AICPA Ethics & COSO Framework for Internal Controls - Essay Example

? AICPA Ethics & COSO Framework for Internal Controls Schools Number and of (e.g., October 12, 2009) Question 1: Analysis of Ethical Matters in the Harold Potter Case As a member of the AICPA, Harold Potter has some responsibilities to his customers and the wider society. This is because the AICPA has rules that each member has to adhere to. In the case at hand, there are nine cogent issues that are either breaches or high risk events that could make Harold Potter liable to several actions by the AICPA which could be as severe as getting his membership taken away from him. Entry into Dumbledore Enterprises Through Uncle (1) The first issue is about how Harold Potter gained employment and shares with Dumbledore Enterprise, a public company. Being supported by his uncle to gain entry to the company is not a serious issue. However, once he gained membership to the AICPA, there were implications that made his continuous involvement in Dumbledore risky. Section 101.01 states that a person should be independent in performance of professional services (Independence, 2011 para 1). This therefore means that once he was connected to Dumbledore as a previous employee and a shareholder, he would lose his independence and could not provide services for the company. Describing Himself as Accountant on Business Card (2) Upon graduation, Harold decides to describe himself as 'Accountant' on his business card. Section 57 Scope & Nature of Services states that Members “...should observe the principles of the Code of Conduct in determining the scope and nature of services to be provided.” (Scope & Nature of Services, 2011 para1). There are issues with this description because although he was qualified, he did not have the required level of experience to be considered a member. This therefore means that it was unethical for him to present himself as an accountant when he was not a full member. Section 191.65 forbids people to use the title CPA when they are not qualified members in Public Practice to use the designation of 'Accountant' without making disclosure of his capacity (Ethics Ruling, 2011 para 65). Clearly, Harold was not in public practice then so again, it was inappropriate to use the title of Accountant without specifying the scope of this designation. Using the Firm Name Aaron, Potter & Zzucker (3) For the sake of getting popularity and exposure in the phonebook, Harold decided to use the above name. According to Section 501.10 False Misleading or Deceptive Act in promoting or Marketing Professional Services members should not use false or deceptive means to promote their firms (Acts Discreditable, 2011 para11). Clearly, Harold Porter was working alone. There were no Aarons and Zzuckers in the firm who were CPAs. This therefore means that the use of the name was misleading. Further instruments in the Code of Ethics go against Harold in this direction. Section 502 prohibits members from advertisment, that is false, misleading and deceptive. Section 505.1 Form of Organization & Name says that members shall not practice public accounting under a name that is misleading (Form of Organization & Name, 2011 para 2). Providing Tax Services & Audit for Dumbledore (4) Although Harold did not have any experience in tax and auditing, he took the offer of his uncle to provide tax and auditing services for Dumbledore. There are two major components of the AICPA code which makes it unethical and potentially illegal for Harold to take these options. Section 201.2 Competence requires members to undertake professional services that they are reasonably expected to complete with professional competence (Competence, 2011 para2). Since Harold had never done tax and auditing before, it was wrong to do the books of a public company without any supervision because there was no assurance that he had the necessary professional competence. Section 57 Scope & Nature of Services states that members should observe the principles of the Code of Professional Conduct in determining the scope and nature of services to be provided (Scope & Nature of Services, 2011 para1). Clearly, without the necessary experience, Harold was not qualified and this kind of job was not one that he had the necessary qualification and ability to do. It is therefore wrong that he took up the job. Gaining 12c Per 1$ Tax Reduction (5) In another offer, Harold was to be given 12 cents for every one-dollar reduction he could attain in tax reduction for Dumbledore above a certain level. This was wrong in principle and in practice. Section 54 states that members should perform tasks with a high sense of integrity (Integrity, 2011 para1). Section 55 Article IV states that Objectivity & Independence are important and must be honored at all times (Objectivity & Independence, 2011 para1) . Also, Section 56 Due Care says that a member must observe the profession's technical and ethical standards and strive to improve competency and the quality of standards (Due Care, 2011 para1). With these three instruments, it will difficult for Harold to prove that he would be objective and independent and show due care in finding legitimate ways of creating tax avoidance. This was clearly a recipe for tax evasion since there is reason to suspect that he would lose his ethical sense and indulge in negative activities that could have wrong consequences for Dumbledore. On the technical level, there are also rules that go against the collection of contingent fees. Section 302.1 Contingent Fees states that a member in public practice cannot perform any professional service for contingent fee. Section 302.2 states that a member shall “NOT prepare any original or amended tax return or claim for a tax refund or a