• Big 4

    All the Gory Details From the Indictment of Former KPMG Partners

    By | January 22, 2018

    If you’re not one of the six accountants who was criminally or civilly charged today, then you’re having a good Monday. And if you’re still not convinced, let’s peruse the details from the criminal indictment so you can feel better about yourself.

    The allegations paint a pretty sad picture of some prominent audit professionals at KPMG, one of the world’s most prestigious accounting firms, going far, far out of their way to gain an edge on the PCAOB inspection process. The U.S. Attorney says they committed crimes, the SEC says they committed civil offenses, but hey, we’re not here to pass judgment, just to pick through the details of this amazing account.

    To be clear, the details listed below are from the criminal indictment and not the SEC orders. If there are important details in the SEC orders that we’ve miss here, let us know and we’ll highlight them.

    First, let’s set the stage. In 2013 and 2014 KPMG was struggling with PCAOB inspections. The indictment notes “approximately twice as many comments as the average number of comments received by KPMG’s competitors.” Naturally, it wanted to improve upon those results, so it took some action, including “recruit[ing] and hir[ing] former PCAOB personnel” retaining a “data analytics firm” to assist in predicting which audits would be selected for inspection and “implementing a financial incentive system that award bonuses to members of engagement teams that received no comments during an inspection.”

    Next, the players: Brian Sweet and Cynthia Holder were two of the PCAOB employees that wound up at KPMG as a partner and executive director, respectively. A third PCAOB employee, Jeffrey Wada, wanted a job with KPMG, but the crap hit the fan before that could happen.

    As for KPMG, partners in this story include:

    • David Middendorf, the head of the firm’s Department of Professional Practice (DPP) and National Managing Partner for Audit Quality and Professional Practice Group;
    • Thomas Whittle, an audit partner in DPP and wthe National Partner-in-Charge for Quality Measurement; and
    • David Britt, an Audit Partner in DPP, Banking and Capital Markets.

    Interesting sidebar: Whittle reported to Middendorf and Britt reported to KPMG’s Chief Auditor, who is not named in the indictment, but who also reported to Middendorf. Not named in the indictment is Scott Marcello, who was the firm’s Vice Chair of Audit and Middendorf’s boss. KPMG fired Marcello last year along with everyone else.

    All right, now for this fine mess. The indictment is fascinating, so you read it for yourself, but here’s a good rundown:

    • In 2015, when it looked like Sweet would be taking a role with the firm, he made his first mistake: “Sweet […] copied [PCAOB] Documents, as well as other confidential documents, from Sweet’s PCAOB computer to a personal hard drive.” These included “internal PCAOB manuals and guidance; […] comment forms issued in connection with inspections on which Sweet had worked; [and] a list of KPMG engagements to be inspected by the PCAOB in 2015.”
    • During Sweet’s first week on the job, in early May 2015, Middendorf asked him at lunch “whether a particular Issuer would be the target of a PCAOB inspection; and […] more generally, which KPMG engagements would be subject to inspection that year.”
    • Middendorf spoke to Sweet later that week, “[telling] Sweet to remember where Sweet’s paycheck came from and to be loyal to KPMG.”
    • Just a few days later, “Whittle asked Sweet for the list of engagements to be inspected by the PCAOB in 2015, most of which had not yet been officially noticed for inspection by the PCAOB. Whittle told Sweet that Sweet was most valuable to KPMG at that moment and would soon be less valuable.”
    • The next day, Whittle requested “the banking inspection list.” After discerning that Whittle meant the “inspection list,” Sweet sent it over and said, “Just so you know, it is actually the full list of anticipated inspections (including non-banks). I’d appreciate the team’s discretion to make sure it isn’t too widely disseminated.” Whittle said he understood “the sensitivity” but sent it to Middendorf anyway, writing in an email, “The complete list. Obviously, very sensitive. We will not be broadcasting this.”
    • The next month, June 2015, Sweet discussed the list with David Britt and wrote in an email, “Please note there is some sensitivity with these, and some of the teams have not yet been officially notified by the PCAOB, so please, use your discretion with this info.” Sweet went on to share the 2015 list with at least one partner who was not yet aware that his/her engagement would be selected for inspection.
    • That same month, Sweet used confidential PCAOB “risk factors” with a KPMG partner and the data firm that was helping the firm predict which audits would be selected for inspection.
    • Immediately upon his start at KPMG, Sweet started angling to bring Cynthia Holder to the firm. He wrote to her in an email “I’ve got a meeting set up with the head of the group tomorrow, and pulled together a list of potential hires . . . and put you as the #1 target!!!!)”
    • A couple weeks later, Holder told the PCAOB Ethics Office that she was “contacted today by a recruiter for KPMG asking if I would be interested in a job at the Firm. I told them that I was not interested . . .” Had she not lied about this to the Ethics Office, she would’ve been immediately removed from any work involving KPMG.
    • While she was inspecting KPMG, Holder used her position to share confidential info with Brian Sweet, including this gem: “Sweet asked HOLDER to provide Sweet
      with an internal, confidential PCAOB Part II deficiencies comment form. On or about May 12, 2015, Holder used her personal email address to email Sweet at his personal email address and provided the requested document. The subject line of the email read ‘Anonymous Email.’ The body of the email consisted solely of an image of a winking-smiley face, and attached the confidential document Sweet requested.”
    • Also, in one instance Sweet talked Holder out of writing a comment on a KPMG inspection. When Sweet told Thomas Whittle about this, Whittle ” asked whether Sweet had opened his drawer, seen where his paycheck came from, and then advised the PCAOB employee not to write a comment.”
    • Holder also gave Sweet advanced notice that the PCAOB would be canceling one of its inspections and not replacing it. Sweet shared this information with Whittle and “The PCAOB subsequently notified KPMG that’ it would not inspect Issuer-1.” Sweet also informed Whittle that Holder was the source of all this info to encourage the firm to hire her.
    • Holder was offered a position with KPMG in July 2015. Before leaving the PCAOB, she copied confidential info to a thumb drive and copied it to her home computer. She then told Sweet about it after she started working at KPMG.
    • In November 2015, Jeffrey Wada started giving confidential information to Cynthia Holder. Holder passed it to Sweet; Sweet passed it to “relevant KPMG personnel.”

