3-41 NOTE: Completing Application materials. tivitiesrequires students to refere

Question

3-41 NOTE: Completing Application materials. tivitiesrequires students to reference additional resources and KPMG, PCAOB (LO 1, 2) ETHICS Refer to the Why It Matters Recall that this incident initially involved a former a feature "KPMG Fires Five Audit Partners and the Head of Its Audit Practice." nd a current PCAOB employee, with the latter supplying information about upcoming PCAOB inspections of various KPMG audit client engagements. The incident could have stopped there, if the KPMG employee either did not act upon the information, or s/he notified a superior, who then did the right thing and notified the PCAOB of the breach. of course, we now know that the chain of events did not stop there. Instead, the breached information made its way up the organization all the way to Scott Marcello, the head of the entire audit practice of KPMG How, if at all, could the PCAOB have internal controls in place to prevent an employee from leaking inspection information? 1. How, if at all, could KPMG have internal controls in place to prevent a former PCAOB employee who now works for the Firm have inappropriate communication with current PCAOB employees? 2. 3. What changes can you think of that could prevent a breach such as this? 4. Scott Marcel lo had a 38-year career with KPMG, and now he has been disgraced and fired. Speculate as to his potential incentives and rationalizations. 3-46.

Explanation / Answer

1

The main issue in this case relates to the fact that the information from PCAOB was leaked to one of their former employees who now worked at KPMG. The challenge with such situation is in understanding the point at which the leak happened. There could be situations where the KPMG employee met with a former colleague who may have revealed the information by mistake at an informal meeting. In such instances, internal controls are likely futile. If at all any steps can be taken to prevent such incident, it is to train the employees (of PCAOB) continuously about the ethics and privacy policies of the business. The training should also include identification of critical information and the matters of confidentiality. There are two aspects to such leaks, one could be accidental or it could be intentional. In case of intentional leaks (with malicious intent) there is hardly anything an organization like PCAOB can do. However the accidental leaks can be handled (not completely prevented) with some internal trainings. Another step that could possibly be taken by the PCAOB employee (who leaked the information) is to come back and report it to the superiors about the mistake made (maybe anonymously or otherwise) and the possible repercussions of the information leak. This kind of controls can only be achieved through training and the culture of the organization.

2

KPGM employee (former PCAOB employee) who received the information had three choices before him. He could either inform the superiors (who would then inform the PCAOB), he could not do anything with the information, or he could inform the audit partners with the information about inspection. The first two choices would have been perfectly find but unfortunately he chose the last option. This is due to priorities at workplace and there are two ways to look at this. The reward for the first and the second choice was likely not that high within KPMG while the expected reward for the last option was higher. In such instances, organizations such as KPMG can establish whistleblower program where the whistleblower could be benefited or rewarded. In terms of internal control policies, KPMG should likely highlight the role of ethics and responsible business practices on a regular basis, the result of violation of such policies and how it ties with the overall objective of the organization.

3

One of the key things that can be implemented is prevention of recruiting employees immediately from an organization (like PCAOB) where there may be possibility of such unethical practices. Many organizations have such anti-poaching agreements between them. It is a challenging position, because a former PCAOB employee will likely be an asset to KPMG but similar skilled employees could possibly be hired from competing organizations (such as Deloitte, E&Y, PwC, etc.).

4

Scott Marcello likely had a glowing career with KPMG till this point. A 38 year long tenure means that he was happy at his work and his work was also appreciated by the organization. Overall there has been a match between the culture, skill, and overall goals of both the parties. Did he not receive ethical training when he was beginning at KPMG? Most likely he did. However, as time passes, we often forget our trainings and the basic learnings that made us into what we are today. I think, the similar incident happened with Marcello.

KPMG was negatively assessed in the past few inspections by PCAOB, and this likely put a certain pressure on Scott Marcello as the head of audit. Considering his tenure and position, he likely expected that the use of the inspection information (leaked information) will help reduce the chances of further negative assessment from PCAOB. This is likely the incentive he expected of using the information. On the other hand, he may have been aware of the risks but assumed that given his long career with KPMG the repercussions can be controlled internally.

Related Questions

Navigate

• Browse (All)
• Browse 3
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.