contingent fee for any client” (Contingent Fees, 2011 para7). This therefore means that there is a specific rule that can be invoked against Harold and this can lead to serious consequences to him and his members with the AICPA. Exaggerating Financial Condition & Refusal to Qualify Accounts (6) In the audit, Harold knew that his uncle had massaged figures in the account but went ahead to give an opinion in the subsequent audit that states that everything was alright. This in itself is a Conflict of Interest in the first place (Conflict of Interest, 2011 para4). This is because as a significant shareholder and a close relative to the major shareholder, Harold was not qualified to do the audit in the first place. Section 52 Article 1 Responsibility states that “...In carrying out their responsibilities as profesisonals, members should exercise sensitive professional and moral judgments in their activities” (Responsibilities, 2011 para1). In this audit, Harold had a high obligation to carry out the engagement with a high sense of integrity (Section 54). He should have been as objective and as independent as possible (Section 55 Article IV) and he should have exercised due care and diligence (Section 56). Section 102.01 Known Misrepresentation covers making false misleading entries in financial statement and failure to correct misleading financial information (Intergrity & Objectivity, 2011 para2). In this case, Harold knew consciously that the accounts had been misstated and this was clearly against the main purpose of the whole exercise. However, he went ahead. He was therefore liable for making a known misrepresentation and this could cause his membership to be taken from him. Refusal to Disclose Audit Documents (7) A report was made against Harold by his state accounting body. It appears that Harold is invoking Section 301 Confidentiality which states that “... A member in public practice cannot disclose any confidential information without the consent of the client” (Confidential Client Information, 2011 para1). In this case, some exception could be made against Harold and get him to submit the working papers of the audit. A prohibition laid down in Section 301 Confidentiality states that “this prohibition shall not restrain members' (para3) exchange of information in connection with the investigative or disciplinary proceedings...”. This therefore means that Harold has no option but to submit all the documents required by his accounting body. Adding the Name of a Non-CPA to the Firm's Name (8) Adding the name of Hagrid to the firm's name come with some restrictions and limitations. Section 191.65 forbids people to use the title CPA when they are not qualified members in Public Practice (Ethics Rulings, 2011 para66). This therefore means that it is not appropriate for Harold and his CPA partner to add up the name of Hagrid to the firm's name. However he could be a major associate because Section 591.141 says that a Non-CPA Partner is responsible for activities of the practice but cannot have his name appear as a member (Responsibility of A Non-CPA Partner, 2011 para3). Gaining $1,000 for Referral (9) Section 502.5 Engagements Obtained Through Efforts of Third Parties states that clients obtained by advertisements can be referred to other members (Engagements from Third Parties, 2011 para6) . This therefore means that it might be possible for them to refer clients to third party accounting firms if they advertised and spent money to get those clients. However, this should be within the boundaries. Section 503 Commissions & Referral Fees state that a member in public practice shall not refer a client for a commission for professional services (Commissions & Referral Fees, 2011 para1). This therefore means that Harold and his partner cannot refer for a fee. Section 503 goes further to state that a non-member may be able to refer a client for a fee but the fee must be disclosed. Also, a member who accepts or pays a fee for referral in an exceptional situation must disclose the acceptance and amount to the client. Question 2: Need for the AICPA Code of Professional Responsibility, Structure & Common Elements with Other Professional Codes AICPA Codes are developed, adopted and monitored by various stakeholders in public practice, industry, government and education (AICPA Code of Ethics Preamble). This therefore means that the ethics are developed through a consultative system, which ensures that all stakeholders and their interests are adhered to and reasonably respected in the actions and activities of each member of the AICPA. Elements of the Code There are some elements of the AICPA Code of Ethics that are common with other members of other professional bodies like doctors, lawyers and actuaries (O'Reilly, 2009 p44). In all these associations, the ethical rules are meant to “define the type of behavior that the public has the right to expect from the members of these professions, and thereby enhance the public's confidence in the quality of professional services conducted” (O'Reilly, p44). This therefore means that professional bodies are formed and exist on the basis of credibility and how best they can provide high quality services to members of the public. This implies that they set up frameworks and safeguards that ensure that their members work to uphold certain expectations of members of the public. There are five main elements of professional ethics that run across different professions albeit with different names and structures (Davidoff, 2008 p58) Integrity: This refers to the situation where professionals work hard to ensure that they deal with their clients truthfully and desist from using false and misleading activities to take advantage of members of the public. This runs through