In recent years, the U.S. Securities and Exchange Commission (SEC) has had its eye on the special purpose acquisition company (SPAC) market — warning investors against putting money into SPACs, expressing skepticism about their performance, and taking affirmative steps to corral SPACs, including direct prosecution of investment firms. Now its gaze has turned upon a market gatekeeper.

On June 21, the SEC brought an enforcement action against Marcum LLP, one of the largest public accounting companies, for widespread quality control failures and violations of audit standards in connection with the firm’s audit work over the past few years, including audits for hundreds of SPAC clients. Without admitting or denying the SEC’s findings, Marcum has agreed to pay a $10 million penalty, as well as pay for an independent consultant to review and evaluate its quality control policies and procedures for (potentially) the next two years, among other remedial actions.

Working in tandem with the SEC, the Public Company Accounting Oversight Board (PCAOB) announced a settled disciplinary order that requires Marcum to pay an additional $3 million penalty, which is the largest penalty the PCAOB has imposed on an audit firm that is not part of a global network (non-affiliate firm), and also requires Marcum to create and fill a new position (Chief Quality Officer) and a new committee to oversee its audit practice (Audit Oversight Committee). This is the first time that the PCAOB has required a registered firm to make functional changes to its quality control supervisory structure.

The penalties and sanctions imposed on Marcum make clear that federal regulators are continuing to watch and will take actions to ensure the integrity of the SPAC space, including against service providers operating in that space.

Background

Marcum is a public accounting firm headquartered in New York City, which, according to the SEC’s findings, has more than 370 partners and 2,300 employees in more than 30 offices across the country. Marcum also holds a 50% interest in Marcum Asia CPAs LLP, a public accounting firm also headquartered in New York City with 137 accounting personnel in offices throughout China and Singapore.

As public accounting firms with U.S. public company clients, Marcum and Marcum Asia have been registered with the PCAOB since 2003 and 2011, respectively, as required by the Sarbanes-Oxley Act of 2002. Among other requirements, registered firms must comply with the PCAOB’s Auditing Standards (AS) and Quality Control Standards (QC 20) and are also subject to annual inspections to assess compliance.

In recent years, Marcum’s auditing and quality control standards and practices have come under scrutiny from the PCAOB. For example, in its 2019 inspection, the PCAOB found significant deficiencies in six of the 12 Marcum audits selected for review. In 2019 and 2020, the PCAOB also sanctioned Marcum and Marcum Asia for auditor independence violations and failure to perform appropriate procedures to address significant unusual transactions, respectively.

During this period, Marcum’s SPAC practice grew exponentially. According to the SEC’s findings, Marcum’s public company audits grew from 185 issuers (2019) to 575 issuers (2022), and most of this growth was from audits of SPACs. The SEC noted, for instance, that Marcum audited more than 400 of the 860 SPACs that completed initial public offerings (IPOs) in the United States in 2020 and 2021. And, according to the SEC, the “strain of this exponential growth in Marcum’s public company practice exposed substantial, widespread, and pre-existing deficiencies in the firm’s underlying quality control policies, procedures, and monitoring.”

SEC Action

The SEC charged Marcum with violating Section 4C of the Exchange Act and Rule 102(e)(1)(ii) by engaging in “improper professional conduct” in the performance of its audit work from 2020 onward, namely, failure to comply with numerous Auditing Standards and PCAOB Quality Control Standards. Among other things, the SEC highlighted the following categories of alleged misconduct to justify the sanction against Marcum:

  • Client acceptance and staffing capacity (QC 20.15(a), 20.03, 20.20). A public accounting firm is required to maintain sufficient quality control policies, procedures, and monitoring to evaluate the firm’s personnel capacity before accepting new clients. The SEC found that Marcum did not adequately assess its staffing capacity before taking on new SPAC clients. Engagement partners submitted new SPAC clients to the firm’s Client Acceptance Committee on the assumption that staffing could be managed in the future, but that “assumption became more problematic, and ultimately untenable, given the ever-escalating volume of SPAC clients accepted by the firm.” For example, while Marcum increased its acceptance of new SPAC clients from 178 (2020) to 633 (2021), firm staffing did not increase proportionally, which led to, among other problems, “delays and the failure to satisfy audit standards” in the “timely completion, assembly, and retention of audit documentation” because of overburdened audit team members.
  • Client acceptance and management integrity (QC 20.14, 20.03, 20.20, 20.23, 20.24). A public accounting firm must also evaluate the management integrity of prospective clients before accepting them as clients, including review of background reports on key personnel, such as the CEO, CFO, and Audit Committee Chair. The SEC found that while Marcum had the requisite policy, the firm did not actually require receipt and review of such reports prior to client acceptance.
  • Audit documentation (AS 1215, QC 20.03, 20.17, 20.20). Audit Standards and Quality Control Standards also require that audit documentation reflect when procedures were performed, completed, and reviewed, as well as contain sufficient evidence that these procedures were conducted before the release of an audit report. Among other issues, the SEC noted that, based on Marcum’s own post-issuance inspections, only eight of the 25 SPAC IPO audits reviewed complied with the firm’s documentation and approval policies. Marcum also had a six-month email auto-delete policy, even though audit documentation was often only maintained in audit team members’ emails. The SEC also found that Marcum often did not assemble and retain complete sets of audit documentation for retention within the required 45 days of an audit report being released.
  • Communications with audit committees (AS 1301, QC 20.03, 20.17, 20.20). The SEC noted numerous audit engagements where Marcum had “insufficient communication of changes in significant risks to the audit committee” and also had failed to “accurately document the fact, timing, and method of audit committee communications.” For example, based on Marcum’s own internal inspections, the final audit committee letter was missing from the workpapers of nine out of 38 SPAC audits reviewed.
  • Engagement partner supervision and review (AS 1201, QC 20.03, 20.17). The SEC found that within the SPAC practice, Marcum’s engagement partners “frequently failed to sufficiently supervise and review work in connection” with the many parts of an audit engagement, such as client acceptance, audit documentation, and communications with audit committees.
  • Evaluation and monitoring of internal training (QC 20.13, 20.20, 20.23, 20.24). Because the number of Marcum’s SPAC clients increased so significantly, the number of firm personnel assigned to those audits also increased. In mid-2020, Marcum’s SPAC audits were run by two partners and nine managers. Yet, by mid-2021, Marcum had as many as 43 partners and 75 managers working on SPAC audits. The SEC found that Marcum’s training and related guidance and supervision of these additional personnel — many of whom did not have prior SPAC experience — were not sufficient to ensure that audits complied with the governing Audit Standards and Quality Control Standards.

