SEC Sues Marcum Assurance Partner Over Numerous Audit Violations

The SEC order states:

In 2017, in response to findings made by the PCAOB after an inspection, Marcum changed its policy to require engagement partners and engagement quality review (“EQR”) partners to sign off on certain specific work papers in every audit binder, as well as work papers related to other significant risk areas. This policy became effective for audits with fiscal years ended December 31, 2016, or later.

But even after Marcum’s policy changed, Hackert’s review and sign off practices did not improve. In at least 14 audit engagements to which this policy applied, Hackert failed to review the work of the engagement team on significant audit areas and key work papers and to evidence his review before the report release date.

For example, in the audit of Operating Company 12 for 2017, the engagement team identified related party transactions as an area of the audit that had significant and fraud risks. Nevertheless, for the related party section of the audit, Hackert did not review the work of the engagement team and evidence his review prior to the report release date.

Likewise, in the audit of Operating Company 22 for 2017, Hackert did not review the work of the engagement team and evidence his review prior to the report release date on the Risk Assessment Summary Form, a key document requiring an engagement partner signature under Marcum policy. Hackert also failed to review the work of the engagement team and evidence his review prior to the report release date on significant risk areas in the audit identified by the engagement team, including accounts receivable and sales and inventory and cost of sales. In the same engagement, Hackert did not review the work of the engagement team and evidence his review on the Summary of Unadjusted Misstatements (“SUAM”), a key audit document that requires an engagement partner sign off under Marcum policy and that should be included as part of the auditor’s evaluation of audit results in accordance with PCAOB auditing standards.

The SEC also alleges that, in connection with the 2018 through 2020 audits of Ault Alliance Inc. (AAI), where Hackert served as the engagement partner, he violated additional PCAOB auditing standards, including failing to exercise due professional care.

In 2020, Hackert’s practice shifted mostly to auditing SPACs, and his supervision and review failures became even more prevalent, the SEC said:

Between 2020 and 2022, Hackert served as the engagement partner for at least 152 audits of SPACs. In 52 of those audits, Hackert did not review the work of the engagement team members and document that review on any audit documentation prior to the report release date. In 140 of those audits, Hackert did not review the work of the engagement team and document his review of at least some of the audit documentation prior to the report release date. In one of the SPAC audits, Hackert did not review the substantive work of the engagement team and document his review of any work papers before or after the report release date.

Beginning with audits for the fiscal year that ended on December 31, 2016, and continuing to the present, Marcum policy required Hackert to sign a “routing slip” work paper before the report release date for every audit on which he was the engagement partner. At Marcum, a routing slip is the work paper that engagement partners, engagement managers, and EQR partners sign to attest and document that their procedures and review are complete, and that they authorize release of the audit report.

Hackert sometimes failed to sign the required routing slips prior to the report release date and then backdated his signature to make it appear that the routing slip had been timely signed. For example, on the audit of Operating Company 14 for 2015, the 2016 and 2017 audits of AAI, and the audit of Operating Company 22 for 2017, Hackert dated his signature as of the report release date, but the electronic metadata in the routing slip indicates that the document was not created until weeks after the purported date of Hackert’s signature. Hackert knew or should have known that backdating documentation violates, at a minimum, his duties under AS 1015, 1201, and 1215.

On at least 37 of the SPAC audits, Hackert failed to sign the routing slips, which were important audit documentation, prior to the report release date.

Marcum audit partners who have worked on SPAC engagements have been in the crosshairs of the PCAOB and the SEC of late. Last July, the firm was fined $3 million by the PCAOB and $10 million by the SEC for several years’ worth of quality control failures and shoddy auditing of special-purpose acquisition companies (SPACs). The $3 million fine is the largest doled out by the PCAOB to a “non-affiliate firm,” meaning an audit firm that isn’t a member of a large global network.

This same enforcement action against Marcum also produced another PCAOB first: The regulator is forcing an audit firm to make functional changes to its supervisory structure related to the firm’s system of quality control. As part of the settlement, Marcum will have to create a new role and hire an individual to serve as head of the firm’s quality control system and to create a committee responsible for the oversight function for the audit practice.

In addition, Marcum audit partner Alfonse Gregory Giugliano was slapped with a $75,000 fine from the SEC last September for failing to fix problems in the firm’s quality control system, which contributed to failures within Marcum’s SPAC audit practice.

Cases litigated in the SEC’s in-house courts have come under scrutiny in recent years, as critics say it gives the agency an unfair advantage that it wouldn’t have before a jury in federal court. The U.S. Supreme Court will consider a case later this year that could severely limit the SEC’s use of its special in-house courts to punish wrongdoers.