Risk & Compliance

PwC Fined $7M for Audit Independence Violations

The SEC says the firm improperly worked on non-audit services including financial software projects for audit clients.
Matthew HellerSeptember 24, 2019

PwC has agreed to pay more than $7.9 million to settle allegations that it improperly performed IT and other non-audit services for audit clients.

The U.S. Securities and Exchange Commission said the firm violated auditor independence rules in connection with 19 engagements on behalf of 15 issuers between 2013 and 2016.

In the case of one client identified only as Issuer A, PwC partner Brandon Sprankle allegedly negotiated and supervised two software projects for the company and mischaracterized them to the client’s audit committee as audit services.

CFO Leadership Conference East

CFO Leadership Conference East

Join us June 6-8 at the CFO Leadership Conference East. Register today to receive 15% off your ticket using code CFOCOM15.

The services “involved financial software systems that were planned to be implemented in a subsequent audit period and providing feedback to management on those systems — areas outside the realm of audit work,” the SEC said in an administrative order.

As part of the settlement, PwC agreed to pay disgorgement of $3,830,213, plus prejudgment interest of $613,842 and a civil money penalty of $3.5 million, and Sprankle agreed to pay a $25,000 penalty.

“Auditors … must ensure that non-audit services do not come at the cost of their independence on audits of public companies,” Anita B. Bandy, associate director of the SEC’s Division of Enforcement, said in a news release. “PwC repeatedly provided non-audit services without having effective quality controls in place for monitoring whether the services impaired its independence on audit engagements and were properly disclosed to audit committees.”

SEC rules prohibit outside auditors from engaging in the design or implementation of systems that are significant to the audit client’s financial statements or other financial information systems taken as a whole.

According to the Commission, Sprankle breached that rule by working with Issuer A on a governance, risk and compliance software project even though he was “aware that PwC’s independence policies did not allow the firm or him to implement the GRC system at Issuer A.”

The other software project at the company involved an upgrade of its enterprise software and related programs.

In its work for other clients, PwC allegedly failed to discuss with their audit committees the scope of its services and the implications of performing the work on its independence.