August 20, 2018

Accounting News Roundup: Big 4 Fines, SEC Hack, EY and Equifax | 10.03.17

ernst young equifax

Fines & Punishment

Paying financial penalties is a cost of doing business for Big 4 firms. That cost of doing business has been more expensive of late, most notably the U.K.’s Financial Reporting Council fines of PwC this year and the PCAOB’s $8 million fine of Deloitte Brazil from late last year. Still, some people wonder why the levies are so small:

Erik Gordon, assistant professor at the University of Michigan’s Ross School of Business, said: “It is surprising [accountancy firms] are not more severely penalised than they currently are. The damage to investors, including retirees, [of misconduct] is far larger than the fines imposed.

Some people will tell you that the damage to the audit firm’s reputation is what’s really significant in these situations. And sure, the firms suffer some embarrassment, but the audit market is so concentrated that even if companies wanted to switch auditors, conflicts of interest make it difficult or impossible to do so. Firms get away relatively unscathed.

So what to do? Larger fines of course: “Fines that would be large enough to eliminate partner bonuses for five years would be more effective,” Prof Gordon told the FT. And bans, either of the firms from accepting new clients or partners from serving public companies seem to be a couple of popular ideas. Whatever the punishment is, it has to be more severe than the value of lucrative client relationships. Until that happens, the incentives will always lead a firm back to doing what its client wants.

Hacks

Here’s a small development to last month’s news that the SEC had joined the “we were hacked some time ago and we thought everyone should know about it” club:

Hackers who broke into a U.S. regulatory database that stores market-moving corporate information also accessed personal details about two people, including their names, dates of birth and Social Security numbers.

The Securities and Exchange Commission revealed the theft of personal information stemming from a 2016 breach of its Edgar system in a statement released Monday. The SEC’s analysis of the breach is playing out in real time as the regulator scrambles to understand the scope of damage from the incident.

Following the typical playbook for these situations, the SEC has offered to pay for identity theft protection and credit monitoring service for anyone affected.

EY and Equifax

Elsewhere in hacks, Francine McKenna writes at MarketWatch about EY’s role in the Equifax debacle:

EY was already aware that the SEC had scrutinized Equifax for inadequate disclosures of its cyberrisk and poor overall disclosure controls. That’s based on correspondence reviewed by MarketWatch between the SEC and the Equifax CEO and CFO dating from 2011 to 2014.

In January of 2014, the SEC asked Equifax’s CEO about inadequate disclosures regarding a material weakness in internal controls over financial reporting in 2013. In its response Equifax provided the SEC with a detailed timeline of its evaluation of the control weaknesses—and concluded that its interim quarter disclosure controls were also ineffective.

(EY audit partner for Equifax, Joseph King, was copied on the response to the SEC from the company’s controller, along with the rest of the company’s top executives.)

In September of 2012, Equifax was asked to add more information in future filings about cyberattacks, security breaches or other similar events it had experienced in the past, in order to “provide the proper context” for the disclosure.

Even if they’ve largely escaped scrutiny for now, it’s hard to imagine a scenario where EY is excluded from this mess completely. One expert quoted says that despite the large audit firms’ belief that “cybersecurity risks is outside the scope of a financial statement and ICFR audit” that won’t protect them because the general IT controls “are not typically managed or controlled separately” from the access and patch controls that led to the breach.

Previously, on Going Concern…

In Open Items, someone wants to know if other people hate both audit and tax.

In other news:

Get the Accounting News Roundup in your inbox every weekday by signing up here.

See something we missed? Have a correction, comment, or complaint? Email us at [email protected].

Related articles

Accounting News Roundup | 01.21.10

How to find the “best and brightest” [CPA Success]
This may be a better topic for the friendly HR professional but figuring out who these future accounting rock stars are before they show up on their first day is “more art than science”, as Tom Hood notes.
Popular to some old-school thought, GPA does not always indicate who’s going to dominate in the real world and “soft skills” — besides being a terrible term — are in more demand than ever.
Help The The American Red Cross of Greater Chicago Help Haiti [Re: The Auditors]
The American Red Cross of Greater Chicago is having a drive today and since Francine’s friend is the CFO, we’ll be glad pass around the news:

One of my oldest and dearest friends, Guillermo Becerra, is the CFO of the American Red Cross of Greater Chicago. I asked him how I could help him, and the Red Cross, during what must be an incredibly busy time post-Haiti earthquake.


“The Chicagoland community will come together on Thursday, January 21 to give to the American Red Cross as we help the people of Haiti recover from the catastrophic earthquake that devastated their country last week.
The Chicago Helps Haiti media relief drive begins at 5 a.m. and lasts until 11 p.m. Nearly every TV and radio station in our area will be promoting this fundraising effort throughout the day. You can help too, by giving via phone or online, and sharing your thoughts here, on Facebook or Twitter, and by asking others to give.
To give from 5 a.m. to 11 p.m. CALL 1 (877) 565-5000 or visit www.chicagoredcross.org/haiti

Plus, we’re guessing that if you give, your 2009 tax return isn’t much of a concern.
If Your Password Is 123456, Just Make It HackMe [NYT]
The Times is concerned that you have a shitty password which puts you at a huge risk of being hacked by someone sitting in their parents’ basement.

Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”

You know who you are, ye with stupid passwords. Also, don’t even think of changing it to “654321” because that drops in at #19.

Accounting News Roundup: Haiti Relief Passes Senate; Accounting Job Surge? CPAs Basically Control People’s Lives | 01.22.10

Senate votes for faster tax breaks for Haiti gifts [WaPo]
As expected, the U.S. Senate unanimously passed legislation yesterday that allows taxpayers to deduct donations made for Haiti relief efforts. You have until the end of February to donate so that it may be included on your 2009 return.

Maybe it’s bad legislation but we’ve been over that.

CPA Jobs Set for Surge. But When? [CPA Trendlines]
That’s the question, isn’t it? Rick Telberg, who has done a great job of tracking the Bureau of Labor Statistics on accountants, points out that while the latest BLS forecasts a 22% increase (279,400 jobs) by 2018, there’s no indication that it’s happening now:

[M]any tax, accounting and finance professionals are still slogging through the Great Recession. The Association for Financial Professionals, for instance, reported that about one in four respondents say their organizations will contract in 2010. At the same time, a PricewaterhouseCoopers survey of private companies found 43 percent of CEOs and CFOs still budgeting no expansion over the next 12 months to 18 months. The data just seem to reinforce economic uncertainties and a weak outlook.


The BLS is looking past the past the recession for the jump in opportunities but just when the hell will that be? Just because the economy isn’t contracting currently, doesn’t mean it won’t in the future and this “recovery” has been tepid at best.

Theismann to CPAs: You Are the Conscience of America [Web CPA]
Joe Theismann gets it. He knows that without all of you out there in CPA land, your clients don’t stand a chance. They’d be finished. Finished!

“You’re the conscience of America,” Theismann told conference-goers. “You are the survivors in tough times. With accountants, I’m not looking for someone to file taxes and do my financials. I can do that myself online. In your position you can basically control people’s lives.”

So get out there and control somebody’s life. Joe Theismann is expecting it.