RubinBrown Team Member Manual

Section: Client Acceptance Risk Evaluation Policies & Procedures 1212 Risk Management

Policy Title: Policy Number:

Effective Date:

Supersedes Policy Dated:

06/01/2024

06/01/2023

Policy: It is the policy of RubinBrown that the risk assessment portion of the new client data sheet be completed before any potential new client groups will be accepted as a RubinBrown client with the exception of any non “business” clients (including individuals, trusts and estates). Risk Assessment Procedures: For potential non “business” clients (including individuals, trusts and estates) partners are encouraged to review the risk factors as a guide where applicable, but are not required to complete the assessment prior to acceptance as an RubinBrown client. New engagements within an existing client group also do not require completion of the risk assessment prior to acceptance unless in the judgment of the engagement partner or at the direction of the risk management committee, certain risks exist at the engagement level different from the client group as a whole. Timing: The risk assessment should be made as soon as practical in the proposal process to ensure RubinBrown has addressed all necessary risk factors throughout all phases of the client acceptance process. The procedures should be completed and documented on the risk assessment portion of the new client data sheet as information is available. The evaluation form will then be saved in a pending client database where it can be updated as additional risk procedures are completed until the final determination of acceptance as part of completion of the new client data sheet. Rating System: A risk rating system has been developed to address risk in five risk areas: financial, management, engagement, regulatory and business. A numerical rating system is to be used in each area as follows: • Rate Level Rating • Low 1 • Moderate 2 • Significant 3 • High 4

RUBINBROWN TEAM MEMBER MANUAL | 127