Feels like it’s been a while since we’ve written up a serious audit failure fine — not counting the PCAOB’s busywork because the PCAOB aggressively trying to make itself look useful doesn’t count — so thanks to PwC UK and the UK audit cops at the Financial Reporting Council for giving us one today.
The FRC has fined PwC £4,500,000, discounted to a total payable of £2,885,625 ($3.7 million USD) because the firm gave them “exceptional cooperation” and made the regulator’s job easier. In addition, the guy who signed off on the 2019 audit of Wyelands Bank plc will pay the FRC £33,412 ($43k USD), discounted from £55,000. Let’s see what PwC and Jonathan Hinchcliffe did. Or in this case, didn’t.
The Bank had been in existence since 1980, but was acquired by a new beneficial owner in 2016. As a result, it became part of the Gupta Family Group Alliance (“GFG Alliance”) – an unconsolidated group of companies under common ownership, operating in a number of industries including steel, aluminium and renewable energy.
By FY2019 the Bank’s business was mainly in trade finance, primarily invoice discounting, and an estimated 84% of its business had been introduced by companies in the GFG Alliance, which were related parties so far as the Bank was concerned. The Bank’s lending activities were largely funded by deposits from retail customers, and as at the FY2019 year-end the Bank held £727m in customer deposits from over 15,000 UK public savers.
As a credit institution, Wyelands Bank was a Public Interest Entity (“PIE”) for audit purposes.
PwC and Mr Hinchliffe admitted breaches of Relevant Requirements in relation to six areas of the FY2019 Audit: risk assessment, auditing of the Bank’s compliance with laws and regulations, auditing of the Bank’s related party transactions, auditing of the Bank’s assessment of going concern, auditing of the Bank’s loans and advances, and auditing of the bank’s provision for expected credit loss.
The breaches primarily stemmed from a single common cause: the failure of the audit team to properly understand the Bank’s lending and adequately consider the risks posed by its actual and potential exposure to related parties in the GFG Alliance. The audit team also failed to properly examine concerns raised by the Bank’s regulator, the Prudential Regulation Authority (“PRA”) in that regard. In addition, they failed to exercise appropriate professional skepticism in relation to a number of aspects of the audit.
Last year the PRA was going to fine Wyelands Bank £8.5 million for a multitude of issues including a lack of proper governance, overexposure to risk, and failing to retain several years of internal messaging sent on WhatsApp but chose not to do so as the bank was already in the process of closing up shop. “Wyelands is in wind down and the PRA accepted that it has very limited financial resources. The PRA has concluded that fining Wyelands would not advance its general objective to promote the safety and soundness of firms,” said the PRA in an April 2023 news release.
That news release explains a bit more about what PwC auditors would have missed:
Wyelands entered into several complex structured finance transactions which were introduced to it by GFG. These transactions were significantly in excess of regulatory limits on large exposures, but Wyelands did not identify this and report it to the PRA. Wyelands’ original business plan was to initially originate business from entities introduced by GFG, with a view to developing third party business over time. However, in practice Wyelands’ business was almost entirely reliant on GFG and entities originally introduced by GFG.
Sounds like an obnoxious audit. Shoulda just passed it to Grant Thornton.
“The audit breaches in this case highlight the importance for auditors to have a full understanding of the audited entity and its business,” said FRC Deputy Executive Counsel Claudia Mortimore. “This is particularly important where there has been a change of ownership and change in the nature and scale of activities. In this audit, the risks around the Bank’s membership of and involvement with the GFG Alliance were not properly recognized and considered, despite clear warnings to the Bank from the PRA. This led to a number of serious failings, which had the potential to adversely affect retail depositors.”
Earlier:
