Guidelines summarised above, a section of the Unfair Terms Act provides that when assessing the reasonableness of a contractual limitation of liability, regard is to be had to the resources available to the party seeking to limit its liability (the member) to meet the liability if it arises and how far it was open to that party to cover itself by insurance.
It will not always be the member who is best placed to cover a risk with insurance. Members do not routinely take out insurance cover for a particular engagement. In some circumstances, it might be easier for the client to insure against the risk of loss.
Some professional indemnity insurance policies may not provide cover for liability in respect of indirect or consequential loss. For members with such policies, an exclusion of such liability in an engagement letter might be reasonable.
Release or ‘hold harmless’ letters: further detail
|This Appendix relates to paragraph 75 of this guidance and discusses in further detail the use of release or ‘hold harmless’ letters.|
|1.||There is sometimes confusion over the terminology used to describe letters under which disclosures of members’ work products or other papers or information are made on a confidential basis without giving rise to any duty of care to the recipient. Such letters are typically described as release or ‘hold harmless’ letters and these labels are often used interchangeably. The terms ‘release’ or ‘hold harmless’ as a description are used to denote a denial of, or release from, any duty or responsibility. Often such a letter will contain an indemnity in favour of the member – the scope of the indemnity normally being that the member is indemnified by the third party in the event of breach by the third party of the terms of the letter (or in the event of any claims arising from disclosure to the third party).|
|2.||The release or ‘hold harmless’ letter is issued on the member’s notepaper and presented to the third party who wishes to receive a copy of, or who wishes to obtain access to, the member’s work product or other papers or information, and sets out the terms on which the member is willing to consent to the disclosure. These terms will normally include various matters that the third party is to accept, such as the following:
|3.||Once the third party signs the release or ‘hold harmless’ letter it has contractual effect. Although a robust form of protection, it might not be effective in every circumstance. If it can be established that the third party is really in the position of a client, the effect is likely to be the same as if the member were to seek to exclude liability to its client in the engagement letter. This might arise where (in summary) the relationship between the member and the third party is sufficiently close (or what the law calls ‘proximate’) that it cannot in reality be shown that the third party is distant from the member and so is not in the same position as a client for the purpose of the engagement.|
|4.||In such a case, if the third party challenges the release or ‘hold harmless’ letter, a court is only likely to enforce the exclusion if it is considered reasonable in the circumstances. This closeness (or ‘proximity’) may arise if the third party in question is known to the member and its interests are taken into account when the work is performed, especially if the member is aware that the third party wants to rely on the member’s work and the member accepts this or does not challenge this. As the law currently stands, the absence of any intention by the member that the third party will rely on the member’s work is not likely to be conclusive as to whether or not any duty is owed. Clearly a third party that signs a release or ‘hold harmless’ letter only to challenge it later will be expected to explain its apparent agreement to the terms of the letter and justify why that apparent agreement might be ignored.|
|5.||In a case like that described above, a release or ‘hold harmless’ letter may not be the best way for the member to manage its risk. Members may therefore wish to consider inviting the third party to accept the terms of the engagement letter in return for a duty, or to sign a ‘duty of care’ letter. |
|6.||Use and disclosure of some work products issued by members, such as auditors’ reports under the Companies Act 2006 or accountants’ reports for public offer documents, cannot be restricted. Members will wish to think carefully about managing their risk to third parties in respect of such public documents by clarifying the nature and purpose of the work performed in the public document itself. |
|7.||Auditors are frequently asked to provide information (which may include oral information), such as audit working papers, to parties who have an interest in the financial affairs of the audit client. Parties with an interest may include banks considering a lending decision in respect of the audit client, or potential purchasers of the audit client. Members will wish to treat these requests with the same care and attention as requests for the release of a member’s private work product. This is because the same risks of assuming a duty of care and responsibility to third parties will arise. Members will therefore wish to consider the use of release or ‘hold harmless’ letters for such cases. |
|8.||Members considering the issue of a release or ‘hold harmless’ letter will wish to obtain written authority from the client before agreeing to release the member’s work product (or any other client confidential information relating to the engagement) to any third party. Members will also wish to secure the client’s agreement to accept the risk of adverse consequences flowing from disclosure to the third party when obtaining such authority. |
List of relevant publications
This Appendix contains a list of publications to which members may wish to refer when considering the matters discussed in this guidance.
|1||See Code of Ethics, Section 100, Introduction and Fundamental Principles, and Section 130, Professional Competence and Due Care. General guidance on competence and quality control is available in Guidance on the Practice Assurance Standards, which can be obtained by contacting the Technical Advisory Services helplines on +44 (0) 1908 248 250 or from icaew.com/regulations. Members accepting appointment as trustees take on onerous responsibilities to which special rules apply. See further, Acting as a trustee. Special rules apply also to insolvency practitioners accepting statutory appointments and members should further to Code of Ethics D and the Statements of Insolvency Practice.
