Auditing
Prager Metis to Pay $1.95 Million to Settle SEC Charges Over FTX Audits, Other Violations
The firm also agreed to settle auditor independence charges, as well as for aiding and abetting clients' violations of securities laws.
Sep. 17, 2024
Top 60 accounting firm Prager Metis agreed to pay $1.95 million to the Securities and Exchange Commission (SEC) on Tuesday to settle charges that it bungled audits of failed crypto asset trading platform FTX, as well as separate charges that it violated auditor independent rules.
“Effective investor protection requires a collaborative approach that includes both regulators and gatekeepers, such as auditors. To fulfill their role, auditors must, among other things, be independent, exercise due professional care and skepticism, and comply with all applicable professional standards. As we allege in these enforcement actions, Prager Metis fell short in all of these areas,” Gurbir Grewal, director of the SEC’s Division of Enforcement, said in a statement.
According to the SEC, New York-based Prager Metis CPAs LLC misrepresented its compliance with auditing standards regarding FTX, whose founder and CEO, Sam Bankman-Fried, is serving a 25-year prison sentence after he was found guilty of wire fraud, money laundering conspiracy, and related counts in November 2023 following a month-long trial. Prosecutors said Bankman-Fried committed “a massive fraud,” stealing at least $10 billion from thousands of FTX customers and investors to finance outside ventures, such as political donations and purchases of luxury real estate.
From February 2021 to April 2022, Prager Metis issued two audit reports for FTX that falsely misrepresented that the audits complied with Generally Accepted Auditing Standards (GAAS). The SEC alleges that the accounting firm failed to follow GAAS and its own policies and procedures by, among other deficiencies, not adequately assessing whether it had the competency and resources to undertake the audit of FTX.
The foundational failure to meet GAAS stemmed from the fact that the Prager Metis engagement partner, who isn’t named in the complaint, didn’t understand what FTX was or the crypto asset markets in which it operated, the SEC said. And in its rush to accept FTX as an audit client, Prager Metis assembled an engagement team that collectively lacked the competence, experience, and knowledge to appropriately conduct the audits.
A series of other failures in the design and execution of the audits followed, according to the SEC, resulting in audit reports being issued that each contained an opinion that FTX’s financial statements presented fairly, in all material respects, the financial position of FTX and its subsidiaries in accordance with U.S. GAAP. But due to the auditing failures, Prager Metis lacked sufficient appropriate audit evidence to support those opinions.
In the SEC complaint against Prager Metis, the SEC basically says the firm’s engagement team was in way over its head with this particular client:
During the internal client acceptance process, Prager Metis partners raised concerns to each other and the Engagement Partner about Prager Metis taking on a complicated, first-time audit of a crypto industry client on an accelerated schedule, particularly at a time of year when their resources were heavily utilized (their “busy season”). Prager Metis partners also noted that taking on FTX as a client would be a high-risk engagement, that the firm lacked sufficient experience auditing crypto industry companies (and trading platforms in particular), and that they understood from FTX that its internal financial reporting function was virtually nonexistent. One Prager Metis partner emailed the Engagement Partner after the initial meeting with FTX noting that there appeared to be billions of dollars in unrecorded assets, that the financial statement information that had been circulated before the meeting appeared to be inaccurate, and that there were significant related-party transactions that had not been booked.
The Engagement Partner was undeterred by these concerns. He acknowledged that staffing would be “somewhat on the fly,” but advocated for moving forward quickly. The Engagement Partner brought in two outside contractors to assist with the audit, but they too lacked experience in auditing a crypto asset trading platform of the size and complexity of FTX. More importantly, they could not overcome the fundamental deficiencies in knowledge and competence of the Engagement Partner, who was ultimately responsible for directing and supervising their work.
Despite policies and procedures at Prager Metis that were designed to evaluate new client engagements, particularly those that were deemed high-risk, and even though questions and concerns had been raised internally from the initial stages, Prager Metis accepted FTX as a client.
