The trouble with nondisclosure agreements in attest engagements: Agreeing to keep certain items confidential may result in a breach of professional standards.

Author:Allen, Ben

Client requests for confidentiality agreements or nondisclosure agreements (NDAs) are becoming common in the accounting profession. CPAs receive NDA requests in connection with both exploratory discussions about future business relationships and as part of actual service agreements for clients. The issue for accounting firms is that many NDAs contain boilerplate provisions that may conflict with professional standards and public accounting statutes.

The AICPA Code of Professional Conduct (the Code) already states (ET [section]1.700.001) that a member in public practice shall not disclose confidential information without the consent of the client, so an NDA with clients may be either redundant or in conflict with professional standards. For this reason, firms may wish to consider pushing back when asked to sign an NDA. While the preservation of confidential information is nothing new for an accounting firm, the typical NDA routinely presents the following three challenges:

* As is" clauses and warranty disclaimers.

* Return-of-information or destruction-of-information clauses.

* Prohibitions on disclosure to third parties.

These clauses may pose problems for accounting firms, including false client expectations, unnecessary liability, and conflicts with professional standards.


"As is" clauses and warranty disclaimers are commonly found in NDAs but are inconsistent with elements of certain attestation engagements. These provisions may seek to prohibit an accounting firm from relying on information provided by the client and are counter to the fundamental requirement that the auditor obtain, and management provide, certain representations in connection with the audit.

It is good practice to delete these provisions and replace them with appropriate management representations. Making this revision helps clients understand their obligation in connection with the attestation engagement. If this is not established on the front end, your client may have unrealistic expectations about the work you are going to perform, and you may not receive the information necessary to complete the engagement in accordance with professional standards.


A typical return-of-information or destruction-of-information clause requires the accounting firm to promptly return all confidential information and information derived there from to the client or to destroy the...

To continue reading