Practice Assurance guidance for larger firms
Standard 2: Client Acceptance and Disengagement
Your firm should comply with laws, regulations and standards that are relevant to the services it provides, including ICAEW's regulations, standards and guidance.
Much of the guidance we have issued to sole practitioners and smaller firms also applies to larger firms. You can access that guidance here.
Larger firms, in comparison to small firms tend to have more principals, staff and locations. They need more procedures to ensure compliance. We find that take-on procedures in some larger firms have evolved and become cumbersome, mainly due to changes required to comply with new laws and regulations (anti-money laundering regulations being the main one). Also, staff and principals often find completing the client take-on process difficult and time consuming. This sometimes results in the process being cut short or not completed properly.
The essentials of client engagement and disengagement are set out in the guidance for smaller firms referred to above. Here we provide best practice guidance to help larger firms with quality and risk management in this area. We’ve also included our top tips to help you comply, with actions we have seen firms take to improve their take-on processes so they are more user friendly and less time consuming. You can also access the results of our 2018 thematic review of larger firms’ client take-on procedures.
On this page
Top tips to help you comply
- Review your take-on procedures from time to time to make sure they are still fit for purpose and not too unwieldy.
- Consolidate client information, anti-money laundering (AML) risk assessment and client due diligence (CDD) and take-on/initial risk assessment forms to remove duplication of work.
- Have standardised take-on procedures across the firm.
- Have a central resource that helps with and polices the take-on process, including AML.
- Use electronic checks as part of your AML CDD procedures, these often check for PEPs and sanctions.
- If you use electronic checks make sure that staff are trained to enable them to understand the resulting reports.
- Record the AML risk assessment and CDD on the client record within the firm’s practice management system; these systems are often set up to flag when CDD needs refreshing and allow monitoring through exception reporting.
We conducted a thematic review of the client take-on procedures of 100 of our larger firms. The results of this review are summarised in our 2018 Practice Assurance Principles report.
- Make sure your engagement system forces appropriate principal approval and AML checks.
- Have a policy that no client record can be set up until all the required procedures have been completed.
- Review suspense time codes or marketing codes to ensure they have not been used to circumvent take-on procedures.
- Have an online system for generating engagement letters.
- Ensure you fully explain the scope of your work to the client and that this is clearly set out in your engagement letter.
- Make sure you have a second principal and/or committee/panel approval for accepting certain categories of new client.
- Ensure that all relevant ethical considerations are made before accepting an appointment (in particular consideration of conflicts of interest and whether the firm has received a response from the client’s previous accountant).
- Review engagement letters regularly so they remain up to date and issue a revised letter if anything changes.
- Make sure you train staff and principals in how to use the take-on procedures.
- Have clear guidance in place on the completion of client take-on procedures.
- Periodically check that staff are completing take-on procedures properly.
- Check that you have sufficient PII cover for certain types of specialist or particularly risky work.
- Consider including the following in your take-on procedures:
- an initial assessment of the clients’ accounting system for accounts preparation work;
- more ‘know your client’ information comprising details of structure and UBOs;
- more prompts/questions to consider when assessing risk, rather than leaving it to the engagement principal’s judgement about the inherent client risk (examples include consideration of reputational risk, including examples of inherent risk and whether work is being relied upon by a third party);
- commercial considerations (eg, fee levels, expected recoverability, client’s financial position, whether a credit check is needed, liability cap);
- a risk score/rating for all clients;
- levels of sign-off for client take-on depending on risk;
- a requirement for document sign-off; and
- a requirement to report new clients centrally.
- Issue departing clients with a disengagement letter and get them to return a signed copy for you to retain on file.
- Collate reasons for client departures in order to identify trends.