Just as everyone was starting to chill out a little about the PwC tax scandal in Australia, Deloitte up and scammed the government with an AI report and then KPMG really stepped in it with a two-fer: a major leak of confidential data used to win audit contracts and blowing off the whistleblower who tried to call it out.
Financial Review has been doing an amazing job staying on top of the happenings with the KPMG audit leaks as they’re happening, just as they did with the PwC tax thing. AFR is where we first saw the paper we’re about to share with you, so hot off the presses that it’s dated tomorrow July 1 even though it’s still only June here.
The Guardian did a good explainer on the sitch that’ll get you caught up if you haven’t been staying abreast of
KPMG staff leaked confidential Lendlease and Optus information to colleagues who were applying for lucrative audit contracts at Westpac, Dexus and Telstra. At least three partners were involved.
The whistleblower raised alarm at colleagues’ behaviour in an email on 30 May 2024 to Julian McPherson, then the head of audit. The email alleged KPMG partners were pursuing “revenue growth at all costs”, alongside other workplace complaints, a parliamentary inquiry heard on Friday.
KPMG’s website says: “Acting with integrity is at the heart of our values and we all need to make the right decision by speaking up!!!”
The whistleblower told the inquiry that KPMG denied him a pay rise, withdrew his client work, then threatened to sack him.
Note it’s not just KPMG’s website that says that, it’s KPMG’s whistleblower landing page that says that, three exclamation points and all:
For some reason though it appears that specific reference is on KPMG Nigeria’s website. Let’s not drag them into this.
There’s obviously more to what’s going down in Australia but you get the gist. Things have gotten so bad that KPMG Australia CEO Andrew Yates resigned in May. Reminder that this was him in 2023 when the PwC tax scandal was all everyone was talking about: Finally Having Something to Roast Them About, KPMG CEO Takes This Opportunity to Talk Sh*t About PwC
The 56-page paper released by Treasury today does not mince words. It “sets out options to enhance the regulation and trust in the system and to ensure that the audit sector is accountable and that markets can continue to rely on it,” according to the intro which further reads:
In recent years, we have seen behaviour from large accounting, auditing, and consulting firms in Australia that is not fair and honest. This behaviour has had real consequences. It has undermined trust in the firms themselves and raised broader questions about the resilience of the frameworks meant to uphold market integrity.
This paper should not be confused with a similar but different paper released in 2024: Response to PwC – regulation of accounting, auditing and consulting firms in Australia. You can see why the government is getting a little irritated with Big 4 firms at this point, those long-ass tedious papers aren’t easy to write and we’re sure the government has better things to do than micromanage supposed trusted institutions.
We’ll try not to bore you with too many highlights from this July 2026 paper. There’s a discussion about partnership liability (and a shout-out to ‘Murica in it, nice):
There are no firm-level obligations imposed on audit partnerships
An unincorporated partnership does not have separate legal personality from its partners. In general partnerships, partners are jointly and severally liable for the partnership’s operations. Despite this, under the Corporations Act, an ‘audit firm’ that is a partnership (rather than the lead auditor) is often appointed as auditor by reporting entities.
Partnership law is a matter for states and territories. Under current regulatory arrangements, partnerships cannot be meaningfully sanctioned for decisions that affect audit quality. Only the lead auditor in a personal capacity is subject to the risk of deregistration and criminal penalties. As a result, legal accountability does not extend to key decision makers within a firm who influence firm-wide quality and independence decisions (see Table 2).
This approach differs from overseas jurisdictions such as the United Kingdom (UK) and the United States (US), which allocate responsibility to the audit partnership as the ‘auditor’ for the purposes of compliance with certain auditing standards (including quality management and ethical standards).
And discussion about quality control standards (with another shout-out to us, lookit that):
Quality management standards are not well aligned to Australia’s legislative framework
The Corporations Act requires audits to be conducted in accordance with auditing standards,11 but does not impose requirements on the general conduct of the registered company auditor (RCA) or audit firm.
As such, ASIC is limited in its ability to enforce ASQM 1 regarding firm-level management decisions affecting audit quality (for example, resourcing, training, and remuneration policies).
Despite ASQM 1 being internationally developed and representing a comprehensive standard for firm-level quality management, many of its requirements are principles-based and broadly worded, which may make it difficult for courts to determine non compliance or impose penalties.
In summary, challenges associated with the current regulatory framework include:
- a focus on conduct during individual audits, which limits the ability to address broader firm-level decisions on the systems that support audit quality or more systemic misconduct occurring outside specific audit engagements
- the key standard (ASQM 1) being drafted broadly, making it difficult to enforce, and limitations in the penalties framework resulting in a lack of alternative civil or administrative regulatory responses (see Section 5 for further detail on penalties).
By contrast, quality control standards in the US cover expectations on audit firms that are similar to ASQM 1, but contain more direct obligations, and are often used as a basis for enforcement activity (often imposing significant penalties) against audit firms by the Public Company Accounting Oversight Board (PCAOB).
What this says to us is that the Australian government is looking for a larger hammer with which to bonk naughty firms when they step out of line.
The whole paper is below if you would like to give it a read.
