Update on PCAOB leak to KPMG: 6 departed staff at KPMG were fired.

Image courtesy of Adobe Stock.

A minor update on the leak from a now-former PCAOB staffer to a now-former KPMG staffer giving advance notice of audits selected for inspection. Also, many questions come to my mind after thinking about this situation.

Previously mentioned this fiasco yesterday.

CFO.com provides some clarifying info from KPMG’s executive director of media relations and corporate communications:  KPMG Replaces Audit Chair in Wake of PCAOB leaks.

The KPMG representative says that KPMG discovered the issue and notified the SEC and PCAOB.

Most significant piece of new information is that the six people who left the firm were fired.

They did not resign.

Why is this significant, at least to me? In the initial reports, I saw verbs used indicating all of the following possibilities for the partner’s departure. They may have:

  • resigned (which means sorta’ kinda’ voluntary terminations), or
  • were fired (which means the firm unilaterally terminated them), or
  • departed (which doesn’t addressed which party made the termination decision; in other words could have been a summary firing, or truly voluntary, or under the proverbial threat of you-can-either-resign-or-I’ll-personally-throw-you-out-the-window).

At first read, I did not analyze which of the above options actually was in play. I put together all the reports I read and assumed (you know what that means) these were all forced resignations, as in “I think it’s time for you to resign.

Other comments by the PR person confusing me are statements that the fireable offenses were possessing the leaked information or knowing others knew about it.

That leaves me confused. I don’t see why merely knowing about leaked information is a fireable offense. Can someone enlighten me?

There is a very high probability I just don’t understand the SEC and PCAOB world. On the other hand, I sense there is far more going on than has been publicly disclosed.

Article also says a PCAOB spokesperson indicated the leaker is “no longer with” the agency. Even though that comment uses a neutral phrase, I’m quite confident that particular departure was not a voluntary resignation.

Questions, questions

After reading published articles, a bunch of questions come to mind:

  • What exactly did each of the six fired people do to warrant termination?
  • When were the six people fired? (The WSJ article says KPMG confirmed on Tuesday the people departed but the article didn’t indicate the dates.)
  • What is the relationship between the leaker at PCAOB and the receiver at KPMG?
  • How many other leaks have there been from PCAOB?
  • Over what period of time was the information leaked? (Inference in one verb in one sentence hints this wasn’t a one time good deal. If not a one time thing, this gets really bad really fast.)
  • Who hired the person at KPMG who received the leaked information? At what staff level was that person hired in to KPMG? How long was that new staff person at PCAOB? Did the person work at KPMG previously? If so, at what level? (Essentially wondering if this is an indication of a revolving door between Big 4 and PCAOB.)
  • How did the leak receiver pass that information around and to whom?
  • What are the formal and informal relationships between the 6 fired staff, especially the partners?
  • What were the job positions of the 5 fired partners? In which offices were they located? Did they have ongoing responsibilities for client engagements?
  • What else happened that hasn’t been publicly reported?
  • Were any audit files ‘cleaned up’ as a result of this leak?

Why ask these questions?

There is a reason all these questions come to mind. Applying my auditor brain (such as it is) to the public reports generates multiple alarm bells.

From my auditor’s perspective, this situation has the feel of a ‘red flag’, meaning something that seems odd on the surface and which is actually a warning sign there could be a far more serious problem, potentially systemic and possibly quite material. I have seen a few red flags in the course of my career that with further investigation resulted in a major audit problem. This situation has the feel of a ‘red flag.’

In an audit, ‘red flags’ usually turn out to be clerical error or a minor issue resulting in a minor adjustment. Sometimes it is a lack of my in-depth understanding, inaccurate client explanation, or even misinterpretation on my part.

In this situation it very well could be that even being aware of a leak and not instantly taking appropriate action is a fireable offense. My entire post could be based on the sand foundation of my lack of knowledge of the SEC world.

Regardless of how it turns out, in the audit context red flags must be researched and resolved.

An adverse answer to any of my ponderings above would indicate there is a far more serious problem than is yet visible in published reports.

Any ongoing investigations?

Other things I’m wondering about: Are other terminations pending at KPMG? Any discipline pending from PCAOB or SEC? There is one visible comment the PCAOB is looking (present tense) at the situation. Specifically, they are “investigating” the leaker.

As for the state boards of accountancy, if there are any actionable offenses here, the boards will need to wait to take action until after all the dust has settled and any actions by other regulators completed. Based on what I’ve read in the past, the California Board of Accountancy usually waits a while until it takes up disciplinary action. That makes a lot of sense. Seems to me it would be perfectly fair to wait until all other investigations are complete and appeals exhausted.

What do you think?

Any other questions come to mind?

Anyone have any answers?

Am I making this too complex? Over reacting?

4 thoughts on “Update on PCAOB leak to KPMG: 6 departed staff at KPMG were fired.”

  1. This is pure speculation on my part, but the reason for firing those who knew about the breach and did not report it may be tied to the individual’s role as a partner in the firm. Under partnership law, a partner has a fiduciary duty to the firm and his or her fellow partners to act in the best interests of the firm. Having knowledge of the breach and not acting upon that knowledge could be construed as a breach of fiduciary duty.

    1. Hi:

      That very well may be the real explanation. That touches on the stated reason, which is the partners knew about the leak but did not handle the information correctly.

      On the other hand, it seems to me there is something more going on. I have absolutely nothing to support what is purely my guess.

      Thanks for taking the time to comment!

Leave a Comment

Your email address will not be published. Required fields are marked *