    Anyone need a breather? This is intense. Have some cute animal sounds:

    • In February 2016, the SEC’s Office of the Chief Accountant called in KPMG for a scolding about their crappy inspection results. It was attended by “KPMG’s CEO, KPMG’s Vice Chair of Audit, and [Middendorf].” There were subsequent meetings as well.
    • Around this same time, Jeffrey Wada was a little frustrated with this job at the PCAOB, specifically that he didn’t get a promotion. He forward the PCAOB-wide promotion list email that did NOT include his name to Cynthia Holder who forwarded it to Brian Sweet.
    • About a week later, Wada emailed another PCAOB employee who didn’t get promoted, writing, “:I can’t believe we both got screwed last year.” The email, “[i]ncluded […] a cartoon depicting a man with a screw in his back.” That same month, Wada shared 12 issuers audited by KPMG that would be inspected with Holder.
    • Meanwhile, back at KPMG, Middendorf, Britt, Whittle and Sweet used this list of 12 to initiate “stealth re-reviews” in order to, chiefly, “[protect] KPMG’s monitoring programs” because negative results would constitute a “systemic failure.” The group agreed that the true nature of the “stealth re-reviews” needed to be a secret.
    • David Britt told a partner — Partner-3 in the indictment — that “Partner-3’s engagement would be inspected and that [he] could not tell Partner-3 the source of [his] knowledge. [He] also told Partner-3 not to tell any other members of Partner-3’s team.” Britt also lied to another partner — aka Partner-1 — about the reason for the re-reviews. According to the indictment: “Their inclusion in the access request was merely an effort to make the re-reviews look legitimate.”
    • These re-reviews detected problems in some of KPMG audits and the firm was able to take action prior to inspection and to perform additional work well after audit opinions were issued.
    • Back to the PCAOB leak — Wada read a preliminary list of audits that would be inspected to Holder in January 2017. Holder shared that info with Sweet, who subsequently took it to Whittle and Britt. They decided to notify partners on this list and to assign additional personnel to those engagements. Whittle asked Sweet to “alter an internal inspections list” to cover their tracks.
    • Also during this time, Jeffrey Wada was passed over for a promotion again, and he was NOT happy about it. He emailed Cynthia Holder his displeasure and we’re blockquoting it here because it’s so fun:

    It’s funny how I was on the fast track to partner and clearly recognized for my talents at [WADA’s previous employer] and then I end up in this [expletive] place with all the [expletive] politicking that I loathe and now I can’t get a [expletive] promotion to save my life just because I refuse to kiss people’s [expletive] and spread the political rhetoric. God this place sucks. Please let me know what else you need from me.

    • In February 2017, Wada read Holder a list of “approximately 50 stock ticker symbols, representing the full confidential list of KPMG clients to be inspected by the PCAOB in 2017.” You can guess what happens next, right? Yep, she shared it with Sweet and he shared it with the three musketeers. They discussed “which engagement partners should be notified that their engagements had been selected for inspection.”

    This is where, mercifully, things finally start to unravel:

    On or about February 6, 2017, an engagement partner (“Partner-5”)/ who had been informed by Brian Sweet that Partner-5’s engagements would be inspected by the PCAOB, reported the conversation to Partner-5’s supervisor. Partner- 5’s supervisor reported the matter further and by February 13, 2017, the matter had been reported to KPMG’s General Counsel. Shortly thereafter, members of KPMG’s Office of the General Counsel (“OGC”) reached out to speak to both Sweet and CYNTHIA HOLDER, the defendant.

