The following matters, described in a December 21 press release, were the subject of two investigations by the Securities and Exchange Commission (SEC):
AAER No 4007
The SEC sanctioned Crowe LLP and two engagement partners for a failed audit of the 2013 financial statements of a now-defunct temporary staffing company, Corporate Resource Services Inc. (CRS). Without admitting or denying the charges, the firm, engagement partner and concurring review partner (respondents) settled with the SEC, agreeing to:
- pay civil money penalties of $1.5M, $25K and $15K, respectively,
- censures, and
- remedial actions to improve the firm's audit and independence policies and procedures.
According to Accounting and Auditing Enforcement Release (AAER) No. 4007, the firm failed to:
- include procedures designed to provide reasonable assurance of detecting CRS’s material undisclosed payroll tax liabilities;
- properly identify and audit related party transactions despite the pervasive risks of fraud;
- obtain sufficient appropriate audit evidence to respond to identified fraud risks, support CRS’s recognition of revenues and cost of revenues, and otherwise support Crowe’s opinion;
- evaluate substantial doubt about CRS’s ability to continue as a going concern; and
- conduct a proper engagement quality review.
The AAER also indicates that Crowe had an ongoing direct business relationship with a CRS subsidiary since June 2012, which impaired the firm's independence.
Crowe’s agreement with the subsidiary, whereby the firm subcontracted staff to provide consulting services to Crowe’s clients, continued to exist during the period under audit and the professional engagement period. Consultants provided loan review services to Crowe’s banking clients and other regulatory compliance consulting work, such as bank secrecy act reviews and anti-money laundering customer due diligence. Therefore, the firm had a mutuality of interests with their audit client that caused its independence to be impaired, which is described in the Rule 2-01(c)(3) under Regulation S-X of the securities laws.
Despite this, the CRS audit engagement partner, who knew about the ongoing arrangement, allowed the relationship to continue and inaccurately described it as a one-time, past event in a new client acceptance form. The matter was not documented and the engagement partner erroneously claimed in the Rule 3526 letter to the audit committee that the firm was independent and that he was not aware of any matters that may bear on independence.
Lastly, the SEC identified at least two (2) occasions during the engagement period in which Crowe became aware of the independence-impairing activity. First, the audit team’s revenue and rebates testing included procedures on Crowe invoices for services billed under the business arrangement. Second, the engagement partner e-mailed the national office in August 2014 about an additional business opportunity between CRS and Crowe, which also indicated the existence of the ongoing direct business relationship.
The SEC determined that the firm had insufficient policies or procedures in place to prevent the independence violation because it lacked proper independence and client acceptance controls, e.g. -
- did not require an independence inquiry e-mail be sent prior to client acceptance, and
- lacked a database or other system that captured all vendors, subcontractors or other entities that conducted business with the firm.
The SEC found that:
- Crowe violated, and the engagement partner and concurring review partner caused Crowe to violate, Sections 10A(a) of the Exchange Act and Rule 2-02(b)(1)of Regulation S-X.70.
- Respondents were a cause of CRS’s violations of Section 13(a) of the Exchange Act and Rule 13a-1 thereunder.
- Respondents engaged in improper professional conduct pursuant to Sections 4C(a)(2) of the Exchange Act and CRP Rule102(e)(1)(ii).
In addition to the fines and censures imposed on the firm, the engagement partner and concurring review partner, the firm is required to engage an independent consultant to recommend enhancements to its policies and procedures over several audit areas and independence.
AAER No 4008
The SEC also imposed sanctions against former partners of Rosen, Seymour, Shapps, Martin & Company, LLP (RSSM), which performed deficient audits of the 2012 financial statements of CRS.
Audit deficiencies in this matter included the failure to, among other things:
- include procedures designed to provide reasonable assurance that CRS did not have material undisclosed contingent liabilities for unpaid payroll taxes;
- properly identify and audit related party transactions despite the risks of fraud by CRS;
- obtain sufficient appropriate audit evidence to respond to identified fraud risks and otherwise support their unqualified opinions;and
- conduct engagement quality reviews.
Further, the SEC found that the engagement partner was not independent during the 2012 audits given that he had served as the engagement partner on CRS’s audits for five consecutive years and then immediately served as the concurring review partner for CRS from 2011 through 2013.
Click here for the SEC's press release describing both matters.