Six CPAs Charged In Scheme to ‘Steal the Exam’ for KPMG

Six CPAs – three former employees from PCAOB and three from New York-based KPMG (FY16 gross revenue of $8.6 billion)– are facing charges related to a years-long scheme to leak insider information from PCAOB to help the Big 4 firm improve its audit results, multiple news sources reported.

The three ex-employees of PCAOB, who went on to work for KPMG or were seeking employment there, stole the information tied to future exams, the Justice Department and the Securities and Exchange Commission said Monday.

“These accountants engaged in shocking misconduct – literally stealing the exam – in an effort to interfere with the PCAOB’s ability to detect audit deficiencies,” said Steven Peikin, co-head of the SEC’s enforcement division, according to Bloomberg. In The Washington Post, SEC Chair Jay Clayton called the case “disturbing,” noting that “audited financial statements are at the heart of the SEC’s disclosure-based regulatory regime. . . . In matters of this type, I am also concerned about potential adverse collateral effects, including on our Main Street investors.” (Read Clayton’s full statement.)

The government alleges that KPMG was trying to improve on the poor grades it received from PCAOB in 2013 and 2014. In 2014, for example, it received about twice as many negative comments, on average, during its inspections as its competitors.

Soon after the conduct was discovered in early 2017, the six respondents were terminated, resigned or placed on leave before separating from KPMG and the PCAOB.

The ex-PCAOB employees are: Brian Sweet, of Fresno, Calif., Cynthia Holder, of Houston, and Jeffrey Wada, of Tustin, Calif. According to court papers, they made unauthorized disclosures of PCAOB plans for inspections of KPMG audits from 2015 until February 2017.

The ex-KPMG employees are: David Middendorf, of Marietta, Ga., then-national MP for audit quality, Thomas Whittle, of Gladstone, N.J., PIC for inspections, and David Britt, of New Canaan, Conn., banking and capital markets group co-leader.

Britt and Whittle pleaded not guilty during an appearance before U.S. Magistrate Judge Andrew J. Peck in Manhattan on Monday, Bloomberg reported. Middendorf made a court appearance in Atlanta and was released on bail. He denies the allegations.

Sweet left PCAOB and went to work for KPMG, U.S. District Court papers say. On his last day at PCAOB, Sweet copied confidential information, including a list of accounting firm audits the PCAOB would inspect in 2015, to a personal hard drive, according to the government. Sweet has pleaded guilty to conspiracy and is cooperating with prosecutors, his lawyer says.

On his first day at KPMG, Sweet had lunch with his new boss, Whittle, and other colleagues, where he disclosed that a particular client audit would be examined by the PCAOB, according to the filing. Several days later, Sweet emailed the list of KPMG audit clients that what would be reviewed to Whittle, who then forwarded on to his boss Middendorf, writing: “The complete list. Obviously, very sensitive. We will not be broadcasting this.”

On Sweet’s recommendation, Holder joined KPMG a few months later. Like Sweet, she copied confidential PCAOB data before leaving, the court documents claim. Wada also sought work there.

Before Wada could land a job, KPMG’s office of general counsel began an investigation. Sweet and Holder allegedly tried to avoid detection by deleting texts with Wada and confidential PCAOB documents from company computers, but were eventually fired, the Post reported.

KPMG promptly notified authorities, and has been fully cooperating with the government, spokesman Manuel Gonclaves said in a statement.

“KPMG took swift and decisive action, including the engagement of outside legal counsel to conduct a detailed investigation and the separation of involved individuals from the firm,” Gonclaves said. “Since then, KPMG has taken remedial actions to assure that such conduct cannot happen again.”

The PCAOB, for its part, is also cooperating. “The new PCAOB Board will conduct an ongoing review of the organization’s information technology and security controls, as well as its compliance and ethics protocols, to assess their effectiveness,” PCAOB Chairman William Duhnke said in a statement.

The PCAOB was created by Congress under the 2002 Sarbanes-Oxley Act, corporate reform legislation that was designed restore public confidence in the audit industry after accounting scandals at Enron Corp. and WorldCom Inc.