These disclosures were a result of pressure brought to bear by Congresswoman Maxine Waters and several other congressional members who sent a letter to the OCC and the Fed on October 28. This letter expressed the legislators’ displeasure with the way the OCC and the Federal Reserve Bank had so far run the “independent” foreclosure review process that is intended to overhaul mortgage-servicing processes and controls and to compensate borrowers harmed financially by wrongdoing or negligence.

Congresswoman Waters cited my October 6 column for American Banker in this letter to the OCC and Fed when demanding that the regulators manage conflicts of interest in the foreclosure review process as well as make a full disclosure of vendors and their engagement letters with the banks.

On December 6, I wrote again in American Banker after I reviewed the engagement letters that were posted by the OCC. I had several concerns. Congresswoman Waters did, too.

“[The OCC] issued a report on the actions of a dozen national bank and federal savings association mortgage servicers aimed at complying with the consent orders issued in April 2011 to correct deficient and unsafe or unsound foreclosure practices. (The two remaining consent order recipients — GMAC/Ally and SunTrust — have not yet finalized their terms with vendors and as a result their overseers, Fed Chairman Bernanke and the Federal Reserve Bank, have not yet responded to the request for full disclosure, according to the Water’s office.)

Waters was less than impressed with what she saw and so am I.  She told me, “My letters specifically asked for information on conflicts of interest between the banks and the consultants — which is precisely what the OCC redacted in the information they released last week. A cursory look into the banks and their consultants indicates that in some cases, there are substantial pre-existing relationships between the firms.”

Redacted is an understatement.

Here’s what was redacted, according to OCC spokesman Bryan Hubbard:

Limited proprietary and personal information has been redacted from the engagement letters including, but not limited to:

• Names,titles and biographies of individuals;
• Proprietary systems information;
• References to specific bank policy;
• Fees and costs associated with the engagement;
• Specific descriptions of past work performed by the independent consultants.

So what’s left? It’s interesting enough, as a start, to look at which consultants and law firms were selected by which servicers. It’s also interesting to look at the scope of services to be performed and the time and volume estimates for project activities where they were not redacted.

From my December 6 American Banker column:

The disclosure of the consultant engagement letters for each servicer has already had a huge impact. The Financial Times reports that the New York Attorney General “launched an investigation into possibly unlawful foreclosureson the mortgages of active-duty members of the US military.” The foreclosure review engagement letters posted by the OCC included estimates prepared by the banks and their consultants suggesting, according to the Financial Times, that 10 leading lenders may have seized the homes of about 5,000 service members in violation of the Servicemembers Civil Relief Act, which restricts foreclosures on the homes of active duty members of the U.S. armed forces.

There’s also the issue of attorney-client privilege:

Some of the engagement letters invoke attorney-client privilege and attorney work product privilege over the whole process and confidential treatment of engagement letter itself. It appears all the servicers used their general counsel’s office to engage the consultants and outside counsel and some name their general counsel as project lead. Some servicers engaged additional outside legal counsel for the review directly rather than through the primary consultant.

OCC spokesperson Hubbard says, “although some of the engagement letters make claims of attorney-client privilege, these claims are by statute inapplicable to the OCC and FRB, which have complete access to all documents produced by the independent consultants and servicers as part of the independent foreclosure reviews required by the Consent Orders.

I certainly hope so.

I was the first to report on December 6 the irony of Deloitte having been selected by, of all banks, JP Morgan Chase. The high likelihood of a conflict between the bank and the audit firm, and possibly the individual Deloitte partners assigned to the JP Morgan Chase review, should have been obvious to anyone at the OCC. I said on December 6 that it would be great if we could see the names of the partners and staff assigned to the engagements and check their credentials and prior client work for conflicts.

It would be enlightening, for example, to see whether any of the Deloitte partners proposed as consultants as part of the foreclosure solution at JP Morgan/EMC, were previously part of the mortgage origination/securitization problems as auditors at Bear Stearns or Washington Mutual.

Bear and Washington Mutual, both former Deloitte audit clients, are now part of JP Morgan Chase, and Deloitte is defending lawsuits over alleged audit failures at those firms.

Lo and behold, partner Ann Kenyon of Deloitte, who testified at a December 13th Senate hearing on the issue, said under oath that she is the engagement partner on the JP Morgan Chase foreclosure review. An internet search revealed a conference biography that suggests that amongst Kenyon’s representative clients was Washington Mutual, now owned by JP Morgan Chase and a significant part of the review. This would be a clear conflict with her role as engagement partner for the review.

Ms. Kenyon [who leads Deloitte's Securitization Advisory practice] works with issuers, comprised of both attest and non-attest clients, who have encountered difficulties in accounting for and reporting on their securitizations.

At the 126:20 mark of the archived webcast of the Senate hearing Kenyon describes the organizational structure, level of experience and source of professionals for the Deloitte JP Morgan Chase review team. (She says it’s all Deloitte staff.) She also says that a large team of Deloitte partners who are subject matter experts report to her and are leading each team.

Someone should check their conflicts, too.

Two of the other three Big Four audit firms were selected for multiple review assignments. KPMG, auditor of Citigroup, New Century, Countrywide, Wells Fargo, and Wachovia, is conspicuously but thankfully absent from the list of consultants.

Examples of firms involved in multiple reviews include Ernst & Young (involved in three reviews as both a primary consultant and subcontractor), PricewaterhouseCoopers (involved in two reviews as a primary consultant), and Promontory Financial Group (involved in three reviews as primary consultant). Law firm Gibson Dunn is legal counsel for three reviews (retained by the consultant in two cases and by the bank directly in one).

For example, one firm could be charging different rates to different banks for what is supposed to be a consistent review across servicers. That not only indicates banks can leverage their influence with vendors to get the review they want (and the monetary exposure estimate) at the price they want to pay, but that we may not get consistent results for borrowers that were harmed by multiple servicers.

Some of the concerns I mentioned in my December 6 column were pursued by Senators at the December 13 Senate Committee on Banking, Housing, and Urban Affairs hearing: Helping Homeowners Harmed by Foreclosures: Ensuring Accountability and Transparency in Foreclosure Reviews.

Some additional interesting interchanges during the hearing:

At the 45:30 mark of the archived webcast, Senator Reed asks the OCC’s Julie Williams why the OCC and Fed could not select and contract with the consultants directly. Williams says that would have been difficult because it would have necessitated the regulators to use a “procurement process” that included consistent “standards” for selection.

That sounds to me like a Request for Proposal process and a vendor selection process that is in place  - for many of these same vendors already – as a result of the finical crisis. Instead the OCC and Federal Reserve bank abdicated the vendor selection process to the services and, therefore, will reap the numerous potential conflicts they have sown.

At the 49:00 mark, Senator Reed asks a critical question, perhaps thinking about the Deloitte/Bear Stearns-EMC/Washington Mutual issue with regard to a JP Morgan Chase review. If a consultant runs across a set of transactions that the firm or those consultants had direct involvement in is the consultant obligated to report that conflict to the regulator?  Williams says that they would expect to hear about such a conflict.

Reed presses to ask if there is an “obligation” versus an “expectation”.  Williams sounds evasive in her answer, implying that this specific obligation is not explicit in the engagement letters.  I sure didn’t see it.

My December 6 column, in particular the parts regarding the Deloitte conflict and the attorney-client privilege issue were mentioned in the written and oral testimony by Alys Cohen, Staff Attorney  at the National Consumer Law Center.

With regard to the attorney-client privilege potential issue, the OCC and the Federal Reserve Bank should make sure all legal counsel that is intended to be part of the foreclosure review team should be retained by the consultant not the bank.  Otherwise, I see an assertion of attorney-client privilege by the outside legal counsel for the reviews as inevitable.

Some additional areas where strong monitoring by Congress and the OCC/Fed might be helpful going forward include:

• Checking consistency of level of effort estimates across project plans for each consultant’s proposal. Estimated hours for each task may vary based on the size and complexity of servicer, difficulty of obtaining information, and level of cooperation in resolving issues. But consultants will bill on a “time and materials” basis and variations in length of time estimated, for example, for each initial loan review and the quality assurance process could make millions of dollars of difference in fees given the tens of thousands of documents to be reviewed.

• The complaints process, managed as a coordinated approach for all servicers by Rust Consulting, needs to be synchronized with each servicer’s plan for their reviews. Although the OCC strongly influenced the design and implementation of the “coordinated” process, Rust Consulting signed a contract each servicer, risking the possibility of some servicers skimping on the effort or being unprepared based on their lack of progress in other dependent activities.

The PCAOB, the audit industry regulator, shamed global audit firm Deloitte recently when they exposed the private portion of the inspection report of the firm’s 2006 audits. It was the first time that had happened to one the Big Four audit firms, the largest firms that audit the vast majority of publicly listed firms in and out of the U.S..

