SEC Institutes Administrative Proceedings Against KPMG For Auditor Independence Violations

On January 24, 2014, the Securities and Exchange Commission (“SEC”) issued an order instituting settled administrative and cease-and-desist proceedings against KPMG LLP (“KPMG”) for violating auditor independence rules in its relationships with affiliates of three of its SEC-registered audit clients. [1] At the crux of the SEC’s order are its findings that:

• KPMG provided prohibited non-audit services to affiliates of its audit clients;
• KPMG hired a former employee of an affiliate of one of KPMG’s audit clients and subsequently loaned him back to the affiliate to do the same work he had done as an employee of the affiliate;
• Certain KPMG employees owned stock in KPMG’s audit clients or affiliates of its audit clients; and
• KPMG repeatedly represented in its audit reports that it was “independent.”

KPMG settled the charges for approximately $8.2 million.

Factual Findings

Company A

With regard to KPMG’s relationship with Company A—the first of KPMG’s three audit clients discussed in the order—the SEC found that KPMG hired a retired employee of Company A’s affiliate and loaned him back to the affiliate “to perform essentially the same senior-level work that this individual had performed as Senior Tax Counsel for the affiliate.” [2] Throughout the thirteen months that this individual was loaned to the affiliate, he performed the same range of tax consulting work he had performed as an employee of the affiliate and reported to his former supervisor at the affiliate. All of this individual’s professional time was spent working for the affiliate; he had no other duties at KPMG. In addition, the SEC noted that “this individual was allowed to hold stock in Company A while providing manager-level services to Company A’s affiliate for over a year.” [3]

Company B

According to the SEC, KPMG was Company B’s outside audit firm at the time Company B became affiliated with a financial services firm that was a non-audit client of KPMG. KPMG appropriately provided a variety of non-audit services to the financial services firm “until such time that Company B and the financial services firm became affiliates, at which point the non- audit services provided to the financial services firm became prohibited under the auditor independence rules.” [4] KPMG, however, continued to provide these non-audit services—including management functions, restructuring services, loaned staff services (in which KPMG employees provided bookkeeping and expert services), corporate finance services, and expert services—to the financial services company for approximately five years after the company became an affiliate of Company B. The SEC also found that certain partners in KPMG’s chain of command, as well as partners in the KPMG office that conducted Company B’s audits, owned stock in the financial services firm.

Company C

With regard to Company C, the SEC found that for approximately four months after KPMG was engaged as the company’s auditor, KPMG provided certain non-audit services—specifically, bookkeeping and payroll services—to affiliates of Company C. At the time KPMG was appointed as Company C’s auditor, KPMG acknowledged its provision of certain non-audit services to Company C’s affiliates, but concluded, “based on the perceived immateriality of the locations and services being provided,” that KPMG’s independence would not be compromised if it became Company C’s auditor. [5]

Violations

The SEC found that KPMG’s actions ran afoul of auditor independence requirements, as provided in Regulation S-X. Specifically, KPMG’s conduct was inconsistent with the following principles of auditor independence:

• The prohibition from providing certain non-audit services to audit clients, including “bookkeeping services, payroll services, appraisal or valuation services, internal audit outsourcing services, legal services, expert services, and broker-dealer, investment adviser or investment bank services,” as well as “designing and implementing financial information systems or performing human resources or management functions” for audit clients; [6]
• The prohibition from “[a]cting, temporarily or permanently, as a director, officer, or employee of an audit client, or performing any decision-making, supervisory, or ongoing monitoring function for the audit client”; [7] and
• The prohibition from maintaining, during the audit and professional engagement period, “a direct financial interest or a material indirect financial interest in the accountant’s audit client.” [8]

As a result of KPMG’s lack of independence, the SEC found that:

• KPMG violated Rule 2-02(b) of Regulation S-X, which directs the auditor to state whether the audit was performed in compliance with generally accepted auditing standards (“GAAS”) (which require strict independence); this violation was repeated each time KPMG issued an audit report for Companies A, B, and C, incorrectly asserting that the audit was performed in compliance with GAAS.
• KPMG violated Rule 10A-2 of the Securities and Exchange Act of 1934 (“Exchange Act”) each time it provided prohibited non-audit services to its audit clients, since Rule 10A-2 makes it unlawful for an auditor not to be independent of its audit clients.
• KPMG caused its three audit clients to violate Section 13(a) of the Exchange Act and Rule 13a-1 thereunder, which require financial statements included in annual reports filed with the SEC to be audited by an independent accountant.
• KPMG engaged in “improper professional conduct.” [9]