|2||See Professional Indemnity Insurance Regulations and Guidance. General guidance on professional indemnity insurance is available in a helpsheet, Professional Indemnity Insurance, which can be obtained by contacting the Technical Advisory Services helplines on 01908 248 250.
|3||See further, The Duty on Firms to Investigate Complaints – Guidance on How to Handle or Avoid Them.|
|4||General guidance on client acceptance and standard 2 is available in the Guidance on the Practice Assurance Standards, which can be obtained by contacting the Technical Advisory Services helplines on +44 (0) 1908 248 250 or from icaew.com/regulations.
|5||International Standard on Quality Control (UK and Ireland) 1, Quality control for firms that perform audits and reviews of historical financial information, and other assurance and related services engagements, (ISQC (UK&I) 1), requires that for all assurance engagements (as defined in the Standard) members establish policies and procedures for the acceptance and continuance of client relationships and individual engagements. Additional considerations relevant to engagement acceptance are addressed in Section B of this guidance.|
|6||In this guidance, a 'consumer' is an individual who, in dealings with a member, is not acting for the purposes of a business but in a private capacity. See section 2 of the Consumer Rights Act 2015.
|7||See TECH 04/08, Anti-money laundering guidance for the accountancy sector.
|8||In relation to assurance engagements see ISQC (UK&I) 1.
|9||See further, Anti-Money Laundering Guidance for the Accountancy Sector. See also paragraph 9 above.|
|10||See note 6 and discussion elsewhere in this guidance regarding consumer clients.
|11||See White v Jones  2 AC 207.
|12||See note 1.
|13||See further paragraphs 67 and 68.
|14||See further, section 50(2) of the Consumer Rights Act 2015. Similarly, any goods or digital content provided by members to consumer clients after 1 October 2015, as well as being of satisfactory quality and fit for purpose, will need to match any description that has been given unless any change is expressly agreed: see sections 11 and 36 of the Consumer Rights Act 2015. Goods are defined in section 2 as tangible moveable items. Digital content is defined in section 2 as data produced and supplied in digital form and will include digital-format products such as electronic presentations, computer software, and mobile phone apps. Goods and digital content are outside the scope of this guidance.
|15||See Code of Ethics, Section 220, Conflicts of Interest.
|16||See also Code of Ethics, Section 140, Confidentiality. Members providing audit services will find additional rules in Ethical Standard 1 (revised), Integrity, Objectivity and Independence, and in Ethical Standard 5, Non-audit services provided to audit clients, published by the Auditing Practices Board.
|17||See further, paragraph 28 above.
|18||Members can contact the Technical Advisory Services helplines on +44 (0) 1908 248 250.
|19||As the aim of the engagement letter is to form a contract between the client and the member, it is usual where the client is corporate for the letter to be addressed to the contracting entity (rather than one of its representatives) and signed by or on behalf of the member.
|20||See The Duty on Firms to Investigate Complaints – Guidance on How to Handle or Avoid Them. Members may find it helpful to avail themselves of alternative dispute resolution processes facilitated by the ICAEW, such as mediation and fee arbitration.
|21||This is not an exhaustive list and other potential points are mentioned in paragraph 40. Engagement letters that are clear and informative may cover some or all of these points and may capture others not listed. What is to be covered will depend on all the circumstances. General guidance on engagement letters is available in a helpsheet, Engagement Letters, which can be obtained by contacting the Technical Advisory Services helplines on +44 (0)1908 248 250. Members may also wish to refer to the Guidance on the Practice Assurance Standards, which can be obtained by contacting the Technical Advisory Services helplines on the same number or from icaew.com/regulations. Members who are tax practitioners may wish to consult guidance published by the Tax Faculty, such as TAXGUIDE 01/13, Engagement letters for tax practitioners. Members providing services to private individuals in relation to personal affairs will also wish to consider application of The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013. Where applicable, non-compliance may give rise to issues over enforcement of engagement letters and fines. Guidance on these issues is also available above.
|22||See Hossein Mehjoo v Harben Barker  EWCA Civ 358
|23||Certain terms in engagement letters agreed after 1 October 2015 with clients who are consumers may or will be regarded as unfair on the consumer client and not binding: see sections 63 and 65 and Schedule 2 of the Consumer Rights Act 2015. Examples include excluding or limiting a member’s liability for death or personal injury resulting from a member’s negligence and excluding rights given to consumer clients under the Consumer Rights Act 2015.
|24||The Provision of Services Regulations 2009 impose obligations on members as providers of services in relation to making certain information available to clients. These Regulations do not require engagement letters to be the only method for making relevant information available. Members may find it convenient to capture some or all of the information requirements in their engagement letters or elsewhere, such as on a member’s website. The Regulations provide that relevant information is to be available to clients before the engagement letter is counter-signed by the client.|
|25||See Section F: Managing third-party risk above.
