The Latest

Indemnification — Understand Your Risks

Indemnification and hold harmless clauses dictate the degree of liability of each party and the extent that each party takes on or shifts risk. Certain courts have found that hold harmless is not distinct and is the same as indemnification, while others have found the duty to hold harmless is broader than indemnification, as it also requires protection against liability.

For example, an indemnity clause typically states that one party agrees to “indemnify” the other party. To indemnify a party is to absorb the losses if something you (the “indemnitor”) does, or fails to do, which causes the other party to experience loss, damages, or even a lawsuit from a third party. CPAs are being pressured more and more by their clients to take on the “indemnitor role” and to agree to such language in engagement letters, non-disclosure agreements (“NDAs”), business associate agreements (“BAAs”) under the Health Insurance Portability and Accountability Act (HIPAA), and other agreements that may be executed between the CPA and their clients.

Most people would support and agree with the concept that if a mistake is made that results in damage to someone else, the party that made the mistake should be held responsible to “make it right.” What “making it right” looks like, of course, will depend on the facts and circumstances of a particular situation.

How this translates to the CPA/client relationship can be troublesome, given that some of the indemnity and hold harmless clauses as written are extremely broad, and there may be many contributory components to the underlying facts and circumstances that should go into the assessment of determining actual “fault.” For example, did the CPA solely contribute to the cause of the damage as a result of their negligence, or did the client or one of its representatives contribute, in part, to the underlying cause of the mistake?

Many of the indemnity and/or hold harmless clauses embedded in CPA/client agreements attempt to shift all

liability from the entity to the CPA firm, and have broad language that extends the CPA firm’s responsibilities to more than just the professional services being performed. Such agreements/contracts, such as NDAs, may be boilerplate agreements that clients use for all independent contractors. As such, they contain many legal conditions and caveats that are not necessarily appropriate with respect to the professional services being provided by the accounting firm.

CAMICO strongly encourages CPAs to take great care in reviewing any contracts or agreements containing such language; consider the worse possible scenario under the agreement and determine the level of risk your firm would be taking on. It’s important, therefore, that before

you contractually bind your firm to an arrangement of this significance, you take the time to understand all the implications of the legalese in the agreement in order to make an informed decision on terms and conditions that may pose a higher standard and/or greater liability to the firm than what would normally be anticipated. Make sure you are comfortable with the agreement and the expectations that will fall on your firm. Be prepared to reject the client opportunity if you cannot negotiate the terms to your satisfaction.

Risk Management Tips

Before signing these types of agreements/contracts, you should ensure that your firm has considered the following risk management steps and have adequately provided for the potential of additional liability risks:

  • Consult an attorney in your state before agreeing to any indemnity clause.
  • Push back! You don’t have to accept the terms as they are written in an agreement, preprinted or not.
    • Educate your client regarding the scope and limits of your engagement. This enhanced awareness may help to convince your client that a broad, all-encompassing indemnity clause is not appropriate, given the scope and limits of the engagement letter.
    • Limit any indemnity and hold harmless conditions in agreements you sign by incorporating the following three key items: (1) add language clarifying that any liability would need to be judicially determined by a court of competent jurisdiction; (2) specify that the firm is only responsible for claims that arise “solely” as a result of the firm’s gross negligence or willful misconduct; and (3) confirm that the firm will assume no obligation or liability arising in whole, or in part, from the client’s own negligence or intentional misrepresentations.
    • Understand the coverage implications of the indemnity clause, as this type of provision may lead to significant costs to a CPA firm. Professional liability insurance policies typically have an exclusion for claims arising out of liability assumed by the firm under a contract, unless that liability would have been present regardless of the existence of the contract. Be wary of contractually binding your firm to this added significant exposure; indemnification can be costly, especially if the language is broadly worded and the clause has you paying for all claims, regardless of their merit.
    • Consult an attorney in your state if you have questions regarding the efficacy and potential exposures to your firm of certain indemnification and hold harmless clauses before signing agreements containing such language.

Indemnification Hierarchy of Risk — Questions to Consider

  • Who is asking you to indemnify them? Most often you will be asked by your client to indemnify them. Sometimes a third party may ask.
  • Why are you being asked to indemnify? Determining the answer may provide information in order to suggest an alternative that is acceptable to all parties.
  • What exposure is the subject of the indemnification request? It is almost NEVER appropriate to agree to indemnify your client or third party for exposures directly related to the client’s obligations to you. For example, any request that provides indemnity for your client’s failure to accurately and timely inform you of information necessary to complete your work is very risky and not appropriate. On the other hand, client requests for indemnity for exposures unrelated to your professional services is far less risky. For example, clients may ask for indemnity for risks arising as a result of your personnel being in the client’s offices (e.g., slip and fall, damage to property, etc.). We often see large corporations, municipalities and other governmental entities making such requests.
  • Is the indemnity request limited? A broad blanket indemnification, again, is almost never appropriate. Remember, unless specifically limited, an indemnification does NOT require you to be negligent in order to trigger your duty to indemnify. On the other hand, indemnification agreements limited to exposures requiring you to be negligent and the sole cause of the loss create very little additional exposure to you.
  • What insurance issues need to be considered? By far the most important insurance issue to consider is the impact of your acceptance of indemnification on your professional liability insurance. Before you agree to any indemnification, check with an attorney in your jurisdiction or your insurance company. The other insurance issue to consider is the extent to which you can protect against the indemnity risk through other insurance. For example, many business owner policies (BOPs) address the premises risk exposure from your personnel being in the client’s offices. If you cannot insure against the risk created by the indemnification, you must consider fee/exposure leverage. Assess the size of the indemnity risk versus your fees. If the indemnification exposure is much greater than your fees, risk increases, and the reward is limited.
  • If you are still considering the indemnity request after asking these questions, consult your legal advisor. Never decide on your own. Indemnification law varies by state, so this risk discussion does not address every possible issue or solution on a per-state basis.

More information about CAMICO insurance solutions and risk management programs is available at www.camico.com.

Share this article