Best Case Yet For Publishing Audit Partner Names: Grant Thornton’s Koeppel

My objective in writing this story was to handily contradict Grant Thornton’s self-serving defense to the Koss fraud. The defense that is supported by some commentators:

Audits are not designed to uncover fraud and Koss did not pay for a separate opinion on internal controls because they are exempt from that Sarbanes-Oxley requirement.

But punching holes in that Swiss-cheese defense is like shooting fish in a barrel.  Leading that horse to water is like feeding him candy taken from a baby. The reasons why someone other than American Express should have caught this sooner are as numerous as the acorns you can steal from a blind pig…

When Koss sued Grant Thornton in 2010 and then settled the lawsuit in 2013, Melissa Koeppel’s name never came up.  She was not named as a defendant, she was not disciplined by the SEC, the PCAOB or her firm.

Instead she kept on auditing.

By November of 2010, Grant Thornton’s National Professional Practice Director for the Midwest region (“NPPD”) became aware of negative audit quality indicators with respect to Koeppel as a result of an ongoing PCAOB inspection. Although the NPPD did not know that Koeppel had been placed on the partner monitoring list, he was informed by others in the firm that Koeppel had a number of negative audit quality indicators. The NPPD also became aware of observations by other Grant Thornton partners that the Wisconsin practice, for which Koeppel was the managing partner, had “gotten off the tracks from a methodology perspective.”

By the fall of 2010, Grant Thornton had removed Koeppel from all of her other public company engagements, but decided to allow her to continue as the engagement partner for the 2010 ALC audit.

She was the managing partner of the Wisconsin practice until April 2011.

As a sidebar, Koeppel came to Grant Thornton from Arthur Andersen where she had been a partner for 17 years before that firm’s demise.  Jim Peterson, who authors the blog re:Balance and has a new book out, told me:

“Those who forget history….” — one of the many unlearned lessons from Enron/Andersen is the hostage to fortune that a firm leaves by keeping a problem partner on-line either on the same job or as moved around.

If audit partner names were published in the audit report, or anywhere, the public, audit committees, investors and journalists could stop lousy auditors in their tracks.

This is not the first time a firm has taken advantage of the fact audit partners are anonymous and obscure.

The Public Company Accounting Oversight Board censured Deloitte & Touche LLP yesterday and imposed a $2 million civil penalty against the firm for violating the Sarbanes-Oxley Act and PCAOB rules when it permitted Christopher E. Anderson, a former partner, to perform or continue to perform activities as an “associated person” that were prohibited while he was subject to a PCAOB suspension order.

Anderson was the partner on Deloitte’s Navistar audit engagement, based in the Chicago office. Anderson was the first individual fined or suspended by the Public Company Accounting Oversight Board, barred for a year and fined $25,000 in October 2008 because he “violated PCAOB standards” by agreeing “without a reasonable basis” to accounting decisions by Navistar Financial Corp in 2003 that led to restatements, SEC investigations, delisting and numerous lawsuits including by Navistar against Deloitte. (That lawsuit settled recently on a confidential basis but the amount was rumored to be close to $25 million.)

Anderson is not the only partner responsible for a large audit failure hiding under Mother Deloitte’s skirts. Nicholas Difazio was suspended in 2008 by the SEC, barred for three years from practicing before it as an accountant, for his role as the partner on the Delphi audit failure. (Difazio was even flipped by the SEC after being sanctioned for his negligent audit and used to strengthen the regulator’s case against Delphi executives by saying the executives “duped” him.)

Difazio has yet to be reinstated by the SEC but he’s been working for Deloitte ever since. DiFazio is still a partner in Deloitte LLP, the public accounting firm, leading the firm’s IFRS practice. He advises issuers on IFRS conversion, writes whitepapers, stars in webcasts, and speaks to academics, regulators and issuer groups about the challenges and opportunities of changing accounting standards.

Until this week, you could also find him prominently featured on the Deloitte website.

And I wrote about the fact that Linda McGowan, the PwC partner who led its miserable MF Global audit, was the go-to partner for the firm’s broker-dealer audits including some questionable ones. I am still the only reporter, or anyone, who has ever published her name in association with MF Global.  Even the numerous lawsuits against PwC for the MF Global fraud do not name her individually.

Everyone who knew that Melissa Koeppel had led the lousy Koss audit had a vested interest in keeping her name secret because they had no intention of taking her out of the game until they were good and ready. Or maybe not at all.  Even plaintiffs lawyers, who could do a public service by naming audit partners, don’t do it because there’s no money in it and they can use this knowledge to negotiate with the firm for a better settlement.

The SEC and PCAOB protect lousy partners because they want them to stay close to the firms and provide insight into bigger cases.

They even flip them.

If we had known that Melissa Koeppel was the Koss audit partner in charge she would likely never had audited another public company ever again.

For the record, I am in favor of the SEC proposal for naming audit partners versus the PCAOB version because the PCAOB version would allow the firms to hide bad auditors, like priests accused of abuse,  longer and better. The PCAOB version will makes it so much harder to develop an engagement record by partner, to compare performance such as number of restatements across public company audits and to see how many times they have been named in litigation or disciplined.

I also ask you… Do we really need a longwinded make-work initiative on “audit quality indicators” that has been taking up so much time and space at the PCAOB and SEC?  It seems the audit firms know a “negative quality indicator” when they see it even if they ignore it.

The “negative indicators’ in the Koeppel case were like a piano falling out of a fifth story window on your head, over and over. If the firm and the regulators had reacted to even those simple signs we’d all be in much better shape.

There are plenty to choose from that are easy and already established:

• restatements
• your own partners worried about your toxic affect on their clients
• staff complaints/hotline reports
• low hours spent on audits
• inability to keep up with basic technical and methodology changes
• people suing you
• PCAOB inspection deficiencies on your audits
• frauds happening at your clients that you missed
• clients going to jail or being sanctioned by SEC