PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD

Transcription

1 1666 K Street, N.W. Washingtn, DC Telephne: (202) Facsimile: (202) PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD ) ) In the Matter f ) PCAOB Release N KPMG LLP's ) Quality Cntrl Remediatin ) Submissins ) ) Octber 23, 2014 ) I. The Public Cmpany Accunting Oversight Bard ("Bard" r "PCAOB") has evaluated the submissins f KPMG LLP ("the Firm") pursuant t PCAOB Rule 4009(a) fr the remediatin perids ended Nvember 8, 2012 and August 15, 2013 cncerning the Firm's effrts t address certain quality cntrl criticisms included in the nnpublic prtins f the Bard's Nvember 8, 2011 and August 15, 2012 inspectin reprts n the Firm ("the Reprts"). The Bard has determined that as f Nvember 8, 2012 and August 15, 2013, respectively, the Firm had nt addressed certain criticisms in the Reprts t the Bard's satisfactin. Accrdingly, pursuant t Sectin 104(g)(2) f the Sarbanes-Oxley Act f 2002 ("the Act") and PCAOB Rule 4009(d), the Bard is making public the prtins f the Reprts that deal with thse criticisms. 1 The Firm has ntified the Bard that it will nt seek Securities and Exchange Cmmissin review f the determinatin, which the Firm has a right t d under the Act and Cmmissin rules. The Firm has requested that a related statement by the Firm be attached as an Appendix t this release, and the Bard has granted that request. By allwing the Firm's statement t be attached as an 1 Thse prtins f the Reprt are nw included in the versin f the Reprt that is publicly available n the Bard s web site. Observatins in Bard inspectin reprts are nt a result f an adversarial adjudicative prcess and d nt cnstitute cnclusive findings f fact r f vilatins fr purpses f impsing legal liability.

2 PCAOB Release N Octber 23, 2014 Page 2 Appendix t this release, hwever, the Bard is nt endrsing, cnfirming, r adpting as the Bard's view any element f the Firm's statement. II. The quality cntrl remediatin prcess is central t the Bard's effrts t cause firms t imprve the quality f their audits and thereby better prtect investrs. The Bard therefre takes very seriusly the imprtance f firms making sufficient prgress n quality cntrl issues identified in an inspectin reprt in the 12 mnths fllwing the reprt. Particularly with the largest firms, which are inspected annually, the Bard devtes cnsiderable time and resurces t critically evaluating whether the firm did in fact make sufficient prgress in that perid. The Bard makes the relevant criticisms public when a firm has failed t d s t the Bard's satisfactin. It is nt unusual fr an inspectin reprt t include nnpublic criticisms f several aspects f a firm's system f quality cntrl. Any Bard judgment that results in later public disclsure is a judgment abut whether the firm made sufficient effrt and prgress t address the particular criticisms articulated in the reprt n that firm in the 12 mnths immediately fllwing the reprt date. It is nt a brad judgment abut the effectiveness f a firm's system f quality cntrl cmpared t thse f ther firms, and it des nt signify anything abut the merits f any additinal effrts a firm may have made t address the criticisms after the 12-mnth perid. ISSUED BY THE BOARD. /s/ Phebe W. Brwn Phebe W. Brwn Secretary Octber 23, 2014

3 Statement f KPMG LLP n the PCAOB s Octber 23, 2014 Release N KPMG LLP has established a culture that is built n an abslute cmmitment t perfrming cnsistently high-quality audits and meeting ur respnsibilities t investrs and ther participants in the capital markets system. We share the PCAOB s bjectives f cntinually imprving audit quality and building cnfidence in the auditing prfessin. The PCAOB s inspectin prcess serves t assist us in identifying areas where we can cntinue t imprve ur perfrmance and strengthen ur system f audit quality cntrl. We remain cmmitted t full cperatin with the PCAOB, appreciate the prfessinalism and cmmitment f the PCAOB staff and value the imprtant rle the PCAOB plays in imprving audit quality. The Bard f the PCAOB has made public prtins f Part II f the Public Cmpany Accunting Oversight Bard s Reprts n the 2010 and 2011 Inspectins f KPMG LLP (the Reprts ) because the Bard determined that the firm had nt submitted evidence r therwise demnstrated that it satisfactrily addressed the quality cntrl criticisms within the 12-mnth perid after the date f the Reprts. We accept the Bard s determinatin and take seriusly ur respnsibility t address these matters. We have taken remedial actins with respect t ur prfessinals evaluatin f cntrary evidence. We will take the further actins necessary t address this quality cntrl criticism and will cntinue t enhance ur system f audit quality cntrl. We remain dedicated t evaluating and imprving ur system f audit quality cntrl, mnitring audit quality and implementing changes t ur plicies and practices in rder t enhance audit quality. We understand ur respnsibility t the capital markets and are cmmitted t cntinually imprving ur firm and wrking cnstructively with the PCAOB t imprve audit quality. Very truly yurs, KPMG LLP Jhn B. Veihmeyer Chairman and Chief Executive Officer James P. Liddy Vice Chair, Audit

4 1666 K Street, N.W. Washingtn, DC Telephne: (202) Facsimile: (202) Reprt n 2011 Inspectin f KPMG LLP (Headquartered in New Yrk, New Yrk) Issued by the Public Cmpany Accunting Oversight Bard THIS IS A PUBLIC VERSION OF A PCAOB INSPECTION REPORT PORTIONS OF THE COMPLETE REPORT ARE OMITTED FROM THIS DOCUMENT IN ORDER TO COMPLY WITH SECTIONS 104(g)(2) AND 105(b)(5)(A) OF THE SARBANES-OXLEY ACT OF 2002 PCAOB RELEASE NO A (Includes prtins f Part II f the full reprt that were nt included in PCAOB Release N )

5 Ntes Cncerning this Reprt 1. Prtins f this reprt may describe deficiencies r ptential deficiencies in the systems, plicies, prcedures, practices, r cnduct f the firm that is the subject f this reprt. The inclusin f certain deficiencies and ptential deficiencies, hwever, shuld nt be cnstrued t supprt any negative inference that any ther aspect f the firm's systems, plicies, prcedures, practices, r cnduct is apprved r cndned by the Bard r judged by the Bard t cmply with laws, rules, and prfessinal standards. 2. Any references in this reprt t vilatins r ptential vilatins f law, rules, r prfessinal standards are nt a result f an adversarial adjudicative prcess and d nt cnstitute cnclusive findings f fact r f vilatins fr purpses f impsing legal liability. Similarly, any descriptin herein f a firm's cperatin in addressing issues cnstructively shuld nt be cnstrued, and is nt cnstrued by the Bard, as an admissin, fr purpses f ptential legal liability, f any vilatin. 3. Bard inspectins encmpass, amng ther things, whether the firm has failed t identify financial statement misstatements, including failures t cmply with Securities and Exchange Cmmissin ("SEC" r "Cmmissin") disclsure requirements, in its audits f financial statements. This reprt's descriptins f any such auditing failures necessarily invlve descriptins f the apparent misstatements r disclsure departures. The Bard, hwever, has n authrity t prescribe the frm r cntent f an issuer's financial statements. That authrity, and the authrity t make binding determinatins cncerning whether an issuer's financial statements are misstated r fail t cmply with Cmmissin disclsure requirements, rests with the Cmmissin. Any descriptin, in this reprt, f financial statement misstatements r failures t cmply with Cmmissin disclsure requirements shuld nt be understd as an indicatin that the Cmmissin has cnsidered r made any determinatin regarding these issues unless therwise expressly stated.

6 2011 INSPECTION OF KPMG LLP Preface In 2011, the Public Cmpany Accunting Oversight Bard ("PCAOB" r "the Bard") cnducted an inspectin f the registered public accunting firm KPMG LLP ("KPMG" r "the Firm") pursuant t the Sarbanes-Oxley Act f 2002 ("the Act"). The Bard is issuing this reprt in accrdance with the requirements f the Act. The Bard is releasing t the public Part I f the reprt, Appendix C, and prtins f Appendix D. 1/ Appendix C prvides an verview f the inspectin prcess fr annually inspected firms. 2/ Appendix D includes the Firm's cmments, if any, n a draft f the reprt. 3/ A substantial prtin f the Bard's criticisms f a firm (specifically criticisms f the firm's quality cntrl system) is nnpublic, unless the firm fails t make sufficient prgress in addressing thse criticisms. 1/ In its Statement Cncerning the Issuance f Inspectin Reprts, PCAOB Release N (August 26, 2004), the Bard described its apprach t making inspectin-related infrmatin publicly available cnsistent with legal restrictins. 2/ The Act requires the Bard t cnduct an annual inspectin f each registered public accunting firm that regularly prvides audit reprts fr mre than 100 issuers. 3/ The Bard des nt make public any f a firm's cmments that address a nnpublic prtin f the reprt. In additin, pursuant t sectin 104(f) f the Act, 15 U.S.C. 7214(f), and PCAOB Rule 4007(b), if a firm requests, and the Bard grants, cnfidential treatment fr any f the firm's cmments n a draft reprt, the Bard des nt include thse cmments in the final reprt at all. The Bard rutinely grants cnfidential treatment, if requested, fr any prtin f a firm's respnse that addresses any pint in the draft that the Bard mits frm, r any inaccurate statement in the draft that the Bard crrects in, the final reprt.

7 Inspectin f KPMG LLP Page 2 Bard inspectins are designed t identify and address weaknesses and deficiencies related t hw a firm perfrms audit wrk. 4/ T achieve that gal, Bard inspectins include reviews f certain aspects f selected audit wrk perfrmed by the firm and reviews f certain aspects f the firm's quality cntrl system. It is nt the purpse f an inspectin, hwever, t review all f a firm's audit wrk r t identify every respect in which reviewed wrk is deficient. Accrdingly, a Bard inspectin reprt shuld nt be understd t prvide any assurance that the firm's audit wrk, r the relevant issuers' financial statements r reprting n internal cntrl, are free f any deficiencies nt specifically described in an inspectin reprt. If the Bard inspectin team identifies deficiencies that exceed a certain significance threshld in the audit wrk it reviews, thse deficiencies are summarized in the public prtin f the Bard's inspectin reprt. 5/ The Bard cautins, hwever, against extraplating frm the results presented in the public prtin f the reprt t brader cnclusins abut the frequency f deficiencies thrughut the Firm's practice. Audit wrk is selected fr inspectin largely n the basis f an analysis f factrs that, in the inspectin team's view, heighten the pssibility that auditing deficiencies are present, rather than thrugh a prcess intended t identify a representative sample. 4/ This fcus n weaknesses and deficiencies necessarily carries thrugh t reprts n inspectins and, accrdingly, Bard inspectin reprts are nt intended t serve as balanced reprt cards r verall rating tls. 5/ Inclusin f a deficiency in an inspectin reprt des nt mean that the deficiency remained unaddressed after the inspectin team brught it t the firm's attentin. When audit deficiencies are identified after the date f the audit reprt, PCAOB standards require a firm t take apprpriate actins t assess the imprtance f the deficiencies t the firm's present ability t supprt its previusly expressed pinins. Depending upn the circumstances, cmpliance with these standards may require the firm t perfrm additinal audit prcedures, r t infrm a client f the need fr changes t its financial statements r reprting n internal cntrl, r t take steps t prevent reliance n previusly expressed audit pinins. The inspectin team may review, either in the same inspectin r in subsequent inspectins, the adequacy f the firm's cmpliance with these requirements. Failure by a firm t take apprpriate actins, r a firm's misrepresentatins, in respnding t an inspectin reprt, abut whether it has taken such actins, culd be a basis fr Bard disciplinary sanctins.

