This Friday, senior current and former leaders from major consulting and audit firm KPMG will face a barrage of questions at a parliamentary inquiry in Canberra .
In March this year, Labor Senator Deborah O'Neill revealed a KPMG whistleblower had alleged KPMG partners secretly accessed confidential client information to help them win audit work from other companies.
On Monday, the federal finance department announced it was conducting an independent review of KPMG over the allegations. The Greens have since said that doesn't go far enough and have referred KPMG to the National Anti-Corruption Commission.
KPMG Australia's interim chief executive Stan Stavros said on Monday "we acknowledge that individuals in our firm have made mistakes" and pledged to "learn from what has occurred". His statement did not say exactly what those mistakes had been.
Australia's four biggest consulting firms - EY, Deloitte, KPMG and PwC - have all earned billions in taxpayer-funded contracts. Part of that work has been for their audit services.
Auditors are meant to protect taxpayers' and investors' money, by keeping governments and businesses accountable. Yet just a few years ago, another of those "big four" faced a similar scandal.
What needs to happen to stop history repeating?
What's this latest inquiry about?
In mid-2024, a KPMG whistleblower alleged some of the firm's senior auditing partners misused confidential client documents to pitch for and win audit contracts from new clients. KPMG conducted internal and external investigations of these claims. The most recent of these, by law firm Allens, is ongoing .
After waiting for two years to see any serious action taken, the whistleblower went public by contacting Senator Deborah O'Neill.
A tsunami of dire headlines has followed.
In late May, KPMG Australia CEO Andrew Yates and head of audit Julian McPherson both resigned . In a statement , KPMG chairman Martin Sheppard said "we apologise unreservedly to the whistleblower", as well as "to the clients whose information was not handled with the care and respect they expect from us".
Current investigations and what else is needed
Earlier this month, Australia's corporate watchdog, the Australian Securities and Investments Commission (ASIC), announced a formal investigation into KPMG auditors who handled the whistleblower's complaint.
Most of the focus has been on KPMG's failure to take the whistleblower's complaint seriously. While this is important, it is not the only serious issue here.
We also need an investigation into the KPMG auditors alleged to have misused confidential client information.
If substantiated, anyone misusing confidential information may have breached their audit independence obligations under the Corporations Act .
There are a broader, industry-wide problems we can't afford to miss too.
Late last year, an ASIC review of auditors - which included all of the "big four" audit firms - revealed
multiple auditors from audit firms of all sizes were unable to effectively demonstrate compliance with independence and conflict of interest obligations.
At Friday's hearing, witnesses need to be asked not just about the specific KPMG whistleblower allegations and any breach of audit independence obligations - but about the extent of these problems at other firms too.
A past scandal and what's been done since
This KPMG scandal comes only three years after another "big four" firm, PwC, admitted it had " betrayed the trust of our stakeholders ".
PwC worked with the federal government to develop plans to curb corporate tax avoidance. PwC then used that confidential information for commercial gain, marketing its services to multinational corporations wanting to avoid tax.
In November 2024, a federal parliamentary inquiry made 40 recommendations . This included banning PwC and related entities from tendering for government work until all government investigations were completed, as well as broader industry reforms.
So far, the government has only partially implemented those recommendations.
Two types of deterrence to watch for
What has been alleged against KPMG over the past three months has had many parallels with the PwC scandal.
To be more effective in driving industry-wide change, we now need to see two types of stronger deterrence: legal and economic.
Legal action: the public exposure of this week's hearings and other ongoing inquiries are a welcome disinfectant.
The federal government has also said it will consider new laws to better support whistleblowers and to address regulatory gaps .
But more needs to be done to investigate the KPMG auditors alleged to have misused confidential client information. More broadly, ASIC needs to continue monitoring if auditors from all firms are meeting their obligations under the Corporations Act.
Economic consequences: KPMG is already facing loss of income, as some long-time clients rethink their contracts.
The federal government has said it will review its ongoing KPMG contracts . Some state governments are doing the same.
Millions in taxpayers' dollars still going to KPMG
Yet Parliamentary Library research released by the Greens on Friday revealed the federal government signed 31 contracts worth nearly $24 million after the KPMG allegations became public. These included the finance, defence and attorney-general's departments and, most surprisingly, our corporate watchdog, ASIC.
That's extraordinary, given such serious allegations have been on the public record since March 24.
This week, KPMG voluntarily agreed to stop bidding for new federal government work until September 30 while the finance department investigates the company.
However, that voluntary ban doesn't cover existing contracts, and won't stop KPMG bidding for an extension on those current contracts.
AusTender data reported in The Australian shows KPMG has $480 million of existing contracts with the federal government due to expire this year. It's unclear how many of those could be extended.
I would argue that federal and state governments should be taking a harder line on current and future engagement with KPMG, not just in relation to audit work, but across all of its consulting services.
For instance, federal government departments and agencies like ASIC should - where possible under recently introduced "ethical conduct" procurement rules - tear up their existing contracts with KPMG and re-tender the contracted work again.
KPMG has acknowledged in a statement "we know we have work to do to regain trust".
They're right. For a role as important as being an auditor, trust is earned. Once damaged, it needs to be earned back.
Helen is a former member of the ASIC Corporate Governance Stakeholder Panel (2020-2026). She is a current member of the Australian Law Council Corporations' Committee and a non-executive director of Market Forces Ltd, a not-for-profit climate activist company.