SEC Guidance

Concurrent with its order, the SEC issued a report of investigation in order to provide guidance with respect to the “acting as an employee” provisions of Rule 2-01 of Regulation S-X. The SEC reiterated that arrangements in which the accountant acts as an employee of the audit client “are incompatible with the dual goals of the independence requirement—that auditors are ‘independent of their audit clients both in fact and in appearance.’” [10] The SEC proceeded to make three clarifying points with respect to such arrangements:

• “[A]n auditor may not provide otherwise permissible non-audit services (such as permissible tax services) to an audit client in a manner that is inconsistent with other provisions of the independence rules (such as the prohibition against acting as an employee of the audit client).” [11]
• An accountant may not act as an employee of its audit client, regardless of whether the accountant acts as a director or officer, or performs decision-making, supervisory, or ongoing monitoring functions for the client. [12] This holds true even where the accountant is indirectly acting as an audit client employee, such as where a professional employee of an accounting firm is loaned to the audit client.
• In determining whether a relationship or service “would cause the accounting firm’s professionals to resemble, in appearance and function, even on a temporary basis, the employees of the audit client,” one must consider the degree of control that the audit client has over the audit firm’s employees. [13] “Where accounting firm personnel routinely work at the direction and under the supervision and control of audit client management, side-by-side with and in a capacity identical or substantially similar to the audit client’s own employees at the audit client’s place of business, the accounting firm’s independence under Rule 2-01 could be put in jeopardy.” [14] The fact that the employee loaned to the audit client may be a junior-level professional or is only performing ministerial tasks does not render the relationship permissible, nor does the fact that the employee is not directly paid by the audit client.

Takeaways for Public Companies

The SEC’s order and report of investigation underscore the importance of corporate issuers instituting robust processes to ensure the independence of their outside auditors. Registrants are reminded not only that the auditor’s provision of certain enumerated non-audit services can preclude the auditor’s independence, but also that the manner in which non-audit services are provided—particularly involving an arrangement potentially implicating the prohibition against acting as an employee—could have the same effect. Moreover, since the term “audit client” in Rule 2-01 of Regulation S-X includes “affiliates”—a broadly defined term—public companies should adopt procedures to safeguard against their auditors’ provision of prohibited non-audit services to any of their affiliates (an undoubtedly complicated task, especially for larger corporate groups). This is particularly important since the order against KPMG suggests that the SEC takes a strict reading of the auditor independence rules and may not always consider a materiality threshold in applying them.

Endnotes:

[1] See In the Matter of KPMG, LLP, Release No. 71389, File No. 3-15687 (Jan. 24, 2014).
(go back)

[2] Id. at 4.
(go back)

[3] Id. at 5.
(go back)

[4] Id.
(go back)

[5] Id. at 6.
(go back)

[6] Id. at 3 (citing Rule 2-01 of Regulation S-X, 17 C.F.R. § 210.2.01(c)(4)(i)-(x)). See also 17 C.F.R. § 210-2.01(f) (defining “audit client” to include “any affiliates,” and defining an “affiliate” to include “[a]n entity that has control over the audit client, over which the audit client has control, or which is under common control with the audit client, including the client’s parents and subsidiaries”).
(go back)

[7] Id. (quoting 17 C.F.R. § 210-2.01(c)(4)(vi)).
(go back)

[8] Id. at 4 (citing 17 C.F.R. § 210-2.01(c)(1)). This provision is applicable where the accounting firm or “any covered person in the firm, or any of his or her immediate family members, has any direct investment in an audit client, such as stocks, bonds, notes, options, or other securities.” Id. “Covered person” includes, in relevant part, “any partner in the ‘chain of command;’ any ‘managerial employee … who has provided ten or more hours of non-audit services to the audit client;’ and any partner ‘from an “office” of the accounting firm in which the lead audit engagement partner principally practices in connection with the audit.’” Id. (quoting 17 C.F.R. §210-2.01(f)(11)).
(go back)

[9] Id. at 7 (citing Exchange Act Section 4C and Rule 102(e)(1)(ii) of the SEC’s Rules of Practice).
(go back)

[10] Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: KPMG, LLP, Securities and Exchange Commission Release No. 71390 (Jan. 24, 2014), at 4 (quoting Preliminary Note 1 to Rule 2-01).
(go back)

[11] Id.
(go back)

[12] See 17 C.F.R. § 210-2.01(c)(4)(vi).
(go back)

[13] Report of Investigation, at 5.
(go back)

[14] Id.
(go back)