Professionalism in practice: Audit quality, auditor independence and ethics

Wednesday, 29 July 2020 00:00 -     - {{hitsCtrl.values.hits}}


Audit quality, independence of external auditors and ethics, are fundamental ingredients in attracting investors to any country. Within this context, Sri Lanka is a competitive destination for foreign direct and foreign portfolio investment and of course domestic corporate and individual investment. Let me touch on, the structure of our auditing profession, which lends itself to our attractiveness.



The International Federation of Accountants (IFAC) is the global organisation for the accountancy profession, comprising more than 175 member and associate organisations in 130 countries and jurisdictions, representing nearly three million professional accountants. CA Sri Lanka is a member of IFAC, and Sri Lanka has had a long association with IFAC. Many of its Presidents have visited Sri Lanka over the years. Several of our members have served on IFAC committees and continue to serve, and serve well. 



The core mission of the independent International Auditing and Assurance Standards Board (IAASB) and the International Ethics Standards Board for Accountants (IESBA), of IFAC, is to promulgate, in the public interest, high quality international audit, assurance, related services and ethics standards for the accountancy profession, for worldwide application. 


Audit Committees and Board Room Governance

Members of CA Sri Lanka, often serve as Chairs or as members of Audit Committees and have a significant responsibility to ensure audit quality and auditor independence, whether in internal or external audit or in any assurance work. They have a responsibility to the Board. The Board in turn, must not attempt to constrain or restrict their work. Many External and Outsourced Internal Auditors, in Sri Lanka, are of international standing. Ensuring their quality of output however, requires effective “quality control and compliance with ethical practices” mechanisms, within the firms of external auditors, coupled with an engaged, aware, task oriented Audit Committee. 


Case studies of impairment of independence 

An insight into corporate America and its auditing profession 

I will discuss a few cases, and will quote directly and from no less than the statements issued by the US regulator – the SEC of the USA. I do so, to catalyse discussion, debate and a hopeful improvement in the corresponding issues in Sri Lanka. I have cited examples of all of the Big 5 operating in Sri Lanka. 


SEC Charges KPMG With Violating Auditor Independence Rules   2014-12

Washington D.C., Jan. 24, 2014 

The Securities and Exchange Commission today charged public accounting firm KPMG with violating rules that require auditors to remain independent from the public companies they’re auditing to ensure they maintain their objectivity and impartiality. 


Prohibited non-audit services 

An SEC investigation found that KPMG broke auditor independence rules by providing prohibited non-audit services such as bookkeeping and expert services to affiliates of companies whose books they were auditing. Some KPMG personnel also owned stock in companies or affiliates of companies that were KPMG audit clients, further violating auditor independence rules. KPMG agreed to pay $8.2 million to settle the SEC’s charges.

“Auditors are vital to the integrity of financial reporting, and the mere appearance that they may be conflicted in exercising independent judgment can undermine public confidence in our markets,” said John T. Dugan, associate director for enforcement in the SEC’s Boston Regional Office. “KPMG compromised its role as an independent audit firm by providing prohibited non-audit services to companies that it was supposed to be auditing without any potential conflicts.”

 According to the SEC’s order instituting settled administrative proceedings, KPMG repeatedly represented in audit reports that it was “independent” despite providing services to three audit clients that impaired KPMG’s independence. The violations occurred at various times from 2007 to 2011.


Restructuring, corporate finance, and expert services 

According to the SEC’s order, KPMG provided various non-audit services – including restructuring, corporate finance, and expert services – to an affiliate of one company that was an audit client. 

 Without admitting or denying the findings, KPMG agreed to pay $5,266,347 in disgorgement of fees received from the three clients plus prejudgment interest of $1,185,002. KPMG additionally agreed to pay a penalty of $1,775,000 and implement internal changes to educate firm personnel and monitor the firm’s compliance with auditor independence requirements for non-audit services. KPMG will engage an independent consultant to evaluate such changes.


