This failure of duty matters – it violates public trust and costs innocent people their jobs, their pensions and above all – faith in a system.
The Wall Street Journal reported on March 11, 2019 that David Middendorf, the former national managing partner for audit quality and professional practice at KPMG, and co-defendant, Jeffrey Wada, former employee of the Public Company Accounting Oversight Board (PCAOB), were convicted in a Manhattan federal court. The federal prosecutors termed their actions a “Steal the Exam” conspiracy.
In a previous blog about the trial, I described why this violation of trust matters, and why auditors must design audits to detect fraud.
We’ve all heard stories about students stealing exams. Years ago, when I was a young auditor, a student who had passed the CPA exam was discovered taking the exam for other candidates. In response, the controls to monitor the exam were changed.
That CPA was expelled by the state board, but on appeal, was surprisingly allowed to keep his CPA certificate. He then got a degree to practice law. Perhaps I was naïve in thinking this was an anomaly and would not happen again. Now, we have the case of the auditor and the regulator who oversees the auditor both being convicted of fraud.
Auditors have received a lot of publicity about their failures to detect fraud. Just a year ago in March 2018, Federal judge Barbara Rothstein ruled that Big 4 accounting firm PwC failed to design their audit to detect fraud at Colonial Bank, resulting in the bank’s failure. She entered a judgment of $625 million against the firm.
When auditors don’t design an audit to detect fraud, unfortunate circumstances may result – the failure at Colonial Bank cost thousands of employees their jobs; stakeholders lost their entire investment; all lost their retirement savings, and some lost a fortune in Colonial stock.
When the KPMG auditors stole the exam and knew which audits would be reviewed by the regulator, they took actions to cover their failures. KPMG wanted to improve their performance on inspections because they had performed poorly in past reviews. For example, they were under close scrutiny by the SEC for their failure to detect problems at GE and Wells Fargo.
Rather than focus efforts on improvements such as performing their work at an acceptable level of care and committing to higher-quality work, the defendant at KPMG took an easier approach – he illegally obtained knowledge of which audits the inspectors would review, and made poor work appear better than it actually was.
We now see a fraud scheme where we didn’t expect to ever see one – among the group whose duty it is to detect it. And this is a question of ethics – both personal ethics and business ethics. I don’t see how you separate the two. How does this happen? As a fraud examiner, I was taught the Fraud Triangle. One of the three legs of the triangle is rationalization – the mindset of a person who rationalizes their fraudulent action. However, I will never understand how fraudsters rationalize these actions!
Auditors must be taught how to recognize fraud – and we have a mandate to teach them. Unlike a cat who attempts to cover its tracks, cover-ups and stealing the exam are unacceptable. It is simply fraud.
For information about our accounting malpractice work, contact us today.