On May 30, 2013, the Nevada Supreme Court issued a little-noticed decision that could have big implications for disputes between auditors and their clients. The case, Cucinotta v. Deloitte & Touche LLP, held that Deloitte & Touche LLP (Deloitte) was absolutely privileged against civil liability for reporting allegedly defamatory information to its client’s audit committee pursuant to express requirements of the federal securities laws.[1] While the decision is narrowly drawn, it implies a broad defense for auditors who do what they are required to do – whether by federal or state law, regulatory action, or professional standards – and adds a potentially valuable tool for managing disputes with audit clients.

The Nevada Case

In the course of audit work for an unrelated client, Deloitte obtained a copy of an FBI intelligence bulletin containing allegations of serious criminal activity by two executives of its client Global Cash Access Holdings, Inc. (GCA). Because the intelligence bulletin contained “information indicating that an illegal act . . . may have occurred,” Deloitte concluded that it had a duty under Section 10A of the Securities Exchange Act of 1934 to disclose the allegations to the GCA audit committee.[2]

An investigation conducted by an independent law firm ultimately identified no evidence of misconduct either by the company or the executives named in the FBI bulletin. Nevertheless, the two executives were forced to resign. Although not discussed in the court’s opinion, the pleadings reveal that the executives threatened to sue Deloitte. As required by professional standards, Deloitte informed the audit committee that the threat of litigation undermined its independence and would require Deloitte to withdraw as the company’s auditor. The company thereafter requested the executives to withdraw the threat and, when they refused, requested their resignations.

The two executives filed suit against Deloitte alleging defamation, tortious interference with their contracts with GSC and tortious interference with prospective business advantage. Following limited discovery, the lower court granted summary judgment in favor of Deloitte and the executives appealed.

The Nevada Supreme Court’s decision is straightforward. The court adopted Section 592A of the Restatement (Second) of Torts, which provides that “[o]ne who is required by law to publish defamatory matter is absolutely privileged to publish it.”[3] The court noted several decisions of other courts applying Section 592A in a variety of contexts. Although neither the court nor the parties’ briefs identified any precedent for applying Section 592A to communications by an auditor, the Court readily found that the Section accorded Deloitte’s communications an absolute privilege as a matter of law. Summary judgment, therefore, was affirmed.

Implications As Precedent

The Nevada court was careful to limit the scope of its decision. The court emphasized that the “class of absolutely privileged communications . . . remains narrow and is limited to those communications made in judicial or quasi-judicial proceedings . . . [or] in the discharge of a duty under express authority of law.” On the facts, the court addressed only the narrow situation of information specifically required to be disclosed to the specific audience identified in a federal securities statute that specifically regulates the audit relationship. But the decision stands as precedent for significantly broader protections in several respects.

First, although Section 592A on its face provides a defense only to an action for defamation, the Nevada court also relied on the Section to affirm summary judgement on the executives’ claims for tortious interference. As the court noted, the underlying rationale for Section 592A is that “one who is required by law to do an act does not incur liability for doing it.”[4] This common-sense principle implies not only immunity from suit on defamation grounds, but on any grounds. The court’s disposition of the tortious interference claims supports this construction.

Moreover, there is no principled reason to limit an auditor’s immunity to communications required by the federal securities laws. Auditors regularly are required to make disclosures and report information under many other statutes and regulations, as well as professional standards. Although professional standards are not themselves laws, auditors are legally obligated to comply with generally accepted auditing standards (GAAS) as a matter of contract (i.e., their engagement letters), state tort law (which allows malpractice actions for failing to comply with GAAS), and the state statutes and regulations governing the licensure of public accountants.[5]

Again, a closer look at the Nevada case demonstrates the point. The executives’ claims against Deloitte were not limited to Deloitte’s disclosure of the allegedly defamatory information in the FBI bulletin. The executives did not lose their jobs because of that disclosure. To the contrary, they were exonerated by an independent investigation. The executives only lost their jobs after Deloitte advised the board of directors that the executives’ threat of litigation would require Deloitte to resign as the company’s auditor. Although the opinion does not discuss the issue, the court’s disposition effectively extended the absolute privilege to Deloitte’s communication, as required by professional standards, that it would resign if the threat of litigation was not resolved.

This result, like the underlying rationale set forth in the Restatement itself, suggests a broad rule that auditors should be privileged against liability in any situation in which they act as they are required to act, regardless of the source of that obligation.

Managing Client Disputes

The specific facts of the Deloitte case were highly unusual. But auditors frequently have disagreements with management or other client personnel about how information identified in an audit should be interpreted, whether that information is material, or what should be reported to an audit committee, a regulator, or in the client’s financial statements. Occasionally, these disputes boil over into litigation.

In one recent, widely publicized case, a regional accounting firm suffered a multi-million dollar adverse jury verdict in a dispute with notable similarities to the case in Nevada. Many of the key facts were hotly disputed, but the basic outline involved a disagreement with management over accounting estimates, the auditors reporting that disagreement to the board, an actual or alleged threat of litigation against the audit firm, and the firm thereafter resigning from the engagement pursuant to independence requirements.

The Nevada decision suggests that auditors can mount a powerful defense in client disputes by showing that they acted as required by applicable legal requirements and professional standards. If, like Deloitte, an auditor concludes that it is required to act in a manner that might precipitate a dispute, the auditor should take care to document that conclusion and the basis for it. Relevant communications should be made in writing, or promptly memorialized in writing, so that there is a clear record of what was said. When client relationships or communications become contentious, auditors may have opportunities to protect themselves by carefully structuring their responses within the framework of applicable laws and professional standards.