SEC Charges BDO and Five Partners in Connection With False and Misleading Audit Opinions 


Washington D.C., Sept. 9, 2015 

The Securities and Exchange Commission today charged national audit firm BDO USA with dismissing red flags and issuing false and misleading unqualified audit opinions about the financial statements of staffing services company General Employment Enterprises. The SEC also charged five of the firm’s partners for their roles in the deficient audits, and filed fraud charges against the client company’s then-chairman of the board and majority shareholder Stephen B. Pence, who is a former U.S. attorney and a former lieutenant governor of Kentucky.


Admission of wrongdoing 

BDO agreed to admit wrongdoing, pay disgorgement of its audit fees and interest totaling approximately $600,000, and pay a $1.5 million penalty in addition to complying with undertakings related to its quality controls. The five partners also agreed to settle the charges against them. Two former CEOs of General Employment agreed to settle separate charges, and the litigation continues against Pence.


Recognising red flags 

“Audit firms must train their audit and national office professionals not only to recognise red flags but also to have the resolve to refuse signing off on an audit if there are unresolved material issues,” said Andrew Ceresney, Director of the SEC’s Division of Enforcement. “BDO failed to do that here, even though these issues were elevated to the highest levels of its audit practice.”

According to the SEC’s orders instituting settled administrative proceedings against BDO and the partners:

  •  Near the end of BDO’s 2009 audit of General Employment, BDO was advised by the company that $2.3 million purportedly invested in a 90-day nonrenewable CD wasn’t repaid by the bank upon its maturity date. BDO also learned that a bank employee indicated there was no record of a CD being purchased from the bank. The $2.3 million represented approximately half of the company’s assets and substantially all of its cash.
  • BDO then received multiple conflicting stories from company management and board members about the status of the purported CD, and the company received a series of deposits totaling $2.3 million from three entities unaffiliated with the bank. One entity was purportedly owned by Pence. 
  • After BDO raised more questions, the company claimed the deposits were proceeds of an agreement to assign the purported CD to an unrelated party in return for the value of the CD. But BDO never received reasonable and coherent explanations about why the $2.3 million went missing and why an equivalent amount was later received by the company under suspicious circumstances.
  • BDO’s engagement partner on the audit Sean C. Henaghan and concurring reviewer John E. Rainis subsequently consulted with senior BDO partners including regional technical director James J. Gerace, national director of accounting Leland E. Graul, and national SEC practice director Wendy M. Hambleton.
  • BDO then issued a five-page letter to the company highlighting the conflicting information and demanding an independent investigation overseen by the audit committee. 
  • But just days later despite no reasonable explanation from the company, BDO withdrew its demand and subsequently issued unqualified opinions on the financial statements included in General Employment’s 2009 and 2010 annual reports.

Without admitting or denying the SEC’s findings, Henaghan, Rainis, Gerace, and Graul agreed to be suspended from practicing public company accounting for varying periods. Henaghan agreed to pay a $30,000 penalty, Rainis agreed to pay a $15,000 penalty, and Gerace, Graul, and Hambleton each agreed to pay $10,000 penalties.


Ernst & Young, 

Former Partners Charged With Violating Auditor Independence Rules

First SEC Enforcement Actions for Auditor Independence Failures Due to Close Personal Relationships 2016-187

Washington D.C., Sept. 19, 2016 

The Securities and Exchange Commission today announced that public accounting firm Ernst & Young has agreed to pay $9.3 million to settle charges that two of the firm’s audit partners got too close to their clients on a personal level and violated rules that ensure firms maintain their objectivity and impartiality during audits. SEC investigations found that the senior partner on an engagement team for the audit of a New York-based public company maintained an improperly close friendship with its chief financial officer, and a different partner serving on an engagement team for the audit of another public company was romantically involved with its chief accounting officer. Ernst & Young misrepresented in audit reports issued with the companies’ financial statements that it maintained its independence throughout these audits.


Close personal relationships 

“These are the first SEC enforcement actions for auditor independence failures due to close personal relationships between auditors and client personnel,” said Andrew J. Ceresney, Director of the SEC’s Division of Enforcement. ”Ernst & Young did not do enough to detect or prevent these partners from getting too close to their clients and compromising their roles as independent auditors.” According to the SEC’s order finding that Gregory S. Bednar caused auditor independence rule violations at Ernst & Young from January 2012 to March 2015, he was specifically tasked by the firm to improve its relationship with the New York-based audit client because it was a “troubled account.” 