I’m sure Deloitte, and the rest of the Big Four, thought the PCAOB would never have the nerve.

re: The Auditors has seen a confidential, internal Deloitte training document, prepared this past summer, that reveals the firm expects the worst when the inspection reports for their 2009, 2010, and 2011 audits are published by the PCAOB. The 2009 report should be out by the end of this year. The training document also shows how difficult it is for Deloitte leadership to steer the largest global firm away from the “audit failure” iceberg.

It seems audit competence and capacity to audit complex topics are in short supply at all the firms, based on PCAOB inspection results for audits conducted during the financial crisis period and the reports for 2010 audits at PwC and KPMG released recently. Deloitte has been particularly hard pressed to maintain audit quality since the firm lost several engagements that would have helped to grow specialized knowledge and retain experts. Big clients like Merrill Lynch, Bear Stearns, and Washington Mutual helped pay the bills for subject matter experts and quality control but those revenues were lost to financial crisis failures and forced combinations with better capitalized, non-audit client banks.

I think the PCAOB decided to publicly criticize Deloitte for two reasons.

• The firm has been piling on the negatives via a $1,000,000 fine/disciplinary sanction as a firm for a previous issue, two high level insider trading scandals (Flanagan and McClellan), the failures and frauds of Deloitte China clients CCME, Longtop and now Focus Media, and the specific failures of major clients during the crisis (Bear Stearns, Merrill Lynch, WaMu, Taylor Bean & Whitaker, American Home, and Royal Bank of Scotland, to name a few).
• Deloitte was resistant to the inspections, resistant to the criticisms, and unwilling to make changes based on the PCAOB’s requests. If you can’t fix something that’s one thing. If you won’t and thumb your nose at the regulator, you are getting close to Arthur Andersen-like behavior.

We know how that story ended.

If they did nothing, the PCAOB risked having a new major failure of a Deloitte client expose their lack of push on the firm to even respond, let alone improve.

I wrote in American Banker about the special risks to financial services firms when the regulated, like Deloitte, resists the regulator:

The PCAOB’s decision to make the Deloitte 2006 quality control criticisms public, and the fact that the Securities and Exchange Commission allowed it to do so, tell me Deloitte is still fighting the regulators. The deadlines for Deloitte to fix or sufficiently respond to criticisms in the 2007 and 2008 inspection reports have passed. We could soon see previously nonpublic information from those reports, too.

The risk for banks in a situation like this is that an auditor that brazenly irritates its regulator may draw unwanted attention to its clients from their regulators. For example, PCAOB spokeswoman Colleen Brennan reminds me that the SEC knows the names of every company whose audit deficiencies are mentioned in a PCAOB auditor inspection report.

These risks apply to all of Deloitte’s clients and to all public companies if the rest of the firms – KPMG, PwC, and Ernst & Young – are also playing chicken with the regulator.

A little more than a month after releasing the Deloitte private report, the PCAOB released the inspection reports for audits performed by PwC and KPMG in 2009. The Financial Times’ Kara Scannell summarizes the findings:

The Public Company Accounting Oversight Board’s findings from an annual inspection revealed that years after the financial crisis both auditing firms were not adequately challenging companies’ valuations of certain assets when the market for them dried up…

The board reviewed 71 audits completed by PwC in 2010 and 52 audits done by KPMG in 2010.

The Wall Street Journal’s Michael Rapoport tells us how bad the results really were:

The government’s auditing regulator found deficiencies in 28 audits conducted by PricewaterhouseCoopers LLP and 12 audits by KPMG LLP in its annual inspections of the Big Four accounting firms.

The Public Company Accounting Oversight Board said many of the deficiencies it found in its 2010 inspection reports of the two firms, released Monday, were significant enough that it appeared the firms didn’t obtain sufficient evidence to support their audit opinions.

The regulator hasn’t yet issued its yearly reports on its inspections of the other Big Four firms, Ernst & Young LLP and Deloitte LLP.

KPMG’s response to the PCAOB was not quite as belligerent as Deloitte’s persistent irritation at having their “professional judgment second-guessed”. But, it was not exactly conciliatory.

Floyd Norris of the New York Times:

Normally these letters say something like what KPMG wrote:

“We conducted a thorough evaluation of the matters identified in the draft report and addressed the engagement-specific findings in a manner consistent with PCAOB auditing standards and KPMG policies and procedures.”

You may note that said nothing about whether the firm accepted the board’s conclusions or not. That is better than what Deloitte did a few years ago, when it essentially said the board did not know what it was talking about.

PwC, on the other hand, met the regulator more than half way according to Norris:

PwC’s letter addressed that issue, saying that while there were cases where it differed with the board’s conclusions, “they generally related to the significance of the finding in relation to the audit taken as a whole, and not to the substance of the finding.”

“Accordingly,” wrote the PWC officials, “the overall PCAOB inspection results, as well as the results of our internal inspections, were important considerations in formulating our quality improvement plan,” which it then describes.

PwC’s spokesperson sent me this additional statement:

“PwC is built on our reputation for delivering quality. We also recognize that the role we play in the capital markets requires consistent, high-quality audit performance. We therefore are focused on the increase in the number of deficiencies in our audit performance reported in the 2010 PCAOB inspection over prior years. We are working to strengthen and sharpen the firm’s audit quality, including making investments designed to improve our performance over both the short- and long-term.”

Did the quality of the auditing really deteriorate for KPMG and PwC or is the PCAOB getting tougher, and maybe better, at what they do?

We’ll have to see what the upcoming Ernst & Young and Deloitte reports show. Ernst & Young has been criticized for the Groupon multiple S-1 issue, as well as questions about accounting at future IPOs Zynga and Facebook. Now we have Olympus, too. And, of course, the jury is still out on the firm’s role in Repo 105 and Lehman Brothers.

And what about the Deloitte improvement plan for prior years? Has Deloitte accepted the PCAOB’s criticisms and moved on or are they still fighting the regulator? Is Deloitte working hard to get ahead of their 2009, 2010, and 2011 results and avoid the embarrassment or worse – sanctions – if the PCAOB has to publish another private report?

The confidential internal training report, intended to brief Subject Matter Resources (SMR), is called, “FY 2012 Engagement Quality Activities”.

The Audit Quality Activity Plan for FY2012 has been socialized with:

1. –  The OAQ Steering Committee
2. –  The Audit Quality Council
3. –  The RMPs
4. –  The NPPDs
5. –  The RILs
6. –  Leaders in the PPN
7. –  Extended Leadership Team
8. –  CFO / CEO

Yeah, that’s a lot of acronyms. And I’m not sure anymore – maybe I’ve been out of the firms too long or maybe I was never in them enough – what “socializing” a quality plan means. Suffice to say, the document, one hundred and eight-one very dense PowerPoint pages, has tons of information for the SMRs to absorb and pass on to engagement teams like now.

But, by this summer, it was too late to make a difference in the inspection reports for the 2009 and 2010 audits.

2009

• Response submitted on May 4

2010

• Total of 98 comments (56 engagements inspected)
• Expect about 25 engagements to appear in Part I
• Draft report has not yet been issued

2011

• 33 engagements selected to date
• Focus areas
  – Continue to include: fair value and impairment determinations; internal controls – Also focusing more on revenue recognition
• 16 completed
  – 5 with no written comments
• Total of 24 comments on 11 completed inspections

If Deloitte sent their response to the PCAOB for the 2009 audits on May 4th, why are we still waiting for the final report? Given the PCAOB’s decision to release Part 2 of the inspection report for Deloitte’s 2006 audits last month, I believe Deloitte was still treating PCAOB comments as an affront to partners’ professional judgments.

What are the root causes for so many negative PCAOB comments, according to Deloitte?

When evaluating “what didn’t work” for the various engagement activities, the consistent refrains outlined in the training document are “started too late”, “not enough time”, and “greater discipline and consistency needed”.

But there’s a bigger problem when it comes to audit failures around complex topics like goodwill, deferred tax asset impairment, fair value determination of thinly traded securities, and management estimates of loan loss reserves. There’s a huge intellectual divide between the audit teams and the subject matter specialist teams.

Professionals who are experts in tax or valuation of complex derivatives, for example, are not experts in auditing standards. The auditors, and the education they receive in universities and in the firms, focuses on the technical aspects of accounting – they know GAAP chapter and verse but not GAAS. That’s how we ended up with a defense of Repo 105 from Ernst & Young that the treatment meets the GAAP requirements with no appreciation for the more subtle GAAS disclosure expectations. Until recently, the firms didn’t think the PCAOB would push them to meet such high standards for auditing as long as the accounting was, subject to “professional judgment”, right enough.

