Connect with us

Accounting

DOJ, SEC investigating $32M CrowdStrike deal with Carahsoft

Published

on

U.S. prosecutors and regulators are investigating a $32 million deal between CrowdStrike Holdings Inc. and a technology distributor to provide cybersecurity tools to the Internal Revenue Service, according to two people familiar with the matter and a document seen by Bloomberg News.

Investigators for the Justice Department and the Securities and Exchange Commission have been interviewing people and collecting records related to the deal, according to the document and people. They spoke on condition of anonymity because they are not authorized to discuss the matter.

Carahsoft Technology Corp. paid CrowdStrike for the deal that the cybersecurity firm closed on the last day of a fiscal quarter in 2023, but the IRS never purchased the products, Bloomberg first reported in October. The transaction under investigation was big enough that it could have made the difference between CrowdStrike beating or missing Wall Street projections for the period, although the Austin, Texas-based company has declined to detail how it accounted for the deal. The day after CrowdStrike reported results for the record quarter, its shares rose 10%.

The parallel probes, which haven’t been previously reported, also represent additional scrutiny of Carahsoft, a dominant reseller of technology to the U.S. government. The FBI searched the firm’s headquarters last year, and federal prosecutors are conducting a separate civil investigation of whether the company conspired with another technology firm to overcharge the government.

CrowdStrike spokesperson Brian Merrill said in an email, “we stand by the accounting of the transaction.” A lawyer for Carahsoft, Samarth Barot, declined to comment.

A spokesperson for the U.S. Attorney’s Office for the Southern District of New York, Nicholas Biase, declined to comment. An SEC spokesperson, Cory Jarvis, said the agency doesn’t comment on “the existence or nonexistence of a possible investigation.”

As early as last fall, SEC and DOJ investigators were questioning former CrowdStrike employees involved in the deal, as well as IRS staff, and they’ve continued to pursue interviews in recent weeks, according to the people and documents. They’ve also collected records related to the deal, including written communications from employees of the IRS, CrowdStrike and Carahsoft.

The investigators asked witnesses detailed questions about the interactions between CrowdStrike sales staff and IRS officials in the lead-up to the deal’s closure, one of the people said. They’ve inquired repeatedly whether the agency purchased the CrowdStrike software and were told no, the person said.

IRS officials did not respond to calls and emails seeking comment.

Prosecutors from the U.S. Attorney’s Office for the Southern District of New York are among those working on the investigation, according to the person.

The deal under scrutiny is complex and some specifics of it remain unclear. Documents from Carahsoft and CrowdStrike show that it was for identity threat protection software to be used by the IRS. The agency, however, never bought it.

CrowdStrike closed the deal on the last day of its third fiscal quarter in 2023. In a subsequent earnings call, Chief Executive Officer George Kurtz highlighted it by saying, “identity threat protection wins in the quarter included an eight-figure total deal value win in the federal government.”

Carahsoft has been making on-time payments to CrowdStrike, the cybersecurity firm told Bloomberg last fall. Both companies explained then that they had a “non-cancellable order” between them, but declined to say why they struck the deal without a purchase in place from the IRS, or what became of the millions of dollars worth of software subscriptions that were at stake.

In an earnings report in November 2024, CrowdStrike excluded roughly $26 million from its annual recurring revenue for the quarter. The company’s chief financial officer, Burt Podbere, said the unusual move followed the company determining the transaction wouldn’t be repeated “after a distributor in the federal space provided notice of its intention to exercise transferability rights with respect to a transaction.”

CrowdStrike representatives have declined to elaborate or say whether the comments were related to the deal involving the IRS and Carahsoft.

At the time of the deal, some CrowdStrike staff raised internal concerns that the company was “pre-booking” the transaction, which they viewed as incomplete because it was unclear whether the IRS would ever make the large purchase, Bloomberg previously reported. U.S. regulators have in some cases sued and fined companies over alleged pre-booking, also known as channel stuffing, claiming they misled investors by improperly recognizing revenue to inflate their financial figures.

A CrowdStrike spokesperson previously said it was “demonstrably false” that there was any pre-booking and that the deal was reviewed and “given a clean bill of health.”

