Fourteen years after Singapore established the Accounting and Corporate Regulatory Authority in 2004, Hong Kong is finally ready to set up its own independent audit watchdog. The city has just tabled a bill to empower the Financial Reporting Council, created in 2006, to evaluate the audit work done on listed companies and discipline the accounting firms concerned, if warranted.
The wrongdoing at the PCAOB and KPMG is a cautionary tale that holds lessons for regulators and accounting firms, and provides due-diligence tips to CFOs and other finance professionals
The Singapore overseer and its Hong Kong would-be counterpart (and other audit regulators in Asia), the region’s accounting firms and the companies they audit, all can learn lessons from the recent experience of America’s Public Company Accounting Oversight Board (PCAOB). Established in 2002, the older regulator has figured in a scandal involving wrongdoing by former employees – and other high-ranking CPAs in KPMG.
Can it happen in Asia? It’s not inconceivable. When regulators start to really crack the whip and are given the means to make it hurt – Hong Kong’s FRC will have the power to levy fines of up to HK$10 million (US$1.3 million) – the temptation to game things also intensifies. The wrongdoing at the PCAOB and KPMG is a cautionary tale that holds lessons for regulators and accounting firms, and provides due-diligence tips to CFOs and other finance professionals.
A Regulator Crosses Over
The Department of Professional Practice group in KPMG LLP, the US member firm of KPMG International, was under pressure. In 2014, the PCAOB issued a report that found the regulator considered 23 of 50 audits undertaken by KPMG were deficient. That represented a 46% deficiency rate in 2013, compared with just 34% the previous year and worse than the performance of two other Big Four firms. Something needed to be done.
The key course of action the KPMG member firm hit upon was to hire Brian Sweet, now 40, who was an Associate Director at PCAOB responsible for KPMG inspections. The recruitment is a “top priority,” KPMG’s Vice Chair of Audit made clear, according to an administrative proceeding order against Sweet by the US Securities and Exchange Commission (among other actions, the SEC stripped from the CPA the privilege of appearing or practicing before the commission).
It is not illegal to recruit from the regulator ranks. Sweet was to be responsible for conducting internal inspection of KPMG audits, drawing on his knowledge and experience to make sure they comply with PCAOB regulations. But he was also put to work to help an outside consultant model which KPMG audit engagements are likely to be inspected by the PCAOB. Sweet was told to provide the consultants with information about the regulator’s selection process, which could possibly mean sharing confidential data with them.
And indeed, according to the commission, Sweet copied various confidential inspection-related materials from the PCAOB database to his personal hard drive, took hard copy documents and retained other documents he had previously brought home. “These documents included PCAOB inspection planning information, inspection guides and manuals, and drafts of confidential inspection comment forms,” the SEC said.
Sweet joined KPMG in May 2015. On his first day, he had lunch with David Middendorf, National Managing Partner for Audit Quality and Professional Practice, David Britt, Banking and Capital Markets Group Co-Leader, and others in KPMG. Middendorf asked Sweet whether PCAOB planned to inspect a specific KPMG banking client in 2015. “Without answering directly, Sweet indicated the PCAOB planned to do so,” according to the SEC.
- Next page