But that’s how the auditors missed, or justified looking the other way, as so many banks failed or had to be bailed out during the crisis. This attitude is evident when you read in the training document how many of Deloitte’s policies and methodologies have to be revised to now absolutely require certain tests and additional steps. The steps weren’t performed unless the firm considered them explicitly required. Unfortunately, there’s still a difference of opinion between Deloitte and the PCAOB about what the PCAOB auditing standards explicitly require.

Here’s one example from the Deloitte training document:

Auditing Standard No. 12 – Identifying and Assessing Risks of Material Misstatement

Understanding the company and its environment

Change to our Methodology: We shall consider reading public information about the company (e.g., analyst reports), observing or reading transcripts of earnings calls, obtaining an understanding of compensation arrangements with senior management, and obtaining information about trading activity in the company’s securities. (AS 12.11)

Key Takeaway: This is a more specific requirement for audits performed in accordance with the standards of the PCAOB. Previously, while we may have been considering these items in our audits, their consideration was not explicitly required by our policies or by professional standards.

How does Deloitte intend to meet this higher standard in a quick and dirty, cost effective way?

Run a report using “OneSource” that includes a company summary, corporate overview, strategic initiatives, strengths & weaknesses, competitors report, significant developments), News, Articles and Financial Statements.

Zippity doo da.  You now know everything you need to know about the company.

It doesn’t help that the audit firms business model accepts high turnover of staff during the first 5 years. It’s a model that auditors got away with when issues were not as complex as they are now, especially within financial services firms.

For example, how can a senior, someone with 2-4 years experience, test a complex structured derivative for potential fraud (i.e. think of the Abacus deal) which is, in reality, an embedded derivative with multiple tranches and economic and risk characteristics that may not be aligned with the host, sitting off balance sheet, after having been passed thru an SPV sponsored by a “too big to fail” bank?

The manager, senior manager, and partner typically have no idea what the subject matter expert, a member of Deloitte’s Financial Instrument Valuation Risk Analytic team, is talking about when he says the client’s models and assumptions are insufficient, outdated, or flawed. The audit team probably doesn’t even know what a synthetic CDO is.

The most egregious recent example of a subject matter being ignored  - it happened in Enron, too – is the case of KPMG’s expert on mortgage securitizations and repurchase risk being told, “We’re done here” when he warned at New Century Financial that the client’s models had obsolete assumptions. That ugly episode only came to light because of the New Century bankruptcy and a robust bankruptcy examiner’s report.

In the recently disclosed Part 2 of the 2006 Deloitte inspection report, the PCAOB told the firm that partners were ignoring experts, too.

The inspection team identified six engagements where there were deficiencies in the procedures relating to the use of the work of specialists. These deficiencies included five engagements where there was no evidence in the audit documentation, and no persuasive other evidence, that the Firm had tested certain data or assumptions that the issuer had provided to the specialist (beyond, in one instance, inquiry of management).

In the sixth engagement, as part of their tests of the issuer’s annual goodwill impairment test, the Firm’s internal valuation specialists performed various sensitivity analyses to resolve concerns the specialists had raised regarding the issuer’s method for evaluating goodwill. For some of the issuer’s reporting units, the sensitivity analyses indicated the fair value of the unit might be considerably lower, or considerably higher, than the unit’s carrying value. The Firm failed to perform further, more precise sensitivity analyses, or other procedures, to determine whether the goodwill associated with these units was impaired.

Deloitte did not use its specialized SEC reporting and GAAP/IFRS consultation group well either.

The inspection team identified complex fact patterns in significant accounting and auditing areas, which were associated with deficiencies noted in seven engagements,35/ including five engagements36/ discussed in Part I.A, where the engagement teams did not consult with the Firm’s National Accounting Research or Quality Assurance departments. In addition, * * * * engagement teams consulted in three instances at below “Level A,” and neither the engagement team nor the National Accounting Research personnel raised the issue to a higher level as allowed by the policies.

Is Deloitte truly committed to a sea change in tone as well as technique? Seems to me the firm puts an enormous burden on the “soldiers” on the front lines and not enough on the “generals”, the partners who sign the opinions.

I’m not convinced they’re committed. Based on this document, and insider reports, I believe the the firm is still resistant. The firm’s big hope is probably that the spotlight moves away from Deloitte when something happens at another firm. Perhaps it will be a new development in the New York Attorney General’s case against Ernst & Young for Lehman.

But I do think the PCAOB is getting bolder and won’t be letting up on the audit firms.  The recent inspection reports on PwC and KPMG 2009 audits are proof of this.

MF Global’s fall puts spotlight on CME Group, The Financial Times, November 2, 2011

The case of the missing customer funds at MF Global is putting a spotlight on the failed broker’s de facto supervisor, CME Group.

CME, the largest US futures exchange operator, is also the designated self-regulatory organisation for more than 50 futures brokers, including MF Global. As such, CME had direct responsibility for making sure MF Global’s books were square…

CME’s dual role puts it in a delicate position. MF Global, according to its website, was the top broker by volume at CME’s metals and energy exchanges in New York and in the top three at its Chicago exchanges. CME’s main source of revenue is clearing and transaction fees.

Brokers themselves have questioned letting exchan-ges be overseers. “Given their strong market knowledge and proximity to the trading markets, they provide the best forum for addressing many of the futures markets’ oversight functions,” the Futures Industry Association said in a 2004 letter to the CFTC. “However . . . we are concerned about potential conflicts of interest.”

There is an inherent conflict at every publicly-listed equities, futures, and commodity exchange. When the NYSE went public in early 2006 through a reverse merger with publicly-held Archipelago, there was some discussion of the conflict in roles that public ownership of the exchange presented.

The clearing firm is the first line of defense for a brokerage firm against unauthorized trading or exposures outside of risk limits. What’s comical is that the Department of Justice, via its letter to the Treasury regarding “vertical clearing house models” wants the US to implement a model for clearing firms like Europe’s, or the one that did not have enough weight or skin in the game to stop Kerviel and SocGen from racking up such big losses. The DOJ is saying that the Chicago Mercantile Exchange’s clearing operation and its relationships and tight straight-through processing model are a problem even though that model was able to put the brakes on the problem at MF Global in less than twelve hours.

I think the Department of Justice is wrong.

I have disclosed in various forms, but probably not often enough, that I give the CME Group the benefit of the doubt because I grew up in Chicago, the home of CME Group and the Chicago Board of Trade. I live here. The futures markets are in our blood. That being said, I will write the story as I see it. (I do not personally own any CME Group stock.)

I will call a spade a spade.

From the perspective of the individual trader and smaller brokerage firm member, the CME has not been the same since it went public. Higher fees, constantly changing margin requirements, and apparent favoritism towards large institutions grate on individual traders and bread-and-butter brokers. It’s a big public company now that focuses primarily on outside shareholders, not its “members”. And like any other public company, decisions may be made at times based on the self-interest of those who run it.

Any CME member who cleared MF Global is as angry as anyone else at the CME Group for the disruption, the confusion, and the lack of stewardship that allowed the failure of MF Global to occur. But the CME Group is owned, in large part, by its clearing firms and members who hold a large percentage of the open interest. Each clearing firm owns at least 6000 shares, multiplied by 80 clearing firm members of CME Group. That’s a lot of interested parties.

The recent announcement by CME Group of a $300 million backstop for the MF Global Trustee is something.

Though CME Clearing does not guarantee FCM-held assets, CME Group is willing to provide a $250 million financial guarantee to the Trustee to give the Trustee greater latitude to make an interim distribution of cash to customers now, given the monumental task he faces to sort through considerable data and claims in order to complete the MF Global liquidation and make distributions to creditors.  Additionally, CME Trust will provide $50 million to CME Group market participants in the event there is a shortfall at the conclusion of the Trustee’s distribution process…

This unprecedented guarantee offered by CME Group would be used by the Trustee in the event that a final accounting determines that the Trustee distributed more property than was permitted by the Bankruptcy Code and CFTC regulations.  In addition, if there is a shortfall at the conclusion of the distribution and the $50 million Trust has not been exhausted, the remainder of those funds will be used to restore the other CME Group customer accounts that suffered a shortfall in customer-segregated funds held at MF Global.  The Trust was designed to be used in cases such as this if customers lose money due to the failure of a clearing member.

But it may not be as great as it seems. An industry veteran explained it to me:

Is it really $300 million? It’s $50 million with a potential backstop of an additional $250 million. They may be trying to imply that they are coming up with half of the customer segregated funds shortfall. But what they are really guaranteeing is to make sure everyone is pari passu as an inducement to the trustee to free up money he is currently holding.  I’m not sure that the public (i.e., especially but not limited to MF customers) understands the distinction.

