Welcome

Professional ethics and ACCA code - Responsibility regarding...

ResourcesProfessional ethics and ACCA code - Responsibility regarding...

Learning Outcomes

After studying this article, you will be able to explain the confidentiality principle as set out in ACCA’s Code of Ethics and Conduct. You will understand what confidential information is, when disclosure is required or permitted, and the auditor’s duties in preserving client confidentiality during and after an audit.

ACCA Foundations in Audit (FAU) Syllabus

For ACCA Foundations in Audit (FAU), you are required to understand your responsibilities regarding confidentiality as part of professional ethics. In particular, ensure you can:

  • Describe the fundamental ethical principle of confidentiality for auditors and professional accountants.
  • Identify circumstances where disclosure of confidential information is required by law, permitted by professional duty, or prohibited.
  • Explain the importance of secure handling of client information and measures to maintain confidentiality.
  • Recognise the implications of breaches of confidentiality and the potential consequences for auditors and the profession.

Test Your Knowledge

Attempt these questions before reading this article. If you find some difficult or cannot remember the answers, remember to look more closely at that area during your revision.

  1. Which of the following best describes the auditor’s duty of confidentiality?
    1. All client information must remain confidential, regardless of circumstances.
    2. Confidential information can be disclosed if the auditor considers it appropriate.
    3. Confidential information can only be disclosed with client consent, unless required by law or permitted by professional duty.
    4. Confidentiality is only relevant after the completion of the audit.
  2. Under what circumstances is an auditor permitted to disclose confidential client information without explicit client consent?
    1. Never, under any circumstance.
    2. If required by law or professional regulation.
    3. If the auditor disagrees with the client’s accounting policies.
    4. Only after leaving the profession.

  3. True or false? The duty of confidentiality remains in force even after an auditor ceases to act for a client.

  4. What procedures should an audit firm have in place to protect confidential information during and after an engagement?

Introduction

Confidentiality is a key principle for auditors and professional accountants. Clients trust auditors with access to sensitive information. This trust helps ensure effective audits and underpins the reputation of the profession. However, there are situations where confidentiality may legally or ethically be set aside. Understanding these scenarios and adopting strict security measures is essential in maintaining high professional standards—and in avoiding disciplinary or legal action.

Key Term: confidentiality
The obligation for auditors and professional accountants to refrain from disclosing or using client or employer information acquired during professional work, except in limited, specific circumstances.

THE FUNDAMENTAL PRINCIPLE OF CONFIDENTIALITY

Auditors must not disclose any information acquired during the audit to third parties without:

  • the client’s explicit permission,
  • a legal requirement, or
  • a professional duty to report.

Respecting confidentiality is not only about what auditors say. It also extends to how information is recorded, stored, accessed, and used.

Key Term: client information
Any data, documentation, or knowledge obtained in the course of professional work that is not publicly available and relates specifically to the client or employer.

REQUIREMENTS OF THE ACCA CODE OF ETHICS

The ACCA Code lists confidentiality as one of five fundamental principles. As a member or student, you must:

  • Not disclose confidential information outside the firm unless:
    • Required by law (e.g., under anti-money laundering regulations, court orders, or statutory investigations),
    • Permitted by professional duty (such as reporting a suspected fraud to a regulatory authority),
    • Given specific authority by the client.
  • Not use confidential information for personal advantage or for the advantage of a third party.
  • Continue to respect confidentiality even after the professional relationship ends.

Worked Example 1.1

An audit manager at LMN Accountants discovers during an audit that a company director is diverting funds for personal use. Is the audit manager allowed or required to disclose this information to anyone outside the audit team?

Answer:
Disclosure is required if there is a legal duty, such as under anti-money laundering legislation or when served with a court order. Otherwise, the audit manager may need to inform an appropriate regulatory or professional body but should not disclose to third parties or the public. The manager must ensure evidence is handled securely throughout.

