The Securities and Exchange Commission has charged audit firm KPMG LLP with altering past audit work after receiving stolen information about inspections of the firm that would be conducted by the Public Company Accounting Oversight Board (PCAOB). The SEC’s order also finds that numerous KPMG audit professionals cheated on internal training exams by improperly sharing answers and manipulating test results.
KPMG agreed to settle the charges by paying a $50 million penalty and complying with a detailed set of undertakings, including retaining an independent consultant to review and assess the firm’s ethics and integrity controls and its compliance with various undertakings.
“High-quality financial statements prepared and reviewed in accordance with applicable accounting principles and professional standards are the bedrock of our capital markets. KPMG’s ethical failures are simply unacceptable,” said SEC chairman Jay Clayton. “The resolution the enforcement division has reached holds KPMG accountable for its past failures and provides for continuing, heightened oversight to protect our markets and our investors.”
Five former KPMG officials were charged last year in a case alleging they schemed to interfere with the PCAOB’s ability to detect audit deficiencies at the company. According to the SEC’s order, the five senior personnel sought and obtained confidential PCAOB lists of inspection targets because the firm had experienced a high rate of audit deficiency findings in prior inspections and improvement had become a priority.
The SEC claims that the now-former KPMG personnel oversaw a program to review and revise certain audit work papers after the audit reports had been issued to reduce the likelihood of deficiencies being found during inspections.
“The breadth and seriousness of the misconduct at issue here is, frankly, astonishing,” said Steven Peikin, co-director of the SEC’s enforcement division. “This settlement reflects the need to severely punish this sort of wrongdoing while putting in place measures designed to prevent its recurrence.”
The SEC’s order also finds that KPMG audit professionals who had passed training exams sent their answers to colleagues to help them also attain passing scores. The exams related to mandatory continuing professional education, ethics and integrity, and training mandated by a prior SEC order finding audit failures. They sent images of their answers by email or printed answers and gave them to colleagues. This included lead audit engagement partners who not only sent exam answers to other partners, but also solicited answers from and sent answers to their subordinates.
The SEC’s order also finds that certain KPMG audit professionals manipulated an internal server hosting training exam to lower the score required for passing. By changing a number embedded in a hyperlink, they manually selected the minimum passing scores required for exams. At times, audit professionals achieved passing scores while answering less than 25 percent of the questions correctly.
In addition to paying a $50 million penalty, KPMG is required to evaluate its quality controls relating to ethics and integrity, identify audit professionals that violated ethics and integrity requirements in connection with training examinations within the past three years, and comply with a cease-and-desist order. The SEC’s order requires KPMG to retain an independent consultant to review and assess the firm’s ethics and integrity controls and its investigation.
KPMG has admitted the facts in the SEC’s order. It has also acknowledged that its conduct violated a PCAOB rule requiring the firm to maintain integrity in the performance of a professional service and provides a basis for the SEC to impose remedies against the firm. The SEC’s investigation is continuing.