all professions and is a default policy, which seems to be the core of all institutions. Independence &Objectivity: A professional will have to be free of all forms of manipulation and control by different people. Professionals must work according to a set of rules, which they interpret without emotions. These principles ensure that professionals discharge their service in a scientific manner. Competence: Members who undertake professional assignments must have the necessary experience, qualification and ethical awareness before they accept such engagement. Where a member is not qualified to undertake a particular job or project, the member of the professional association must decline the job or seek the necessary supervision that is required. This is particularly strict with doctors because human life is always at stake. Confidentiality: Members must respect the privacy of their clients. Professionals should not disclose relevant information of their clients to third parties unless they take permission from the customer in question. However, professionals might be allowed to disclose the information about their customers if the interest of the public is at stake or it is in the best interest of the customer. Due Care & Diligence A member of a professional association will have to discharge his responsibilities and obligations with a high degree of care and diligence. This means that professionals must be sensitive to the needs and requirements of their customers and do their best to ensure this in their discharge of their service. Failure to adhere to this ethical provision often ends professionals in a situation where they are charged with negligence. Structure The structure of the AICPA’s ethical standards is categorized into four main headings: Principles, Rules, Interpretation of Rules & Ethics Rulings (Stevenson, 2010 p31). These four categories ensure that all members are made to comply with various laws and rules which ensure that each of the member discharges his/her services in a manner that will meet the expectations of varous stakeholders. The Principles are important practical and conceptual frameworks that give a certain system through which accounts can discharge their service. Accountants are typically required to comply with these principles or explain departures when they come up. Rules are specific requirements and expectations that are given to members on how to undertake certain tasks and activities. Many of the AICPA's rules are connected to statutes, thus failure to adhere to these rules in the strict sense gives rise to legal repercussions. Interpretations are about several ways within which a particular task could be carried out. These are detailed recommendations of how certain accounting instruments and regulations can be put into practice. Ethics rulings are the rulings are more like precedence that comes up with cases and situations. These rulings become models for future transactions and activities. These come together to define the legal nature of the ethics that members of AICPA need to adhere to. Question 3: The COSO Framework & Enterprise Risk Management The COSO framework for enterprise risk management requires the people charged with governance to undertake 8 main activities to ensure that risks of the company are identified, assessed and appropriate action is taken against them. The COSO framework also encourages businesses to set up internal controls to prevent and detect risks. The COSO ERM framework seeks amongst other things to ensure that a business undertake realistic risk analysis and align them with their strategy, enhance risk responses, avoid surprises, seize opportunity and safeguard the assets of the business (COSO ERM, 2004 p1) “Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives” (COSO ERM, 2004 p2). The whole idea of enterprise risk management gained prominence after the major corporate collapses that occurred over the past decade. The ERM framework ensures that the board of directors, management and staff take extra care and precautions to safeguard the assets of the company by taking extra steps to assess risks and provide reasonable structures that will ensure that a business attains its ends in a way that the events of risks are reduced to the barest minimum. The COSO ERM framework therefore requires these key players in the running and governance of an entity to set up and maintain 8 interrelated components to attain this end. The main motivation for this is that the key players of organizations need to remain alert for risks and potentially risk events and find ways to ensure that they are satisfactorily taken care of. The eight main components are as follows: 1. Internal Environment: This requires that the organization must have some conscious system for the detection and control of risks. Thus in the normal operations of the business, there should be a philosophical and specific efforts that must be consciously infused into the different components of the business to ensure that risks are identified and dealt with appropriately. 2. Objective Setting: This involves the definition of an agenda to map out risks in a specific period and units of the business and ensure that objectives are put in place to continuously detect risks and deal with them in a satisfactory manner. Whereas the internal environment should be a quest to ensure that members work according to some standards that prevents risk, objective setting involves the mapping out of a framework to tackle risks. 3. Event Identification: Management needs to identify internal and external events that can potentially cause hazards for the business and try to deal with them. This involves the separation of events from opportunities and dealing with the risks on a continuous basis. 