U.S. investigators have already spent years examining Carahsoft, a leading player among resellers and distributors that help technology companies navigate the complexities of selling to government agencies. In September, agents from the FBI and the U.S. Department of Defense searched the company’s Reston, Virginia, headquarters.

A Carahsoft spokesperson said at the time that it was cooperating with the FBI probe, which involved “an investigation into a company with which Carahsoft has done business in the past.” The Justice Department is also conducting a separate civil investigation of Carahsoft and SAP SE for potential price fixing on government contracts, as Bloomberg previously reported. The German firm is cooperating with the civil probe, according to a spokesperson.

There’s no known link between CrowdStrike and the civil investigation nor the search of Carahsoft’s office. A representative of the cybersecurity company previously said it’s not connected to either.

Federal investigations, especially of complex cases, often run for years and many end without any formal accusations of wrongdoing.

Adam Pritchard, a professor at the University of Michigan Law School and former SEC lawyer, said that regardless of what investigators find, the probes will cost CrowdStrike and Carahsoft in legal fees and managers’ time, and draw scrutiny from their boards of directors. He said investigators will likely be interested in whether the companies had any “additional understandings” about the deal beyond their contract and, if so, whether they were disclosed to auditors.

“If I were investigating, I would want to know if there were implicit understandings that if the deal didn’t go through with the IRS that they could work out the money over the course of their ongoing relationship,” said Pritchard.

Continue Reading

Accounting

IAASB tweaks standards on working with outside experts

Published

on

The International Auditing and Assurance Standards Board is proposing to tailor some of its standards to align with recent additions to the International Ethics Standards Board for Accountants’ International Code of Ethics for Professional Accountants when it comes to using the work of an external expert.

The proposed narrow-scope amendments involve minor changes to several IAASB standards:

  • ISA 620, Using the Work of an Auditor’s Expert;
  • ISRE 2400 (Revised), Engagements to Review Historical Financial Statements;
  • ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information;
  • ISRS 4400 (Revised), Agreed-upon Procedures Engagements.

The IAASB is asking for comments via a digital response template that can be found on the IAASB website by July 24, 2025.

In December 2023, the IESBA approved an exposure draft for proposed revisions to the IESBA’s Code of Ethics related to using the work of an external expert. The proposals included three new sections to the Code of Ethics, including provisions for professional accountants in public practice; professional accountants in business and sustainability assurance practitioners. The IESBA approved the provisions on using the work of an external expert at its December 2024 meeting, establishing an ethical framework to guide accountants and sustainability assurance practitioners in evaluating whether an external expert has the necessary competence, capabilities and objectivity to use their work, as well as provisions on applying the Ethics Code’s conceptual framework when using the work of an outside expert.  

Continue Reading

Accounting

Tariffs will hit low-income Americans harder than richest, report says

Published

on

President Donald Trump’s tariffs would effectively cause a tax increase for low-income families that is more than three times higher than what wealthier Americans would pay, according to an analysis from the Institute on Taxation and Economic Policy.

The report from the progressive think tank outlined the outcomes for Americans of all backgrounds if the tariffs currently in effect remain in place next year. Those making $28,600 or less would have to spend 6.2% more of their income due to higher prices, while the richest Americans with income of at least $914,900 are expected to spend 1.7% more. Middle-income families making between $55,100 and $94,100 would pay 5% more of their earnings. 

Trump has imposed the steepest U.S. duties in more than a century, including a 145% tariff on many products from China, a 25% rate on most imports from Canada and Mexico, duties on some sectors such as steel and aluminum and a baseline 10% tariff on the rest of the country’s trading partners. He suspended higher, customized tariffs on most countries for 90 days.

Economists have warned that costs from tariff increases would ultimately be passed on to U.S. consumers. And while prices will rise for everyone, lower-income families are expected to lose a larger portion of their budgets because they tend to spend more of their earnings on goods, including food and other necessities, compared to wealthier individuals.

Food prices could rise by 2.6% in the short run due to tariffs, according to an estimate from the Yale Budget Lab. Among all goods impacted, consumers are expected to face the steepest price hikes for clothing at 64%, the report showed. 

