Your boss is breaking the law, what do you do?

aat comment

At some point in your career, whether you work in practice or in industry, you may well find that your employer, or a client, is acting outside of laws and regulations.

It’s a difficult situation: as an accountant, you are obliged to ensure your clients and employer comply with the law. On the other hand, they employ you and you have certain obligations to them. So what do you do? IFAC’s International Ethics Standards Board for Accountants (IESBA), which maintains the international Code of Ethics for Professional Accountants to serve as a model for all ethics codes used by professional accountancy bodies, has updated its code to include provisions on NOCLAR (non-compliance with laws and regulations), effective from July.

AAT’s Code of Professional Ethics has been updated accordingly. The update will help to guide accountants on how to deal with an act, or suspected act, of non-compliance, taking into account the different types of accountants; their different spheres of influence; their different levels of authority, responsibility and decisionmaking; and the different levels of public expectations.

The main point to consider is whether the incident could cause substantial harm to the public at large. If there is a need to protect the public, the obligations of confidentiality will fall away, and you will have the right to report the matter to the appropriate authority. The guide makes clear that turning a blind eye to potential non-compliance is not an option for accountants. IESBA wants to increase awareness among accountants of their legal and regulatory responsibilities in the event of NOCLAR, as many cases go unreported.

What classes as NOCLAR

NOCLAR is defined as any act of omission or commission committed by a client or employer, intentional or not, that is contrary to prevailing laws and regulations. It covers breaches of laws and regulations that directly affect the client or employer’s financial statements or business material in a fundamental way, including money laundering, bribery and fraud, among other things. The IESBA standard forms the basis of AAT’s Code of Professional Ethics, which is split into two approaches, for licensed members and members in business. Each group has its own proportionate approach to reporting NOCLAR.

Determining NOCLAR

You need to ask yourself the following questions when you come across an act, or suspected act, of NOCLAR. Firstly, is disclosure permissible under the law of the country you practise in? If there is no prohibition on disclosure, you need to consider three questions: do you have an appropriate authority to talk to, are there protections in place, and are there personal-harm and safety risks? That will go some way to determining the severity of the situation, and how you might need to act.


Those of you who work in practice may be worried that clients will be less likely to confide in you as a result of the standard. But it’s important to remember that you can only break confidentiality in cases where you have protection from laws and regulations that govern your own confidentiality. The standard looks to increase the service offered to clients and employers, bringing non-compliance to light and addressing it appropriately.

Farida Rahman-Wright Farida Rahman-Wright is AAT's Professional Standards Manager.

Related articles