FTC, SEC make consumer privacy a priority for many CPAs.
New federal regulations require providers of certain financial services to protect the privacy of nonpublic personal information they collect from their clients.The FTC and SEC issued these rules pursuant to the Graham-Leach-Bliley Act of 1999. The rules become mandatory July 1.
The FTC rule requires practitioners who are "significantly engaged" in preparing tax returns for or providing financial or tax planning services to individuals to disclose to clients certain information about their privacy policies and practices. CPAs who provide such services should familiarize themselves with the new requirements.
In order to comply with the regulations, CPAs must be sure they understand the term "significantly engaged." Although the FTC rule does not include a definition, it offers examples to illustrate its intent.
The rule also specifies that affected practitioners must make some disclosures to all new clients and others to existing clients each year.
CPAs must disclose to their clients the nature of the data they collect and which segments they are likely to share and with what kinds of organizations. CPAs also must inform clients they can prohibit such sharing of their nonpublic personal information. Notices of these policies must be clear, conspicuous and in writing--unless the client agrees to electronic notification.
Appendix A of the FTC rule provides sample language practitioners can use--in engagement letters and other client communications--to describe their privacy policies and practices and thus satisfy their obligations under the new rule.
The SEC rule (regulation SP), which contains similar provisions, applies to investment advisers registered with the commission. State-registered advisers must comply with the FTC rule unless their state imposes stricter requirements.
The AICPA does not expect practitioners to find compliance difficult. But it believes the new regulations duplicate existing confidentiality requirements in state licensing laws, in the Code of Professional Conduct and in the Internal Revenue Code, which provides criminal misdemeanor penalties for unauthorized disclosure of information received for the preparation of clients' tax returns.
The AICPA therefore intends to seek administrative relief for CPAs. Even if it succeeds, however, relief will not come before the rules take effect. So, every CPA performing services the rules cover must plan to comply with them by July.
In the meantime, the Institute has set up a task force to develop practice guidelines and has created an online presentation on the SEC rule. It is available at the AICPA Center for Investment Advisory Services Web site, investmentadvisory. aicpa.org/reg/issues.htm. Members also can call a regularly updated telephone information line (202-434-9216) to stay abreast of significant developments, as well as the practice guidance (to be issued in May) that will help them comply with the new provisions.
The FTC and SEC regulations are available at their Web sites--www.ftc. gov/os/2000/05/65fr33645.pdf and www.sec.gov/rules/final/34-42974.htm, respectively.
 Printer friendly
 Cite/link
 Email
 Feedback
| |
| Title Annotation: | privacy of information collected from tax clients |
|---|---|
| Publication: | Journal of Accountancy |
| Geographic Code: | 1USA |
| Date: | Apr 1, 2001 |
| Words: | 469 |
| Previous Article: | Follow fraud to the likely perp. |
| Next Article: | Want to add to your professional portfolio? The proposed global credential - an option for CPAs. |
| Topics: | |