For those of you constantly bellyaching about the pesky regulators and how "close enough" audits are perfectly acceptable, perhaps you should go work for Baker Tilly Hong Kong Limited. You see, that "close enough" mentality appears to have slapped them in the face, based on news from the SEC today:
The Securities and Exchange Commission today imposed sanctions against a Hong Kong-based audit firm and two accountants for failing to properly audit year-end financial statements of a company that the SEC has charged with fraud.
An SEC investigation found that Baker Tilly Hong Kong Limited, its director Andrew Ross, and its former director Helena Kwok ignored red flags surrounding approximately $59 million in related-party transactions reflected in internal accounting records of China North East Petroleum Holdings Limited but not adequately disclosed in year-end 2009 financial statements. Baker Tilly and the two accountants failed to plan and implement an appropriate audit response to the related-party transactions, which primarily involved the company, its then-CEO, and his mother. Baker Tilly consequently issued an audit report containing an unqualified opinion on China North East Petroleum’s financial statements.
The SEC says that Baker Tilly knew this behavior was wonky, but issued an opinion anyway. Which, as we all know, is a major no-no.
A forensic report commissioned by CNEP's audit committee identified several red flags that Baker Tilly did not or chose not to acknowledge in issuing their opinion. Here's the list booboos from the SEC's enforcement order:
- The ability of management to override internal controls and access CNEP’s bank accounts.
- Unauthorized related – party transactions, including cash withdrawals, payments to vendors and investments made by insiders on behalf of CNEP without authorization were possible, in part, because of insufficient verification of payments.
- Inadequate segregation of duties among employees in accounts payable and cash management areas that could result in the misappropriation of company funds.
- Failure to implement and comply with Chinese Interim Cash Control Regulations and Internal Policy concerning cash disbursements, including the lack of a policy related to amounts that could be advanced to company personnel to make purchases on behalf of the company.
- Incomplete audit trail for the related-party transactions.
- Convoluted and inappropriate account offsets of amounts owed to CNEP by insiders, including [then CEO] Wang and [then CEO's mother] Ju, based on agreements that were largely unsigned and contained contradictory statements or amounts.
- Insufficient internal controls to require written a pproval for the period-end adjustments could result in intentional or unintentional errors in financial statements.
- Varied explanations and numerous other anomalies were noted in documentation of the transactions related to fixed assets prepayments to suppliers purportedly paid through the Ju's personal account.
The SEC is putting Baker Tilly in the corner for a bit until they can learn to properly audit:
Baker Tilly, Ross, and Kwok agreed to settle the SEC’s charges. Baker Tilly must disgorge its audit fees of $75,000 plus prejudgment interest of $9,101, and cannot accept any new U.S. issuer audit clients until an independent consultant has reviewed and certified that the firm’s audit policies and procedures are compliant with SEC regulations and PCAOB standards. Ross and Kwok must pay penalties of $20,000 and $10,000 respectively and are barred from practicing as an accountant on behalf of any SEC-regulated entity for at least three years.
The SEC also requires Baker Tilly to notify its current U.S. clients of this settlement within 15 days of the order.
Before the firm can get off the bench, an independent consultant will have to review Baker Tilly's policies and procedures, including:
(i) identifying and disclosing related-party transactions; (ii) training in client fraud detection; (iii) exercising due professional care and professional skepticism; (iv) audit planning; (v) performing proper risk assessment; (vi) designing procedures tailored to the risk of misstatement; (vii) obtaining sufficient appropriate audit evidence; (viii) document retention; (ix) third-party confirmations; (x) work paper sign-off and dating; and (xi) adequate audit documentation.
From there, the consultant will tell them what to fix and hopefully they should be back to providing exceptional client service before you know it.