Question

Please research what happened to the PCAOB in term of leaking of private data. What ethical values are involved? Opine on both the PCAOB controls and the hiring organizations. Please talk about how a trained CPA could get caught up in such a scandal.

Answer 1

Let’s take a calendar year company for example. The company may issue annual earnings around February 1st and issue its full annual report a month later. The company’s auditors have signed off on both of those releases and then wrap-up their documentation and archive their work papers sometime in March. It is after that point when the PCOAB, a government regulation agency, lets the auditors know if the work on that client will be reviewed. As the auditors don’t know in advance which of their clients will be reviewed, their need to prepare each audit to the same high standards. The PCAOB then analyzes and reports on how well they believe the auditors performed.

In this case, a member of the PCAOB let someone at audit firm know that certain audits would be reviewed, while those audits were still in progress. The Audit firm employee had previously worked at the PCAOB. The Audit firm employee passed this information along to other senior personnel at Audit firm who presumably used that information to improve the quality of the audits they knew would be selected.

What can we learn from all of this?

1.      This isn’t just a Audit firm issue, it affects all of us. This could have happened to any of the big firms. News like this affects us all and tarnishes the public’s image of accountants. In my research, over 90% of accountants view the accounting profession as ethical. In Gallup polls, that figure is only 40%.

2.      Even if we believe that 99.9% of our employees will act ethically, we need to put safeguards in place, as the actions of a few people can give the entire firm a bad name. I know this very well, as the actions of just a few partners auditing Enron caused thousands of us to lose our jobs at Arthur Andersen in 2002.

3.      To me, this type of breach should have been foreseeable, as we are trusting people to act ethically when we know that doesn’t always happen. We need to minimize who has access to confidential information, as human beings are flawed and some will make unethical decisions. Would it be possible for the PCAOB to not even select which companies it will review until after the work papers are archived? This would slow down the process, but would prevent that confidential information from even existing. If confidential information doesn’t exist, it can’t be shared.

4.      The lead of Audit firm audit practice was fired in this scandal, presumably because he acted on the information which should not have been shared. Had he reported the breach, he would still have a job. If someone gives you information which gives you an edge, but which you shouldn’t have, don’t act on it, report it.

5.   We need to be especially aware of personal relationships which exist that can impact independence. If someone possesses confidential information and they have a friendship with another person who could benefit from this information, safeguards and controls need to be higher. It would be interesting to know if people were aware that the Audit firm employee who used to work for the PCAOB stayed in contact with people at the PCAOB.

6.      Were there any issues in Audit firm culture that increased the risk of this type of breach? Publicly, Audit firm CEO has said, “Audit firm has zero-tolerance for such unethical behavior & is committed to the highest standards of professionalism, integrity and quality, and we are dedicated to the capital markets we serve.” However, behind closed doors, does Audit firm focus on doing the right thing or on hitting profit goals? Too many times companies only say the right thing after the fact, and their employees feel pressure to hit profit targets at all costs.