The website for the aerospace auditor certification body Probitas Authentication, an SAE company, has deleted the official Code of Conduct for auditors, in apparent response to an official complaint that alleged Probitas was refusing to enforce it.

Oxebridge had filed a complaint against an As9100 Lead Auditor for falsifying his aerospace employment experience, and Probitas closed the complaint, refusing to confirm the evidence provided by Oxebridge. In the complaint, Oxebridge alleged violations of the Code, which requires that certified auditors will not “intentionally communicate false or misleading information.” Nevertheless, Probitas Director Rich DeMary ruled that no action would be taken against the auditor; DeMary did not address the violations of the Code specifically in his response.

The stunning move appears to be intended to provide cover for Probitas auditors who might be found to be lying or falsifying information as part of their work.

The Code of Conduct is still accessible via a cache maintained at the Internet Archive here. Oxebridge has retained a historical copy available for download as a PDF here.

If Probitas were found to be refusing to enforce the Code, while nevertheless using it as a marketing tool to attract potential auditors interested in their certification, this could amount to a violation of Federal Trade Commission regulations against deceptive trade practices. Those FTC regulations are rarely enforced, however, allowing groups like Probitas to violate their own Codes at will.

Oxebridge has argued that by allowing its auditors to lie about their employment experience, Probitas is inviting them to falsify information on official AS9100 audit reports, as well. Over the years, Oxebridge has obtained dozens of examples where ISO 9001 or AS9100 auditors have recorded false or misleading information on their reports. In one case, an AS9100 Lead Auditor failed to show up for an audit, citing weather issues, and then populated the official audit report with fabricated information, to make it appear as if the audit was conducted. In a recent example from October, a Probitas-certified auditor terminated an audit a half-day early, and then populated his official AS9100 report with data taken from another client, to make it appear the entire audit was fulfilled; the audit report was entered into OASIS with the wrong client name still in the document.

Clients typically tolerate the acts because they either are not aware the auditors are violating specific rules, or are afraid to report the issues for fear of losing their AS9100 certification. The IAQG does not allow for “pausing” the clock on certificate expiration even in cases where auditor fraud may be involved.

Oxebridge has escalated the issue to the AAQG Registration Management Committee, but so far it appears the RMC is ignoring the complaint entirely.

At the same time, Oxebridge is preparing two industry whistleblower reports for US Department of Defense and NASA investigators, alleging various AS9100 actors may be engaged in prohibited behavior. This centers on the argument that the bodies claim, in official documents provided to US government agencies, that the scheme is administered objectively and fairly, despite widespread evidence of fraud. Much of this report will include examples of how certification and accreditation bodies refuse to enforce rules which they cite in proposals or marketing aimed at government agencies, in order to win contracts.

The industry has been plagued with scandals involving AS9100 certified firms who are later found to be engaged in criminal activities or hiding potentially lethal nonconformities, but who nevertheless receive AS9100 certificates year after year, from accredited bodies using Probitas-certified auditors.