As discussed in an earlier post on this blog [accountants targeted in new wave of wire-transfer scams] and also in the email alerts from the CPAGold partner-producer NAPLIA, accountants have been receiving, in recent months, a growing number of bogus client email messages requesting that the accountants initiate electronic transfers of funds from client bank accounts to third party bank accounts. These requests, when honored, have resulted in losses to the clients and claims against the accountants. The perpetrators of these schemes have capitalized on the absence of clear procedures between accountants and their clients, as well as the desire of accountants to please their high-net-worth clients. Obviously, the safest course, from a risk management perspective, is not to initiate, under any circumstances, an electronic transfer of client funds, on the ground that such an action would constitute an improper delegation of the client’s authority. If, however, you elect to accept that delegation of authority, at least part of the solution to the risk of a fraudulent request is to establish with your client clear procedures for communicating such requests, and strict adherence to those procedures. Your engagement letter is the ideal vehicle for establishing those clear procedures. I suggest, therefore, when your services will include the possibility of initiating electronic transfers of client funds, including a provision along these lines in your engagement letter (and insisting that the client sign and return the letter):
Template Engagement Letter Provision
(In the body of the letter):
Pursuant to the terms of this engagement, you have authorized us to initiate an electronic funds transfer (“EFT”) from your accounts at financial institutions to those of third parties as you may specifically request from time to time (the “Request”). The accounts from which EFTs may be initiated are identified in the attached Exhibit “A”. In an effort to protect against the risk of fraud in connection with EFTs, if you do not make the Request in person and sign the EFT request form that we present to you at that time, and instead we receive a Request remotely in a communication that is purportedly initiated by you—such as a telephone call, letter, facsimile, email message or text message—we will only comply with the Request if we are able to confirm that you are, in fact, the source of the Request by, (1) speaking or text messaging directly with you in a communication that we initiate to your cellular device at the number set forth in the attached Exhibit “B”; and, (2) obtaining from you during that communication, in response to the question set forth in the attached Exhibit “C”, the answer also set forth therein. If we are unable to confirm the Request by means of these procedures, then we will not comply with the Request and you agree to indemnify us, defend us and hold us harmless as against any claim of harm that you or any third party may assert against us in connection with our decision not to comply with the Request.
(At the end of the letter, just above your signature):
If, after full consideration and consultation with counsel if so desired, you agree that the foregoing terms shall govern this engagement, please sign this letter in the space provided but YOU SHOULD NOT transmit the signed letter and attached Exhibits to us by mail, facsimile or electronic means. Instead, to preserve the confidentiality of your information, YOU SHOULD hand-deliver the original signed letter and attached Exhibits to our office or present the original signed letter to us at our next meeting, keeping a fully-executed copy for your records.
By Ralph G. Picardi, Esq.
© February 2015, PICARDI LLC