8 Inspectin f KPMG LLP Page 3 PART I INSPECTION PROCEDURES AND CERTAIN OBSERVATIONS Members f the Bard's staff ("the inspectin team") cnducted primary prcedures fr the inspectin frm Nvember 2010 thrugh Octber The inspectin team perfrmed field wrk at the Firm's Natinal Office and at 31 f its apprximately 83 U.S. practice ffices. A. Review f Audit Engagements The 2011 inspectin f the Firm included reviews f aspects f 52 audits perfrmed by the Firm and a review f the Firm's audit wrk n ne ther issuer audit engagement in which the Firm played a rle but was nt the principal auditr. The inspectin team selected the audits and aspects t review, and the Firm was nt allwed an pprtunity t limit r influence the selectins. The inspectin team identified matters that it cnsidered t be deficiencies in the perfrmance f the wrk it reviewed. Thse deficiencies included failures by the Firm t identify, r t address apprpriately, financial statement misstatements, including failures t cmply with disclsure requirements, 6/ as well as failures by the Firm t perfrm, r t perfrm sufficiently, certain necessary audit prcedures. In sme instances, fllw-up between the Firm and the issuer led t a change in the issuer's accunting r disclsure practices. In sme cases, the cnclusin that the Firm failed t perfrm a prcedure was based n the absence f dcumentatin and the absence f persuasive ther evidence, even if the Firm claimed t have perfrmed the prcedure. 7/ 6/ When it cmes t the Bard's attentin that an issuer's financial statements appear nt t present fairly, in a material respect, the financial psitin, results f peratins, r cash flws f the issuer in cnfrmity with applicable accunting principles, the Bard's practice is t reprt that infrmatin t the SEC, which has jurisdictin t determine prper accunting in issuers' financial statements. 7/ PCAOB Auditing Standard ("AS") N. 3, Audit Dcumentatin, prvides that, in varius circumstances including PCAOB inspectins, a firm that has nt adequately dcumented that it perfrmed a prcedure, btained evidence, r reached an apprpriate cnclusin must demnstrate with persuasive ther evidence that it did

9 Inspectin f KPMG LLP Page 4 The inspectin team cnsidered certain f the deficiencies that it bserved t be audit failures. Specifically, certain f the identified deficiencies were f such significance that it appeared that the Firm, at the time it issued its audit reprt, had failed t btain sufficient apprpriate audit evidence t supprt its audit pinin n the financial statements and/r n the effectiveness f internal cntrl ver financial reprting ("ICFR"). The audit deficiencies that reached these levels f significance are described belw. 8/ A.1. Issuer A In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its pinins n the financial statements and n the effectiveness f ICFR. The Firm's failures related t the substantive testing with respect t the issuer's business cmbinatins, allwance fr lan lsses ("ALL"), and depsit liabilities, and t the cntrl and substantive testing with respect t the issuer's available-fr-sale ("AFS") securities. The Firm failed t perfrm sufficient testing related t the issuer's accunting fr assets acquired and liabilities assumed in tw business cmbinatins. Fr certain acquired lan prtflis, the engagement team failed t address the significant differences between the discunt rates, as well as ther assumptins, that the issuer used in its fair value measurements and thse that the Firm's internal valuatin specialist cnsidered reasnable. In additin, the Firm tested the valuatin f the acquired FDIC indemnificatin assets by develping a range f relatinships between the values f indemnificatin assets and the underlying lans based n ther recent transactins by ther banks that had acquired lan prtflis frm failed banks with the assistance f the FDIC. This range, hwever, was t wide (frm apprximately three percent t 60 percent f the principal f the underlying lans) t determine whether the recrded values were nt materially misstated, and the Firm s, and that ral assertins and explanatins alne d nt cnstitute persuasive ther evidence. 8/ The discussin in this reprt f any deficiency bserved in a particular audit reflects infrmatin reprted t the Bard by the inspectin team and des nt reflect any determinatin by the Bard as t whether the Firm has engaged in any cnduct fr which it culd be sanctined thrugh the Bard's disciplinary prcess.

10 Inspectin f KPMG LLP Page 5 perfrmed n prcedures t determine whether the lan prtflis acquired by the ther banks had similar characteristics t thse acquired by the issuer. Further, the Firm failed t test certain assertins as f the acquisitin date fr certain f the ther asset and liability accunts acquired, beynd, fr sme accunts, cmparing the balances t unaudited pr frma statements prepared by an external party. During the year, the issuer added a new unallcated reserve cmpnent t its ALL. The Firm failed t sufficiently test the ALL, as its testing f this cmpnent was limited t btaining a general understanding f hw management develped the unallcated reserve, withut testing any f the specific assumptins used in determining the recrded amunt. T test the existence and valuatin f the issuer's depsit liabilities, the Firm's apprach was t send cnfirmatins as f an interim date and t perfrm prcedures t extend its cnclusins frm the cnfirmatin prcedures t the year end. The Firm, hwever, cnfirmed the depsit accunts as f the last statement date, which differed frm the interim date, and failed t recncile the balances cnfirmed t the balances at the interim date. Further, fr cnfirmatins that were nt returned, the Firm's alternative prcedures were insufficient, as the prcedures were limited t testing a transactin that was applicable t the depsit accunt and, fr sme f the accunts, the transactin was a system-generated transactin. Fr cnfirmatins returned with exceptins, the Firm did nt investigate the reasns fr the exceptins. The issuer recrded the fair value f its AFS securities using prices frm an external pricing service. The Firm failed t identify and test any cntrls ver the prices the issuer received frm the external pricing service. Fr sme types f AFS securities withut readily determinable fair values, the Firm btained prices frm external pricing services. The Firm failed t btain an understanding f the specific methds and/r assumptins underlying the fair value measurements that were btained frm external pricing services and used in the Firm's testing, and it failed t perfrm ther prcedures t supprt its use f thse prices in its testing. In additin, fr certain AFS securities that had been in an unrealized lss psitin fr mre than twelve mnths, the Firm failed t test certain