But until someone tells me otherwise – or I see otherwise – I am going with the fact that CME Group was in on the 24th of October and found the segregated funds they are responsible for to be accounted for. But there are ten clearing houses that were used by MF Global.  The CME is the largest, but not the only one, and their audit did not cover all the segregated funds. I’m going to dig into what and how their review was done. I’m going to make sure that we can say that everything that went wrong at MF Global probably went wrong after they left.

It’s especially important because the CFTC recently published the FCM information as of September 30 and MF Global’s numbers were conspicuously absent.  Is their excuse that the books are a mess? For MF Global’s auditor, PwC, that’s a terrible thing to say. It may just be a move by regulators to buy more time. Or it may be true.  Then what is PwC doing signing off on the 10Q as of September 30th or the annual report as recently as May?

What’s more troubling to me than any CME potential conflict as both a public company and a self-regulating organization (SRO) is the fact that former Refco executives who were fined for the Refco fraud were working in key positions at MF Global. They also hold, or have held, key positions in the Futures Industry Association, the CFTC, and a brokerage firm that will now benefit from MF Global’s demise.

When the U.S. Attorney for the Southern District of New York, Preet Bharara,announced the Refco enforcement actions in May of 2010 he spoke earnestly:  “More than just prosecuting criminals who engage in fraud, this Office strives to return as much as possible to their victims.  Justice has been rightly served for the victims of the Refco fraud.”

By that time, what was left of Refco post-fraud and post-bankruptcy had joined with Man Financial to become MF Global via a new IPO.

Bennett, Grant, Maggio, and Trosten faced criminal charges and all four are serving, or will serve, jail terms. Other Refco insiders, including Stephen Grady, Dennis Klejna, and Joseph Murphy, were not criminally charged but signed consent orders, or settlements, with the Department of Justice. Grady, Klenja, and Murphy paid $1 million, $1.25 million, and $5 million respectively – and then went back to work for the firm that became MF Global.

Not only did those three executives get to come back, they took on roles that gave them a bird’s-eye view of MF Global’s implosion – and, perhaps, of the transactions that were made, legitimately or not, in an ultimately futile attempt to keep the firm alive as it sought a buyer in the last days.

Dennis Klejna was the head of compliance at Refco when it exploded. Refco had recruited him from the CFTC, the regulator now in charge of investigating the MF Global collapse, where he was Chief of Enforcement. Klejna is now MF Global’s head of compliance and senior vice president for legal matters. Operating under bankruptcy protection must be keeping him especially busy these days.

Stephen Grady moved from Refco to Man Financial after Refco’s bankruptcy and is CEO of MF Global Chicago.

Joseph Murphy joined R.J. O’Brien in November of 2008 after six years at Refco, where he served as President of Refco Futures. R.J. O’Brien is one of the brokerage firms that received some MF Global customer accounts from regulators after the bankruptcy.

I bet these guys, or other legacy Refco accounting and since professionals still working in MF Global, can give investigators some clues on what happened to the missing $600 million.

And let’s not forget PricewaterhouseCoopers, MF Global’s auditors.

When it comes to hands-on access to private information, the auditor has more than any other regulator mentioned. And they are supposed to be experts in that client’s business and in the accounting and auditing standards for that industry. PwC also audits JP Morgan, Bank of America Merrill Lynch, and Goldman Sachs. They are all large players in the futures brokerage industry and mixed up in the MF Global mess.

Last year JP Morgan Chase’s futures and options desk neglected to segregate billions of dollars of client money, largely belonging to hedge funds. PwC, the auditor of JPMorgan Chase, and the bank – which is also MF Global’s main banker – admitted to U.K. regulators that for at least seven years, about $23 billion dollars of clients’ assets had not been properly segregated. JPMorgan Chase was fined 33.3 million pounds and PwC is subject to sanctions.

The auditor is part of the regulatory structure for public companies. They serve that role for the benefit of shareholders and the markets and earn oligopolistic profits as a result of the lack of competition and the government’s mandate that all listed companies have an audit.

The audit does not happen only once a year. The auditor also provides “negative assurance” on the 10Qs. MF Global’s most recent quarter end was September 30. Unfortunately, they will not be filing that 10Q on time. PwC also authorized inclusion of the audited financial statements from the year end, March 31, 2011, in MF Global’s August bond issue prospectus. MF Global was not only complex but a relatively new client. They got a lot of service and constant attention. They have been public only since mid-2007 but PwC also audits MF Global’s predecessor firm, Man Group.

The auditor has complete access, at any time, including to financial systems and reports. They are responsible for issuing an independent opinion on internal controls over financial reporting and for issuing additional reports to the regulators – which they are dependent on – regarding controls over segregated assets per the Commodity Exchange Act.

So… When you think about frequency, access, independence, and the fact they get paid well for their services by the shareholders the auditor is in line as the first-responder.

Back in 2008, when the wheat trader took MF Global for $141 million, the firm was brand spankin’ new with a lot of old pros and even older systems running it.  I said this then about PwC:

MF Global is a spin-off from Man Group plc. MF Global IPO’d in July 2007 and inherited PricewaterhouseCoopers as their auditor, also.

MF Global has not been independent and publicly listed for very long, has not issued an audited annual report yet, and does not yet have an obligation to comply with Sarbanes-Oxley. They have issued quarterly financial reports to the SEC, carved out of the Man Group plc reports, but that are unaudited so far. Their CEO and CFO, however have made Sec. 302 certifications to the SEC regarding the firm’s internal controls.

From MF Global’s July 2007 prospectus:

We will be required by Section 404 of the Sarbanes-Oxley Act to evaluate the effectiveness of our internal controls by the end of fiscal 2009 and we cannot predict the outcome of that effort. As a U.S.-listed public company, we will be required to comply with Section 404 of the Sarbanes-Oxley Act by March 31, 2009. Section 404 will require that we evaluate our internal control over financial reporting to enable management to report on, and our independent auditors to audit, the effectiveness of those controls. While we have begun the lengthy process of evaluating our internal controls, we are in the early phases of our review and will not complete our review until well after this offering is completed.

Can’t wait to see how that works out…

I think we know now.

Here’s another good summary of the players and their games.  (It’s all good except the last shot at speculators.  The words “trader”, “speculator”, “hedge” and “derivative” are not pejoratives.)

Here in Chicago, everyone is mad and no one knows who has the answers.

MF Global’s auditor is PricewaterhouseCoopers, who inherited the client when Man Financial, also a client, spun off the brokerage firm in 2007.

Almost everyone wondering where the missing MF Global customer assets have gone thinks they will show up eventually.

I believe the assets are long gone.

Unlike the shell game, there is no bean under the MF Global dixie cup. The mixed bag of marketable securities taken from customer segregated accounts, used most likely to meet margin calls and satisfy “important” customers closing accounts during the last days, will, in my opinion, never be seen again.

Too much time has passed for anyone to still reasonably expect that the “discrepancy” is just a timing difference or a misallocation between accounts, according to several sources who prefer to remain anonymous because of the sensitivity of the situation. All of the statements made on the record by those in a position to know point to assets taken out of the firm and now gone for good.

CFTC in bankruptcy filing October 31 according to The Financial Times: The CFTC, in a court filing, revealed MF Global’s general counsel Laurie Ferber emailed the regulator at 7.18pm Monday – hours after the bankruptcy filing – to say that it had “discovered a significant shortfall in its segregated funds account”.

Joint statement of CFTC and SEC on November 1: “Early this morning, MF Global informed the regulators that the transaction had not been agreed to and reported possible deficiencies in customer futures segregated accounts held at the firm.”

The CME Group on November 2: “CME completed its on-site review last week. [Reportedly Monday.] At that time, the results of our review indicated that MF Global was in compliance with its segregation requirements.  It now appears that the firm made subsequent transfers of customer segregated funds in a manner that may have been designed to avoid detection insofar as MF Global did not disclose or report such transfers to the CFTC or CME until early morning on Monday, October 31, 2011.”

Read the rest at Forbes.com, MF Global Assets Have Left The Building: How, When, Where.

Other stories of mine about this issue include:

At Forbes:

October 31, 2011 MF Global : 99 Problems And Auditor PwC Warned About None

At American Banker:

Auditor PwC Should Have Been on Top of MF Global
November 4, 2011 If MF Global commingled client funds, it would be PwC’s fault as much as Jon Corzine’s.

Are Cozy Ties Muzzling S&P on MF Global Downgrade?
October 28, 2011 Jon Corzine’s old ways got his firm into trouble. Now he’s hoping old ties will bail it out.

Main page image, “Elvis has left the building” by Simon Crubellier.

Section 304 of the Sarbanes-Oxley Act of 2002, which covers clawbacks, is, on its face, a strict liability provision but the SEC has been exercising “prosecutorial discretion” when applying the statute.

