A fixed line telephone and a calculator sit next to a pair of spectacles. (Photographer Chris Ratcliffe/Bloomberg)

EY Firm Shared Financial Earnings Information, Says Infibeam

For most of the last year, Infibeam’s auditors questioned its accounting practices. Now the company is pointing a finger at one of its auditors.

Last week, online retailer Infibeam Avenues Ltd.’s board of directors decided to sack their current audit firm SRBC & Co for an information breach. SRBC is an network firm of EY, one of the big four auditors across the world.

On May 7, Infibeam’s notice to shareholders revealed the specific breaches the auditor has been accused of. The notices state that as an insider the audit firm breached regulations by sharing the company’s unpublished financial earnings information.

The regulation to prevent insider trading requires that no insider shall communicate, provide, or allow access to any unpublished price sensitive information of a company to any person unless in the furtherance of legitimate purposes.

The company said it first heard of this breach on Feb. 26, 2018 via an anonymous complaint.

The complaint alleged that the company’s quarterly financial results had been shared with various third parties prior to such results being disclosed to the stock exchanges by SRBC, one of the joint statutory auditors.

Infibeam initiated an internal preliminary investigation and sought details from the audit firm. The EGM notice states that SRBC confirmed there had been a data breach and Infibeam’s financial results had been shared with one of the firm’s clients.

... the auditor, vide email dated April 15, 2019 had informed the company that it has undertaken an internal investigation, and had admitted that as a part of their preliminary findings, there had been a data breach, wherein financial results of the company had been shared with one of its clients, who would not qualify as an “insider” under the PIT regulations.
Infibeam EGM Notice

In its internal investigation, SRBC examined official email accounts of 28 audit team members who worked on the Infibeam account between November 2016 and February 2019. It found that certain emails containing unpublished price sensitive information pertaining to Infibeam were sent by some of the audit firm’s employees from their official email accounts to their personal email accounts.

The audit firm also found that in one instance, in February 2017, a member of the audit team “inadvertently marked a third party” on an email that contained unpublished information pertaining to the company’s financial statements. This third party was the director of another client of the audit firm. And though the error was discovered and the email deleted, the audit firm didn’t inform Infibeam of this incident at the time, the company said in the EGM notice.

On April 27, SRBC submitted the final investigation report and said there had been no wilful or fraudulent act on its part.

...the auditor has specified that it is not in violation of any applicable law, and there has not been any wilful or fraudulent act on the part of the auditor, and has denied any wrongdoing on its part.
Infibeam EGM Notice

Infibeam’s board discussed the report with the auditor and

  • raised a number of concerns on adequacy and reliability of the system and procedure adopted by the auditor in conducting its in-house investigation.
  • has insisted on an investigation by an external agency.
  • is also not satisfied that the company’s financial information shared to the personal account of the audit firm employee as well as a third party has not been forwarded, misused and abused.

Infibeam sought indemnity from the EY firm but it refused, the EGM notice stated.

As a consequence of all this the Infibeam board has decided not to share financial results for the March-ended quarter with SRBC. It has also sought shareholder approval to remove SRBC as joint auditor. Mumbai-based audit firm Shah and Taparia is the other auditor of the company.

The EY Point Of View

In an emailed statement to BloombergQuint, SRBC said Infibeam’s EGM notice does not accurately represent the communication between the two.

The audit firm is open to an external investigation, SRBC said. It also pointed out that it was only between November 2016 and May 2017 that emails were sent by employees to their personal accounts. These were sent for business purposes and for ease of access only. There was no malafide intent, said the audit firm.

We stand by our findings that there was no wrongdoing on our part. We are confident of our position and we will make representations to the company, shareholders and regulatory authorities, as required.
SRBC Statement (May 8)

There’s Been Trouble Brewing?

In the past two years there’s been some churn among Infibeam’s auditors.

The EY firm took up the audit assignment in September 2016. KPMG was then the joint auditor but it resigned during financial year 2017-18. Shah and Taparia was appointed in September 2018.

In the last one year – SRBC has raised issues with Infibeam’s financial results at least twice.

1. In its limited review of the company’s April-June 2018 earnings the auditor asked the company to “to perform an independent investigation in relation to certain matters such as merger and acquisition and other financial statements related matters”. No further explanation was forthcoming from either the auditor or the company on the scope of the investigation or what may have prompted it.

2. In its earnings statement for the quarter ended September 2018 the company said an independent firm of chartered accountants were appointed to perform the investigation and its report did not contain any material adverse observations. But they had requested for “detailed report”. The auditors mentioned this in their limited review as well.

3. In the next quarter the company said it received the detailed report and it did not contain any adverse observations. But in the limited review for that quarter the auditors made two qualifications pertaining to

  • Rs 122 crore in advances made to Infibeam’s subsidiaries who in turned used the money to pay vendors. In the absence of adequate information the auditors said they were “unable to comment on the recoverability of advances and consequential impact” on earnings.
  • Rs 32 crore in revenue from web development and maintenance services. In the absence of details regarding pricing rationale the auditors said they were unable to comment on measurement of revenue and consequential impact on earnings.

Meanwhile, in September 2018 Infibeam’s stock price fell 71 percent in a single trading session after a social media message raising concerns about the company’s accounting practices went viral.

Now the company’s auditor is facing the heat.