The most significant deficiency, according to the SEC, was Prager Metis’s failure to understand the increased risk stemming from the relationship between FTX and Alameda Research LLC, a crypto hedge fund also controlled by Bankman-Fried.
Despite the interconnected nature of the companies and the significant financial transactions between them, Prager Metis and the audit engagement team failed to adequately assess the risk of material misstatement presented by the FTX-Alameda relationship, the SEC said. As a result, the audit plan and procedures largely excluded Alameda.
The SEC complaint says:
The Engagement Partner knew or should have known that Alameda, a quantitative trading firm specializing in crypto assets, was founded and owned by Bankman-Fried and Gary Wang, who also founded FTX. Until October 2021, Bankman-Fried was the CEO of both FTX and Alameda. FTX and Alameda shared a number of employees and resources and had offices in the same location. The Engagement Partner was aware of the interrelated nature of the two companies, and even believed—incorrectly—that FTX did not have any employees at all, but rather that all employees at FTX were actually Alameda employees.
Prager Metis requested that FTX complete a “Related Party Questionnaire,” in which FTX disclosed certain services that Alameda provided to FTX, including a Payment Agent Agreement (in which an Alameda entity provided cash management services to FTX) and a Services Agreement (through which Alameda provided FTX with research and development services). FTX provided documents that purported to memorialize these arrangements, which were executed, on behalf of both FTX and Alameda, by Bankman-Fried.
Despite this and other information regarding the relationship between FTX and Alameda, Prager Metis lacked the basic understanding and competence required to evaluate the nature and scope of that relationship, and the potential impact on FTX’s financial statements and footnote disclosures.
Caroline Ellison, Bankman-Fried’s former girlfriend who took over as CEO of Alameda, is asking for no jail time despite pleading guilty to charges of conspiracy to commit wire fraud, wire fraud, conspiracy to commit commodities fraud, conspiracy to commit securities fraud, and conspiracy to commit money laundering. She faces a maximum of 110 years in prison but struck a deal with prosecutors after testifying against Bankman-Fried at his trial.
The SEC’s complaint charges Prager Metis with negligence-based fraud. Without admitting or denying the SEC’s findings, Prager Metis agreed to permanent injunctions, to pay a $745,000 civil penalty, and to undertake remedial actions, including retaining an independent consultant to review and evaluate its audit, review, and quality-control policies and procedures and abiding by certain restrictions on accepting new audit clients. The settlement is subject to court approval.
“Because Prager’s audits of FTX were conducted without due care, for example, FTX investors lacked crucial protections when making their investment decisions,” Grewal said. “Ultimately, they were defrauded out of billions of dollars by FTX and bore the consequences when FTX collapsed. By limiting Prager’s ability to take on new business and by requiring it to retain an independent compliance consultant, today’s resolutions not only enhance investor protection, they also serve as a warning to audit professionals that are not appropriately meeting their gatekeeping obligations.”
The SEC also announced that Prager Metis CPAs LLC and its California professional services firm, Prager Metis CPAs LLP, agreed to the entry of final judgments to settle separate, previous charges for violating auditor independence rules and for aiding and abetting their clients’ violations of federal securities laws. The SEC’s complaint alleged that, between approximately December 2017 and October 2020, Prager Metis improperly included indemnification provisions in engagement letters for more than 200 audits, reviews, and exams and, as a result, were not independent from their clients, as required under the federal securities laws.
The final judgments provide for permanent injunctions, combined civil penalties of $1 million, and combined disgorgement with prejudgment interest of $205,000, according to the SEC. This settlement is also subject to court approval.
“Auditor independence is critical to investor protection and a fundamental cornerstone of the integrity of our financial markets,” said Eric Bustillo, director of the SEC’s Miami Regional Office. “We are committed to this principle, and we will hold accountable auditors who violate their independence requirements.”