The Dodd-Frank Act will expand the population of those potentially liable for clawbacks and the time period used to calculate the paybacks. The new law also drops the prerequisite under Sarbanes-Oxley that there has to be misconduct before paybacks are expected.

I covered this, and other provisions of Dodd-Frank that expand, retract, or revise Sarbanes-Oxley statutes, in a recent OpEd at Boston Review.

John White, a partner with law firm Cravath, Swaine & Moore LLP and a former Director of the SEC’s Division of Corporation Finance, believes the public and the media should focus on Dodd-Frank’s new Section 954 clawback provisions, not the SEC’s enforcement record under Sarbanes-Oxley:

“Dodd-Frank is much broader than SOX 304 and it’s mandatory. All listed companies will have to have clawback policies and enforce them. No misconduct is required — just an accounting error and a restatement. All present and former officers are covered. This could have a big impact and alter how incentive compensation is structured.”

As long as there’s a mismatch between what an executive should have earned under restated financial results and what they got based on errors or fraud, Dodd-Frank says they’re supposed to give back the excess to their companies. If not, the SEC can litigate to force them to return it. Although there is no private cause of action under Section 304 – only the SEC can bring a claim – under Dodd-Frank companies or shareholders could potentially sue a present or former officer to recoup compensation based on employment contracts that stipulate compliance with new mandatory company policies and procedures.

What both the Sarbanes-Oxley Act of 2002 and Dodd-Frank’s clawback provision do require is a restatement. The restatement of financial results to correct material errors – whether those errors occurred by default or by design – is a necessary condition for enforcing both the Sarbanes-Oxley Section 304 provision and the new Dodd-Frank law.

The Sarbanes-Oxley Section 304 law is very specific, according to attorney Stephen Quinlivan of Leonard Street and Deinard:

Morgenson uses the term “clawback” in a broad, non-technical sense to cover any recovery of compensation from a public company’s executives. As written, Sarbanes-Oxley includes only a narrow statutory disgorgement provision. It applies only to a CEO and CFO, and only where there has been “misconduct” that resulted in a “restatement.”

Morgenson doesn’t mention the impact of the Dodd-Frank law on clawbacks in her piece. Her point is: The bark of Sarbanes-Oxley’s clawback provision has been much worse than its bite.

But the Sarbanes-Oxley enforcement numbers are much worse than Morgenson cites. Morgenson supports her argument by citing unattributed statistics. She also incorrectly interprets the Sarbanes-Oxley Section 304 law. As a result, Morgenson credits three cases by name as Sarbanes-Oxley 304 enforcement that are not. She also neglects to mention a key one that is.

It appears Morgenson may have based her numbers on a review of the SEC initial complaints that included a Section 304 allegation, amongst many other allegations, when they started their enforcement journey. If Morgenson took the SEC’s word for what constituted a case and what did not, it’s not surprising that the regulator might have padded grim numbers with cases that are still pending or that, in the end, didn’t meet the strict Section 304 requirements.

That approach overstates the SEC’s efforts and certainly misstates their enforcement effectiveness.

It’s a long road, sometimes years, from complaint to settlement or adjudication. Only a few cases that the SEC filed with Section 304 amongst the litany of allegations have survived all the motions to dismiss and legal maneuvers from both sides. Along the way, the Section 304 allegation is often dropped.

Sometimes it’s pure expediency. The SEC wants to close the case, notch their gun and move on. A negotiated settlement is the fastest and easiest way to get some money back from the executives. Sometimes the facts don’t fit the law’s requirements. That happens when there’s no restatement, a necessary condition for taking credit for a Section 304  – or a Dodd-Frank – clawback enforcement.

Dorsey & Whitney’s Tom Gorman, who authors the blog, SEC Action, sympathizes with Morgenson. It’s not easy to verify the SEC’s record of enforcement of this statute.

The article does make a point. The SEC is inconsistent in how it applies the statute. It does not apply it in every case where it might. Nor does there seem to be any logic to how and when they apply it.

In those cases where the SEC chooses to apply the statute they seem to want the full measure of repayment as written by the statute.

For example, one key case Morgenson does not mention, SEC v. Jenkins, was the first “innocent executive” case brought under Section 304. The complaint admits the CEO was not involved in the wrongful conduct. The SEC sought recovery of bonuses and incentives from Jenkins, the CEO of CSK, but he was not the one who committed the misconduct that caused the restatement. However, the SEC’s Commissioners recently rejected a recommendation from SEC enforcement staff to settle for less than half the amount claimed in Jenkins complaint. The SEC enforcement staff was ready to settle for less than, presumably, the full Section 304 measure of repayment.

In other cases, the SEC realizes, after additional investigation and the passage of time, that the case doesn’t fit the strict requirements of Section 304. Maybe there’s no restatement or maybe misconduct can’t be easily proved. The result is a settlement and a negotiated recovery of some money from the CEO, CFO, maybe a controller, that may or may not be reimbursed to the company – it’s not always clear – and is no longer identified as a Section 304 enforcement.

Morgenson mentions the very first Section 304 case in 2007 but not by name. SEC v. McGuire was settled not litigated and the SEC considers it their first enforcement of the law.

One case that figures prominently in Morgenson’s piece is SEC v. Morrice. The original complaints filed against Morrice the CEO, the company’s CFO, and its controller included Section 304 allegations. Maybe it was hard to resist including this case in the story because it refers to the failure of New Century Financial, the second largest mortgage originator at the time. This failure was one from the “subprime crisis”, which led to the credit crisis in early 2008 and, finally, to the full blown financial crisis that was precipitated by the failure of Lehman Brothers in September of 2008.

But New Century Financial is not a Section 304 clawback case because there was never a restatement of financial results. New Century began to implode after the company announced the necessity of a restatement. But that restatement never happened. The company filed bankruptcy two months later.

Many of the early backdating cases that may be pumping up the statistics Morgenson cites are most likely the SEC’s attempt to “have their cake and eat it too”. The cases may have resulted in some type of financial recovery or disgorgement from CEOs and CFOs. But some, like SEC v. Mercury Interactive, were no longer Section 304 cases when they settled – CFO Abrams voluntarily repaid the stock option proceeds to the company.

Or the Section 304 claim was dismissed because there was no restatement, even if the SEC claimed there should have been one. That’s the point the defendant argued – and won – in SEC v. Shanahan. Or the cases are “administratively closed” pending resolution of criminal charges like SEC v. Brooks. By the time these cases get to the finish line, the SEC can drop the Section 304 claim or the entire civil case altogether.

SEC v Brooks raised another interesting issue that will become even more important under Dodd-Frank’s “clawback” provisions.

Brooks, CEO of DHB Industries, and Schlegal, the CFO, sought indemnification for any Section 304 claims from the company. In their settlement of a shareholder’s derivative suit brought as a result of the fraud, insider trading, and accounting violations at DHB Industries, the company agreed to pay any penalties imposed by the SEC on the CEO and CFO.

A judge told DHB Industries that Section 304 did not allow that.

The SEC’s decision to pursue Section 304 relief is not solely intended to reimburse a company; it also furthers important public purposes. The Section 304 remedy is an enforcement mechanism that ensures the integrity of the financial markets… In sum, companies themselves do not have the authority effectively to exempt persons from § 304 liability.

The new Dodd-Frank “clawback” provisions are “listing standards”. That means the SEC will write rules to comply with the new law but the rules will be enforced by exchanges who must write their own rules. The exchange rules will be used by companies to develop internal policies and procedures that will address reimbursement issues as they arise.

The SEC’s most recent published schedule for Dodd-Frank rule writing says that a proposal on Dodd-Frank Section 954 clawback rules is expected by the end of the year and a final rule to exchanges by the end of the second quarter of 2012. It’s going to be even longer before companies are ready to enforce these provisions. In the meantime, companies and their lawyers are raising significant objections to them.

Dorsey & Whitney’s Gorman would like to see Dodd-Frank Section 954 applied in a manner which encourages corporate executives to strictly adhere to their duty to monitor.

The point in applying the statute should be to encourage executives to prevent wrong doing in the first instance by carefully monitoring and having “best practices” systems.

Ideally, the new Dodd-Frank provisions, and Sarbanes-Oxley Section 304 in the meantime, can and should be enforced more often and more consistently.

My analysis of the Section 304 cases mentioned in Morgenson’s piece and others of note, as of September 15, 2011, is here.

Main page image from this site of Lady Gaga in Alexander McQueen’s lobster claw shoes.

Here in the U.S. the PCAOB has been busy. I’ll give them – mostly Chairman James Doty and the Investor Advisory Group led by Board Member Steve Harris – credit for that. The Investor Advisory Group – rather, the boldest amongst them – recently sent a letter to the PCAOB to provide comments on the PCAOB’s June 21, 2011 Concept Release entitled Possible Revisions to PCAOB Standards Related to Reports on Audited Financial Statements and Related Amendments to PCAOB Standards.

