We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

AICPA Sues FTC to Block Red Flags Applicability to Accountants

12 November 2009

The American Institute of Certified Public Accountants (AICPA) on Tuesday filed a lawsuit against the Federal Trade Commission (FTC) challenging the applicability of the agency's Red Flags Rule to Certified Public Accountants.  This comes on the heels of district court ruling in a lawsuit brought by the American Bar Association (ABA) reported here that the regulations do not apply to lawyers.

 We do not believe that there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered,” said  AICPA President and CEO Barry Melancon. “As trusted advisors, CPAs are personally acquainted with their clients and already adhere to strict privacy requirements governing identifying information.

The accountants' lawsuit  alleges primarily that the FTC lacks authority to regulate CPAs just as it lacks authority to regulate lawyers, both of whom are regulated by state authorities.  In addition, the lawsuit claims that the FTC failed to explain how the manner in which public accountants bill their clients in the normal course of business constitutes an "extension of credit" under the rule and that it failed to identify any legally supportable basis for applying the rule to accountants.   The FTC specifically referred to accountants as potentially covered entities in its FAQs concerning the rule published over the Summer.  In promulgating the rule, the AICPA alleges that the FTC never identified CPAs as potentially covered entities.

The Red Flags rule has been the source of significant controversy which,  in addition to the lawsuit by the American Bar Association, has resulted in repeated extensions of the FTC enforcement date.  Currently, the FTC is set to enorce the rule on June 1, 2010.

Cybersecurity in the Health Sector

The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...

02 May 2016
Loading data