On March 8, 2017, the Wall Street Journal published an article about KPMG being under fire for scandals in the U.S., South Africa, and the U.K. Although KPMG does face trouble on three fronts, the scandals involve three legally separate firms:
- KPMG, LLP, a New York-based U.S. partnership, is dealing with the indictment of former partners on charges they helped steal secret regulatory information.
- KPMG’s local affiliate in South Africa faces a criminal complaint and scrutiny overs its ties to a politically connected family.
- KPMG’s London-based firm is under regulatory investigation over its auditing of a construction company, Carillion PLC, which collapsed in January 2018.
The Big Four
The Big Four accounting firms (KPMG, Deloitte Touche Tohmatsu, PricewaterhouseCoopers and Ernst & Young) promote themselves as unified entities – each with one global brand. Although this implies common leadership and a single standard of quality, they are organized very differently. Each firm is actually a network of independent firms in approximately 150 countries. Global umbrella organizations head each network. Overall strategy and the overseeing of the brand is set with input from the member firms. The member firms perform the audits and have latitude over how they conduct their business. They aren’t obligated to or responsible for each other. The network arose because accounting firms wanted to expand and serve multinational clients but did so through independent local affiliates because each country has its own licensing and training requirements.
Critics say local audit affiliates are more likely to produce flawed work, potentially affecting the network’s multinational clients. Recently, in the U.S., the Public Company Accounting Oversight Board starting requiring accounting firms with U.S.-traded clients to start disclosing when affiliates work with them on a company’s audit. Since 2016, the PCAOB has reached disciplinary settlements over allegations involving Deloitte affiliates in multiple countries and Ernst & Young’s Indonesian affiliate.
The setup can limit what the global firms can do to in the event of “bad-apple” affiliates, although it helps protect their networks and U.S. partners from liability. “You’ve got personnel and technology crossing borders all the time,” says Jim Peterson, author of a book about the Big Four firms. In the event of trouble, “they do everything they can to firewall the problem.”
Deloitte faces regulatory investigations in South Africa and the Netherlands over the client Steinhoff International Holdings. Regulators in India have suspended PwC’s affiliate from auditing companies for two years due to lack of fraud detection. KPMG has fired five employees U.S. employees over the information-stealing scandal and says there was no criminal wrongdoing in South Africa. KPMG also contends the audits were conducted appropriately in the U.K.
The global organization may seek to rein in the local affiliate because of the brand-name risk, but the local firm’s independence and ownership means the network has limited ability to crack down, presenting challenges. The only choice may be to expel the local affiliate from the network – the so called “death penalty” that prevents the global network from doing business in that country until it finds a new affiliate.
The structure helps firms contain liability from problem audits, but some U.S. court rulings have suggested the global networks can be held responsible. “They all function as one firm,” says Steven Thomas, an attorney specializing in suits against accounting firms. “The only time you hear ‘Well, we’re not all KPMG’ is when they get sued.”
A U.S. investor who suffers a loss in a foreign country with accounting issues can’t easily hold the U.S. auditor responsible, even though they are part of the same network and the U.S. firm may have assisted with the audit. The new PCAOB requirement to disclose other firms contributing to a company’s audit may give investors a better understanding of how the networks operate.