In the third article in our series on how the reliance on compliance has led to countless governance failures, we explore how to address the expectations gap and prevent the imminent destruction of the reputation of the accountancy profession.
Over the last couple of decades there has grown an expectation gap between what the general public (and most politicians) believe an audit is for and the contract which is actually entered into between companies and their auditors. Putting it simply, the public expect an audit to uncover wrong-doing, and they take it for granted that the audited financial statements (which few understand) will represent an accurate picture of what is currently going on, no matter that, in practice, they reflect events which happened many months previously. Phrases such as “a going concern” are interpreted as “currently healthy and good for many years to come”, and the technical definitions and qualifications are not understood and generally ignored.
This may be unfair, but as we pointed out in our earlier article, when year after year the giant accounting firms sign off the accounts of companies which shortly afterwards are exposed as behaving scandalously, the public and their representatives in government will blame the auditors for incompetence or worse. And the danger is clear that the damage to the reputation of the accountancy profession puts it at risk of action being taken by unsympathetic law-makers.
Restrictions and dangers of the current Audit
What are the characteristics of the current audit? For the accountancy profession, and particularly for the largest firms, audit has become a financially focused, commodity product in a mature market, with little differentiation between the Big Four. As such, in Michael Porter’s world of competitive strategy, this is a market driven by the lowest cost producer, and the margins are relatively thin. This drives out all but the largest competitors, hence the aggregation into the Big Four. But the incentive for the big firms is therefore to deliver the audit as efficiently and cost effectively as possible and to make their money by selling additional professional services which deliver higher fees and higher profitability.
Hence the audit will naturally be limited to compliance with the regulations. To compound this conservatism, divergence from this regulatory compliance, and the “safe harbour” it provides, lays the auditors open to legal action from potentially aggrieved parties regarding losses resulting from actions taken after relying on opinions expressed by the auditors.
Moreover, the traditional responsibility of the auditor is to the owners of the company, as the audit is there as a result of the long-standing “agency” problem, to reassure the owners that the managers are looking after their business honestly. This responsibility has been progressively widened by legislation over the years to include a wider group of stakeholders, but essentially the shareholders are the targeted beneficiary of the audit.
The danger of this restricted focus is clear when scandals expose the vulnerability it creates to criticism by non-experts, who read disclaimers, look on these as cop-outs, and don’t understand why common sense doesn’t apparently come into the audit. When politicians publicly scorn the top audit firms, something needs to be done, and quickly.
This is increasingly being recognised by the accountancy establishment, but they show little sign of understanding how to escape the trap.
…worthy bureaucrats will conscientiously try to do their current jobs better, while completely missing the nature of the underlying threat.
What is the Audit profession doing to improve matters?
Two recent developments in international audit circles are the publication on 8 March 2018 of the 2017 Survey Report by the International Forum of Independent Audit Regulators (IFIAR), and the Consultation Document from the Monitoring Group (MG), published in November 2017.
The IFIAR is a body of audit regulators with 52 members throughout the world, and it produces an annual survey of its members’ domestic inspections of the quality of local audits. The feedback, and dialogue between its members, is aimed at improving the quality of audits across the world, particularly of what it calls Public Interest Entities (PIE). Its most recent review has some fairly shocking statistics, the headline getter being that 40% of PIE audits contained a serious fault. This has been reported in the financial pages, and at some point it will be picked up by the tabloids in relation to the next financial scandal. Since most of these PIEs will be audited by one of the Big Four accountancy firms, the implication is that the Big Four have systemic problems with quality control in their audits. This may explain the fact, referred to in our recent article, that in 42 corporate governance scandals in recent years, one or other of the Big Four signed off these companies’ reports shortly before the disclosure of the problems.
So how is the profession addressing this? In the early 2000s, following various financial scandals, a group was set up by a number of concerned bodies: the International Organisation of Securities Commissions, the Basel Committee on Banking Supervision, the European Commission, the Financial Stability Board, the International Association of Insurance Supervisors, and the World Bank Group. This group was tasked with working with the International Federation of Accountants to improve standard setting and, as it puts it, to make it responsive to the public interest. They set up an organisation with three boards, addressing audit and assurance, ethics, and education, with a Public Interest Oversight Board, and a Monitoring Group responsible for overseeing governance and implementation, and fulfilling the public interest commitment. So what does the recent Consultation Document have to say that would help address the issues highlighted by the IFIAR?
Essentially the consultation document is all about the organisational structure of the group, addressing perceived criticism that it is dominated by the profession and may not adequately reflect the public interest. The consultation, which concluded in February 2018, invited input from what it listed as stakeholders, through a response to a set of questions, after which a working group would put together proposals for change. However, the approach seems essentially to be aimed at getting agreement on a rebalanced organisation in the hope that the standards emerging from the resulting re-organised group will be more effective, and implemented more widely, than currently is the case. The stakeholders invited to comment are essentially those currently concerned with standard setting; and while the public interest is described as vital, it isn’t defined. So our own assessment is that it is about trying to improve process, rather than challenging the current purpose of the audit. So the worthy bureaucrats will conscientiously try to do their current jobs better, while completely missing the nature of the underlying threat.
