Sec Charges Accountants With Using Leaked Confidential Pcaob Data To Improve Inspection ResultsPrint Article
- Posted on: Jan 24 2018
The Public Company Accounting Oversight Board (“PCAOB” or the “Board”) is a nonprofit corporation established by Congress to oversee the audits of public companies. The Board was created as part of the Sarbanes-Oxley Act of 2002 in response to the accounting scandals at Enron Corp. and WorldCom Inc. – scandals that cost investors billions of dollars. Prior to the creation of the Board, the profession was self-regulated.
The PCAOB protects investors by promoting informative, accurate, and independent audit reports. It does so by, among other things, inspecting the audits of public companies conducted by registered public accounting firms. Through these inspections, the PCAOB assesses the audit firms’ compliance with the statutes, regulations, and professional standards governing the accounting profession.
The PCAOB selects the audit engagements it will inspect based on confidential internal analysis and thereafter notifies the firms of the audits it will inspect. The PCAOB typically issues inspection reports, only parts of which are made public, after all the inspections for a firm are complete.
To ensure the integrity of the inspection process, the PCAOB closely guards the confidentiality of both its inspection targets prior to firm notification and its methodology for selecting those targets. All PCAOB employees must certify that they are complying with PCAOB Ethics Rules, which prohibit employees from using confidential PCAOB information for private gain (or even merely creating the appearance that they are) and that bar them from making unauthorized disclosures of confidential information obtained during their employment. These prohibitions apply even after employment with the Board has ended.
The Securities and Exchange Commission (“SEC” or the “Commission”) has oversight authority over the PCAOB, including the approval of the Board’s rules, standards, and budget.
(For more information about the PCAOB, click here.)
Recently, a group of former senior partners at one of the Big Four accounting firms was charged with obtaining confidential information on planned audit inspections and used it to avoid negative assessments of the firm’s work.
On January 22, 2018, the SEC announced (here) that it brought charges against six certified public accountants – including former staffers at the PCAOB and former senior officials at KPMG LLP – arising from their participation in a scheme to misappropriate and use confidential information relating to the PCAOB’s planned inspections of the accounting firm.
In two separate orders, the SEC’s Division of Enforcement and Office of the Chief Accountant (“OCA”) alleged that the former PCAOB officials made unauthorized disclosures of PCAOB plans for inspections of KPMG audits, enabling the former KPMG partners to analyze and revise audit workpapers in an effort to avoid negative findings by the Board. Two of the former PCAOB officials had left the Board to work at KPMG. The SEC alleged that the third official leaked PCAOB data at the time he was seeking employment with KPMG. According to the SEC, the misconduct began in 2015 and continued until February 2017. Soon after the conduct was discovered, the six accountants were terminated, resigned or placed on leave before separating from KPMG and the PCAOB, respectively.
“As alleged, these accountants engaged in shocking misconduct – literally stealing the exam – in an effort to interfere with the PCAOB’s ability to detect audit deficiencies at KPMG,” said Steven Peikin, Co-Director of the SEC’s Enforcement Division. “The PCAOB inspections program is meant to assess whether firms are cutting corners, compromising their independence, or otherwise falling short in their responsibilities. The SEC cannot tolerate any scheme to subvert that important process.”
In a parallel action, the U.S. Attorney’s Office for the Southern District of New York announced the commencement of criminal charges against the six accountants. (Here.)
As set forth in the orders instituting public administrative and cease-and-desist proceedings (here and here), the Enforcement Division and OCA alleged that while preparing to leave his supervisory position at the PCAOB for a job at KPMG, Brian Sweet (“Sweet”) downloaded confidential and sensitive inspection-related materials that he believed might help him at KPMG. KPMG had recruited him to join the firm at a time when it had a high rate of audit deficiencies. According to the SEC, nearly half of the KPMG audits that the PCAOB inspected in 2013 were found deficient.
After leaving the PCAOB, Sweet allegedly continued to gain access to confidential PCAOB materials through Cynthia Holder (“Holder”), a PCAOB inspector. After Holder joined Sweet at KPMG, a third PCAOB employee, Jeffrey Wada (“Wada”), allegedly leaked confidential information about planned PCAOB inspections of KPMG to Holder. According to the SEC, Wada leaked this information while he was seeking employment at KPMG.
The SEC alleged that upon his arrival at KPMG, Sweet told his supervisors that he had taken confidential materials from the PCAOB and revealed, for example, the KPMG audit clients that the PCAOB intended to inspect that year. According to the SEC, Sweet’s supervisors – David Middendorf, KPMG’s then-national managing partner for audit quality and professional practice and Thomas Whittle, KPMG’s then-national partner-in-charge for inspections and another high-level partner at the firm, David Britt, KPMG’s banking and capital markets group co-leader – encouraged him to divulge the stolen information to them and others at the firm. The Enforcement Division and OCA alleged that Middendorf, Whittle, Sweet, Holder, and Britt worked together to review the audit workpapers for at least seven banks they were told the PCAOB would inspect in an effort to minimize the risk that the PCAOB would find deficiencies in those audits. Middendorf and Whittle allegedly instructed that no one disclose that they had confidential PCAOB information.
Sweet agreed to settle to a Commission Order requiring that he cease-and-desist from violating PCAOB Ethics Rules and barring him from appearing or practicing before the Commission as an accountant based on findings that he, among other things, violated PCAOB Ethics Rules regarding confidentiality and lacks integrity.
In a statement, the PCAOB said it cooperated with investigators and when it learned of the alleged misconduct it reviewed and reinforced the safeguards against improper disclosure of confidential information.
“The new PCAOB Board will conduct an ongoing review of the organization’s information technology and security controls, as well as its compliance and ethics protocols, to assess their effectiveness,” PCAOB Chairman William Duhnke said in a statement.
A KPMG spokesman said that the firm has been cooperating with the government investigation. “KPMG took swift and decisive action, including the engagement of outside legal counsel to conduct a detailed investigation and the separation of involved individuals from the Firm.”
Audited financial statements are at the heart of the SEC’s disclosure-based regulatory regime: a company’s financial statements provide investors with a wealth of information, and independent audits give investors confidence that those statements can be trusted. Conduct that undermines this regime is inimical to the efficiency and effectiveness of the capital markets. It is important therefore for the Board to enhance its controls and compliance protocols to restore the public trust in the audits of the financial statements of public companies.