Australia's corporate watchdog has widened its enforcement net, announcing a comprehensive examination of internal and whistleblower complaints across the Big Four accounting firms—KPMG, Deloitte, EY and PwC—following damaging revelations of misconduct at KPMG. The move represents a significant escalation in regulatory pressure on an industry long criticised for insufficient oversight, and comes as the Australian government contemplates more drastic measures including potential structural dismantling of these powerful firms.

The Australian Securities and Investments Commission (ASIC) initiated the broad-based review on Thursday while simultaneously maintaining a formal investigation launched in June into three KPMG Australia partners. That investigation centres on allegations that the firm systematically exploited confidential client information obtained during advisory engagements to secure competitive advantages in pursuing lucrative audit contracts. The parallel probes underscore growing government frustration with audit industry governance and the limitations of existing regulatory frameworks.

The scope of ASIC's examination extends beyond KPMG's documented breaches. The regulator will scrutinise all complaints received by the four firms relating to external audit services, with particular attention to allegations of confidential information misuse or improper disclosure by auditors. This approach effectively positions the audit divisions of Deloitte, EY and PwC under heightened regulatory scrutiny even as they have not faced the same level of public allegations as their embattled peer. For Malaysian and regional businesses with significant Australian operations or those considering Australian audit services, this regulatory tightening may signal lengthened engagement timelines and potentially enhanced documentation requirements.

A critical complication for Australian regulators is the structural limitation of existing legislation. ASIC's governing authority fundamentally constrains its ability to police partnership-based audit firms as comprehensive entities. Rather, the regulator can only investigate individual registered company auditors and specific conduct tied to their audit work. This jurisdictional gap has frustrated enforcement efforts and prompted ASIC Chair Sarah Court to explicitly demand enhanced powers. Court stated that the regulator could only investigate certain individuals within a partnership and registered company auditors in relation to their audit conduct, highlighting the legislative deficiency that has enabled problematic behaviour to persist.

The KPMG debacle that precipitated this regulatory action originated in March when Labour Senator Deborah O'Neill disclosed to parliament that a whistleblower had alleged KPMG improperly used confidential board papers from Lendlease—obtained during advisory work—to strengthen competitive bids for major audit contracts with Westpac and Dexus. Initially, KPMG's internal investigation concluded the allegations lacked substance, demonstrating how self-regulatory mechanisms prove inadequate when institutional incentives favour exoneration. However, this conclusion proved premature and unconvincing. In late May, the firm's Australia chief executive and audit lead, Andrew Yates, resigned explicitly because of deficiencies in how the organisation had managed the original whistleblower complaint regarding client data sharing.

Yates's departure represented tacit acknowledgement of institutional failure at a senior level, validating the whistleblower's original concerns while exposing the inadequacy of KPMG's internal processes. The resignation signalled that initial denials of misconduct were misleading, undermining public confidence in the firm's governance structures. For professional services clients across the Asia-Pacific region, this sequence of events demonstrates risks inherent in engaging major audit firms whose internal accountability mechanisms may prioritise institutional protection over genuine investigation.

ASIC's predicament reflects a fundamental regulatory mismatch. The regulator possesses significant investigative appetite but constrained legal authority over the partnership structures through which the Big Four operate. Court has been transparent about these limitations, stating that ASIC will deploy existing limited powers while continuing dialogue with government on broader reform. This defensive posture indicates the regulator understands its current toolkit proves insufficient to address systemic governance failures within audit partnerships. The Australian government, responding to successive scandals, has already signalled willingness to contemplate structural solutions including potential disaggregation of Big Four operations.

Breaking apart the Big Four would represent radical intervention by historical standards, but momentum for reform is building. The cumulative effect of KPMG's misconduct, combined with previous high-profile audit failures and recurring governance scandals, has exhausted political tolerance for incremental solutions. Government officials are evaluating whether bringing audit firms directly under corporate regulator oversight—requiring legislative separation of audit divisions from broader consulting and advisory operations—represents the necessary remedy. Such restructuring would eliminate conflicts of interest arising when audit teams and advisory divisions operate within common partnerships pursuing overlapping clients.

The timing and scope of ASIC's review signal preparation for potential legislative change. By comprehensively examining complaint patterns across all four major firms, the regulator is building an evidentiary foundation for arguing that systemic reform requires statutory intervention. If the review documents widespread compliance deficiencies beyond KPMG, that evidence would substantially strengthen government arguments for structural reconfiguration. Conversely, should the review reveal that problems concentrate primarily at KPMG, targeted enforcement against that firm might satisfy public and political demands without necessitating broader industry disruption.

For Southeast Asian professional services markets including Malaysia, Australia's regulatory turmoil carries practical implications. If the Australian government pursues structural separation of Big Four audit divisions, international harmonisation pressures may extend similar requirements to other jurisdictions. Malaysian companies with cross-border audit obligations may face increased complexity managing separate audit and advisory relationships. Additionally, if Australian precedent establishes that audit firm partnerships cannot be adequately regulated under existing corporate law frameworks, Malaysian regulators may reassess their own oversight models and consider whether domestic audit governance requires strengthening.

ASIC's commitment to continued investigation while awaiting government reform represents a holding position that acknowledges both the urgency of misconduct allegations and the futility of attempting comprehensive reform through existing limited authority. The regulator will proceed with available enforcement tools against identified individuals while the government simultaneously designs legislative solutions addressing institutional vulnerabilities. This dual-track approach—prosecution of individual wrongdoing combined with contemplation of structural remedy—reflects acknowledgement that audit industry governance requires both immediate accountability and systemic transformation. The outcome will likely reshape not only Australian audit practice but potentially influence regulatory expectations across the entire Asia-Pacific region.