Update: Auditors and Consulting: Claims Of No Conflict Strain CredibilityBy Francine • Mar 2nd, 2011 • Category: Latest, Pure Content, The Big 4 And Consulting
Update: See bottom of post for update and comments from KPMG International re: their engagement with Siemens in South Africa.
Big 4 audit firms are focusing on growth in their global consulting businesses. But the conflicts that drove three out of four of the firms to sell those consulting businesses after Enron are a bigger problem than ever before. Deloitte was the only Big 4 firm that held on to its consulting arm after all the large firms abused the privilege of providing consulting services to clients. In that latter role, they abdicated their public duty to be financial auditors first in favor of higher consulting fees. And it was because of the obvious conflicts of interest when an audit firm “does it all” for an audit client like Enron that the Sarbanes-Oxley Act of 2002 limited the scope of services auditors could provide.
Between 2000 and 2002, in response to the new rules, the IT consulting practices of four of the Big five accounting firms were either sold to public companies or spun off and IPO’d.
- In February 2000, Ernst & Young Consulting was sold to Cap Gemini.
- In February 2001, KPMG Consulting (later BearingPoint, Inc.) was floated with an IPO. (This IPO was delayed and re-priced several times in order to wait until more favorable market conditions after the millennium change, but finally took place and then went nowhere.)
- In July 2001, Accenture (known as Andersen Consulting before its split from Arthur Andersen) also went through an IPO.
- In October 2002, PricewaterhouseCoopers Consulting was sold to IBM. (They failed on their first attempt to sell to HP.)
Only Deloitte Consulting did not, in the end, separate from Deloitte & Touche.
Since the end of 2006, however, the audit firms have been rebuilding their consulting businesses. All the largest accounting firms, including Deloitte, are making acquisitions and hiring to expand consulting practices. Fee increases from advising companies on Sarbanes-Oxley started slowing down significantly in 2006 and other regulatory changes such as IFRS and XBRL mandates have seen repeated delays. M&A went into a slump that only now looks to be recovering slightly and the financial crisis caused significant contraction in the population of large financial services audit clients.
The report found that fee pressure is still widespread, but easing, and this has hit the audit sector hardest. However, revenues from audits have actually increased for most networks, with PwC taking the lead and Deloitte following.
Tax was the strongest performer, buoyed by a strong demand in transfer pricing work and international tax advice and PwC led the way in this sector too. The mid-tier are starting to make more noise in the sustainability services market, which continues to grow, but corporate finance, IPO services and transaction support remain flat
- Only four networks failed to grow revenue, a complete turnaround in fortunes from last year
- Deloitte takes the mantle as the world’s largest professional services network for the first time in history
- Deloitte reports $9 million more global revenue than PwC, the slenderest margin
- Consulting growth alone (12%), including major acquisitions in the US (Bearing Point) and UK (Driver’s Jonas) help propel Deloitte to top spot
- PwC is still the largest global audit firm and has the largest tax business. The steady growth in these core businesses in comparison to Deloitte places the network in a good position for 2011
- Fee pressure still widespread in the developed economies although it is easing
- Audit the hardest hit by fee pressure although audit revenue from most networks increased. PwC is the top audit firm followed by Deloitte
- Tax was the strongest performer, buoyed by a strong demand in transfer pricing work and international tax advice. PwC leads tax followed by E&Y
- Advisory/consulting was a mixed bag with some networks growing particularly well and others losing out. There is healthy demand for risk management, internal audit and due diligence services
- Sustainability services continues to grow and the mid-tier are starting to become more involved
One of the selectively booming non-audit businesses has been workouts or bankruptcy advisory. PwC’s huge long-term engagement with the Lehman bankruptcy in the UK is a prime example. Some of PwC’s financial services audit clients JPMorgan Chase and Bank of America also grew because of acquisitions during the crisis. Combined with their audit of Goldman Sachs and involvement in Treasury TARP activities, non-audit revenues are growing for PwC. But revenues and profitability are distributed unevenly by geography and service line in all the firms. Although Deloitte overtook PwC as the largest global firm in revenue this past year, those rankings are not only based on the firms own un-audited, self-reported figures, but show a definite emphasis on consulting and advisory services as a growth engine versus audit.
The financial crisis and companies concerns over costs have driven audit fees to flat or down in all the firms, on average, worldwide. However, the independence issues that led three of the four to sell their consulting businesses by 2002 still exist, even more so with the contraction in the number of firms available in many markets to take on larger and more complex non-audit projects and engagements.
At the same time, the audit firms are behaving as if the requirement to be independent at all times is an annoyance rather than an impediment. That may be because auditors are not strictly prohibited from consulting in the UK, for example, as long as the company isn’t listed in the US. But since the PCAOB only recently gained inspection access to UK firms, we may find lax compliance once they catch up on inspections. For non- Sarbanes-Oxley companies, UK firms accept consulting engagements for audit clients at will and with only honor to guide them.
In the United States, in spite of prohibitions on a list of advisory services that can be performed by auditors of companies subject to Sarbanes-Oxley, the level of enforcement of these independence prohibitions is practically nil. Not only are the regulators loathe to single out a firm for large transgressions, they have limited time and budgets available to track them down at all, especially because of new the volume of matters generated by the financial crisis.