Overnight stays

Bednar and the company’s CFO stayed overnight at each other’s homes on multiple occasions and traveled together with family members on overnight trips with no valid business purpose, and they exchanged hundreds of personal text messages, emails, and voicemails during the auditing periods. Bednar also became friends with the CFO’s son and often treated them to sporting events and other gifts. Certain Ernst & Young partners became aware of Bednar’s excessive entertainment spending but took no action to confirm that Bednar was complying with his independence obligations.

Bednar and Ernst & Young consented to the SEC’s order without admitting or denying the findings. The firm agreed to pay $4.975 million in monetary sanctions for these violations. Bednar must pay a $45,000 penalty and is suspended from appearing and practicing before the SEC as an accountant, which includes not participating in the financial reporting or audits of public companies. The SEC’s order permits Bednar to apply for reinstatement after three years. Bednar no longer works at Ernst & Young.


Romantic relationship 

According to the SEC’s order finding that Pamela Hartford caused auditor independence rule violations at Ernst & Young from March 2012 to June 2014, she maintained a romantic relationship with financial executive Robert Brehl while she served on the engagement team auditing his company. Meanwhile another Ernst & Young partner named Michael Kamienski, who supervised Hartford on the audit, became aware of facts suggesting the improper relationship yet failed to perform a reasonable inquiry or raise concerns internally to Ernst & Young’s U.S. independence group. 


Familial, employment, or financial relationships

According to the SEC’s order, Ernst & Young required audit engagement teams to follow certain procedures to assess their independence, and employees were asked whether they had familial, employment, or financial relationships with audit clients that could raise independence concerns. But these procedures did not specifically inquire about non-familial close personal relationships that could impair the firm’s independence.

Ernst & Young, Hartford, Kamienski, and Brehl consented to the SEC’s order without admitting or denying the findings. The firm agreed to pay $4.366 million in monetary sanctions for these violations, and Hartford and Brehl agreed to pay penalties of $25,000 each. Hartford, Kamienski, and Brehl are suspended from appearing and practicing before the SEC as accountants, which includes not participating in the financial reporting or audits of public companies. The SEC’s order permits Brehl to apply for reinstatement after one year, and Hartford and Kamienski can apply after three years. Hartford and Kamienski no longer work at Ernst & Young.


Deloitte Japan Charged With Violating Auditor Independence Rules  2019-9 

Washington D.C., Feb. 13, 2019 

The Securities and Exchange Commission today announced that Deloitte Touche Tohmatsu LLC (Deloitte Japan) will pay $2 million to settle charges that it issued audit reports for an audit client at a time when dozens of its employees maintained bank accounts with the client’s subsidiary. Deloitte Japan’s former CEO Futomichi Amano and former reputation and risk leader and director of independence Yuji Itagaki settled related charges.


Bank accounts with an audit client!

Under the SEC’s rules, accountants are not considered to be independent if they maintain bank accounts with an audit client with balances greater than FDIC or similar depositary insurance limits. According to the SEC’s order, Deloitte Japan knew but failed to adequately disclose that Amano maintained bank account balances with the audit client’s subsidiary bank that compromised his independence. A subsequent investigation by the firm revealed that 88 other Deloitte Japan employees had financial relationships with the audit client that compromised their independence as well. 


Office of Independence 

The SEC’s order also found that Deloitte Japan’s system of quality controls did not provide reasonable assurances that the firm and its auditors were independent from audit clients. For example, the SEC’s order found that Deloitte Japan failed to adequately staff and supervise its Office of Independence and caused certain independence violations by making deposits to partners’ bank accounts that exceeded the deposit insurance limits.

Deloitte Japan, Amano, and Itagaki consented to the SEC’s order without admitting or denying the findings and were ordered to cease-and-desist from future violations. Deloitte Japan agreed to pay $2 million in monetary sanctions and be censured. Amano and Itagaki agreed to be suspended from appearing and practicing before the SEC as accountants, which includes not participating in the financial reporting or audits of public companies. The SEC’s order permits Amano and Itagaki to apply for reinstatement after two years and one year, respectively. In determining to accept Deloitte Japan’s offer of settlement, the SEC considered remedial acts promptly undertaken by Deloitte Japan and cooperation afforded the SEC staff.


