KPMG to pay $50M for cheating on PCAOB exams
The Securities and Exchange Commission charged KPMG LLP on Monday with changing some of its previous audit work after the Big Four firm received stolen information about inspections of the firm that would be conducted by the Public Company Accounting Oversight Board. The SEC’s order also found that a number of KPMG audit professionals cheated on some of the internal training exams they were required to undergo by the SEC after previous problems, by improperly sharing answers with each other and manipulating the auditors’ test results.
KPMG agreed to settle the charges by paying a $50 million penalty to the SEC and complying with a detailed set of requirements, including retaining an independent consultant to review and assess the firm’s ethics and integrity controls along with its compliance with various undertakings.
SEC officials called out the firm for its misconduct. “High-quality financial statements prepared and reviewed in accordance with applicable accounting principles and professional standards are the bedrock of our capital markets," said SEC Chairman Jay Clayton in a statement. “KPMG’s ethical failures are simply unacceptable. The resolution the Enforcement Division has reached holds KPMG accountable for its past failures and provides for continuing, heightened oversight to protect our markets and our investors.”
“The breadth and seriousness of the misconduct at issue here is, frankly, astonishing,” stated Steven Peikin, co-director of the SEC’s Enforcement Division. “This settlement reflects the need to severely punish this sort of wrongdoing while putting in place measures designed to prevent its recurrence.”
The firm admitted to the charges and agreed to the $50 million penalty. “Integrity and quality remain our focus, as always,” said a KPMG spokesperson in a statement emailed to Accounting Today. “The foundation of our role as auditors and advisors is trust. We have learned important lessons through this experience and we are a stronger firm as a result of the actions we are taking to strengthen our culture, our governance and our compliance program. As we move forward, we are committed to delivering the highest quality and fulfilling our important role in the capital markets.”
“Today the SEC charged one of the largest audit firms in the country, KPMG, with serious wrongdoing,” Peikin said during a conference call with reporters Monday. “It involves two separate courses of misconduct and violations of the fundamental requirement that auditors act with integrity. The two different instances of misconduct were different, but they have a common theme. KPMG personnel attempted to compromise efforts to test their performance. In one instance, it was the Public Company Accounting Oversight Board attempting to examine KPMG’s work on various audits of public companies. In fact, in that instance KPMG personnel literally stole the test.”
The other instance, he noted, involved tests administered to measure KPMG personnel’s competence after they had completed internal training courses. “In that instance, rather than cheating on the test, KPMG personnel simply shared the answer key with one another or manipulated the scoring of the exams,” said Peikin. “In each case, the misconduct involved very senior personnel at the firm. In one instance it was members of its national office and in the other it was various audit engagement partners along with other audit professionals. In each case, the misconduct went on for several years before coming to light. We view this as an extraordinary situation that warrants an extraordinary response. KPMG has admitted the conduct detailed in today’s commission order. It will pay a $50 million penalty and take significant actions to improve its ethics and integrity.”
He noted that some of the misconduct involved five officials in KPMG’s national office who were charged last year with misappropriating confidential PCAOB information in an effort to keep the PCAOB from finding audit deficiencies that were found. “Today. we hold KPMG accountable for these individuals’ misconduct,” said Peikin. “The individuals stole the list of audits the PCAOB planned to inspect in 2016 and they improperly revised the audit work papers after the audit reports had been issued. In prior years, the PCAOB had found a high rate of deficiencies in these audits and the officials wanted an opportunity to improve those results. Our order describes how they used stolen PCAOB information in 2015 and 2017 to improve inspection results for those years as well. A former partner whom we charged attempted to use confidential PCAOB information to win new business for KPMG. Each of these individuals held positions of importance and worked in the firm’s national office and had responsibility for the firm’s overall quality controls. One of the officials charged, David Middendorf, was the head of the office. He was criminally convicted of wire fraud after a jury trial earlier this year. Three of the other individuals we charged were partners in that group. Two of them pled guilty as a result of their involvement in this case.”
The misuse of confidential PCAOB information was just one of the forms of misconduct for which the SEC is holding KPMG responsible. “The second form of misconduct preceded and overlapped with the PCAOB violations involved cheating by KPMG audit professionals on training exams,” said Peikin. “As is customary among the large audit firms, KPMG requires its audit professionals to be trained on various accounting principles and other important topics. These continuing education trainings are designed to be relevant to the audit work that the professionals perform. In addition, in 2017, the SEC ordered KPMG to train its staff in specific audit areas. That order was partly in response to charges that KPMG had failed to properly audit a client’s financial statements. After administering these trainings of its own tests, KPMG’s audit professionals circumvented these knowledge checks on both the continuing education and SEC-mandated trainings by sharing answers with one another and by manipulating test results.”
The cheating was extensive, Peikin noted. “While many of those who cheated on the exams only did so once, others received answers on multiple exams,” he said. “KPMG at all levels, including engagement partners, were involved. Auditors who had passed training exams sent their answers to colleagues to help them pass. A number of lead audit engagement partners sent exams to other partners. A number of lead audit engagement partners also solicited answers from and sent answers to other engagement partners. Some KPMG audit professionals manipulated the instructions to the server that houses the training exams to lower the scores that are required to achieve passing grades. KPMG used to send participants hyperlinks that directed them to the exam they needed to take. The hyperlinks included instructions to a server to specify the score that they needed to pass. KPMG auditors changed the scores that were embedded in the hyperlinks so they could pass the test with whatever score they set. At times they lowered the minimum score on these multiple choice tests to less than 25 percent, so audit professionals passed the exams, even though they got more than three-quarters of the questions wrong.”
Along with paying a $50 million penalty, KPMG is now required to evaluate its quality controls relating to ethics and integrity, as well as identify audit professionals who violated the ethics and integrity requirements in connection with training examinations within the past three years, and comply with a cease-and-desist order. The SEC’s order also requires KPMG to retain an independent consultant to review and assess its ethics and integrity controls and its investigation.
KPMG admitted the facts in the SEC’s order, plus it acknowledged that its conduct violated a PCAOB rule requiring the firm to maintain integrity in performing professional services, providing a basis for the SEC to impose the penalties on the firm.