KPMG secretly and repeatedly accessed a whistleblower’s computer to extract documents detailing allegations of data misuse, before later sharing the material with senior partners and former chief executive Andrew Yates.
While the content of those documents is not known, the covert retrieval appears to undercut management’s claims that they did not have enough detail to investigate the allegations.
KPMG Australia accessed the computer of a whistleblower in 2024 after allegations were raised about misuse of client information to secure work from clients such as Macquarie Group and Westpac. Bethany Rae
While the firm had the legal right to access an employee’s work laptop, the action is unusual because it occurred when the whistleblower was in a sensitive standoff with KPMG over legal protections. The move raises the possibility that the firm shared the documents with individuals who were subject to the allegations.
A spokesman for KPMG said that the firm had made multiple attempts to “identify evidence to support the claims” made by the whistleblower during the past two years.
“We have acknowledged our management of the whistleblower and their concerns fell short of the firm’s expectations and have apologised unreservedly,” the spokesman said. “Our investigations into these matters is ongoing.”
The firm’s handling of the matter has been heavily scrutinised by Labor senator Deborah O’Neill, who will chair a June 19 federal parliamentary hearing into the matter. She said KPMG needed to come clean on the whistleblower’s allegations and its treatment of the former staff member.
“It’s time for KPMG to fess up. The cover-up over the cover-up over the cover-up is just killing them and is not engendering any confidence in the work that needs to be done by auditors,” she told the Australian Financial Review on Tuesday.
“I’d be surprised if the boards of all of the affected companies aren’t looking at what their auditing and other arrangements are with KPMG.”
O’Neill also warned the firm that any attempt to use legal professional privilege to withhold documents or avoid answering questions during the hearing would be futile.
Labor senator Deborah O’Neill is chairman of the parliamentary joint committee on corporations and financial services. Alex Ellinghausen
The firm initially sought to have the hearing behind closed doors and indicated it would claim legal professional privilege, a legal right to protect confidential communications between a client and lawyer from being disclosed, over many documents. But it has since pledged to co-operate with the committee.
“There seems to be a culture of abuse of legal professional privilege to cover up sins in the large partnerships. It’s got to stop,” O’Neill said. “Legal professional privilege runs out at the door of the Senate and the House.”
O’Neill promised next Friday’s hearing would likely be a long day of questioning: “I will keep the inquiry open until we get to the bottom of the matter.”
The crisis began when a whistleblower – a former audit director – made a formal report in May 2024, alleging confidential client information was misused.
The whistleblower alleged partners misused confidential Lendlease board papers to pitch for Westpac and Dexus audit contracts. Inside information was also allegedly used to secure work from Macquarie Group and Westpac. The local firm and KPMG International refused to grant the whistleblower legal protection and failed to properly investigate the matter for two years.
The claims were first raised publicly by O’Neill in parliament in March 2026.
At the time, KPMG said it asked the whistleblower on more than 20 occasions for more information, but failed to mention it had also repeatedly asked the individual to sign a non-disclosure agreement and refused to provide legal protection.
Questions over computer access
Sources say IT personnel extracted the files under orders from the office of KPMG Australia’s general counsel Louise Capon.
The access started shortly after the whistleblower filed an initial protected disclosure in May 2024, with IT staff accessing the machine twice that November.
IT operatives identified two documents outlining misconduct, including the misuse of client data, that had not yet been formally disclosed. These files were copied and distributed to Yates and senior leaders within audit and HR.
In May 2026, Yates and head of audit Julian McPherson resigned over their handling of the matter. Internal pressure is mounting for the early exit of local chairman Martin Sheppard and former chief operating officer Eileen Hoggett.
Also under perceived pressure to depart are other senior leaders, including Capon, deputy chair Carmel Mortell and head of human resources Dorothy Hisgrove. All were involved in aspects of the firm’s earlier responses to the allegations.
KPMG Australia has apologised to the whistleblower and admitted its three earlier investigations were inadequate. The firm announced a fourth inquiry to be conducted by Allens, the law firm that produced an earlier report dismissing most of the allegations.
A dozen current and former partners – including Yates, McPherson, Sheppard and Hoggett – have been summoned to appear before the hearing on June 19.
More on the KPMG audit leaks
Find out the inside scoop about Accenture, Deloitte, EY, KPMG, PwC and McKinsey. Sign up to our weekly Professional Life newsletter.
