By Jacquelyn Lumb
PCAOB Enforcement Director Claudius Modesti reported at the American Law Institute’s recent conference on accountants’ liability that among his group’s priorities is firms that alter work documents and the associated failure to cooperate in board inspections or investigations. The enforcement group also has cross-border concerns that sometimes overlap with improper documentation. He noted that 40 percent of the enforcement cases in 2016 related to non-U.S. audits and the number remains on track in 2017.
Significant cases. Modesti reviewed a number of significant cases, including Deloitte Brazil, which involved a lot of “firsts.” The proceeding resulted in the largest penalty ever imposed by the PCAOB and 14 audit personnel were sanctioned. The board received what Modest characterized as a gift when a person who participated in the document alteration chose to cooperate with the investigation. He noted that the firm did not have a whistleblower line or a policy for reporting misconduct and emphasized the importance of providing such an outlet.
In a proceeding against BDO Spain, the audit personnel had no training in complying with PCAOB audits. “You do not get to do a trial run in the U.S. financial system,” Modesti said. In addition to censures and fines, the firm was required to adopt systems to ensure that it would only take engagements that it could complete with professional competence and to provide training to its personnel.
The PCAOB settled 20 cases in which the respondents admitted the findings. Modesti said the board seeks admissions to address the most egregious cases. When asked about receiving credit for extraordinary cooperation, Modesti said he couldn’t forecast the types of credit the board would give, but he suggested that interested parties discuss what they are willing to do and the staff will try to work with them.
Broker-dealer audits. Peter Bresnan, a senior adviser to the director of enforcement, talked about evolution of the PCAOB’s oversight of the audits of broker-dealers, which came about as a result of the Dodd-Frank Act in 2010. He said the real investor protection angle came when broker-dealer audits were required to conform to PCAOB standards and the SEC enhanced its broker-dealer rules related to customer protection. After the adoption of the revised SEC rules, the PCAOB adopted new attestation and auditing standards.
There have not been any individual reports on broker-dealer inspections, just annual reports summarizing the findings. Bresnan noted that 96 percent of the audit firms inspected under the interim broker-dealer program had deficiencies the first year and the next year it was a bit worse. There are important differences in protecting investors of issuers versus broker-dealers, he noted, so the broker-dealer inspections focus on independence and other investor protection areas.
In the first year of broker-dealer inspections, Bresnan said the enforcement staff applied a relatively light touch with censures, penalties and remedial measures. The next year, the sanctions increased a bit, particularly for firms that were told they could not prepare the financial statements of their broker-dealer clients but did so anyway.
A number of “firsts.” In 2016, two firms self-reported violations and remediated the matters. At the end of last year, the PCAOB brought its first case involving other types of violations including the alteration of documents and violations of the SEC’s financial reporting rules.
On August 2, 2017, the board brought its first action against a global network firm for violations during a broker-dealer audit (In the Matter of PricewaterhouseCoopers LLP, Release No. 105-2017-032). Registered carrying broker-dealer Merrill Lynch, Pierce, Fenner & Smith Incorporated was found to have held billions of dollars of its customers’ securities in accounts with third-party institutions that were subject to liens by the third parties in violation of the SEC’s customer protection rule. PricewaterhouseCoopers (PwC) failed to obtain evidence to support its opinion on whether Merrill’s internal controls over compliance with the customer protection rule were effective and whether supplemental information with respect to compliance with the rule were fairly stated in all material respects in relation to Merrill’s financial statements as a whole. PwC was censured and ordered to pay a $1 million civil money penalty.