Market professionals are key gatekeepers to the markets and the investing public. The proper implementation of their professional duties is a critical component of the new ethics the federal securities laws were designed to instill in the markets for the protection of all. When those professionals fail it not only undermines the protections that Congress crafted, it eats away at the core trust and confidence on which the markets are predicated and that is critical to investors.
The impact of a case such as In the Matter of KPMG, LLP, Adm. Proc. File No. 3-19203 (June 17, 2019) cannot be overstated. The facts to this sad tale of eschewing professional ethics in favor of cheating is well known, having been detailed in criminal and civil charges and testified to in widely followed court proceedings. The facts were also admitted by the audit giant as part of resolving the SEC’s administrative charges.
The tale begins with the audit firm receiving unsatisfactory reviews from PCAOB inspectors for its audit work. The inspections are part of the core protections designed to ensure that audit firms such as KPMG are fulfilling their gatekeeping function. The firm sought to do better. It hired Brian Sweet, an Associate Director at the PCAOB who had worked on the inspection team assigned to the auditor. Before leaving his post at the Board, Mr. Sweet copied a trove of confidential PCAOB materials onto a computer drive which was later dumped into the system at his new employer.
From the moment he arrived at KPMG, Mr. Sweet was pumped for information about the inspection process by a variety of firm partners which traced to the highest echelons of KPMG. He was reminded about the source of his paycheck and told to be loyal to his new employer.
Mr. Sweet was forthcoming, furnishing information which included, for example, “a number of KPMG banking clients the PCAOB planned to inspect in 2015,” according to the Order, despite the confidential nature of such information. Other confidential information drawn from the trove included the Board’s selection criteria for audits and PCAOB comment forms tied to the Board’s inspection of a Spanish bank, used to aid a firm partner pitching another bank for work. Mr. Sweet also called a Board employee to secure confidential information about the inspection process that went beyond his purloined trove.
Despite the flow of inside information, KPMG’s audit work continued to be criticized. In early 2016 audit firm representatives met with the Chief Accountant’s Office at the SEC. The staff “expressed significant concerns about the firm’s audit quality and questioned whether KPMG was adequately addressing these issues.” At about the same time Board Inspections Leader Jeffrey Wada furnished a list of 13 KPMG clients that would be inspected as part of a tantrum following his failure to receive a promotion to his long time friend Cynthia Holder who had joined the audit firm months before. The information was used to conduct a review of recent firm audits where the workpapers had not been “locked.”
The next year Mr. Wada furnished his friend with more information. In January 2017 he sent Ms. Holder a list of preliminary Board inspection targets. The next month he updated the information, giving her 47 “ticker symbols” which Ms. Holder understood was the final list of KPMG audits that would be inspected. While those with whom the information was shared were cautioned to be circumspect as it was disseminated to aid the ailing audit giant, eventually it was reported and KPMG began to investigate.
Obtaining and deploying confidential Board information to try and bolster its performance scores was not the only malady from which KPMG was suffering during this period. The firm’s efforts to ensure that its professionals met their continuing education requirements and improve the readiness of its professionals was undercut by a number of its empoyees who essentially “cheated on their exams,” student style. KPMG audit professionals, for example, shared exam answers. Others made unauthorized changes to server instructions that permitted them to manually select the scores necessary to pass the tests. Eventually, these practices came to light and the firm retained an outside law firm that launched an internal investigation.
The Order alleges violations of PCAOB Rule 3500T which requires audit firms to “maintain integrity when performing any professional service in connection with the preparation or issuance of any audit report.” In resolving the matter, the Commission considered the fact that the audit firm reported the matters, initiated an investigation of the professional testing matter and its cooperation.
KPMG also agreed to implement a series of undertakings which included a review of its quality controls relevant to ethics and integrity, filing a report with the Commission, the delivery of a report from a Special Committee conducting an investigation and the retention of an independent consultant.
In resolving this matter KPMB consented to the entry of a cease and desist order based on the PCAOB Rule cited above and to a censure. The firm also agreed to pay a penalty of $50 million.