Additionally, the SEC charged Marcum with violating Rule 2-02(b)(1) of Regulation S-X for issuing SPAC audit reports that stated Marcum had conducted the audits in accordance with PCAOB standards when it had not done so in each instance.

As a result of these violations, Marcum must (1) pay a $10 million penalty to the SEC; (2) retain and pay for an independent consultant to evaluate and make recommendations to Marcum’s audit and quality control policies and procedures; and (3) not accept more than three new audit clients per quarter until the independent consultant has officially completed his or her work (up to two years), which includes Marcum’s implementation of the consultant’s recommendations.

PCAOB Action

The PCAOB and the SEC worked closely together in their investigations of Marcum. As a result, the PCAOB sanctioned Marcum for violations of its Rules and Quality Control Standards based essentially on the same conduct underlying the SEC’s charges.[1] In addition to the independent consultant requirements and payment of a $3 million penalty, the PCAOB has also directed Marcum to “make functional changes to its supervisory structure related to the Firm’s quality control policies and procedures.” Specifically, Marcum must create a new position at the firm — Chief Quality Officer — and hire an individual with PCAOB approval, who will then be tasked with implementing the recommendations of the independent consultant. Marcum must also create an Audit Oversight Committee that includes at least one independent member.

Takeaways

The SEC and PCAOB are continuing to monitor and are ready to act to ensure the integrity of the SPAC market. As SEC Chair Gary Gensler stated: “Public company auditors occupy positions of trust that are critical to protecting investors and our capital markets more broadly,” and the SEC will take action when it believes audit and quality control standard violations have put a firm’s “clients and the investing public at risk.”

Public accounting firms and all professional services firms should also view Marcum’s situation as a cautionary tale. Sometimes too much growth too quickly can result in significant problems if a firm’s personnel and internal control policies and procedures are unable to keep pace.

Members of the Troutman Pepper team are available to assist on any and all SEC and PCAOB developments.


[1] PCAOB’s order, specifically Sections III.C and III.D, does contain some additional details on the significant growth of Marcum’s audit practice and the quality control issues that arose as a result.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jay Dubow Jay Dubow

Jay co-leads the firm’s Securities Investigations + Enforcement Practice Group. He focuses his practice on complex business litigation, with a special emphasis on defending against shareholder derivative and securities class action litigation. He also represents clients involved in investigations by the U.S. Securities…

Jay co-leads the firm’s Securities Investigations + Enforcement Practice Group. He focuses his practice on complex business litigation, with a special emphasis on defending against shareholder derivative and securities class action litigation. He also represents clients involved in investigations by the U.S. Securities and Exchange Commission (SEC), the Pennsylvania Department of Banking and Securities, and various self-regulatory organizations, including the Financial Industry Regulatory Authority, Inc. (FINRA). He also conducts internal investigations on behalf of clients. Such investigations have included allegations involving the Foreign Corrupt Practices Act (FCPA), whistle blower claims, financial fraud, and civil and criminal violations of various federal and state laws.

Photo of Ghillaine Reid Ghillaine Reid

Ghillaine co-leads the Securities Investigations + Enforcement Practice Group at Troutman Pepper. She focuses her practice on government and securities regulatory investigations, financial services litigation, commercial litigation, and corporate compliance. Drawing on her experience in government service and private practice, Ghillaine regularly represents…

Ghillaine co-leads the Securities Investigations + Enforcement Practice Group at Troutman Pepper. She focuses her practice on government and securities regulatory investigations, financial services litigation, commercial litigation, and corporate compliance. Drawing on her experience in government service and private practice, Ghillaine regularly represents corporations and individuals in investigations conducted by the Securities & Exchange Commission, the Department of Justice, the Financial Industry Regulatory Authority, and other government and regulatory agencies. Ghillaine has successfully defended several high profile SEC investigations and enforcement proceedings involving a wide range of significant issues, including insider trading, accounting fraud, market manipulation, and broker-dealer sales practice violations. Prior to entering private practice, Ghillaine was a Branch Chief and Staff Attorney in the New York Regional Office of the Securities & Exchange Commission’s Division of Enforcement, where she investigated and litigated a wide range of securities enforcement matters.

Photo of Brian Nichilo Brian Nichilo

Brian’s law enforcement and audit experience give him a unique perspective on government enforcement actions and internal investigations.