It is worth noting that a number of other parties agree that the current form of the auditor’s report fails to meet the legitimate needs of investors.  First, the U.S. Treasury Advisory Committee on the Auditing Profession (ACAP) called for the PCAOB to undertake a standard-setting initiative to consider improvements to the standard audit report.  The ACAP members support “… improving the content of the auditor’s report beyond the current pass/fail model to include a more relevant discussion about the audit of the financial statements.”

Second, surveys conducted by the CFA Institute in 2008 and 2010 indicate that research analysts want auditors to communicate more information in their reports.

Finally, even leaders of the accounting profession have acknowledged that the audit report needs to become more relevant.  In testimony before ACAP, Dennis Nally, Chairman of PwC International stated, “It’s not difficult to imagine a world where the … trend to fair value measurement — lead one to consider whether it is necessary to change the content of the auditor’s report to be more relevant to the capital markets and its various stakeholders.”

Finally, leaders of the accounting profession have previously stated that changes to the audit report should reflect investor preferences.  In their 2006 White Paper, the CEOs of the six largest accounting firms stated, “The new (reporting) model should be driven by the wants of investors and other users of company information …” (their emphasis).

Before we turn to a discussion of the IAG investor survey, we believe it is important to underscore the fundamental but often overlooked fact that the issuer’s investors, not its audit committee or management team or the company itself, are the auditor’s client. It is therefore not only appropriate, but essential, that investors’ views and preferences take center stage as the PCAOB considers possible changes to the format and content of the audit report.

In the meantime, I’ve written two articles about the proposals on auditor regulation before the European Commission.

In Forbes, I told you not to count on Europe to reform the audit model or auditors, in general.

The audit industry is reportedly under siege in Europe and on the verge of being broken up, restrained, and rotated until all the good profit is spun out.

This is neither a foregone conclusion nor highly likely.

The European Commission’s internal markets commissioner Michel Barnier is talking tough, but the rhetoric should be no surprise to those who have been following the European response to the financial crisis closely…

Please read the rest at Forbes.com, “Don’t Count On Europe To Reform Auditors And Accounting”.

In American Banker, I focused on the impact of auditor reforms on financial services. Why is the European Commission taking such strong action now? Why is the U.S. lagging so far behind?

The clamor for accountability from the auditors for financial crisis failures and losses has been much louder, much stronger, and going on much longer in the U.K. and Europe, than in the United States. Barnier’s most dramatic proposals are viewed by most commenters as a reaction to the bank failures. “Auditors play an essential role in financial markets: financial actors need to be able to trust their statements,” Barnier told the Financial Times. “There are weaknesses in the way the audit sector works today. The crisis highlighted them.”

There’s is a concern on both sides of the Atlantic over long-standing auditor relationships.

The average auditor tenure for the largest 100 U.S. companies by market cap is 28 years. The U.S. accounting regulator, the PCAOB, highlighted the auditor tenure trap in its recent Concept Release on Auditor Independence and Auditor Rotation. According to The Independent, quoting a recent House of Lords report, only one of the FTSE 100 index’s members uses a non-Big Four firm and the average relationship lasts 48 years. Some of the U.S. bailout recipients — General Motors, AIG, Goldman Sachs, Citigroup — and crisis failure Lehman had as long or longer relationships with their auditors…

Please read the rest at American Banker, “Bank Debacles Drive Europe to Raise the Bar on Audits”.

You may remember earlier this year when The New York Times broke a little story about General Electric’s tax savvyways and the best tax law firm the universe had ever seen (aka the GE tax department).

The report caused more than a few people to get bent out of shape because the Times said GE was enjoying $14.2 billion in profit while “claim[ing] a tax benefit of $3.2 billion.” What that “benefit” really entailed was a mystery but many people jumped to the conclusion that it was a “refund” andProPublica (possibly a little peeved that they got scooped) tried to set the record straight on the Times story.

Despite all the back and forth, everyone was pissed at GE. The company lost aTwitter joust with Henry Blodget and then a bogus press release went out claiming the company was returning the “refund” of $3.2 billion and the Associated Press ran it. Slightly awkward.

Francine McKenna also did a write-up on KPMG’s role in this little soap opera, as the firm has been the auditor for GE since Bill Taft was maxing out the White House bathtub.

The latest twist comes from a tip we received earlier about a “Preservation Notice” sent to all KPMG employees yesterday from the firm’s Office of General Counsel (“OGC”).

URGENT TARGETED PRESERVATION NOTICE: GENERAL ELECTRIC’S LOAN STAFF ARRANGEMENTS

Please be advised that until further notice from KPMG LLP’s (KPMG or firm) Office of General Counsel (OGC), you are hereby directed to take all steps necessary to preserve and protect any and all documents created or received from January 1, 2008 through the date of this Notice relating or referring to the loaning, assignment or secondment of tax or other professionals to General Electric Company and its direct and indirect subsidiaries, affiliates and divisions (collectively “General Electric’s Loan Staff Arrangements”).

Last March, I wrote the story that highlighted this arrangement. The preservation notice refers to tax and “other loaned staff arrangements” so there may be more like this at GE.

Uh oh.

Based on my reading of the rules, loaning, assigning, or seconding tax or any “bookkeeping” staff is not allowed for the auditor. What’s worse is that KPMG had been sanctioned recently for a similar issue in Australia. I guess they thought the SEC/PCAOB would never go after them in the U.S. and never for trying to “please” such a high-profile client.

The Sarbanes-Oxley Act of 2002 started out tough on tax. The rules regarding prohibited activities by the auditor, intended to preserve their independence, scared the living daylights out of the largest firms. It appeared initially that the SEC would prohibit the tax side of the firms from providing highly lucrative tax advice to their audit clients. Many of those professionals started planning an exit from their firms so they could continue working with long time clients.

A compromise was reached. The result is one of the loosest and most generous exceptions to auditor independence rules on the books.

The Commission reiterates its long-standing position that an accounting firm can provide tax services to its audit clients without impairing the firm’s independence. Accordingly, accountants may continue to provide tax services such as tax compliance, tax planning, and tax advice to audit clients, subject to the normal audit committee pre-approval requirements under 2-01(c)(7).

The Sarbanes-Oxley Act of 2002 also prohibits an auditor from providing “bookkeeping” services to its audit clients.

The rules utilize the previous definition of bookkeeping or other services, which focuses on the provision of services involving: (1) maintaining or preparing the audit client’s accounting records, (2) preparing financial statements that are filed with the Commission or the information that forms the basis of financial statements filed with the Commission, or (3) preparing or originating source data underlying the audit client’s financial statements. Our experience with this definition demonstrates that the concept of bookkeeping and other services is well understood in practice.

In defiance of these provisions, KPMG – GE’s auditor – provides “loaned staff” or staff augmentation to GE’s tax department each year. These “temps” perform tasks that would be otherwise the responsibility of GE staff. Sources tell me KPMG employees working in GE tax have GE email addresses, are supervised by GE managers – there is no KPMG manager or partner on premises – and have access to GE employee facilities. They use GE computers because the software required for their tasks is GE proprietary software.

This type of “secondment” to an audit client is never allowed. KPMG should know better. KPMG was recently sanctioned by the SEC for a similar transgression involving their Australian office.

KPMG Australia and at least one other KPMG member firm outside Australia seconded non-tax professional staff to work at each client’s premises, under the supervision and direction of each client, doing the same types of work that each client’s own employees or managers ordinarily would perform, in violation of the prohibition under Rule 201(c)(4)(vi) against “[a]cting, temporarily or permanently, as a director, officer, or employee of an audit client, or performing any decision-making, supervisory, or ongoing monitoring function for the audit client.”

KPMG earns approximately 10% of their total fee from GE for tax services not connected to the audit directly or indirectly. GE’s policies state that these engagements, if for more than $1 million dollars, must be pre-approved by the GE Audit Committee. However, these services should never have been provided at all per SEC independence rules -rules that pre-date Sarbanes-Oxley.

KPMG is well known for supporting, as an auditor, aggressive tax strategies.  Recent controversy over long-time audit client Citigroup’s use of deferred tax assets to pump up its profits is one example.  KPMG also once flew too close to the flame as a tax shelter provider. Its advice to private clients on how to pay less to the IRS almost got the firm taken out of the game completely.

So why, for a measly $8-10 million a year, is KPMG playing with fire in providing these low value, low margin, low status services to GE?  It may be that KPMG wants to hold on to the relationship at any cost.

Read the rest of my original story at Forbes.

Read the rest of the Going Concern story here.

