Title :        AUDIT LIABILITY- part 15 - Identifying Risky Clients - Broad Considerations
   Author : Mark L. Cheffers*  

One of the most effective ways to protect your practice from abrupt catastrophe or failure is to practice ongoing client screening. In particular, this means not only developing a re-acceptance process, but also linking that process to a centralised client-risk-profile database that can be used to make firm-wide decisions. How to do it? Read on .... - Editor.

Get More Out of Your Planning Stage - The planning stage of nearly every engagement involves some level of risk assessment. Acceptance or re-acceptance assessments are most often made in an informal way at those early planning meetings. For the firm looking to enhance its loss prevention/quality control efforts, the information gathered in these meetings should be expanded and centralised so that both individual and firm-wide decisions can be made about the firm's risk profile.

Enron as an Example - In what has become the most infamous client re-acceptance memo assessment, Andersen raised the question whether to continue its relationship with Enron. A judgment was made that could be described as, "the fees are worth the risk." Among the group making that decision were some of the brightest professionals in the business.

We believe the answer to that question may have been different if Andersen had taken two further steps.

First, they should have been forced to identify and then quantify the effects of an Enron worst-case scenario. How much exposure and from what (categories of stakeholders) are examples of questions that could be assessed. If they had done that, they would have been forced to acknowledge that their liability exposure because of an Enron failure would be firm threatening. This in turn might have resulted in a different path for Andersen.

Second, more information needs to be gathered about the risk circumstances. As with audit procedures, if one performs certain steps and comes up with questions the answers to which could be material, then more steps need to be taken. Similarly, it is not good enough to come up with a conclusion that a client is risky. Some effort at quantifying that risk must be made. That effort almost certainly will include gathering more information. In the case of Enron, the effort to gather more information for the committee in question might have caused a different outcome. If someone on that client acceptance committee had suggested that more information be gathered about the exposure associated with the SPEs, Andersen might have learned that more than one-third of all of Enron's debt was kept off its balance sheet. That fact alone might have caused a different outcome. It seems clear that many members of the committee that made the re-acceptance decision did not have enough information to make it.

Centralise Data Collection - Continuing the use of Enron as an example, it should be clear that some thought needs to be given to improving and formalising re-acceptance procedures and risk assessments. An integral part of these improvements should be a formal mechanism for collecting such assessments centrally. Think about this recommendation in the context of a diversified investment portfolio. One diversifies because one wants to minimise the risks inherent in individual stock movements. However, if a mutual fund manager becomes knowledgeable of a particular problem investment, he will trade that share away. It is not sufficient for him to keep the stock on the basis that he has a diversified portfolio and while he looses in one place he will gain in another. The truth is that a bad outcome in one investment can result in a complete loss of investment worth, while a good outcome might result in a 10 or 20% increase. A disproportion exists between a bad apple and a good one. A good apple might taste great. A bad apple is not edible. The same is true with clients in your portfolio. A disproportion exists between a "good" risky client and a "bad" risky client. The first might pay higher fees, but the second can sink you. This disproportion is made even greater when it comes to professional engagements. The reason is that with a bad outcome, the losses can be far greater than the amount of investment. It can be the sum total of everyone else's investments as well.

As a result, each firm should have some ability to collect information about its overall risk profile. That profile might assess things like industry concentrations, geographic concentrations, types of engagements, types of engagements in areas where expertise is lacking and concentrations (or lack thereof) in sizes of clients. For example, if a firm has too many communications-related clients, as is obvious that Andersen did, it needs to know that prior to a widespread industry failure.

Summary - A key control for protecting your practice is the application of client screening or re-acceptance processes. Each client and type of service poses a certain risk to the firm. A step in protecting the firm is to develop a client-risk-profile by firm, office, or practitioner. This profile should form part of the firm's formal "re-acceptance" of clients that should take place every year. A formal "re-acceptance" of a client is an excellent way to put all of the issues related to a client on the table, including fees, risk profiles, resource allocations and the potential for additional services. The client risk profile allows the practitioner to identify and understand the risks inherent in the firm's client base. These processes should be collected centrally and reviewed by management periodically in a similar way that mutual funds assess their holdings. But why go to all this effort? The answer is simple. The cost of a failure is grossly disproportionate to the benefit from a success.




1. Account payee

6. CRR

7. Indentures

10. Attorney at law

14. BO

16. Canon law

18. Reserves


23. RBI

24. Hacking

26. IOU

27. Hen

28. WT-wealth tax

29. Appeal

31. Litre

32. Lot

34. Fiduciary loan





1. After born child

2. China

3. Update

4. TAN

5. Wipro

8. UAE

9. Sitins

11. RC

12. YEN

13. AOA

15. Escheat

16. CS

17. Wrigley

19. Recipe

20. ESI

21. KG

22. Title

23. Rufiyaa

25. Nil

30. Anti

33. ITR





*Mark L. Cheffers, CPA, ABV, is the founder of `'. He is a former PWC manager, Harvard MBA and highly experienced litigation consultant.


Disclaimer : The views in this article are author's point of view. may or may not subscribe to the views of the author. This article is not intended to substitute the legal advice. No portion of this article may be copied, retransmitted, reposted, duplicated or otherwise used, without the express written approval of the author.
The Copyright of the article is with the author.