11 Inspectin f KPMG LLP Page 6 assumptins that the issuer used t determine whether the securities were ther-than-temprarily impaired. A.2. Issuer B In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its pinins n the financial statements and n the effectiveness f ICFR. The Firm's failures in its cntrl testing related t (a) testing certain infrmatin technlgy general cntrls ("ITGCs"), (b) testing cntrls ver the cmpleteness and accuracy f certain financial data, (c) identifying and testing cntrls ver the valuatin f certain guarantees, and (d) testing certain cntrls ver fixed assets. The Firm's failures in its substantive testing related t certain guarantees and fixed assets. The Firm failed t sufficiently test ITGCs and, as a cnsequence f this failure, the Firm's reliance n certain system-generated reprts, autmated applicatin cntrls, and infrmatin technlgy ("IT") dependent manual cntrls was excessive. The specific deficiencies in testing ITGCs were as fllws The Firm did nt test whether user-access rights granted t all financial applicatins that the Firm had determined were significant were cnsistent with the level f access apprved by management. In additin, the Firm failed t identify and test any cntrls ver the cmpleteness and accuracy f infrmatin in peridic reprts used by management t mnitr changes t user access, and t test whether the review f such reprts was effective. Separately, the Firm identified a deficiency in the perating effectiveness f a peridic user-access review cntrl related t these financial applicatins. The Firm identified cmpensating cntrls fr this deficiency; hwever, the Firm's testing f certain f these cntrls either used a sample f nly ne item r cnsisted f a review f user access nly at a specific date. Bth f these appraches assumed ITGCs, including user-access cntrls, were effective. The Firm failed t btain an understanding f the nature and timing f the data transfer between certain significant financial applicatins (including data related t revenue, inventry, and payrll) and the related issuer

12 Inspectin f KPMG LLP Page 7 cntrls ver the cmpleteness and accuracy f the transfer f such infrmatin. The Firm failed t sufficiently test certain cntrls ver fixed assets and failed t evaluate the effect f an identified errr related t fixed assets n its cnclusin regarding the effectiveness f ICFR. Specifically The Firm failed t identify and test any cntrls ver the cmpleteness and accuracy f infrmatin that was used in the perfrmance f cntrls ver fixed assets and that was generated frm systems fr which ITGCs were nt tested. The Firm's testing f certain review cntrls did nt include an evaluatin f the effectiveness f the review, as its testing was limited t determining whether there was evidence that a review had been perfrmed by the cntrl wner. The Firm failed t evaluate whether an errr relating t the imprper remval f an asset frm the fixed asset ledger, which management had indicated was caused by a system prblem, indicated a deficiency in cntrls. The issuer guaranteed lans t certain affiliated parties thrugh a credit facility and had recrded a liability related t the fair value f the guarantees. The issuer cncluded that it did nt need t recrd an additinal liability in the year under audit related t the guarantees' cntingent aspect (related t the risk that the issuer might have t perfrm under the guarantees). The Firm assessed inherent risk as lw related t the valuatin assertin fr the cntingent aspect f the guarantees, despite the existence f factrs indicating that the financial cnditin f certain f the affiliated parties had deterirated. The Firm's prcedures related t the guarantees were deficient in that the Firm failed t (a) identify and test any cntrls ver the cntingent aspect f the guarantees, and (b) perfrm substantive prcedures t evaluate the issuer's assertin that it was nt prbable that any lsses had ccurred. The issuer identified certain fixed assets that had indicatrs f impairment and, fr each f thse, prepared cash flw prjectins. The Firm failed t

13 Inspectin f KPMG LLP Page 8 evaluate the reasnableness f certain significant assumptins underlying the cash flw prjectins, ther than by discussing the assumptins with an emplyee f the issuer and perfrming a sensitivity analysis that used unsupprted prjected grwth rates. A.3. Issuer C In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its pinins n the financial statements and n the effectiveness f ICFR. The Firm's failures related t the cntrl and substantive testing with respect t the issuer's ALL and mrtgage-repurchase reserve. With respect t the ALL As a result f a review by its primary regulatr during the year, the issuer recrded, at an interim date, an increase t the ALL that was in excess f seven times the Firm's established level f materiality. Other than by discussing the adjustment with the issuer and its primary regulatr and reading a memrandum prepared by the issuer's management, the Firm failed t evaluate whether the increase in the ALL indicated that ne r mre prir perids' financial statements had been misstated. The issuer cncluded, and the Firm agreed, that a cntrl deficiency existed at the interim date related t the management review cntrl ver the ALL and that the cntrl deficiency had been remediated as f the year end. The Firm, hwever, failed t perfrm sufficient prcedures t test the perating effectiveness f the management review cntrl as f year end. While the Firm's testing addressed the relevance and reliability f certain data used in the cntrl, and the Firm btained evidence that the issuer perfrmed a review, the Firm did nt test the effectiveness f the review. Fr example, the Firm failed t btain an understanding f the metrics, threshlds, r ther criteria the issuer used t identify items fr investigatin and failed t test whether the issuer apprpriately investigated and addressed items that met thse criteria. There was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had tested certain

