CPA firms are experiencing an uptick in clients trying to embed indemnification and/or hold-harmless clauses in various agreements with the firms. Many of the clauses are inappropriate for CPA services or are overly broad, even to the point of shifting all liability to the CPA firms. Here are some considerations to weigh before agreeing to any such clauses.
Indemnification and hold-harmless clauses dictate the degree of liability of each party and the extent that each party takes on or shifts risk. Certain courts have found that "hold harmless" is not distinct and is the same as indemnification, while others have found the duty to hold harmless is broader than indemnification and requires protection against liability.
For example, an indemnity clause typically states that one party agrees to "indemnify" the other party. To indemnify a party is to absorb the losses if something you (the "indemnitor") do, or fails to do, causes the other party to experience loss, damages or even a lawsuit from a third party. CPAs are being pressured more by their clients to take on the "indemnitor role" and to agree to such language in engagement letters, nondisclosure agreements (NDAs), business associate agreements under the Health Insurance Portability and Accountability Act (HIPAA), and other agreements that may be executed between CPAs and their clients.
Most people would support and agree with the concept that if a mistake is made that results in damage to someone else, the party that made the mistake should be held responsible to "make it right." What "making it right" looks like, of course, will depend on the facts and circumstances of a particular situation.
How this translates to the CPA/client relationship can be troublesome, given that some of the indemnity and hold-harmless clauses as written are extremely broad, and there may be many contributory components to the underlying facts and circumstances that should go into the assessment of determining actual "fault." For example, did the CPA solely contribute to the cause of the damage as a result of his or her negligence, or did the client or one of its representatives contribute, in part, to the underlying cause of the mistake?
Many of the indemnity and hold-harmless clauses embedded in CPA/client agreements attempt to shift all liability from the entity to the CPA firm, and include broad language that extends the CPA firm's responsibilities to more than just the professional services being performed. Such agreements, such as NDAs, may be boilerplate agreements that clients use for all independent contractors. As such, they contain many legal conditions and caveats that are not necessarily appropriate with respect to the professional services being provided by the accounting firm.
CAMICO strongly encourages CPAs to take great care in reviewing any contracts or agreements containing such language; consider the worst possible scenario under the agreement and determine the level of risk the firm would be taking on. It’s important, therefore, that before you contractually bind the firm to an arrangement of this significance, take the time to understand all the implications of the legalese in the agreement. Doing so will enable you to make an informed decision about any terms and conditions that may pose a higher standard and greater liability to the firm than what would normally be anticipated. Make sure you are comfortable with the agreement and the expectations that will fall on the firm. Be prepared to reject the client opportunity if you cannot negotiate the terms to your satisfaction.
Risk management tipsBefore signing these types of agreements/contracts, CPAs should ensure that their firm has considered the following risk management steps and adequately provided for the potential of additional liability risks:
- Consult an attorney in your state before agreeing to any indemnity clause.
- Push back! You don’t have to accept the terms as they are written in an agreement, preprinted or not.
- Educate your client regarding the scope and limits of your engagement. This enhanced awareness may help to convince your client that a broad, all-encompassing indemnity clause is not appropriate, given the scope and limits of the engagement letter.
- Limit any indemnity and hold-harmless conditions in agreements you sign by taking all three of the following key steps: (1) add language clarifying that any liability would need to be judicially determined by a court of competent jurisdiction; (2) specify that the firm is responsible only for claims that arise “solely” as a result of the firm’s gross negligence or willful misconduct; and (3) confirm that the firm will assume no obligation or liability arising in whole, or in part, from the client’s own negligence or intentional misrepresentations.
- Understand the coverage implications of the indemnity clause, as this type of provision may lead to significant costs to a CPA firm. Professional liability insurance policies typically have an exclusion for claims arising out of liability assumed by the firm under a contract, unless that liability would have been present regardless of the existence of the contract. Be wary of contractually binding your firm to this added significant exposure; indemnification can be costly, especially if the language is broadly worded and the clause has you paying for all claims, regardless of their merit.
- Consult an attorney in your state if you have questions regarding the efficacy and potential exposures to your firm of certain indemnification and hold-harmless clauses before signing agreements containing such language.
Indemnification hierarchy of risk— questions to considerWhen asked to sign an indemnity agreement, CPAs should ask themselves the following questions:
- Who is asking you to indemnify them? Most often you will be asked by your clients to indemnify them. Sometimes a third party may ask.
- Why are you being asked to indemnify? Determining the answer may provide information in order to suggest an alternative that is acceptable to all parties.
- What exposure is the subject of the indemnification request? It is almost never appropriate to agree to indemnify your client or third party for exposures directly related to the client’s obligations to you. For example, any request that provides indemnity for your client’s failure to accurately and timely inform you of information necessary to complete your work is very risky and not appropriate. On the other hand, client requests for indemnity for exposures unrelated to your professional services is far less risky. For example, clients may ask for indemnity for risks arising as a result of your personnel being in the client’s offices (e.g., slip and fall, damage to property, etc.). We often see large corporations, municipalities and other governmental entities making such requests.
- Is the indemnity request limited? A broad blanket indemnification, again, is almost never appropriate. Remember, unless specifically limited, an indemnification does not require you to be negligent in order to trigger your duty to indemnify. On the other hand, indemnification agreements limited to exposures in which you are judicially found negligent and the sole cause of the loss create very little additional exposure to you.
- What insurance issues need to be considered? By far the most important insurance issue to consider is the impact of your acceptance of indemnification on your professional liability insurance. Before you agree to any indemnification, check with an attorney in your jurisdiction or your insurance company. The other insurance issue to consider is the extent to which you can protect against the indemnity risk through other insurance. For example, many business owner policies (BOPs) address the premises risk exposure from your personnel being in the client’s offices. If you cannot insure against the risk created by the indemnification, you must consider fee/exposure leverage. Assess the size of the indemnity risk versus your fees. If the indemnification exposure is much greater than your fees, risk increases, and the reward is limited.
- If you are still considering the indemnity request after asking these questions, consult your legal adviser. Never decide on your own. Indemnification law varies by state, so this risk discussion does not address every possible issue or solution on a per-state basis.
Suzanne M. Holl, CPA, is senior vice president of loss prevention services with CAMICO ( www.camico.com ). With almost 30 years of experience in accounting, she draws on her Big Four public accounting and private industry background to provide CAMICO’s policyholders with information on a wide variety of loss prevention and accounting issues.