Accounting & Auditing

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.

Ethics

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.

Leadership

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.

Practice Management

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.

Technology

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.

Tax

By John F. Raspante, CPA, CDFA

The CPA profession is experiencing unprecedented challenges, including, but not limited to, historic staffing issues. The difficulties in hiring and retaining staff began prior to the COVID-19 pandemic, but it has been more acute during the pandemic and through the recovery. One possible solution may lie in the outsourcing of various accounting services. Tax preparation outsourcing, for example, is not new to the profession; many firms have been outsourcing both tax and bookkeeping services both within the United States and offshore.

Joe Tarasco, CEO and president of Accountants Advisory Group, consultant to the CPA profession, notes the challenge to firm mergers and acquisitions resulting from the staffing crisis. Consequently, he has seen CPA firms post-acquisition lean toward outsourcing as a means to service the added clientele resulting from the acquisition.

While outsourcing may be a solution to staffing issues, CPAs need to be vigilant regarding the inherent risk and regulatory requirements when outsourcing. Some of the risks, for example, may include client disclosures, cyberbreaches, and added due diligence and review.

Client Disclosures

Initially, some clients may view CPAs outsourcing their work as a threat to confidentiality and security of their personal and business data. The AICPA and the Pennsylvania State Board of Accountancy both have confidentiality standards, in addition to Internal Revenue Code Section 7216, to help alleviate this threat.¹ These rules, in part, mandate that members/licensees must not disclose confidential client information without the consent of the client, with limited exceptions as described in the rules and its interpretations. The key term is “consent.”

Outsourcing can either be domestic or offshore. Domestic outsourcing requires consent, which may be obtained through an engagement letter. The CPA would add a paragraph to the engagement letter similar to the example below:

We may, from time to time, and depending on circumstances, use third-party service providers to assist in preparing your return, but these preparers will not make substantive decisions concerning your return. We may share your tax return information with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures, and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. In the event that we are unable to secure an appropriate confidentiality agreement, you will be asked to provide your consent prior to the sharing of your confidential information with the third-party service provider. Furthermore, we will remain responsible for the work provided by any such third-party service providers.

When outsourcing takes place offshore, CPAs and tax preparers need to be mindful of IRC Section 7216. There are various types of permitted disclosures and certain requirements to obtain stand-alone client disclosures. The concern with offshore outsourcing is the potential for a standalone disclosure.

Cyberbreaches

Any time data is transferred through the internet, the threat of unauthorized access grows. The issue of breaches with outsourcing is not as prevalent with domestic outsourcing as it is with offshore outsourcing. CPAs need to ensure the safe journey of client data through international borders and reinforce the best practices in place to protect their clients’ data. CPAs need to adhere to strict due diligence over the safeguards third-party outsource groups undertake to protect data.

Added Due Diligence and Review

The staffing relief offered by outsourcing is obvious, but there is still a requirement to review and apply due diligence to all work outsourced. This is an expectation instilled in your clients and cannot be overlooked. Many of the professional liability claims that plague CPAs have an underpinning in the lack of proper review and due diligence.

When applied effectively and safely, outsourcing can offer much-needed staffing relief and allow for added growth to firms of all sizes.

¹ AICPA Et Section 001-Confidentail Client Information Rule, Pennsylvania State Board, Title 49, Section 11.30 - confidential client information.

John F. Raspante, CPA, CDFA, is director of risk management at McGowan Pro in the New York metropolitan area. He can be reached at jraspante@mcgowanprofessional.com.

Sign up for weekly professional and technical updates from PICPA's blogs, podcasts, and discussion board topics by completing this form.