14 Inspectin f KPMG LLP Page 9 reclassificatins f lans between the issuer's lan types, which had the effect f decreasing the calculated ALL. With the exceptin f ne small segment f lans, the Firm failed t sufficiently test the issuer's qualitative lss factrs. Specifically, even thugh these factrs were established in the year under audit, the Firm's testing was limited t btaining an understanding f management's ratinale fr the factrs, btaining general market data, and nting the high-level directinal trends in the factrs and the issuer's lans. The Firm cncurred with the issuer's cnclusin that n allwance was required fr certain lans classified as trubled debt restructurings based n the issuer's assumptin that it was prbable that the issuer wuld receive all payments in accrdance with the restructured terms f the lans. The Firm, hwever, failed t test this assumptin beynd inquiry f management. The issuer has sld substantially all f the residential mrtgages it riginated in the past five years. During 2010, the issuer experienced increased expenses related t an increase in demands frm, and disputes with, buyers f the mrtgages. In additin, the Firm identified that the mrtgage-repurchase reserve was understated at year end, and identified as a cntrl deficiency the fact that the issuer did nt have adequate prcesses and related cntrls t analyze and reserve fr mrtgage repurchases. Further, the issuer's primary regulatr and a lan purchaser identified weaknesses related t the issuer's lan riginatin and appraisal prcesses. Despite these circumstances, the Firm assessed the risk f material misstatement fr the mrtgage-repurchase reserve as lw and determined that this reserve was nt a significant accunt. The Firm failed t sufficiently test the issuer's mrtgage-repurchase reserve. Specifically With the exceptin f ne small cmpnent f the reserve, the Firm's substantive prcedures were limited t testing fr payments made after the year end and a general discussin with management. The Firm failed t apprpriately evaluate the severity f the identified cntrl deficiency related t the mrtgage-repurchase

15 Inspectin f KPMG LLP Page 10 reserve, as the Firm perfrmed its evaluatin based n the knwn misstatement rather than n the magnitude f the ptential misstatement that might result frm the deficiency. A.4. Issuer D In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its pinins n the financial statements and n the effectiveness f ICFR. The Firm's failures related t the substantive testing f the issuer's balance sheet, the cntrl and substantive testing with respect t the issuer's ALL, and the substantive testing f the issuer's investment securities. The Firm used an amunt greater than its established materiality level t determine the extent f its testing f certain balance sheet accunts. Cnsequently, the sample sizes used fr testing were inadequate t enable the Firm t btain the necessary level f assurance regarding these accunts. With respect t the ALL, the Firm failed t perfrm sufficient tests f cntrls and substantive prcedures related t the issuer's reserves fr cmmercial lans and unfunded cmmitments, and failed t perfrm sufficient substantive prcedures t test the cmpnent f the issuer's ALL that was nt allcated t any prtin f the issuer's lending prtfli ("the unallcated reserve"). Specifically The issuer determined its reserves fr cmmercial lans and unfunded cmmitments using mdels based n, in part, assigned lan grades and lss-rate factrs. The Firm failed t sufficiently test tw imprtant review cntrls ver the lan grades and lss-rate factrs. Specifically, fr ne f these review cntrls, the Firm failed t test cntrls ver the cmpleteness and accuracy f certain data used in the review. In additin, there was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had tested whether decisins t change lan grades that resulted frm the peratin f this review cntrl were apprpriate. Fr the ther review cntrl, the Firm's tests f the cntrl activities ver the apprpriateness f certain lss-rate factrs cnsisted nly f determining whether the apprpriate persnnel had perfrmed a review, rather than testing the effectiveness f the review.

16 Inspectin f KPMG LLP Page 11 The Firm als failed t perfrm sufficient substantive prcedures t test the issuer's lss-rate factrs, which the issuer had develped based n external data with certain adjustments. The issuer gave an equal weighting t each year f the external data, which cvered at least 20 years, with the mst recent data being at least ne year ld. There was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had cnsidered whether mre recent data were mre indicative f lsses inherent in the year-end lan prtfli and thus shuld have received greater weighting than lder data. Als, the Firm failed t sufficiently test the reasnableness f the adjustments the issuer made t the external data in rder t develp the lss-rate factrs, as the Firm's testing was limited t btaining an understanding f the ratinale fr any adjustments made. In additin, the Firm failed t perfrm a retrspective review f the issuer's histrical estimates f the cmmercial ALL cmpared with subsequent results t assess the reasnableness f the assumptins used in develping the cmmercial ALL. During the year, the issuer increased its unallcated reserve t the maximum f a range that it had previusly determined fr that cmpnent f the ALL. The Firm's testing f the unallcated reserve was limited t btaining an understanding f the qualitative factrs that the issuer cnsidered in develping the unallcated reserve. The Firm failed t assess whether the recrded amunt f the unallcated reserve was reasnable, including evaluating whether the increase in the unallcated reserve ver the prir year was reasnable in light f the imprvement in ecnmic and credit risk indicatrs. The Firm failed t sufficiently test the valuatin f, and disclsures related t, certain f the issuer's investment securities withut readily determinable fair values. Specifically The issuer used ne external pricing service as its primary pricing surce, and btained additinal prices fr the majrity f its investment securities frm ther external pricing services. Fr sme f the securities, there were significant differences between r amng the prices btained. T test the valuatin f the issuer's