The Yale Budget Lab projected that the tariffs would result in a loss of $4,700 a year on average for American households.

Continue Reading

Accounting

At Schellman, AI reshapes a firm’s staffing needs

Published

on

Artificial intelligence is just getting started in the accounting world, but it is already helping firms like technology specialist Schellman do more things with fewer people, allowing the firm to scale back hiring and reduce headcount in certain areas through natural attrition. 

Schellman CEO Avani Desai said there have definitely been some shifts in headcount at the Top 100 Firm, though she stressed it was nothing dramatic, as it mostly reflects natural attrition combined with being more selective with hiring. She said the firm has already made an internal decision to not reduce headcount in force, as that just indicates they didn’t hire properly the first time. 

“It hasn’t been about reducing roles but evolving how we do work, so there wasn’t one specific date where we ‘started’ the reduction. It’s been more case by case. We’ve held back on refilling certain roles when we saw opportunities to streamline, especially with the use of new technologies like AI,” she said. 

One area where the firm has found such opportunities has been in the testing of certain cybersecurity controls, particularly within the SOC framework. The firm examined all the controls it tests on the service side and asked which ones require human judgment or deep expertise. The answer was a lot of them. But for the ones that don’t, AI algorithms have been able to significantly lighten the load. 

“[If] we don’t refill a role, it’s because the need actually has changed, or the process has improved so significantly [that] the workload is lighter or shared across the smarter system. So that’s what’s happening,” said Desai. 

Outside of client services like SOC control testing and reporting, the firm has found efficiencies in administrative functions as well as certain internal operational processes. On the latter point, Desai noted that Schellman’s engineers, including the chief information officer, have been using AI to help develop code, which means they’re not relying as much on outside expertise on the internal service delivery side of things. There are still people in the development process, but their roles are changing: They’re writing less code, and doing more reviewing of code before it gets pushed into production, saving time and creating efficiencies. 

“The best way for me to say this is, to us, this has been intentional. We paused hiring in a few areas where we saw overlaps, where technology was really working,” said Desai.

However, even in an age awash with AI, Schellman acknowledges there are certain jobs that need a human, at least for now. For example, the firm does assessments for the FedRAMP program, which is needed for cloud service providers to contract with certain government agencies. These assessments, even in the most stable of times, can be long and complex engagements, to say nothing of the less predictable nature of the current government. As such, it does not make as much sense to reduce human staff in this area. 

“The way it is right now for us to do FedRAMP engagements, it’s a very manual process. There’s a lot of back and forth between us and a third party, the government, and we don’t see a lot of overall application or technology help… We’re in the federal space and you can imagine, [with] what’s going on right now, there’s a big changing market condition for clients and their pricing pressure,” said Desai. 

As Schellman reduces staff levels in some places, it is increasing them in others. Desai said the firm is actively hiring in certain areas. In particular, it’s adding staff in technical cybersecurity (e.g., penetration testers), the aforementioned FedRAMP engagements, AI assessment (in line with recently becoming an ISO 42001 certification body) and in some client-facing roles like marketing and sales. 

“So, to me, this isn’t about doing more with less … It’s about doing more of the right things with the right people,” said Desai. 

While these moves have resulted in savings, she said that was never really the point, so whatever the firm has saved from staffing efficiencies it has reinvested in its tech stack to build its service line further. When asked for an example, she said the firm would like to focus more on penetration testing by building a SaaS tool for it. While Schellman has a proof of concept developed, she noted it would take a lot of money and time to deploy a full solution — both of which the firm now has more of because of its efficiency moves. 

“What is the ‘why’ behind these decisions? The ‘why’ for us isn’t what I think you traditionally see, which is ‘We need to get profitability high. We need to have less people do more things.’ That’s not what it is like,” said Desai. “I want to be able to focus on quality. And the only way I think I can focus on quality is if my people are not focusing on things that don’t matter … I feel like I’m in a much better place because the smart people that I’ve hired are working on the riskiest and most complicated things.”

Continue Reading

Trending