With the EY cheating scandal making headlines even outside of our precious little accountosphere we decided to take a look at the full SEC order to answer the question — how and why were EY auditors cheating on CPE exams? This post will be long so we’ll get deeper into the CPA ethics portion of the cheating debacle in another article.
The long and short of it is, EY auditors trying to shortcut CPE took advantage of a software exploit. Explains the SEC [full order PDF here]:
From 2012 to 2015, over 200 EY audit professionals across the country exploited a software flaw in EY’s CPE testing platform to pass exams while answering only a low percentage of questions correctly. Following EY’s discovery of that earlier cheating scheme, the firm took disciplinary actions and repeatedly warned its audit professionals not to cheat on exams. Still, the cheating continued.
OK we lied, that was only the short of it. Here’s the long:
In December 2014, an internal EY whistleblower reported a flaw in the firm’s software that allowed professionals to pass CPE exams without the required number of correct responses. This vulnerability allowed exam takers to achieve a passing score while answering as little as one question correctly. The firm’s investigation of this matter determined that from 2012 to 2015, over 200 EY audit professionals in multiple offices exploited this flaw to pass CPE exams.
What’s the saying? Work smarter, not harder.
When the firm caught on they “took a variety of disciplinary actions against the audit professionals who engaged in this misconduct” and added prominent warnings to CPE exams to remind exam-takers they should complete their work on their own. Failure to do so reflected a lack of integrity, the warnings said.
The firm repeatedly reminded its personnel that cheating on exams was highly improper and violates EY’s Code of Conduct, which requires professionals to act with integrity and requires those who become aware of misconduct to report any deviations or violations of the Code to the firm.
However, EY learned that, despite these warnings, certain audit personnel were continuing to cheat. For example, in 2016, EY learned that professionals in its Denver office improperly shared answer keys. In response, the office’s managing partner warned staff that these actions constituted a serious violation of the firm’s Code of Conduct and underscored the importance of ethical behavior in connection with CPE. After the firm learned of two employees who had cheated on a CPA ethics exam in 2017, EY issued the following warning to U.S. personnel:
“Cheating” on internal or external tests, assessments or evaluations can result in disciplinary action, including termination. You must complete them without assistance from others. Assessments will further your professional development. Not completing a test on your own or sharing or soliciting answers from others during an assessment, is CHEATING. This conduct is contrary to our Global Code of Conduct and our values. Take it seriously!
Guys, the exclamation point and CHEATING in all caps means they are serious. Perhaps two would have gotten the point across more effectively. Maybe an emoji.
Another warning read:
You must complete the assessment without assistance from others. Adherence to that requirement is part of your acceptance of and commitment to the EY Global Code of Conduct which includes acting with integrity in connection with professional education.
Acting with integrity also means that you should not share or discuss the contents of the assessment, or your responses, with anyone who has yet to complete it. Failure to adhere to these requirements may result in disciplinary action.
And how did all those warnings work out?
These recurring instances of cheating reflected that the problem was persisting notwithstanding the firm’s warnings. Though EY continued to warn its personnel not to cheat, it did not implement any additional controls to detect this misconduct during the relevant period.
And what specifically were they cheating on?
They cheated on a wide variety of CPE courses, including courses on ethics and other topics, such as the Summary of Audit Differences, which are designed to ensure that audit professionals can properly evaluate whether clients’ financial statements are presented fairly in all material respects and comply with Generally Accepted Accounting Principles.
The best part about the entire order is that cheaters admitted they knew their behavior was wrong, they did it because they didn’t have time to do it the right way (that’s what they said, anyway).
Many professionals acknowledged during the firm’s investigation that they knew their conduct violated EY’s Code of Conduct, but they cheated because of work commitments or an inability to pass training exams after multiple attempts.
Also interesting to note, on June 19, 2019 U.S. Chair and Managing Partner Kelly Grier — who is not named in the order but come on, context clues — sent out a firmwide email reminding EYers that reputation is everything in this business. “No client or external relationship and no metric is more important than the ethics, integrity and reputation of EY,” the email read. “We all play a vital role in instilling confidence in capital markets. We must always be committed to each other as colleagues, holding ourselves and each other accountable and maintaining zero tolerance of those who do not live our values. As stated in our Global Code of Conduct, we are people who demonstrate integrity, respect and always doing the right thing.”
This email came just two days after we learned the SEC hit KPMG with a $50 million penalty for their cheating problems which included using confidential information that was being fed to them by a PCAOB insider to improve the firm’s performance on public company audit inspections and — as with EY — audit professionals sharing exam answers with one another.
On the same day Kelly sent the above email out, the SEC’s Division of Enforcement sent EY a formal request asking whether EY had received any ethics or whistleblower complaints regarding testing associated with any EY training program or continuing professional education course.