17 Inspectin f KPMG LLP Page 12 investment securities, the Firm selected a sample f securities at an interim date and at year end, and cmpared the prices the issuer had used in its valuatin prcess t prices that the Firm btained frm the same external pricing services that the issuer had used. The Firm als selected a smaller sample f 15 securities at the interim date and, fr each f these securities, the Firm btained the assumptins underlying the issuer's pricing services' prices, and als btained prices frm anther pricing service in rder t assess the reliability f the prices the issuer had btained. The Firm accepted the issuer's recrded value withut sufficiently evaluating the significant differences in the prices fr sme f the individual securities. Specifically, while the Firm determined that the differences in pricing were attributable t differences in underlying assumptins, the Firm cncluded that each f the assumptins used by the issuer's pricing services was reasnable. There was n evidence in the audit dcumentatin, and n persuasive ther evidence, hwever, that the Firm had perfrmed prcedures t prvide a basis fr its cnclusin. In additin, the Firm failed t sufficiently test the issuer's disclsures f certain investment securities withut readily determinable fair values as level 2 within the hierarchy set frth in FASB ASC Tpic 820, Fair Value Measurements and Disclsures, as it failed t btain an understanding f whether the significant inputs used t value the securities were bservable r unbservable. A.5. Issuer E In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its audit pinins n the financial statements and n the effectiveness f ICFR. The Firm's failures related t the substantive testing with respect t accunts receivable and revenue, and the testing f certain internal cntrls ver significant financial applicatins. The Firm's apprach t testing accunts receivable and revenue at a business that the issuer had acquired during the year, which represented apprximately 56 percent f cnslidated accunts receivable and 40 percent f cnslidated revenue, cnsisted f nly substantive prcedures

18 Inspectin f KPMG LLP Page 13 and did nt include tests f cntrls fr the acquired business. The Firm failed t sufficiently test accunts receivable and revenue fr this acquired business. Specifically The Firm sent custmer cnfirmatin requests at an interim date t test accunts receivable. Fr certain cnfirmatin requests nt returned, the Firm's alternative prcedures were insufficient as either n prcedures were perfrmed, r the prcedures were limited t ne f the fllwing: (a) agreeing nly a prtin f the accunt balance t subsequent cash receipts, r (b) agreeing the accunt balance t issuer invices that were generated by a system fr which cntrls had nt been tested, and/r verifying that at least ne payment had been received n the accunt prir t the interim date. The Firm's prcedures t extend the interim cnclusins n accunts receivable t year end were insufficient, as the Firm failed t identify that the rll-frward analysis that the issuer prepared included an incrrect adjustment that was in excess f the Firm's established level f materiality and excluded certain ther adjustments that shuld have been included. The Firm's prcedure t test revenue since acquisitin was t estimate revenue fr that perid as the amunt f cash received during the perid, adjusted by the change in the recrded accunts receivable balance frm the date f acquisitin t the end f the year. Because the Firm's testing f accunts receivable was insufficient as described abve, the Firm's testing f the related revenue using this prcedure als was insufficient. Further, the Firm failed t identify the circular nature f the tests perfrmed, as the accunts receivable rll-frward prcedures relied upn reprted revenue, and the test f revenue relied upn the accunts receivable balance. The issuer and the Firm identified a cntrl deficiency in that a significant number f users, including prgram develpers, had the ability t make changes t certain significant financial applicatins. T mitigate this

19 Inspectin f KPMG LLP Page 14 deficiency, the issuer identified a manual cntrl ver the review and apprval f changes t the applicatins. The Firm identified this manual cntrl and certain ther manual review and recnciliatin cntrls as cmpensating cntrls, but failed t sufficiently test these cntrls. Specifically T test the review and apprval f changes t the financially significant applicatins, the Firm tested a sample f changes t determine whether they had been apprpriately apprved. The Firm's testing was nt sufficient, as (a) it failed t determine whether the ppulatin frm which the sample was selected was cmplete, and (b) its sample was limited t changes made in nly ne mnth (the third mnth befre year end) and the Firm failed t cnsider whether this mnth was representative f changes made thrughut the year. T test the manual review and recnciliatin cntrls, the Firm btained certain mnthly perating review reprts and recnciliatins and attended certain mnthly management meetings where the reprts and recnciliatins were discussed. The Firm's testing was nt sufficient, as (a) it did nt test cntrls ver the cmpleteness and accuracy f the data in the reprts, and (b) it failed t test whether these cntrls identified all f the relevant issues fr investigatin and, if s, whether such issues were apprpriately investigated and reslved. As a cnsequence f the Firm's failure t sufficiently test the cntrls described abve, the Firm's reliance n certain system-generated reprts, autmated applicatin cntrls, and IT-dependent manual cntrls was excessive. A.6. Issuer F In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its audit pinin n the effectiveness f ICFR. Due t the deficiencies described belw, the Firm's cnclusin that it culd rely n ITGCs was nt supprted. As a result, the Firm's testing f certain autmated applicatin cntrls, IT-dependent manual

