What is Confidential Client Information?

Confidential client information is any client information that is not available to the public. Confidential information may include technology, trade secrets, information pertaining to business operations and strategies, and information pertaining to customers, pricing and marketing. Another way to define confidential information is anything that might harm a client if it were disclosed.

The AICPA Code of Professional Conduct outlines a number of scenarios involving confidential client information, stating how the accountant should treat this information. Here are several examples of how to treat confidential client information:

• Client competitors. When an accountant provides professional services to clients that compete against each other, the accountant has access to the confidential client information of these parties, such as their sales and gross profit percentages. To keep from disclosing confidential client information to a competitor, the accountant should emphasize with all parties that he or she is prohibited from revealing confidential client information to other parties.

• Prior engagements – relationship to new client. When an accountant is evaluating whether to accept an engagement with a new client, one consideration is whether any knowledge shared with the client constitutes confidential client information. If so, and the new client would be able to identify the client that is the source of the information, the accountant should not accept the new engagement unless the old client specifically consents to disclosure of the information.

• Prior engagements – contacts from new auditor. An accountant may have withdrawn from an engagement for a variety of reasons, perhaps including the discovery of certain irregularities in the client’s accounting records. If contacted by the successor auditor, the accountant should tell the successor to ask the client to permit the accountant to discuss all matters freely with the successor. Making this request effectively notifies the successor that there was some conflict between the accountant and the client.

• Prior engagements – illegal activities. A client may realize that the accountant is constrained by the confidentiality rule from telling third parties about the client’s illegal activities. When there are legal implications associated with the nondisclosure of client confidential information, the accountant should seek legal advice concerning his or her status and obligations pertaining to the situation.

• Disclosure to clients. An accountant may be employed by either spouse in a marriage to prepare their joint tax return. If the couple then decides to divorce and one spouse directs the accountant to withhold joint tax information from the other spouse, the accountant can continue to provide the information to both spouses. This disclosure is acceptable because both spouses are considered to be the accountant’s client. It may be useful for the accountant to review the legal implications of such a disclosure.

• Beneficiary relationships. When someone hires an accountant to perform services for the benefit of another party, the accountant should treat the engaging party and the beneficiary as separate clients. Thus, the accountant cannot disclose confidential client information to either party without first gaining the consent of the party whose information is being disclosed.

• Disclosure as part of practice review. An accountant’s professional practice may be reviewed as part of a merger or acquisition event, which may mean that the prospective acquirer is reviewing client files. The accountant must take steps to ensure confidentiality, such as requiring the acquirer to sign a confidentiality agreement. The acquiring accountant then has an obligation to not disclose any confidential information contained in the client files of the acquiree.

• Disclosure to third parties. An accountant may receive requests from third parties to disclose client information without specifically identifying the client, such as for an academic study or benchmarking analysis. Such a disclosure can only be made if the accountant first obtains the consent of the client, which details the nature of the information to be disclosed, its intended use, and the type of third party that is allowed to use the information.

• Marketing based on client information. It is acceptable for an accountant to market his or her services to a third party based on expertise gained from previous engagements. However, if the information imparted could be traced back to a specific client, the accountant should first obtain the consent of the affected client.

• Disclosures during litigation. An accountant may need to disclose confidential client information to his or her liability insurance carrier in order to assist with the defense of a legal claim against the accountant. Since restricting access to client information in this case could potentially be quite harmful to the accountant, the Code allows the accountant to make this type of disclosure.

• Disclosures when in director role. If an accountant takes on the role of a company director, this may create a fiduciary responsibility to the business that can threaten his or her ability to protect the confidential information of clients. It may be necessary to avoid these director roles in order to avoid disclosing client information (see the following example), perhaps taking on a consulting role instead.

• Disclosure of client names. In most cases, simply disclosing the name of a client would not constitute a release of confidential client information. However, there may be cases in which doing so creates an impression of client issues. For example, if an accountant specializing in bankruptcy accounting were to release a client name, this could indicate that the client is seeking advice regarding an upcoming bankruptcy filing, which could be harmful to the client.

• Disclosure related to a subpoena. An accountant may receive a subpoena that mandates the release of confidential client information. Complying with the subpoena is mandatory, and does not breach the confidential client information rule. However, the accountant may want to discuss the matter with legal counsel before complying with the subpoena.

• Disclosure related to a quality review. An accountant may undergo a quality review of his or her tax practice. When a third party performs this review, there is a risk that confidential client information will be released. Consequently, the Department of the Treasury has mandated that no tax return information identifying a taxpayer may be disclosed in any evaluative reports or recommendations that may be accessible to anyone other than the reviewer or the tax return preparer being reviewed. The accountant being reviewed will maintain a record of the review, including the information reviewed and the names of the persons conducting the review. It may be necessary to also require the reviewer to sign a confidentiality agreement.

How to Protect Confidential Client Information

Accountants routinely accept confidential files from their clients. If sent electronically, these files should be routed through a secure file-sharing platform. In addition, the files should be encrypted, so that they are unreadable by anyone other than the intended party. These steps are needed to ensure that confidential client information stays that way.

Related AccountingTools Courses

Ethical Frameworks in Accounting

Professional Rules of Conduct

Related Articles

Accountant’s Liability

Attorney’s Letter

Audit Working Papers

Auditors as Relationship Managers

Due Professional Care

The Purpose of an Audit