KPMG LLP, one of the big four accounting firms, will pay $50 million to settle Securities and Exchange Commission allegations that it altered past audit work after receiving stolen information from an industry watchdog.
The Securities and Exchange Commission today charged KPMG LLP with altering past audit work after receiving stolen information about inspections of the firm that would be conducted by the Public Company Accounting Oversight Board (PCAOB). The SEC’s order also finds that numerous KPMG audit professionals cheated on internal training exams by improperly sharing answers and manipulating test results.
KPMG agreed to settle the charges by paying a $50 million penalty and complying with a detailed set of undertakings, including retaining an independent consultant to review and assess the firm’s ethics and integrity controls and its compliance with various undertakings.
“High-quality financial statements prepared and reviewed in accordance with applicable accounting principles and professional standards are the bedrock of our capital markets. KPMG’s ethical failures are simply unacceptable,” said SEC Chairman Jay Clayton. “The resolution the Enforcement Division has reached holds KPMG accountable for its past failures and provides for continuing, heightened oversight to protect our markets and our investors.”
“The breadth and seriousness of the misconduct at issue here is, frankly, astonishing,” said Steven Peikin, Co-Director of the SEC’s Enforcement Division. “This settlement reflects the need to severely punish this sort of wrongdoing while putting in place measures designed to prevent its recurrence.”
“This conduct was particularly troubling because of the unique position of trust that audit professionals hold,” said Stephanie Avakian, Co-Director of the SEC’s Enforcement Division. “Investors and other market professionals rely on these gatekeepers to fulfill a critical role in our capital markets.”
Five former KPMG officials were charged last year in a case alleging they schemed to interfere with the PCAOB’s ability to detect audit deficiencies at KPMG. According to the SEC’s order issued today against KPMG, these senior personnel sought and obtained confidential PCAOB lists of inspection targets because the firm had experienced a high rate of audit deficiency findings in prior inspections and improvement had become a priority. Armed with the PCAOB data, the now-former KPMG personnel oversaw a program to review and revise certain audit work papers after the audit reports had been issued to reduce the likelihood of deficiencies being found during inspections.
The SEC’s order also finds that KPMG audit professionals who had passed training exams sent their answers to colleagues to help them also attain passing scores. The exams related to continuing professional education and training mandated by a prior SEC order finding audit failures. They sent images of their answers by email or printed answers and gave them to colleagues. This included lead audit engagement partners who not only sent exam answers to other partners, but also solicited answers from and sent answers to their subordinates.
Furthermore, the SEC’s order finds that certain KPMG audit professionals manipulated an internal server hosting training exams to lower the score required for passing. By changing a number embedded in a hyperlink, they manually selected the minimum passing scores required for exams. At times, audit professionals achieved passing scores while answering less than 25 percent of the questions correctly.
“The sanctions will protect our markets by promoting an ethical culture at KPMG,” said Melissa Hodgman, Associate Director of the SEC’s Enforcement Division. “To that end, KPMG will take additional remedial steps to address the misconduct and further strengthen its quality controls, all of which will be reviewed and assessed by an independent consultant.”
In addition to paying a $50 million penalty, KPMG is required to evaluate its quality controls relating to ethics and integrity, identify audit professionals that violated ethics and integrity requirements in connection with training examinations within the past three years, and comply with a cease-and-desist order. The SEC’s order requires KPMG to retain an independent consultant to review and assess the firm’s ethics and integrity controls and its investigation.
KPMG has admitted the facts in the SEC’s order. It has also acknowledged that its conduct violated a PCAOB rule requiring the firm to maintain integrity in the performance of a professional service and provides a basis for the SEC to impose remedies against the firm pursuant to Sections 4C(a)(2) and (a)(3) of the Exchange Act and Rules 102(e)(1)(ii) and (iii) of the Commission’s Rules of Practice.
In an email statement, a company spokesperson said KPMG has learned important lessons and is a stronger firm because of steps taken to improve its culture, governance and compliance program.
The investigation, which also involved the Justice Department, resulted in January 2018 criminal charges against three former PCAOB officials. Federal prosecutors accused the employees, who went on to work for KPMG, of stealing information tied to PCAOB exams.
In its Monday statement, the SEC said its probe is continuing.