20 Inspectin f KPMG LLP Page 15 cntrls, and system-generated reprts, n which it relied fr its cntrl testing, was insufficient. The specific deficiencies in testing ITGCs were as fllws The Firm's tests f cntrls related t user access t certain significant financial applicatins, including its tests related t segregatin f duties, were insufficient. The Firm tested cntrls ver user access fr these significant financial applicatins primarily by testing the cntrl ver access granted t new users and a cntrl that cnsisted f an annual review f user access. The Firm's testing f the new-user access cntrl cnsisted f determining that the apprpriate apprval had been btained befre the user was granted access t an applicatin, but did nt address whether the actual access granted was cnsistent with that apprval, nr did the Firm determine whether the cntrl was designed t detect ptential segregatin f duties issues related t that access. The Firm's testing f the annual review cntrl addressed nly whether the reviews were perfrmed and whether any changes requested as a result f the reviews were transmitted t the apprpriate department. The Firm's prcedures did nt include evaluating the decisins the individual perfrming the review made regarding the apprpriateness f the access that had been prvided t a user r testing whether the individual cnsidered any ptential segregatin f duties issues related t that access. The issuer's plicy allwed fr certain members f senir management bth t request and t apprve access t significant financial applicatins, and als t perfrm the annual review f user access t these applicatins. In additin, the issuer's general ledger applicatin was set up in a way that culd allw users t circumvent user-access cntrls t make changes t the data in the general ledger. There was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had identified the risks assciated with either f these circumstances r had tested cntrls that addressed these risks.

21 Inspectin f KPMG LLP Page 16 While the Firm identified and tested cntrls that addressed the risks assciated with the fact that certain users culd access all prgrams and data withut first needing t access an applicatin, its testing did nt address the risk that the issuer had granted ther users similar access t sme, but nt all, prgrams and data withut first needing t access an applicatin. A.7. Fr the inventry, sales, and accunts receivable applicatins related t ne f the issuer's business segments, the Firm failed t determine whether the prcessing f data and the mnitring f this prcessing within these applicatins were subject t the ITGCs that the Firm had tested. Issuer G In this audit, the Firm chse t review and test management's prcess fr develping the fair value measurements f the issuer's investments. The majrity f these investments were in the debt and equity securities f private cmpanies ("traditinal investments"), althugh the issuer als invested in private finance cmpanies ("finance cmpanies"). The Firm selected certain f the issuer's individual investments fr testing, but its prcedures t test sme f these investments were nt sufficient. Specifically With respect t traditinal investments Fr mst f the investments selected fr testing, the issuer used the investees' financial results as ne f the significant factrs in determining the fair value measurements. The investees' financial results that the issuer used were fr an interim perid that was generally eleven mnths after the investees' mst recently audited financial statements (the "interim data"). The Firm's testing f the interim data was nt sufficient. Specifically In sme situatins, the issuer made adjustments t the interim data, and there was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had tested these adjustments, beynd inquiry f management.

22 Inspectin f KPMG LLP Page 17 There was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had cnsidered specific investee risk factrs in designing and perfrming its audit prcedures t test the interim data. The Firm used the mst recent audited investee financial statements t evaluate the reliability f the investees' interim data. The Firm, in certain cases, failed t determine whether the reprts f the investees' auditrs were satisfactry, as it failed t assess the prfessinal reputatin and standing f the investees' auditrs. Fr sme f these investments, the fair value measurements were based n infrmatin ther than the interim data, and there was n evidence in the audit dcumentatin, and n persuasive ther evidence, that the Firm had tested this ther infrmatin, beynd inquiry f management. With respect t investments in finance cmpanies Fr ne investment, the Firm failed t test the prjected cash flws and the underlying assumptins the issuer used in estimating the fair value. Fr anther investment, the issuer valued the investment n a liquidatin basis and the Firm failed t test the issuer's estimate f the value f the investee's net assets. A.8. Issuer H In this audit, the Firm failed t btain sufficient apprpriate audit evidence t supprt its pinins n the financial statements and n the effectiveness f ICFR. The issuer uses FASB ASC Tpic , Lans and Debt Securities Acquired with Deterirated Credit Quality t accunt fr its investment in lans that it has purchased. The incme n these lans that the issuer recrds depends n the amunt and timing f prjected cash flws and the resulting yield assciated with thse prjectins. The Firm failed t sufficiently identify and test cntrls ver revisins made t the prjected cash flws and the resulting changes in the yields, as the Firm's testing was limited t verifying that certain analyses had been prepared fr each lan prtfli, and that there

23 Inspectin f KPMG LLP Page 18 was evidence that a review had been perfrmed by the cntrl wner. The Firm's testing did nt include evaluating hw the issuer's review, perfrmed as part f the cntrls selected fr testing, addressed whether the changes in the prjected cash flws r in the yields were apprpriate. Further, the Firm's substantive testing f the changes the issuer made t the amunt and timing f the prjected cash flws and the resulting increase in the yields was limited t testing whether the changes were directinally cnsistent with the differences between actual and prjected cash flws (e.g., if actual cash flws were higher than had been prjected, the Firm verified that the revised prjected cash flws and/r the yields were als higher). The Firm's testing did nt include evaluating whether the revised prjected cash flws and yields were reasnable r supprted. A.9. Issuer I In this audit, the Firm failed t perfrm sufficient prcedures t test the valuatin f the issuer's investment securities. The Firm selected a statistical sample f securities fr testing at an interim date, a statistical sample f a prtin f the ppulatin f the securities at a secnd interim date, and a significantly smaller judgmental sample at the balance sheet date. At each date, the Firm tested the fair value f the securities by cmparing the issuer's recrded fair value t a price the Firm btained frm ne f five external pricing services r, in sme instances, an average f tw r mre prices frm these pricing services. The deficiencies in the Firm's testing were as fllws Fr certain securities withut readily determinable fair values, the Firm did nt btain an understanding f the specific methds and/r assumptins underlying the prices fr individual securities that were btained frm the external pricing services and used in the Firm's testing f fair value. The Firm perfrmed certain ther prcedures that were intended t supprt its use f these prices in its testing, but these prcedures were nt sufficient. In fact, the Firm btained evidence that indicated that the prices fr sme securities may nt have been reliable, and the Firm failed t evaluate this cntrary evidence. Specifically Fr sme securities, the difference between the issuer's recrded value and the Firm's estimate f fair value using the prices prvided by the pricing services exceeded the Firm's established threshld fr acceptable differences, and the Firm btained an additinal price frm an internal valuatin specialist. While, fr all f these