|26||See Appendix 1 for a summary of relevant legal principles.
|27||An exclusion of a member’s liability to a consumer client for negligence will not be binding on the consumer client: see section 57 of the Consumer Rights Act 2015. Special rules apply to limitations on the liability of auditors appointed under the Companies Act 2006: see paragraph 52.|
|28||Members may find it helpful to document any negotiations on liability capping (or other engagement terms), through file notes, correspondence or other records. See also note 39 below.
|29||See also note 18 above.
|30||Members are referred to the Guidance on Auditor Liability Limitation Agreements published by the Financial Reporting Council in June 2008 for details of what is permitted and how to implement limitation arrangements for audits under the Companies Act 2006. Members appointed as auditors under the Companies Act 1985 were unable to limit their liability to their audit clients in respect of their statutory audit work, because of section 310 of that Act. Members appointed as auditors under the Companies Act 2006 may find that certain audit clients have listings of shares or securities on exchanges in territories where limitations on auditors’ liability are not accepted by local financial regulators.|
|31||Members are cautioned against reaching agreements, formal or informal, or establishing practices that might be seen as unlawful cartels or anti-competitive and contrary to competition law.
|32||There is no requirement to follow this practice. Members and clients are entitled to propose alternative arrangements for particular engagements.
|33||There is no requirement to accept the formula. Members and clients are entitled to propose alternative arrangements for particular engagements. The Memorandum of Understanding was notified to the Office of Fair Trading under the Restrictive Trade Practices Act 1976.
|34||There is no requirement to accept the formula. Members and the Civil Aviation Authority are entitled to propose alternative arrangements for particular engagements.
|35||See also note 27 above.
|36||The position may differ if the client is fraudulent and the exclusion of liability relates to client fraud. In relation to client fraud in the context of audit work, members are referred to International Standards on Auditing (UK & Ireland) 240, The auditor’s responsibility to consider fraud in an audit of financial statements.
|37||Members are referred to the Guidance on Auditor Liability Limitation Agreements published by the Financial Reporting Council in June 2008 for discussion about proportionality.
|38||See Section C: Engagement contracts above.|
|39||Members may wish to document, through file notes, correspondence or other records, the undertaking of tasks and the client’s instructions. Documenting records of other discussions or negotiations, such as those relating to fees or the member’s liability, may also be helpful if the member is later called upon to justify or explain matters done or agreed.|
|40||The use of release or ‘hold harmless’ letters is discussed in more detail in Appendix 2.|
|41||Members reporting to clients who are consumers will wish to avoid clarification paragraphs which might be seen as being contrary to good faith and causing a significant imbalance in the consumer client’s and the member’s obligations under the engagement letter to the detriment of the consumer client. See section 62 of the Consumer Rights Act 2015. In cases of uncertainty members may wish to seek legal or other appropriate professional advice.|
|42||See Barclays Bank Plc v Grant Thornton UK LLP  EWHC 320.|
|43||See Royal Bank of Scotland v Bannerman Johnstone Maclay  PNLR 77
|44||See further, Section G: Managing the risk of informal reporting above.|
|45||See Technical Release AAF 01/03, The Audit Report and Auditors’ Duty of Care to Third Parties.|
|46||For discussion on this topic, see Electronic Commerce: Formal Requirements in Commercial Transactions, published by the Law Commission in December 2001.|
|47||See section 7 of the Electronic Communications Act 2000, which states that in legal proceedings, electronic signatures are admissible in evidence as to the authenticity or integrity of the communication or data incorporating the electronic signature or with which it is logically associated. Section 7 provides also for the admissibility in legal proceedings of digital signatures but digital signatures require enhanced technology and are beyond the scope of this guidance. Section 7 deals with admissibility in evidence but does not address how much weight is to be given to an electronic signature, which is a point left for courts to decide.|
|48||See J Pereira Fernandes SA v Mehta  EWHC 813.|
|49||See paragraph 31 above.|
|50||See Technical Release AAF 04/06, Assurance Engagements: Management of Risk and Liability, for a discussion of safeguards that can be implemented in appropriate cases.|
|51||See Technical Release AAF 01/03, The Audit Report and Auditors’ Duty of Care to Third Parties, and see Technical Release AAF 02/06, Identifying and Managing Certain Risks Arising from the Inclusion of Reports from Auditors and Accountants in Prospectuses (and Certain Other Investment Circulars).|
|52||See Technical Release AAF 04/03, Access to Working Papers by Investigating Accountants, for guidance on release or ‘hold harmless’ letters relating to audit working papers.|
|53||Technical Release AAF 04/03, Access to Working Papers by Investigating Accountants, contains guidance and an example authority letter for use when providing access to audit working papers.|