The first column, “Deloitte Blurs The Lines To Court Mutual Funds,” discusses the appointment of SEC and Investment Company Institute alumni Elizabeth Krentzman as that firm’s new head of the U.S. mutual funds practice. Her responsibilities include business development and delivery of audit services as well as tax, financial advisory, and consulting.

Elizabeth Krentzman is a lawyer, not a CPA. She’s worked 11 out of the last 14 years at Deloitte, always on the consulting side of the house. But now auditors are reporting to her.

That’s because this month she got a new job leading Deloitte’s U.S. mutual fund industry practice. She oversees the auditors as well as the tax, financial advisory and consulting staff who serve that industry…

Read the rest here.

I can’t be there tomorrow in person so I thought I would answer a few of the questions for you and for them.

I’ve provided comments to some of the questions below in Bold. I’ve written on these topics many, many times. Instead of repeating those remarks, I’m directing you to some of the most relevant posts.  If you’d like to add your comments please add the appropriate question number for the PCAOB Board.

Ernst & Young Lehman Litigation: It’s No Victory If You’re Going To Trial (Judge Kaplan was damning in his criticism of vague and subjective auditing standards and found it impossible to hold Ernst & Young liable for not complying with them.)

New At Forbes: My Comments On The Latest Sanctions Against Ernst & Young

Going In Circles: A Few Remarks On Audit Reform (On auditor rotation and auditor signing of audit reports.)

The State of Sarbanes-Oxley Compliance: The Protiviti Survey Results

Say Anything: The Big 4 Defense of Overtime Exemptions

McKenna At The Georgia Southern Fraud And Forensic Accounting Conference (With a link to my presentation, “The Skeptical Professional: Requirements and Case Studies”)

Being Expedient: PwC Settles US Class Action

McKenna Speaks At The American Accounting Association Public Interest Section

Not Over Until It’s Over: Price Waterhouse India Settles Satyam (The Satyam case is a classic one regarding auditor independence and auditor skepticism.  Price Waterhouse India demonstrated not much of either.  The PwC US and International firms lack the authority to force them to.  The regulators are not doing anything about this and the courts are impotent, in many cases, to correct this fault.)

Price Waterhouse India Settles With Regulators But Satyam Saga Not Over

Will Auditors Be Held Accountable? The PCAOB Has A Plan

Auditors Abandon Investors On Liability Limits

Auditors Under Pressure In The UK. Or Are They?

Dear PCAOB Board: Your Job Is To Serve And Protect Investors

Top Ten Things Lawyers Should Know About Auditors

Asking The Difficult Questions: An Article About Audit Committees For IIA’s Internal Auditor Magazine

Questions in PCAOB Concept Release on the Auditor’s Report

Content of the Auditor’s Report

Questions

1. Many have suggested that the auditor’s report, and in some cases, the auditor’s role, should be expanded so that it is more relevant and useful to investors and other users of financial statements.

a. Should the Board undertake a standard-setting initiative to consider improvements to the auditor’s reporting model? Yes

Why or why not? Investors pay billions worldwide for an audit report that is universally panned. Investors have been vocal In the UK and in the US regarding the uselessness of the ‘pass/fail” approach to the auditor’s opinion. The current report provides little information about the judgments and decision processes taking place behind the scenes.  Auditors failed during the financial crisis to warn investors of trouble, let alone provide the realistic guaranty of safety for even a limited period of time that shareholders expect.  If this is an “expectations gap” we must close it, either by removing the requirement for an audit opinion from exchange rules – and admitting its futility like the US SEC did with ratings agencies – or improving it so it has a useful purpose for investors. They deserve to get their money’s worth from the effort.

b. In what ways, if any, could the standard auditor’s report or other auditor reporting be improved to provide more relevant and useful information to investors and other users of financial statements? Two places where the current report could be improved are:

1. Development of a clearing house of auditor names attached to public company audit engagements worldwide with their biographies and information about sanctions, suspensions and litigation against them.  I’m not so concerned about seeing a name on a printed report as knowing who is responsible for that audit over time and their qualifications and professional history.

2. The addition of an auditor’s “Disclosure and Analysis” would be priceless. It should be addressed directly to shareholders, not the Audit Committee, and be written in the style of Warren Buffet’s letter to shareholders.  It should state where the auditors and management disagreed and which one prevailed.  It should focus on judgments, estimates, and the range of practices especially regarding interpretation of key accounting standards amongst that issuer’s peer group.

c. Should the Board consider expanding the auditor’s role to provide assurance on matters in addition to the financial statements? If so, in what other areas of financial reporting should auditors provide assurance? Auditors should provide explicit assurance on MD&A. They are already required by standards to communicate with the Audit Committee regarding the adequacy of required disclosures. Interim Auditing Standard AU 380 requires auditors to determine whether all audit-related matters are communicated to the committee:

The auditor’s responsibility under Generally Accepted Auditing Standards (GAAS)

• Significant accounting policies
• Management judgments and accounting estimates
• Audit adjustments
• The auditor’s judgments about the quality of the entity’s accounting principles
• The quality of the management discussion and analysis (MD&A)
• Disagreements with management
• Consultation with other accountants
• Major issues discussed with management before retention
• Difficulties encountered in performing the audit

An Auditor’s Discussion and Analysis should repeat the substance of these communications and highlight where the Audit Committee and/or management disagree with auditors.

2. The standard auditor’s report on the financial statements contains an opinion about whether the financial statements present fairly, in all material respects, the financial condition, results of operations, and cash flows in conformity with the applicable financial reporting framework. This type of approach to the opinion is sometimes referred to as a “pass/fail model.”

a.    Should the auditor’s report retain the pass/fail model? No If so, why?

b.    If not, why not, and what changes are needed? The auditor’s report requires more detailed grading with an explanation of the grades.  Perhaps the grades can be assigned based on whether the failings are individually material or material in aggregate and whether they relate to adherence to standards, aggressive use of estimates and models, lack of disclosure, or poor internal controls.  I am in favor of the separate opinion on internal controls and question a company that could have an adverse opinion on internal controls (material weaknesses) and yet receive a clean opinion on their financial statements.

c.     If the pass/fail model were retained, are there changes to the report or supplemental reporting that would be beneficial? If so, describe such changes or supplemental reporting.

3. Some preparers and audit committee members have indicated that additional information about the company’s financial statements should be provided by them, not the auditor. Who is most appropriate (e.g., management, the audit committee, or the auditor) to provide additional information regarding the company’s financial statements to financial statement users? I am skeptical that most Audit Committees are sufficiently detached and independent of management that communications from them would be any more useful to shareholders.  That is a problem in and of itself.  If auditors were required to provide their own discussion or analysis, they may be reminded of their own need for independence from management.  However, the problem we have, and which is not solved by revisions to the audit report itself, is the problem of auditor independence as long as the auditors are paid by and contract for their services with an Audit Committee controlled by and in service to management.

At the PCAOB’s public meeting in March I heard some object to the auditor providing information to shareholders directly because that might harm the “relationship” between auditors and management.  Yes.  And that is exactly why auditors should be forced to face shareholders directly. Even the SEC’s Chief Accountant and the PCAOB Chairman have admitted auditors are too cozy with management, a non-independent Audit Committee encourages and enables that, and many auditors have forgotten who their true clients are – shareholders.  Auditors should respond directly to shareholders, not to the management-controlled proxy – a potentially non – independent Audit Committee.

4. Some changes to the standard auditor’s report could result in the need for amendments to the report on internal control over financial reporting, as required by Auditing Standard No. 5. If amendments were made to the auditor’s report on internal control over financial reporting, what should they be, and why are they necessary?

We should go back to a separate auditors report on internal controls over financial reporting. If an issuer receives an adverse opinion on internal controls it should be rare or impossible for that issuer to receive any “passing” grade on the financial statements.

Potential Alternatives for Changes to the Auditor’s Report

A. Auditor’s Discussion and Analysis

Questions

5. Should the Board consider an AD&A as an alternative for providing additional information in the auditor’s report? Yes

a. If you support an AD&A as an alternative, provide an explanation as to why. See above 1.b.

b. Do you think an AD&A should comment on the audit, the company’s financial statements or both? Both. Provide an explanation as to why. Should the AD&A comment about any other information? The quality of management’s D&A and any disagreements in that regard over sufficiency or quality of disclosures.

c. Which types of information in an AD&A would be most relevant and useful in making investment decisions? I think information about how the issuer compares in key metrics, disclosures, aggressive interpretation of standards, and use of models and estimates to their peers would be very useful.  In some industries, one auditor has an audit relationship with several major companies, addresses similar issues, evaluates similar approaches and either sees consistent or inconsistent results. This type of discussion and comparison would be very useful to identify outliers and anomalies as well as instances of collusion amongst companies with significant business alliances or who act as counterparties to each other.

d. If you do not support an AD&A as an alternative, explain why.

e. Are there alternatives other than an AD&A where the auditor could comment on the audit, the company’s financial statements, or both? What are they?

