Understanding nonattest services independence rules related to information systems.

• Author: Dickson, Michael R.

The past several months have brought a series of actions by the AICPA designed to help clarify many questions related to independence including:

* An omnibus proposal dated March 19, 2003, in which the AICPA Professional Ethics Executive Committee (PEEC) published an exposure draft seeking comments on proposed revisions under Rule 101 related to independence.

* Revisions to the Code of Professional Conduct, issued by the PEEC in August 2003, to be effective Sept. 30, 2003.

* A Background and Basis for Conclusion document published by the AICPA in December 2003, which provides further interpretation and revision to 101-3.

These changes have created concern among CPAs in public practice and industry related to the nature of nonattest services auditors can offer their attest clients.

The interpretations discuss a number of nonattest services; however this article will be focused on nonattest services in the bookkeeping, information systems, and business risk consulting areas.

The conceptual framework for determining if a firm is independent with respect to its attest engagements has not changed much. The primary focus remains on prohibiting a member from performing management functions, or making management decisions, but there are some specific interpretations that may cause difficulty for CPA firms that provide certain IT-related services for their attest clients, and more emphasis is placed on documenting the nature of the nonattest services and relationship with the attest client.

The recent revisions also bring into Section 101 rules that have previously existed in other sections of the code of professional conduct. These are perceived as major changes, but they are primarily a clarification and extension of past requirements, rather than radical new rules. The overarching changes are summarized below:

1) The revised rules require compliance with the independence rules of certain other regulatory bodies when a member provides a nonattest service for a client and the independence rules of the regulatory body are more restrictive than the AICPA's. This is a logical approach for dealing with regulatory bodies such as the Securities and Exchange Commission, General Accounting Office, and the Department of Labor, whose rules apply nationally. However a significant challenge is presented by stipulating that the individual rules of each State Board of Accountancy also must be considered when determining independence under the new rules. As of...