    Holder and Sweet proceed to attempt an elaborate cover-up that included lies, deleted emails, and Sweet burning “the true copy” of the 2017 inspection list. OGC was monitoring their email activity so there was more deleting of files ” but not all of it, as that would appear suspicious.” Holder deleted all of her texts to Wada and suggested to Sweet that they get “burner telephones.” But there’s more!

    HOLDER also suggested that she and Sweet could communicate through their spouses’ cellular telephones to avoid detection. Finally, HOLDER suggested that she and Sweet use a code to communicate. HOLDER and Sweet agreed that either one could communicate by posting a photo relating to a specified college football team on Instagram, following which they would each dial in to a designated KPMG conference call number.

    As good as this indictment is, it raises even more questions about who at KPMG knew what and when? Why isn’t Scott Marcello named in the indictment? Does the firm have any criminal risk here? Will more heads roll? It’s all so ridiculous I don’t know what to think.

    • smishsmash

      “The subject line of the email read ‘Anonymous Email.’ The body of the email consisted solely of an image of a winking-smiley face”

      God, accountants are such dorks.

    • Ron Burgundy

      Why wasn’t Scott Marcello charged with a crime? He was canned from the Kpmg partnership, strange.

      • The Chippah

        Who knows, but best guess is the Feds don’t believe they can nail Marcello. DoJ won’t pursue an indictment unless they are 99.9% convinced they will get a conviction. I’m not a criminal defense attorney, but for conspiracy they’d need evidence that he agreed with the others to commit a crime and (this is a toughy) had a clear intention both to participate in the agreement and to commit the crime. That’s a lot, and the DoJ probably doesn’t have it.

        • Ron Burgundy

          Maybe he’s providing useful information to the authorities?

          • The Chippah

            It’s possible. But, given Marcello’s rank on the totem pole, the Feds probably would have wanted his scalp more than the others. Being associated with people who are in a conspiracy does not mean you are part of the conspiracy. KPMG might have fired him precisely because he DIDN’T realize the criminal activity going on beneath his nose.

            • Big4Veteran

              There might be people above Marcello that the Feds are after.

          • Big4Veteran

            That’s what I’m thinking too. That’s how it works in cases like this. When the DOJ is hot on a conspiracy, people are very willing to flip to save their own asses.

            • Corporate Liaison

              Marcello and the members of DPP were BOARD members There had to be discussion of this at the highest “Star Chamber” level of the organization

      • Deplorable S E Delenda

        You can be fired for anything, you can’t be indicted for anything.

    • keepin_it_real

      I applaud Partner 5. He had a real backbone, but unfortunately, snitches get stitches.

      • N.E.R.D.

        Not in this stratosphere of society. I think he’ll be rewarded for his loyalty.

      • Big4Veteran

        Agreed. He should be held up as a model for our profession. Unfortunately, shortly after praising him, it will probably be discovered that he makes his staff eat hours and he’s fucking the female senior associate on one of his jobs.

        • keepin_it_real

          Sad but true. I expect KPMG to basically find some BS reason to blow up Partner 5’s career at the firm and for him (or her) to be counseled out.

          • Corporate Liaison

            I think they did that with the Tax Shelter mess That only cost the firm 456 million

        • Deplorable S E Delenda

          You mean KPMG forgot the memo from the then grand poobah that ended eating hours when I was there 13 years ago?

    • Debit_Big4_Experience

      great summary, caleb. juiciest story to come out of the industry in months

    • N.E.R.D.

      Great write-up Caleb.

      I like how they decided to get burner phones about 2 years AFTER they created a super clean email and text message trail/web with their conversations on company servers and personal lines. Amateurs!

    • Teri Buhl

      Thanks for this summary Caleb. I woke up this morning still thinking about how screwed up this is and the fact that the firm has known about this for year and the news didn’t leak… PCAOB is joke and should be shut down. How does the firm not have at least civil liability?

      • Big4Veteran

        The only thing I hold the PCAOB at fault for here is hiring low character people. But KPMG is obviously guilty of the same offense (and many other offenses). These people were pretty high up at the PCAOB, so it is reasonable that they would have access to sensitive information.

        I don’t see how this story would cause someone to conclude that the PCAOB is a joke.

        • Deplorable S E Delenda

          What has the PCAOB actually accomplished? Provided work for ex Big 4 managers that got tired of the 80 hour a week grind and pretending they’ll make it to the big show of the partners meeting? Yes.

          Created work for the securities bar? Yes.

          Protected the “integrity” of “our capital markets” Not so much.