24 Inspectin f KPMG LLP Page 19 securities, the difference between the issuer's recrded value and the internal valuatin specialist's price was belw the Firm's established threshld, the Firm failed t cnsider whether the significant differences between the prices btained frm the pricing services and the prices btained frm the Firm's internal valuatin specialist fr these securities had a bearing n the reliability f the prices btained frm the pricing services fr ther securities. The Firm als perfrmed prcedures t assess the reliability f the pricing services' prices. Althugh these prcedures prvided cntrary evidence, the Firm did nt take this evidence int accunt in determining t use the pricing services' prices. Specifically Fr certain securities n a sample basis, the Firm btained prices frm the internal valuatin specialist in rder t test the reliability f the prices prvided by the pricing services. Fr sme f the securities sampled, the difference between the internal specialist's fair value measurement and the prices btained frm the pricing services exceeded the Firm's established threshld, but the Firm failed t evaluate the reasns fr, and cnsider the implicatins f, these differences, and cntinued t use prices frm these pricing services in testing the fair value f similar securities, withut perfrming any additinal prcedures. The Firm selected a sample f the issuer's purchases and sales f investment securities and requested the pricing services' fair value measurements fr the selected investments fr the day befre the issuer's transactin, s that it culd cmpare the transactin price t the pricing services' prices. Fr three f the pricing services, fr sme f the securities in the sample, the difference between the transactin price and the price prvided by the pricing service exceeded the Firm's established threshld, but the Firm failed t evaluate the reasns fr, and cnsider the implicatins f, the differences and inapprpriately cncluded that the testing supprted

25 Inspectin f KPMG LLP Page 20 its cnclusin that prices received frm these pricing services were reliable. In additin, ne f the pricing services prvides prices nly upn request, and the Firm failed t cnsider that this pricing service culd have develped its estimate f fair value fr the securities invlved in this prcedure using the same transactin that the Firm was using fr cmparisn. The Firm failed t sufficiently test the issuer's disclsures f certain investment securities withut readily determinable fair values as level 2 within the fair value hierarchy, because it failed t btain an understanding f whether the significant inputs used t value the investment securities were bservable r unbservable. Fr certain types f investment securities, the Firm's substantive prcedures t extend its cnclusins frm the first interim date t year end were limited t an analytical prcedure disaggregated by type f investment security, and fr thers, the prcedures included bth an analytical prcedure and tests f the fair values f a sample f the securities at the secnd interim date. The analytical prcedures fr certain f the investment securities were insufficient since, fr sme f the investment securities, the Firm failed t establish an expectatin, and fr thers, the Firm's expectatin was expressed as a range that was t wide t detect a ptential misstatement that culd be material. The Firm excluded frm its tests f the valuatin f securities at year end securities purchased during tw f the last three mnths f the issuer's fiscal year, whse aggregate recrded value was apprximately ten times the Firm's established level f materiality. A.10. Issuer J In this audit, fr certain f the issuer's investment securities, the Firm btained estimates f fair values frm external pricing services fr cmparisn t the issuer's fair value measurements. The Firm established a threshld t identify pricing differences fr further testing. The threshld, hwever, was fr an aggregate difference at the prtfli

26 Inspectin f KPMG LLP Page 21 level; this threshld caused the Firm nt t identify significant differences in prices fr individual securities. In additin, the Firm failed t test the fair value f certain securities fr which it had requested, but nt received, a price frm the external pricing services. A.11. Issuer K In this audit, fr the issuer's investment securities, the Firm btained estimates f fair values frm an external pricing service fr cmparisn t the issuer's fair value measurements and established a threshld t identify pricing differences fr further testing. Fr a certain type f security, a number f the individual securities had a recrded value significantly belw par value ("the identified securities"). Fr the identified securities, the difference between the issuer's price and the price btained frm the external pricing service exceeded the Firm's established threshld. Fr individual securities fr which the amunt f the difference was ver the established threshld plus the amunt that the Firm used t accumulate misstatements fr evaluatin, the Firm btained prices frm anther external pricing service and calculated an average price frm the tw pricing services. Fr each f the securities subject t this prcedure, the difference between the average price and the recrded price still exceeded the Firm's established threshld. Fr each f the identified securities, the Firm accepted the issuer's recrded value withut sufficiently evaluating the significant differences in the prices. Specifically, the Firm determined that the differences in pricing were attributable t differences in a key underlying assumptin and cncluded that these differences were reasnable. There was n evidence in the audit dcumentatin, and n persuasive ther evidence, hwever, that the Firm perfrmed prcedures t prvide a basis fr its cnclusin. In additin, the Firm failed t sufficiently test the issuer's disclsures f these securities as level 2 within the fair value hierarchy, because it failed t btain an understanding f whether any f the significant inputs used t value the securities were bservable r unbservable. A.12. Issuer L In this audit, the Firm tested the valuatin f the majrity f the issuer's investments in securities at an interim date; hwever, the Firm failed t perfrm sufficient prcedures t prvide a reasnable basis fr extending its cnclusins n the valuatin f thse securities t the balance sheet date. Specifically, with respect t equity securities, the analytical prcedures that the Firm perfrmed t rll frward its cnclusins t year end cnsisted nly f determining that the issuer's returns, by