Scott London, an ex-KPMG partner in Los Angeles, has been charged in a federal complaint with one count of conspiracy to commit securities fraud through insider trading.

The complaint alleges that London provided confidential information about KPMG clients to Bryan Shaw, a close friend, over a period of several years and that Shaw used this information to make highly profitable security trades that generated more than $1 million in illegal proceeds.

In some cases, London called Shaw two to three days before press releases of KPMG clients were issued and read him the details that would soon be made public. He also tipped him off to mergers and even strategised with Shaw on how to conceal his trading so that the two would not be caught.

From late 2010 and continuing until March 2013, London secretly passed ‘highly sensitive and confidential information’ to Shaw regarding upcoming earnings announcements by certain KPMG clients, including Herbalife, Skechers and Deckers Outdoor Corp., before that financial information was disclosed to the public. In exchange, Shaw gave London tens of thousands of dollars in cash, typically instructing London to meet him on a side street near Shaw’s business in order to give him bags containing $100 bills wrapped in $10,000 bundles. (Reference: Walter Hamilton and Andrea Chang. 2013, ‘Details emerge in case against ex-KPMG auditor Scott London’ Los Angeles Times, April 11) KPMG said it plans to reassess its internal safeguards.

Required:

Using the details in the Scott London story answer these questions:

A. If KPMG contracted another Big Firm to reassess its internal safeguards, what type of auditor’s service would this be? What IAASB framework would the outside auditors use?

B. If the audit services to reassess internal safeguards by another Big Four firm is an assurance service: 

(1) Who would be the practitioner, responsible party and intended user? 

(2) What would be the subject matter and subject matter information? 

(3) What criteria should be used?

(4) What would constitute sufficient appropriate evidence?

C. What quality control procedure could KPMG put in place to assure that the risk of insider information coming from partners would be reduced to a reasonably low level?