In a June 20, 2019 response to the SEC, EY provided a narrative submission that described five matters “related to cheating or other misconduct on training programs and assessments.” One of those matters was the 2017 tip about two employees cheating on a CPA ethics exam. None of the matters in EY’s submission involved potentially ongoing misconduct by current employees or misconduct that the firm did not appear to have appropriately addressed.
EY’s June 20 submission created the impression that EY did not have current issues with cheating – either on training programs and assessments or CPA ethics exams. However, on June 19, the day before EY made its submission, an employee reported to a manager that a professional in the firm’s audit group had emailed the employee answers to a CPA ethics exam. That afternoon, the manager informed an EY human resources employee of the tip, which was then relayed to others in EY’s human resources group.
Alright so mostly caught up now? We’ll finish with the rest of this sordid tale soon, there’s more to discuss believe it or not. Before we go, if you are an EYer with something to add to this story or in possession of exam keys you want to share with us, get in touch. You can use your burner email if you want, we don’t care.
I’d just like to say that I am impressed with the high quality journalism on this site of late.
https://www.sec.gov/news/statement/peirce-statement-ernst-and-young-062822
It is nice to see the SEC launching real investigations into these critical CPE trainings instead of wasting precious taxpayer funds on investigating the totally above reproach operations of the “Biden Family Super Secret Tax Optimized Fund, LLC”.
You know, I first read this story, thought to myself “Well duh, when I took the ethics portion it was an open book test–who needs to cheat on that??? I googled it (left accounting decades back), yep, STILL an open book test. If you can make yourself study, understand, then pass the CPA itself, a commitment of hundreds and hundreds of hours (assuming you pass it (the CPA) the first time (I didn’t), THEN you need to cheat on Ethics??? That’s sad. Big accounting firms hire the best-of-the-best from our accounting schools. Maybe if they didn’t work them seventy hour weeks, put incredible pressures on them, the kids would have time to function “ethically”.
The ethics exam is take home and requires a 90% to pass, and I believe you get three tries (before registering and paying again). Many people I worked with would try it once. If they didn’t pass they would compare answers assuming that if they had the same answers it was correct. Others would just get it from someone that recently passed. It is amusing that the Ethics exam is the one people cheat on.
It’s kind of amazing really. Ethics is open book, you get a manual to look at (I think it may be electronic now, at least for reupping ethics for renewing license). It’s a lot of questions and therefore tedious, but the answers are usually super clear if you can dedicate an hour or 2 once every 3 years.
I retired from full-time employment after a stint as a director of compliance in industry some years back. I ntended to do non-attest business consulting in my “golden” years. The State of VA requires CPAs who “retire” but do any kind of business or finance work to take 40 hours a year CPE or they must surrender their license. Since I always took seriously learning from CPE, I never took shortcuts and wasn’t going to start. So, I reluctantly surrendered my license after 35 years. Accountancy is serious business and getting more complex each year. There is no room for shortcuts on CPE courses. That said, firms and industry should allow the time for CPEs to do it right or face the embarrassment of CPAs who aren’t current or take ethical shortcuts to fill the square. The profession needs no more scandals.
All this could have been avoided if the regulatory authorities giving the CPA exam required examinees to physically take the test at some designated room (like they used to) without a cell phone, instead of leaving it up to the CPA firms to self-monitor. Just like how the FDA lets pharmaceutical companys run their own drug studies in order to receive FDA approval. Let’s face it, nobody’s watching the store, anymore. The government has shirked it oversight responsibilty for big corporations for a long time. Next time I’m arrested, I will self-confine at home instead of going to jail. If anybody from law enforcement inqiuire, I’ll tell them not to worry…I’m compying with all court orders. If they want me to sign something to verify or certify, I can do that, too….
This is continuing education, not the exams. The actual exam is still done at a testing site. CPE requires sitting through a class or presentation before taking the exams, no way that is ever going to be done in person at some secure offsite location.
One of the KPMG partners who was fired for cheating on an exam landed at EY. I wonder if she got caught cheating at EY?????
I see no problem with this. The ethics exam and CPE’s are both just boxes that CPA’s have to check to make the industry happy. They don’t add much actual value.
I must say the comments to this article were disappointing, as they appeared to miss the essence of the matter. Employees of a CPA firm, especially those who are certified or licensed, should conduct themselves morally and with integrity. Cheating under any circumstances is neither morally nor demonstrate integrity. This is an act discreditable to the profession. The firm too lost its way by not taking appropriate action and terminating all cheaters. How can the firm’s work and opinion be trusted if it is being done/given by cheaters. There is no excuse for cheating, especially on ethics. Where were their moral compass? The firm should have been fined 10 times the amount it was fined. I don’t want people thinking that the “C” in the CPA designation I have worked hard for, honestly, stand for Cheating. Very sad.
Cheating is dumb in this context. How is it any different than asking industry experts or asking for consults with other people in the firm? We’re not students taking tests anymore. Everyone asks other people or looks up practice guides for work; how is this any different?
It’s CPE and the dumb open book ethics exams… anyone who claims moral high ground is a tool