عرض العناصر حسب علامة : ديلويت
الخميس, 16 سبتمبر 2021 10:07
مدقق ديلويت السابق يواجه إجراءً تأديبيًا على Steinhoff
يواجه شريك Deloitte LLP السابق إجراءً تأديبيًا في هولندا بسبب إجراء تدقيق غير لائق
معلومات إضافية
-
المحتوى بالإنجليزية
An ex-Deloitte LLP partner is facing disciplinary action in the Netherlands for an improper audit of Steinhoff International Holdings NV prior to the South African retailer’s near collapse more than three years ago.
The Dutch Authority for the Financial Markets accuses Patrick Seinstra of failing “to obtain sufficient and appropriate audit evidence from the annual accounts,” according to papers from the hearing.
Deloitte refused to sign off on Steinhoff’s accounts in late 2017, leading to the resignation of then Chief Executive Officer Markus Jooste and a share price slump. The firm had been auditing Steinhoff for years, initially in South Africa and then from Europe after the company moved its primary listing to Germany.
Rugby training shields advertising Steinhoff International Holdings in storage at the University of Stellenbosch rugby field in Stellenbosch, South AfricaWaldo Swiegers/Bloomberg
In the probe that followed the scandal, PwC uncovered 6.5 billion euros ($7.8 billion) of irregular transactions between Steinhoff and eight firms between 2009 and 2017.
The AFM’s claims specifically relate to Steinhoff Europe, where the PwC forensic investigation showed a large part of the alleged fraud took place. The retailer’s European accounts were audited by Commerzial Treuhand GmbH, and the regulator says Seinstra failed to check the German firm’s submission was correct.
Commerzial Treuhand is not aware of any misconduct in its work, Managing Director Timo Cybucki said by email.
Seinstra submitted an “extensive statement of defense” in response to the AFM’s complaint. This focuses on Steinhoff’s background and the planning and design of the audit and the fraud, according to the AFM papers. Still, the AFM maintains that Seinstra “has acted culpably under disciplinary action”.
The Auditor’s Chamber can impose measures ranging from a conditional fine to a cancellation of the accountant’s registration. Still, it can’t issue an order for costs or decide compensation in the way a civil court judge can.
Deloitte Netherlands discovered irregularities at Steinhoff during the annual audit in 2017, “despite the fact that the auditor was found to have been deliberately misled,” it said in an emailed response to questions. It then insisted on “an independent investigation” that confirmed “the complex management fraud.”
Deloitte hasoffered a contribution of 77.9 million euros toward Steinhoff legal settlements, without admitting liability and in exchange for certain waivers.
نشر في
موضوعات متنوعة
موسومة تحت
الإثنين, 20 فبراير 2023 09:53
نصائح لشركات المحاسبة لإسترداد البيانات إذا تم إختراقها
لقد أصبحت حالات إختراق البيانات أمرًا شائعًا في أعمالنا وحتى حياتنا الشخصية، وإذا كانت شركتك هي الطرف المتضررفإن الأمر كله يتعلق بعملية إسترداد البيانات. على هذا النحو، نقدم لك هذه المدونة من Patrick Ross من Entigrityلمساعدتك في هذه الحالة.
معلومات إضافية
-
المحتوى بالإنجليزية
Data breaches have unfortunately become commonplace in our modern business and personal lives, and if your firm is on the receiving end it’s all about access and recovery. As such, we bring you this blog from Entigrity’s Patrick Ross to help you with this eventuality.
More often than not, accountants keep coming under the scanners of hackers and eventually become a victim of cyber security attacks. Once ranked as the best cyber security consultant in the world, even Deloitte admitted in March 2017 to be one such victim, apparently indicating that you always have got to have a plan B in place if things go wrong.
If an organization like that can be attacked, anyone can. More importantly, each breach leaves a lingering, if not lasting, imprint on an enterprise’s brand.
However, the best thing to do in this situation is to recover as fast as it could be. With proper response planning and vigilant approach the recovery could be faster and a lot of damage can be saved. . Evaluate the Severity and Scope of the Incident
If a laptop computer or other portable device is lost or stolen, identify the data that may have been exposed, and determine whether these materials are protected by password or encryption. Consider engaging forensic information technology experts to determine the scope of the problem.
In addition, if the possibility of identity theft or other criminal activity is present, inform appropriate law enforcement agencies of the situation.
2. Having an Incident Response Plan
As soon as a data breach is discovered, the response plan must get in action. Generally the best approach is to take all the working devices offline and deploying the IT team (or consultant) in action.
The most important information to find out as quickly as possible is the exact nature of the breach, the extent of the damage, and who’s responsible for the breach. When creating your response plan, you may want to create responses for a few different levels of data breaches, with detailed response steps laid out for each type of breach.
This plan should outline what you need to do and whom you need to contact after a data breach. It should be a step-by-step guide to what you need to do to comply with state and federal laws and inform affected customers about the incident.
3. Inform the Potentially Affected Clients
This is a very important and critical decision to inform the client about such mishaps. Although it is understood that your firm’s credibility could be at risk but it has to be done anyways. That's because data breaches aren't just about lost data.
They're about lost trust and small accounting firms rely on that trust to maintain their client base. When you've built up a client base over years of hard work and have to inform them that their Social Security numbers and financial records are now in the hands of criminals looking to commit fraud
4. Deploy Software Defines Perimeter Services
Enterprises need to constantly assess the latest advancements in network security as well. Software-Defined Perimeter (SDP) services, for example, block communications between enterprise applications and end user devices from potential attacks through the Internet.
SDP reduces security risks over the Internet by making critical applications and resources invisible to everyone until the end users and devices are authenticated and authorized. Such advancements are designed to reduce potential data breach incidents as more companies adopt new technology.
Moreover, during the recovery process, one should learn from the past incidents and make sure to follow more stringent protocols to not let such havoc repeat itself again. Some of the steps that can be taken are:
Require two-factor authentication for access to email from the Internet.
Require Virtual Private Network (VPN) access for telecommuter and travelers accessing company networks. Encourage travelers to note travel device usage times, locations, and other details including connections and accounts used.
Limit administrative access for employees to their devices; if admin access is required for job function, enact a policy restricting use or installation of non-approved third-party apps.
If possible, provide employees with travel devices that can be rebuilt upon return; limit access from these devices and keep known baselines to expedite digital forensic review.
We also suggest having a few practices and policies in place to avoid such mishaps coming your way, such as keeping operating systems, antiviruses, firewalls updated; having strong password policy, usage of secure devices with tracking facility; backup data must also be encrypted, etc.
A lot of troubles can be escaped through if you have trained employees and limited admin rights. The more you are informed, the better you are secured.
نشر في
محاسبة و مراجعة
موسومة تحت