We only have to look at the spate of insider trading cases involving Big 4 partners to see that even though individuals who have crossed the line in an egregious way are eventually caught, the firms themselves, even when there are repeat transgressions by senior professionals such as in the case of Deloitte, are being let off the hook.
Services such as internal audit, one of the first to be put on the prohibited list for a company’s auditors under Sarbanes-Oxley, have more frequently been proposed by the external auditors in the UK. It’s as much the fault of the clients themselves, more focused on cost savings from “integrated audits” – a term used to justify the Arthur Andersen service model at Enron – than on independence, objectivity, and controls.
In India, for example, the Satyam’s internal auditor is accused of being complicit in the fraud perpetrated by executives and allegedly supported by external auditors PwC. But in their misplaced desire to strengthen controls in Indian companies…
The Economic Times of India, July 9, 2010: Accounting regulator ICAI has asked the government to make outsourcing of internal audit functions mandatory for companies to prevent a Satyam-like fraud from happening again.
The suggestion is part of the recommendations by a high- powered committee of the Institute of Chartered Accountants of India (ICAI) to the Corporate Affairs Ministry in the aftermath of a Rs 10,000-crore scam in Satyam Computer and is intended to strengthen the internal audit system of companies.
"We have recommended that internal audit should be outsourced rather than in-house because internal audit in-house is always dependent on the management of the company. Internal audit from outside will always be better, and then it should be given to chartered accountants," ICAI President Amarjit Chopra told.
The large audit firms in India and the UK, as well as in the US, would like nothing more than to add stronger mandates for internal audit functions and additional mandates that require provision of these services by an outside firm. Even better, eliminate any prohibitions on having the external audit and the internal audit functions performed by two separate firms. There is sensitivity worldwide to the cost of excessive regulation and mandates and audit firms will be able to sell this “integrated audit” easily in this economic environment.
Just like Arthur Andersen did at Enron.
The hunger for more consulting revenue also causes the audit firms to forget they are audit firms first and foremost. Aggressive sales activities and “relationship building” tactics common in the systems integrator business are tolerated by the audit firms for the sake of winning major long term engagements with prestige clients and realizing the return on big acquisition and practice-building investments.
Outside the US, the prohibitions in some countries on foreign ownership of their audit partnerships is breaking down and the international firms are taking control of everything else away from local partners who “cannot realize the growth potential.”
PwC’s purchase of BearingPoint’s commercial business and heavy emphasis on reestablishing their SAP and Oracle implementation business once the non-compete with IBM expired in mid-2007 has led, according to sources, to a “winning is everything” attitude. That attitude, in turn led to mistakes like using the firm’s relationship with Satyam, an audit client, as a selling point for its outsourcing and systems intergration services. It’s also led to the scathing indictments of selling practices found in a recent United nations Inspector General’s report of PwC’s win of a multi-year, multi-million dollar SAP engagement.
“…Van Essche and UN procurement officials committed “serious breaches” of UN rules to favour PwC over other bidders, the report says.
The report says PwC’s approximately $16m contract bid was nearly $11m higher than the lowest bid and exceeded the $11m the UN had allocated for the project, a redesign of the UN procurement, human resources and financial management computer systems.
PwC wasn’t awarded the contract on its overall financial bid but on a proposed day rate. But PwC procurement files do not show the final agreed number of days needed to complete the project, making it impossible to determine the estimated cost to the UN, the report says.
“It is inconceivable that the estimated duration of a project should not be factored into the commercial evaluation of a proposal to determine the projected cost,” says the report.
In violation of UN rules, PwC was given more time to study the proposal request than other bidders, including one with a higher technical score than PwC. This resulted in a “material alteration” of the UN’s proposal request that favoured PwC, according to the audit…The U.N. has hired PwC numerous times in past years. In 2007, the firm was employed to confidentially review the financial disclosure statements submitted by U.N. staff. In 2005, the company donated 8,000 hours of staff time to investigate any abuse of donor aid following the Indian Ocean tsunami of the previous year.
Sources have told me that this UN procurement is used as a case study to train PwC consultants on “how to win an engagement”.
Another recent case, Deloitte’s consulting work at Kabul Bank in Afghanistan, shows how the consulting side of the house can divorce themselves from the reality of massive fraud and corruption while charging millions of dollars to implement the systems and controls that will supposedly prevent such waste, mismanagement, and illegal activities.
The New York Times, January 30, 2011: While Afghan and U.S. officials depict a crisis far worse than has been made public, State Department cables released by WikiLeaks show that Afghan and Western regulators were aware of many of the problems, but were most focused on the problem of terrorist financing, rather than the elaborate fraud scheme that was the main problem at Kabul Bank.
A stream of complaints about the bank’s practices – many of them the problems that now threaten the bank’s survival – are dutifully recorded in the cables, but diplomats, at least in 2009 and early 2010, seemed not to have realized the profound effect they could have on the financial system as a whole.