6. What types of information should an AD&A include about the audit? What is the appropriate content and level of detail regarding these matters presented in an AD&A (i.e., audit risk, audit procedures and results, and auditor independence)?

7. What types of information should an AD&A include about the auditor’s views on the company’s financial statements based on the audit? What is the appropriate content and level of detail regarding these matters presented in an AD&A (i.e., management’s judgments and estimates, accounting policies and practices, and difficult or contentious issues, including “close calls”)?

8. Should a standard format be required for an AD&A? Why or why not?

9. Some investors suggested that, in addition to audit risk, an AD&A should include a discussion of other risks, such as business risks, strategic risks, or operational risks. Discussion of risks other than audit risk would require an expansion of the auditor’s current responsibilities. What are the potential benefits and shortcomings of including such risks in an AD&A? The auditor is required to be aware of and knowledgeable about these areas per the standards. The auditor must take them into consideration in planning the scope of the audit. I see no additional work to disclose them and to give investors information about how this issuer compares to peer group.

10. How can boilerplate language be avoided in an AD&A while providing consistency among such reports? Regulators should forbid it and enforce accordingly.  All shareholders will, hopefully, start demanding meaningful information.

11. What are the potential benefits and shortcomings of implementing an AD&A?

12. What are your views regarding the potential for an AD&A to present inconsistent or competing information between the auditor and management? I’m not troubled by this.  In fact, I look forward to it. What effect will this have on management’s financial statement presentation? Management will be required to defend it. They should be prepared to do so or to back down.

B. Required and Expanded Use of Emphasis Paragraphs

Questions

13. Would the types of matters described in the illustrative emphasis paragraphs be relevant and useful in making investment decisions? If so, how would they be used?

14. Should the Board consider a requirement to include areas of emphasis in each audit report, together with related key audit procedures?

a. If you support required and expanded emphasis paragraphs as an alternative, provide an explanation as to why.

b. If you do not support required and expanded emphasis paragraphs as an alternative, provide an explanation as to why.

15. What specific information should required and expanded emphasis paragraphs include regarding the audit or the company’s financial statements? What other matters should be required to be included in emphasis paragraphs?

16. What is the appropriate content and level of detail regarding the matters presented in required emphasis paragraphs?

17. How can boilerplate language be avoided in required emphasis paragraphs while providing consistency among such audit reports? 18. What are the potential benefits and shortcomings of implementing required and expanded emphasis paragraphs?

C. Auditor Assurance on Other Information Outside the Financial Statements

Questions

19. Should the Board consider auditor assurance on other information outside the financial statements as an alternative for enhancing the auditor’s reporting model?

a. If you support auditor assurance on other information outside the financial statements as an alternative, provide an explanation as to why.

b. On what information should the auditor provide assurance (e.g., MD&A, earnings releases, non-GAAP information, or other matters)? MD&A, 10Qs.  Auditors should distance themselves from non-GAAP disclosures. Earnings releases should not be inconsistent with 10Qs.

c. What level of assurance would be most appropriate for the auditor to provide on information outside the financial statements?

d. If the auditor were to provide assurance on a portion or portions of the MD&A, what portion or portions would be most appropriate and why?

e. Would auditor reporting on a portion or portions of the MD&A affect the nature of MD&A disclosures? If so, how?

f. Are the requirements in the Board’s attestation standard, AT sec. 701, sufficient to provide the appropriate level of auditor assurance on other information outside the financial statements? If not, what other requirements should be considered?

g. If you do not support auditor assurance on other information outside the financial statements, provide an explanation as to why.

20. What are the potential benefits and shortcomings of implementing auditor assurance on other information outside the financial statements?

D. Clarification of the Standard Auditor’s Report

Questions

21. The concept release presents suggestions on how to clarify the auditor’s report in the following areas:

• Reasonable assurance
• Auditor’s responsibility for fraud
• Auditor’s responsibility for financial statement disclosures
• Management’s responsibility for the preparation of the financial statements
• Auditor’s responsibility for information outside the financial statements
• Auditor independence

a. Do you believe some or all of these clarifications are appropriate? If so, explain which of these clarifications is appropriate? How should the auditor’s report be clarified?

b. Would these potential clarifications serve to enhance the auditor’s report and help readers understand the auditor’s report and the auditor’s responsibilities? Provide an explanation as to why or why not.

c. What other clarifications or improvements to the auditor’s reporting model can be made to better communicate the nature of an audit and the auditor’s responsibilities?

d. What are the implications to the scope of the audit, or the auditor’s responsibilities, resulting from the foregoing clarifications?

22. What are the potential benefits and shortcomings of providing clarifications of the language in the standard auditor’s report?

Questions Related to all Alternatives

23. This concept release presents several alternatives intended to improve auditor communication to the users of financial statements through the auditor’s reporting model. Which alternative is most appropriate and why?

24. Would a combination of the alternatives, or certain elements of the alternatives, be more effective in improving auditor communication than any one of the alternatives alone? What are those combinations of alternatives or elements?

25. What alternatives not mentioned in this concept release should the Board consider?

26. Each of the alternatives presented might require the development of an auditor reporting framework and criteria. What recommendations should the Board consider in developing such auditor reporting framework and related criteria for each of the alternatives?

27. Would financial statement users perceive any of these alternatives as providing a qualified or piecemeal opinion? If so, what steps could the Board take to mitigate the risk of this perception?

28. Do any of the alternatives better convey to the users of the financial statements the auditor’s role in the performance of an audit? Why or why not? Are there other recommendations that could better convey this role?

29. What effect would the various alternatives have on audit quality? What is the basis for your view?

30. Should changes to the auditor’s reporting model considered by the Board apply equally to all audit reports filed with the SEC, including those filed in connection with the financial statements of public companies, investment companies, investment advisers, brokers and dealers, and others? What would be the effects of applying the alternatives discussed in the concept release to the audit reports for such entities? If audit reports related to certain entities should be excluded from one or more of the alternatives, please explain the basis for such an exclusion.

IV. Considerations Related to Changing the Auditor’s Report

A. Effects on Audit Effort

B. Effects on the Auditor’s Relationships

C. Effects on Audit Committee Governance

D. Liability Considerations

E. Confidentiality

Questions

31. This concept release describes certain considerations related to changing the auditor’s report, such as effects on audit effort, effects on the auditor’s relationships, effects on audit committee governance, liability considerations, and confidentiality.

a. Are any of these considerations more important than others? If so, which ones and why?

b. If changes to the auditor’s reporting model increased cost, do you believe the benefits of such changes justify the potential cost? Why or why not?

c. Are there any other considerations related to changing the auditor’s report that this concept release has not addressed? If so, what are these considerations?

d. What requirements and other measures could the PCAOB or others put into place to address the potential effects of these considerations?

32. The concept release discusses the potential effects that providing additional information in the auditor’s report could have on relationships among the auditor, management, and the audit committee. If the auditor were to include in the auditor’s report information regarding the company’s financial statements, what potential effects could that have on the interaction among the auditor, management, and the audit committee?

Making the non-obvious connections between the audit firms and their clients, between the clients and each other, and between the firms and each other is like shooting fish in a barrel. As each new story comes out, especially about the banks, the web of connections and the repeated attempts by desperate executives to move the same deck chairs around on the financial system Titanic are becoming easier to spot.

Sometimes I don’t even have to close my eyes to see the last story where the same guy or the same assets or the same scam is mentioned.

Yesterday it was news of the sale of servicing rights to a gazillion dollars of almost worthless mortgages by Bank of America to Fannie Mae.  Why Fannie Mae?  Because they are so good at using their marketing skills to “conduit” bad paper from the very needy to the less needy.  But is the next guy really a sucker or do they know something we don’t?  When was the last time Fannie Mae assisted the system in this way?  And how do we know it was rotten paper crossing from one bad actor to perhaps another on a government-sponsored bridge built of the taxpayers’ aching backs?

And who is standing on the sidelines watching it all with a wink, a nudge, and a “say no more”?

For the answers to these and other questions, you’ll have to read, “Fool Me Twice: Bank of America Plays Hide and Seek Using Fannie Mae.”

Here’s a teaser:

The last time Fannie Mae got involved in shape-shifting servicing rights to hide fraudulent activity was Taylor Bean Whitaker. That‘s the mortgage originator, audited by Deloitte, that used Fannie Mae’s silence and their influence, according to Bloomberg, to market servicing rights on bad loans to GMAC.

How do we know the most recent $73 billion portfolio might be full of loser loans made via potentially fraudulent means? Fannie Mae told us so when they sued Countrywide, the mortgage originator and source of significant woe Bank of America bought in 2008.