That tension is now fuelling questions about how seriously the firm treated allegations of misused confidential client data.
The leaked summary details at least two specific cases tied to KPMG’s work with Dexus and Lendlease that now sit at the centre of the controversy. In one matter, KPMG penalised a partner because an unattended laptop held sensitive information linked to Dexus.
The firm maintains that this laptop incident did not compromise a separate competitive pitch for Dexus’ audit mandate. Investigators did not speak to several members of KPMG’s Dexus audit bid team, and they also failed to interview anyone from Dexus.
Another case involves a partner who is a registered auditor and who was sanctioned for using confidential Lendlease board papers in a pitch to win Westpac’s audit contract. Internal findings cited those board documents as having “low sensitivity” and offering “zero competitive advantage” even though they were still deemed confidential.
That combination of a formal punishment and a downplaying of the materials’ strategic value is now drawing attention. Critics argue KPMG is treating relatively small process breaches as discipline-worthy while leaving bigger questions about data handling and client trust hanging.