CIRCUMSTANCES ALLOWING OR REQUIRING DISCLOSURE

Disclosure of confidential information is permitted or required in only specific situations:

  1. Legal requirement: Disclosure is necessary if required by law (e.g., money laundering, terrorist financing, tax evasion, statutory reporting to regulators).
  2. Professional duty or public interest: Reporting certain issues—such as suspected fraud, misconduct, or where there may be a risk to the public—may be required by ACCA Rules, even if not specifically required by legislation.
  3. Client consent: Where the client authorises the disclosure, either expressly or implied by the nature of the engagement (e.g., providing information to tax authorities).
  4. Defence of the accountant or firm: If the auditor is sued or subject to disciplinary proceedings, disclosure to legal advisers or the tribunal may be allowed, but only relevant information should be revealed.

Outside of these scenarios, the auditor must not share or use client information for any purpose unrelated to their professional work.

Worked Example 1.2

A partner receives a request from an acquaintance who works at a bank to confirm whether XYZ Ltd. is in financial difficulty after reading press rumours. Should the partner disclose any information gained during the audit?

Answer:
No, unless the client has granted authorisation or disclosure is required by law or regulation. Rumour or commercial curiosity is never a valid reason for breaching confidentiality.

SECURITY MEASURES AND SAFE HANDLING OF INFORMATION

Audit firms must have procedures to ensure confidentiality is protected at all times:

  • Physical security: Keep files in locked cabinets, never leave documents unattended on client premises or in vehicles.
  • IT security: Encrypt files, use secure passwords, restrict access to confidential electronic data, ensure firewalls and virus protection are up to date.
  • Staff training: Ensure everyone understands the importance of confidentiality and the correct handling of client data.
  • Discussions: Never discuss client matters in public places or with unauthorised persons.
  • Data retention: Retain working papers securely for the required period, then ensure secure destruction.

Key Term: safe custody
The obligation to keep all client records and information physically and electronically protected from unauthorised access, loss, or theft.

BREACHES OF CONFIDENTIALITY: IMPLICATIONS

Failing to preserve confidentiality can result in:

  • ACCA disciplinary action (possible suspension or removal from membership)
  • Legal action by the client for damages
  • Reputational damage to the firm and individual
  • Loss of trust in the profession

Maintaining client confidentiality is essential for the continued trust placed in auditors by the public, regulators, and employers.

Exam Warning

A common error is believing any suspicion of wrongdoing justifies disclosure. Unless reporting is required by law or the ACCA Code, unauthorised disclosure is itself a breach of ethics.

Revision Tip

Before discussing a client’s situation, always consider: “Does this person have legal or professional authority to know this information?” If in doubt, seek guidance from a senior colleague or the ACCA.

Summary

Confidentiality remains one of the central duties of an auditor. Information obtained during the audit is not to be disclosed except in strictly controlled situations—most commonly, where required by law, by professional duty, or with client consent. Auditors should ensure robust procedures are in place to secure all client data, and recognise that this duty extends beyond the end of their engagement.

Key Point Checklist

This article has covered the following key knowledge points:

  • Explain the fundamental principle of confidentiality under ACCA’s Code of Ethics and Conduct
  • Identify when disclosure of client information is permitted or required
  • State the duty to secure client documents and electronic data from unauthorised access
  • Describe the possible consequences of breaching confidentiality
  • Recognise the importance of proper procedures and staff training for maintaining confidentiality

Key Terms and Concepts

  • confidentiality
  • client information
  • safe custody

Assistant

How can I help you?
Expliquer en français
Explicar en español
Объяснить на русском
شرح بالعربية
用中文解释
हिंदी में समझाएं
Give me a quick summary
Break this down step by step
What are the key points?
Study companion mode
Homework helper mode
Loyal friend mode
Academic mentor mode
Expliquer en français
Explicar en español
Объяснить на русском
شرح بالعربية
用中文解释
हिंदी में समझाएं
Give me a quick summary
Break this down step by step
What are the key points?
Study companion mode
Homework helper mode
Loyal friend mode
Academic mentor mode

Responses can be incorrect. Please double check.