          • Big4Veteran

            I was in the accounting profession before SOX and the PCAOB (yes, I’m an old). I can absolutely assert that the PCOAB has accomplished a lot with respect to improving audit quality.

            As a CPA (and former auditor), I am thankful for the PCAOB’s help in repairing and improving the damaged reputation that the accounting profession had after Enron.

            Are audits perfect? No, and they never will be. But they are a hell of a lot better now than they used to be.

            • Deplorable S E Delenda

              I was in the public accounting profession at the time SOX and the PCAOB (when the infamous AS2 came into effect). I remember the absolute idiocy of not being able to accept some of tests performed by perfectly competent bank examiners performing a FDICIA controls test.

              As a CPA (and former auditor), I don’t see that this accomplished anything.

              There parade of stories on this site as well as others such as re:theauditors shows there’s nothing has changed.

              The accounting profession suffered in Enron because David Duncan et al subordinated professional judgment to lawyers. Interesting, Nancy Temple, who wrote the memo that along with the malicious prosecution by a moral cretin who is now back in the news-caused the prosecution (later vacated by the Supreme Court in that rarest of rarities a 9 zip decision) simply moved on, and started her own firm.

              The PCAOB not only doesn’t stop the encroachment of the General Counsel’s office on professional judgment, it guarantees it and it erects barriers to entry that guarantee the position of PWC, EY, KPMG &DTT.


              You’ll note she says she represented “public accounting firms’, but interestingly not which one.

              Having also worked in government, I rather laugh when people are grateful for some “don’t just stand there, do something” reaction by the people in Congress, that are equal parts arrogant, ignorant and available for sale.

        • Champagne of auditors

          I worked with all of these people…they were not even close to being “pretty high up at the PCAOB.” The moves to KPMG particularly to Partner were huge career moves. Every inspector which is half of the PCAOB staff had access to the document.

    • Deplorable S E Delenda

      “The U.S. Attorney says they committed crimes, the SEC says they committed civil offenses, but hey, we’re not here to pass judgment, just to pick through the details of this amazing account.”

      So these buffoons in the swamp can’t even figure out what the hell was going on?

      The charge should be “embarrassing a pretentious and useless federal regulator”.

      • Big4Veteran

        This is a bad take.

        • Caleb Newquist

          But a hot one!

    • Corporate Liaison

      Great summary WOW Just WOW

    • Big4Veteran

      Great job, Colin. This gives me flashbacks to GC’s excellent work on the Scott London scandal. But KPMG has outdone itself with this one. A couple thoughts…

      1. The amazing thing to me is how many people at KPMG were involved in this, and all these people are really high up on the food chain (i.e. the tip of the sword). These are some major ethical lapses by “leaders” at the firm.

      2. I’m impressed that a line partner smelled something fishy and reported it to his boss, who then notified the OGC. It restores some faith in the accounting profession.

      3. Interesting, but not surprising, that the PCAOB had no fucking clue about any of this.

      4. The sad thing is none of these people realized that Trump and the GOP would win big in 2016, and the PCAOB would eventually be de-fanged (will probably be abolished at some point in the not-too-distant future). These idiots may have blown up their careers for nothing.

    • Peter J Reilly

      Why are these people using email for stuff like this?

      • Big4Veteran

        Because they’re not as smart as they think they are.

    • Corporate Liaison

      Marcello has already latched on to a non profit The rest? You can stick a fork in them They’re done

      • Champagne of auditors

        Not so fast my friend…Brian Sweet has been employed for several months as the VP, Internal Audit and Enterprise Risk Management. I know him and can confirm its the same Brian. https://www.communitymedical.org/about-us/leadership/Corporate-Administration

        • Corporate Liaison

          Proof that there is no God

          • guest

            Hrrmm. He’s not on that page now. Either this came to light and they canned him, or they decided it’d be a good move to take him off their web page.

    • Big4Veteran

      There are a lot of things I hate about my job and my profession, but there are a handful of things I really like, and I’m even proud of. One of those is that we are supposed to be more ethical and trustworthy than the average business school grad (i.e. finance, marketing, etc.). Whether you work in public accounting or private industry, we have an important role to play in maintaining the integrity of our financial markets. Without accountants playing the role that we are needed to play, a modern advanced economy like ours could not exist. If financial data were completely unreliable and fraudulent, there would be no investors.

      At my current company, the Accounting team are the ONLY people stopping the company from consistently defrauding our investors and other stakeholders. Even our fucking general counsel doesn’t give two squirts or a piss about releasing completely manipulated financial information. They’d all gladly do it to close a deal, if the Accounting team didn’t stop them.

      In summary, fuck these KPMG partners and PCAOB accomplices. Fuck them all to hell. And kudos to partner #5.

    • Leave it to KPMG…