LOL. I wish it was that easy. Also, if you say you did a pen test bjt didn't, then the client gets hit through an exploit you said you checked or should have checked for, you and your company are done.
Not how that works. They will go after the company and individuals. You can bet that fraud charges will be filed with the police and don't think that wire fraud with the feds is out of the question.
It depends on what happened. If the company simply said they'd done the test but never gave any of the tasks to their employees then the employees would be in the clear. You can't be sued for something you never even knew about.
But if the company had taken the contract on in good faith given the task to an employee and then they'd just lied to their managers and said they'd done it then yeah the employee could be gone after.