SEC Charges PwC LLP With Violating Auditor Independence Rules, Engaging in Improper Professional Conduct  2019-184

Washington D.C., Sept. 23, 2019 

The Securities and Exchange Commission today charged accounting firm PricewaterhouseCoopers LLP with improper professional conduct in connection with 19 engagements on behalf of 15 SEC-registered issuers and violating auditor independence rules in connection with engagements for one issuer where the firm performed prohibited non-audit services. The SEC also charged PwC partner Brandon Sprankle with causing the firm’s independence violations. Both respondents have agreed to settle the charges and PwC will pay over $7.9 million in monetary relief.


Prohibited non-audit services 

The SEC’s order finds that PwC violated the SEC’s auditor independence rules by performing prohibited non-audit services during an audit engagement, including exercising decision-making authority in the design and implementation of software relating to an audit client’s financial reporting, and engaging in management functions. In connection with performing non-audit services for 15 SEC-registered audit clients, the order states that PwC violated Public Company Accounting Oversight Board (PCAOB) Rule 3525, which requires an auditor to describe in writing to the audit committee the scope of work, discuss with the audit committee the potential effects of the work on independence, and document the substance of the independence discussion. 


Independence-related quality controls 

According to the order, PwC’s actions deprived numerous issuers’ audit committees of information necessary to assess PwC’s independence. As further detailed in the order, the violations occurred due to breakdowns in PwC’s independence-related quality controls, which resulted in the firm’s failure to properly review and monitor whether non-audit services for audit clients were permissible and approved by clients’ audit committees. 

PwC and Sprankle consented to the SEC’s order without admitting or denying the findings and agreed to cease and desist from future violations. PwC agreed to pay disgorgement of $3,830,213, plus prejudgment interest of $613,842 and a civil money penalty of $3.5 million, and to be censured. Sprankle agreed to pay a civil money penalty of $25,000, and to be suspended from appearing or practicing before the Commission, with a right to reapply for reinstatement after four years. PwC also agreed to perform a detailed set of undertakings requiring the firm to review its current quality controls for complying with auditor independence requirements for non-audit services and for evaluating its provision of non-audit services. 


A well-wisher of the global profession

- Let’s sustain our global and local value adding position

These examples do not take away from the quality, independence and ethical conduct of all of our profession in the US, in Sri Lanka or anywhere. I have had the privilege of auditing multinational clients, domiciled in different jurisdictions, have experienced similar challenges and have had to take decisions with regard to non-acceptance of assignments, qualifying scope or opinion paragraphs and other steps. 

As a Trainee, Manager, and Partner at KPMG, Deloitte and PwC respectively – I know they are all firms with distinctive capability. I have retained Deloitte, EY, KPMG, PwC and BDO on complex assignments, due diligences, investigations, valuations, outsourced internal audits, external audits, limited scope-non opinion work, and have respect for their professionalism. 

Thus, I am necessarily a well-wisher of my profession, locally and globally. My purpose here is to catalyse a dialogue, to help improve and sustain our local and global, value adding, position. Thus, may I submit, that there is a need to continuously turn the search light inwards. 


Message for our stakeholders

My message to our stakeholders – The SEC, the CSE, SLAASMB, CBSL, IRCSL,

(Insurance Regulatory Commission of Sri Lanka), CA Sri Lanka, SLID, is to have a regular, open and frank dialogue on lines similar to what we began at the SEC in October 2019. 

(Ranel Wijesinha, a Chartered Accountant and Independent International Consultant, is the immediately previous Chairman of the SEC in Sri Lanka. He is a Past President of CA Sri Lanka and Past President of the Confederation of Asian Pacific Accountants, a regional organisation representing 33 national professional accountancy organisations, from 24 jurisdictions in the Asia-Pacific region, representing close to two million accountants.)


Recent columns