This article was authored by Danya Rangachar
The Financial Reporting Council (FRC), the UK’s accounting regulator, recently imposed a record fine of 21 million pounds on KPMG for its “textbook failure” in auditing Carillion, a construction company that liquidated in 2018. Through their investigation, the FRC deemed the deficiencies in KPMG’s audits of Carillion as “exceptional” in terms of seriousness, resulting in the largest fine ever imposed by the FRC. KPMG’s failures included not challenging Carillion management enough and a loss of objectivity during the auditing process.
KPMG has faced intense scrutiny from U.S. government officials for similar reasons. In 2019, KPMG agreed to pay $50 million to the SEC for manipulating previous audit work by stealing information about prior inspections conducted by the Public Company Accounting Oversight Board (PCAOB). KPMG’s actions have not gone unnoticed by Congress either, as the firm currently faces scrutiny because of their auditing of banks that eventually collapsed. Similarly, in 2019, the FDIC reached a $335 million settlement with PricewaterhouseCoopers LLP (PwC) concerning professional negligence claims related to its audits of the failed Colonial Bank.
A recent report from the PCAOB revealed a concerning global trend in deficient auditing practices over the last three years. Approximately 60% of all audits conducted in 2022 exhibited flaws, a 5% increase from the year prior and a more than 10% increase from 2020. The PCAOB also found such severe deficiencies in inspections that audit firms lacked sufficient evidence to support their clients’ financial statements.
Key disincentive for audit firms to conduct due diligence: The loss of client business
This concerning pattern, especially in the wake of the Silicon Valley Bank collapse, is an issue that the financial industry can no longer afford to overlook. Investors and consumers depend on auditors to provide accurate risk management services and to offer an impartial assessment of financial statements.
Perhaps the most alarming revelation is the apparent conflict of interest inherent in auditing firms’ role in fraud detection and financial harm prevention. Market incentives often dissuade auditors from rigorously identifying flaws in their clients’ financial practices.
A study posted in 2019 showed the consequences that auditors faced for pinpointing flaws. With data over a 13-year period encompassing 358 audit firms—half of which belonged to the Big Four— the revelation was striking: Each identified flaw resulted in a 2.2% decline in client growth and a subsequent 6.1% reduction in fee growth during the following year. Moreover, the Big Four generate considerably more revenue from consulting fees than from auditing, creating little motivation to risk upsetting potential consulting clients by highlighting internal control weaknesses.
How whistleblowers can report auditing fraud
All these issues lead us to a crucial question: How can regulators like the PCAOB put enough pressure on audit firms to induce a meaningful change in business practices? Does this mean increasing their fines? It may be time to strengthen the capability and authority of this regulatory body so that auditing firms are compelled to conduct their due diligence. The need for reform is clear, and the time for action is now.
Until there is more refined regulation, thankfully, the SEC has a strong whistleblower program that provides protective channels for internal whistleblowers to report fraudulent conduct to the SEC. The Dodd-Frank Act allows whistleblowers to confidentiality report information about various levels of securities fraud, and potential whistleblowers need not be U.S. citizens, and the company need not be headquartered in the U.S.
While the SEC has specific requirements for compliance personnel or auditors to classify as a whistleblower under Dodd-Frank, an attorney at Sanford Heisler Sharp McKnight can help you navigate this process. Auditors, compliance personnel, and accountants are eligible for an award under the SEC Whistleblower Program if:
- They have a reasonable basis to believe that disclosure of the information to the SEC is necessary to prevent the relevant entity from engaging in conduct that is likely to cause substantial injury to the financial interest or property of the entity or investors.
- They have a reasonable basis to believe that the relevant entity is engaging in conduct that will impede an investigation of misconduct.
- At least 120 days have elapsed since they provided the information to the relevant entity’s audit committee or the appropriate superiors/supervisors, and they are already aware of the information.
If you have any questions or inquiries about the process of reporting auditing fraud or are interested in learning more about your legal options, please feel free to fill out our online intake form to talk with a whistleblower attorney at our firm.