4. Risk Assessment: If risks are identified, they should be analyzed for their likelihood and impact on the attainment of opportunities. 5. Risk Response: Appropriate action should be planned and taken in relation to every risk type. Reasonable steps should be taken to ensure that every risk is handled in a way that will prevent issues and problems for the organization. 6. Control Activities: Policies and standards should be set up to ensure that responses to risks are effectively and responsibly carried out in organizations. 7. Information & Communication: Relevant information should be gathered and communicated to appropriate units of the organization for them to carry out their responsibility as laid down in the plans of the organization. Information exchange throughout the different units of the company should be specified and laid out at this level. 8. Monitoring: Events should be watched closely and action should be taken as and when necessary. The ERM framework must identify risks in the business' quest to attain objectives at four main levels, Strategic, Operations, Reporting & Compliance: Strategic: Top level, long term and organizationwide objectives and strategies. Operations: To ensure that the processing of the main goods and services of the business are carried out effectively and efficiently without major risks Reporting: To ensure that the accounting and reporting mechanisms of the company are devoid of risks of fraud and mistatement. Compliance: The COSO ERM system needs to ensure that there is compliance to all the relevant standards and requirements of each unit of the organization. In doing this, the board of directors has a primary responsibility to ensure that each unit of the business has appropriate risk management systems that are in sync with the eight components of the ERM framework. This will enable the effective transfer of the four main areas of businesses, (Entity Level, Division, Business Unit, Subsidiary). Where the board of directors cannot implement risk management in a given unit, they will need to take reasonable steps to ensure that risks in those units are handled in a reasonable way. This will ensure that risks throughout the organization are observed and dealt with appropriately as and when they come up. References Acts Discreditable (2011) ET Section 501 – Acts Discreditable Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_500.aspx#et_501.10 AICPA (2011) Composition, Applicability & Compliance Available online at: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/comp.aspx Accessed: 11.28.2011 Commissions & Referral Fees (2011) ET Section 503 – Commissions & Referral Fees Retrieved from: Competence (2011) ET Section 201 – General Standards Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_200.aspx#et_201.02 Confidential Client Information (2011) ET Section 301 – Confidential Client Information Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_300.aspx#et_301 Conflict of Interest (2011) ET Section 102 – Integrity & Objectivity Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_102.aspx#et_102.03 Contingent Fees (2011) ET Section 302 – Contingent Fees Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_302.aspx#et_302_interpretations COSO ERM (2004) Enterprise Risk Management – Integrated Framework Executive Summary The Committee of Sponsoring Organizations of the Treadway Commission. Retrieved from: http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf COSO Guidelines (2009) Internal Controls – Integrated Framework The Committee of Sponsoring Organizations of the Treadway Commission. Retrieved from: http://www.coso.org/documents/COSO_Guidance_On_Monitoring_Intro_online1.pdf Davidoff, A. (2008) Morality & Ethics From Kant to the 21st Century New Empire Business Press. Due Care (2011) ET Section 56 – Article V – Due Care Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_56.aspx Engagements from Third Parties (2011) ET Section 502 – Advertising and Other Forms of Solicitation Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_502.aspx#et_502.06 Ethics Rulings (2011) ET Section 191 – Ethics Rulings on Independence, Integrity & Objectivity Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_191.aspx#N65._use_of_the_cpa_designation_by_member_not_in_public_practice Form of Organization & Name (2011) ET Section 505 – Form of Organization & Name Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_505.aspx#et_505_interpretations Independence (2011) ET Section 101 – Independence Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_101.aspx#et_101.01 Integrity (2011) ET Section 54 – Article III – Integrity Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_54.aspx Integrity & Objectivity (2011) ET Section 102 – Integrity & Objectivity Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_102.aspx#et_102.02 Objectivity & Independence (2011) ET Section 55 – Article IV – Objectivity & Independence Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_55.aspx O'Reilly V. M (2009) Montegomery's Auditing Hoboken, NJ: John Wiley & Sons Publishing. Responsibility (2011) ET Section 52 – Article I – Responsibility Retrieved From: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_52.aspx Responsibility of Non-CPA Partner (2011) ET Section 591 – Ethics Rulings on other Responsibilities & Practices Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_591.aspx#N141._responsibility_for_non_cpa_partner Scope & Nature of Services (2011) ET Section 57 – Article VI – Scope & Nature of Services Retrieved from: http://www.aicpa.org/Research/Standards/CodeofConduct/Pages/et_section_57__article_vi_scope_and_nature_of_services.aspx Stevenson, N. (2010) The Accounting Framework & International Convergence Edward Elgar Publishing. Read More