Although other banks here have had questionable loan practices, so far it is only Kabul Bank where what amounts to an enormous fraud scheme was conducted over a period of years and whose troubles are sending tremors through the Afghan business community and worrying Western donors.
Deloitte, a top U.S. accounting firm that had staffers in the Central Bank under a United States government contract over the last several years, either did not know or did not mention to American authorities that they had any inkling of serious irregularities at Kabul Bank. Deloitte was not responsible for auditing the bank’s books; a spokesman for Deloitte did not respond to requests for comment.
All news accounts clearly state that Deloitte was not the external auditor of Kabul Bank, but isn’t an audit firm always an audit firm, first and foremost, even when consulting? Doesn’t the client expect a higher level of quality, expertise, and ethical conduct from an audit firm, especially when implementing financial systems and controls? Shouldn’t all of the firms’ employees and contractors have to perform to a higher level of standards and care?
Finally, in South Africa we have the case of a project gone wrong by Siemens, a systems integrator that works often in conjunction with the Big 4 firms like Deloitte to implement software such as SAP for government agencies. I raised the issue a few years back regarding Deloitte’s independence with regard to Siemens when they helped Debevoise conduct an investigation of their massive bribery scandal. I questioned Deloitte’s independence because they were an alliance partner with Siemens and a joint project had gone wrong with South Africa’s port authority.
This time it’s South Africa’s Department of Labor that’s upset with Siemens and their performance on a long term project to implement SAP. They’d like to end that relationship and, possibly, recoup overbilling and the costs of project delays. But which firm did the South African government ask to review the project and Siemens performance?
KPMG, Siemens’ former auditor during the period of the bribery scandal.
KPMG was relieved of their duties as auditor in 2008, as a result of preliminary accusations of possible negligence in preventing or mitigating the scandal. The attorney who conducted the internal investigation on behalf of Siemens, Bruce Yannett of Debevoise, had this to say regarding the results of their investigation of KPMG and any ongoing matters between KPMG and Siemens:
“We looked at KPMG’s role over the years in question and reported our findings to the Supervisory Board. Those findings are not public. Siemens’ public statement at this time is that certain investigations are ongoing and Siemens will not comment.”
So why did KPMG take on this investigation of Siemens given the obvious conflict? Who anywhere in the world in KPMG would not have known their firm was the infamous auditor of Siemens during the scandal?
KPMG’s proprietary system, Sentinel™, facilitates compliance with these policies. every engagement entered into by a KPMG member firm is required to be included in the system prior to starting work. the system enables lead audit engagement partners to review and approve, or deny, any proposed service for restricted, publicly traded, and certain other audit clients and their affiliates wherever in the world the proposed service is to be provided and wherever the member firm is based.
There is no enforcement of the engagement acceptance and continuance policies the firms are so proud to publish in their new global transparency reports. If a local member firm, South Africa in this instance, either ignores, lies, or acknowledges but does not seek higher approval when a conflict such as this presents itself, neither the global firm nor a regulator will likely catch it.
Certainly given how ravenous they all are for revenue, no self-respecting local partner will turn away work unless he has to.
KPMG’s US spokesperson was seeking a response from their EMEA counterpart at the time this was published.
Update March 1, 2011: KPMG South Africa and KPMG International responded to my queries for comment on the decision to accept an engagement from Siemens in South Africa given their history with Siemens.
My concerns were that the client acceptance and continuance process did not go far enough – or outside the borders of South Africa – to determine whether there may still be an open issue with Siemens that could present the appearance of a conflict of interest either to their client, the South African National Treasury who engaged Siemens as part of a long term public private partnership, or to the public.
One of the beneficiaries of this partnership was the Department of Labor. The Department of Labor became dissatisfied by Siemens project delays, apparent overbillings, and use of subcontractors, according to sources. KPMG was engaged to investigate the overbilling, use of subcontractors and options for ending of the contract.
A KPMG South African spokesperson told me that that the member firm followed all internal policies correctly and that the engagement was approved within South Africa. South Africa is now part of the KPMG EMEA business unit and I wondered why, for a global client such as Siemens where everyone in the firm must be aware of KPMG’s history, the member firm would not go outside the boundaries of South Africa and make sure thee were no ongoing legal matters, adverse interests, or other conflicts that would inhibit independence and objectivity on this engagement. Just checking a database and confirming Siemens was no longer an audit client, given the history with Siemens, did not seem to be to be enough. I was as surprised as they may be to see that Siemens attorney did not close the books on further findings definitively, in my opinion, in his statement to me regarding KPMG.
A KPMG International spokesperson gave me this statement in response to my concerns:
· There has been no determination following any investigation in relation to the Siemens audit work carried out by KPMG member firms that such work was performed other than in accordance with the appropriate auditing standards. Statements which suggest otherwise are false and misleading.
· KPMG has a global system that facilitates compliance by member firms with auditor independence requirements. This system is also used to identify potential conflicts of interest and is required to be used by all member firms across the network.
· We believe our system is adequate. In addition, we have no reason to believe the decisions made by KPMG South Africa were not appropriate.
· KPMG’s engagement as auditor to Siemens AG ended in 2008. Importantly, this fact was disclosed by KPMG South Africa to its client.