Recently, the U.K.’s Financial Reporting Council, the U.K.’s audit regulator, imposed sanctions against KPMG Audit plc (KPMG) and Anthony Sykes, Audit Engagement Partner in relation to the statutory audit of the consolidated financial statements of Rolls-Royce Group plc (the Company) for the financial year ended 31 December 2010 (the Audit).
According to the FRC:
“The Adverse Findings against each of the Respondents relate to failures to address matters identified in the Audit which indicated risk of non-compliance by the Company with laws and regulations. The matters concerned two sets of payments made by the Company to agents in India. These payments gave rise to allegations of bribery and corruption which later formed two (out of twelve) counts in a Deferred Prosecution Agreement with the Serious Fraud Office in 2017, under which Rolls-Royce plc paid large fines.
Allegations of bribery and malpractice through the use of intermediaries and ‘advisers’ in the defence field were prominent at the time of the Audit, including that in March 2010 [Defence Company A] paid large fines to settle US and UK criminal investigations resulting from the use of intermediaries. KPMG were well aware of these matters having also been auditors of [Defence Company A]. [This is seemingly a reference to the BAE enforcement action].
The Adverse Findings, which were accepted by the Respondents, amounted to serious failures to exercise professional scepticism, to obtain sufficient, appropriate audit evidence and document this on the audit file, and to achieve sufficient Engagement Quality Control.
Executive Counsel does not assert that the breaches resulted in the financial statements being materially misstated. Furthermore, the breaches were limited to a discrete (albeit important) area of the Audit for one financial year.”
Claudia Mortimore (Deputy Executive Counsel to the FRC) stated:
“It is essential that auditors are alive to the risks of companies’ non-compliance with laws and regulations, and conduct work in this area with care and sufficient professional scepticism. This is particularly so when the audited entity is in a sector where such risks are known to be prevalent. The package of financial and non-financial sanctions imposed in this case should help to improve the quality of future audits.”
Among the sanctions imposed on KPMG was a “financial sanction of £4.5 million adjusted for admissions and early disposal to £3,375,000” and among the sanctions imposed on Sykes was a “financial sanction of £150,000 adjusted for admissions and early disposal to £112,500.”
As highlighted in this prior post, in 2001 the DOJ and SEC brought an FCPA enforcement action against KPMG Siddharta Siddharta & Harsono and Sonny Harsono. As alleged in the joint civil complaint:
“This action concerns illegal conduct by defendants KPMG Siddharta Siddharta & Harsono (KPMG-SSH) [a public accounting firm based in Jakarta, Indonesia and an affiliate firm of KPMG International] and Sonny Harsono, who have engaged, are engaged and are about to engage in acts and practices which constitute violations of the [FCPA anti-bribery, books and records and internal controls provisions]. In 1999, Harsono authorized KPMG-SSH personnel to bribe an Indonesian tax official on behalf of one of KPMG-SSH’s clients, PT Eastman Christensen (“PTEC”), an Indonesian company beneficially owned by Baker Hughes Incorporated [whose financial results appear in the consolidated financial statements of Baker Hughes]. KPMG agreed to make the illicit payment to influence the Indonesian tax official to issue a lower tax assessment for PTEC. Harsono also directed KPMG-SSH personnel to create a false invoice to PTEC to generate the money needed to pay the bribe and to conceal the purpose for which that money was to be used. Defendants KPMG-SSH and Harsono knew that the false invoice would be incorporated into the books and records of Baker Hughes, PTEC’s beneficial owner, in violation of [the FCPA’s books and records and internal controls provisions].
By authorizing and facilitating the improper payments to an Indonesian government official, Defendant Harsono violated the [FCPA’s anti-bribery provisions]. In addition, by authorizing and facilitating the payment, and by creating and sending a false invoice to Baker Hughes for the purpose of generating and concealing the payment, Defendants Harsono and KPMG-SSH aided and abetted Baker Hughes’ violations of [the FCPA’s anti-bribery, books and records, and internal controls provisions].”