Guidance on addressing Non Compliance with Laws and Regulations (NOCLAR)
The International Ethics Standards Board for Accountants (IESBA) has issued changes to its code of ethics relating to the potential overriding of confidentiality when a suspected illegal act is discovered.
In essence, the new provisions require that members should report the matter internally. If the matter is not addressed internally in an appropriate manner, members should then assess if disclosure to a third party is necessary in the public interest. In such circumstances, members would not have breached the ethical principle of confidentiality.
The provisions address breaches of laws and regulations that deal with matters such as fraud, corruption and bribery, money laundering, tax payments, financial products and services, environmental protection, and public health and safety. IESBA identifies four categories of PA and proposes specific steps for each in responding to NOCLAR. The categories are auditors, Pas (professional accountants) in public practice providing services other than audit, Senior PAIBs (professional accountants in business) and Other PAIBs. The changes reflect the notion that auditors and Senior PAIBs should have greater responsibility to take action in respect of identified or suspected NOCLAR than PAs providing services other than audit and other PAIBs.
The IESBA code is currently silent on public interest overrides but ICAEW’s code has addressed the issue in s140.7. The ICAEW Code currently adds to the IESBA discussion on confidentiality by explaining that members may disclose confidential information to third parties, when not obliged to do so by law or regulations, if the disclosure can be justified in the public interest and is not contrary to laws and regulations.
Guidance on public interest considerations is given in a separate ICAEW document: ‘Professional conduct and disclosure in relation to defaults or unlawful acts’. This highlights that the UK Public Interest Disclosure Act indicates a number of matters to be considered in order to determine whether confidentiality should be breached. Such matters include: whether members of the public are likely to be affected; whether corrective action is being taken; possibility of repetition; the gravity of the matter; the presence of a general ethos of disregarding the law; reliability and quality of information available and the degree of suspicion; and legal protection for breach of duty of confidentiality.
The IESBA changes will be adopted by ICAEW in due course but may currently be considered as good practice guidance underlying the discussion in s140.7.