What are the drivers of change?
There are two aspects which need to be seriously addressed when looking at the purpose of the audit in today’s world. The first is the stakeholder dimension, where there is growing worldwide acceptance of the legitimate interest in corporate activities by a much wider group than simply the investors and the managers. And the second is the definition of corporate governance which is becoming progressively more holistic.
Thus the list of stakeholders expecting an independent assessment of the performance of companies now has widened to embrace those affected by the social and environmental impact of a company’s activities. And partly reflecting this, a number of influential organisations have put their own principles and standards forward for companies to respond to, particularly in relation to sustainability, environmental impact and social responsibility. These include the UN Principles of Responsible Investment, the OECD’s Principles of Corporate Governance, Natural Capital Coalition’s reporting protocols, and Index organisations like MSCI reporting on ESG compliance. A further straw in the wind was the letter to CEOs in January 2018 by Larry Fink, CEO of Black Rock, asserting that companies should have a social purpose and a strategy for long term growth. In his previous letter, he had mentioned ESG, so the direction of travel for this, the biggest fund manager in the world, is clear.
Addressing the Expectation Gap
What, then, is the Expectation Gap, and what should the profession be doing about it? Briefly, the Expectation Gap is the difference between the public expectation that the audit exists to uncover bad practice in corporate governance, and the auditing profession’s belief that its role is limited to an essentially financial investigation of compliance with accounting standards. Auditors think they can hide behind checking compliance, but the expectation gap is widening as the interpretation of corporate governance by the owners – the investing institutions – widens well beyond a set of financial figures presented according to an accounting standard. Who is going to put the stamp of trustworthiness on these wider measures?
So the audit should now really be about checking the governance of companies, not merely about the financial statements. And the definition of corporate governance should be holistic, not simply compliance with the codes drawn up by the accountancy profession. Additionally, the auditors should examine the performance of the board, as this will shine a light on the company’s ethical behaviour and the strength or otherwise of its governance. And this should not be simply signing off that the board has conducted the required self assessment. Arguably, it should, for instance, check that the NEDs keep themselves properly informed about the legal and industry regulatory background and the customer/market developments, as well as the performance of the company itself.
The new Audit
So how to co-ordinate and manage this plethora of new demands above and beyond current compliance with codes and regulations? Here are some of the requirements which the new auditor needs:
- an holistic approach to corporate governance to embrace these new measures
- common standards for these wider issues, particularly in the field of ESG, for instance
- external, trusted verification
- a practical approach to verification which cannot be “captured” by the organisation
- measurable metrics which can be seen to relate directly to the fulfilment of the company’s goals, and hence provide motivation for improvement
- the ability to deliver independent, from the heart, reports without risk of being sued.
These requirements lead naturally to our Holistic Corporate Governance approach, comprising:
- holistic definition as per our Five Golden Rules
- quantitative methodology and metrics….
- ….derived from the company’s goals and business model and ….
- ….structured to enable progressive performance improvement
- independent assessment
- independent publication….
- ….potentially to a new central standards body
- a board information management system with what we describe as Dynamic Stakeholder Engagement™ to provide an on-going feedback
- access to the key parts of this system for auditors and potentially for the new central standards body.
The way forward for the profession to recover its reputation
What we have outlined above should be the starting point of the audit and should provide the overall framework governing the audit programme that follows. The output from the detailed examination of the accounts will then be interpreted in the light of what the overall Holistic Corporate Governance examination has uncovered.
When the general public see an holistic, practical approach to the audit examination of a company which addresses all the common sense questions which they themselves, in their non-technical ignorance, would ask, they will recover their faith in auditors and in the accountancy profession.
Part one and two of this series on reliance on compliance and the audit profession:
- 2017 Survey Report by the International Forum of Independent Audit Regulators (IFIAR), March 2018
- Consultation Document from the Monitoring Group (MG), November 2017
- ACG Definition of (Holistic) Corporate Governance
- Corporate Governance Best Practice (the Five Golden Rules)
Having been part of the Big 4 community until not so long ago, and having observed the pressures that motivate partners and staff to act the way they do, one thing that has become clear is that the lack of real independence of the external auditor from management is what repeatedly crashes the high standards of professionalism required of an external auditor. As long as management influences the appointment and termination of an external auditor, and has a say in approving their remuneration, no real change is possible within the profession. Similarly, owners with vested interests, are also likely to be affected by an adverse audit opinion, in terms of getting bank facilities, or share price collapse, and will heavily resist an auditor trying to live up to the required standards. So, an audit firm that has to pay its bills, its employees, make profits for the partners, will bend the rules to breaking point repeatedly, so as not to lose its business – all in the name of “being practical”! What is the use of such an exercise ? If its worth doing, it’s worth doing well. Otherwise why push paper (or audit software), and waste time and money.
I am sure we have all come across small audit firms selling their “audit” commodity for as low as a thousand pounds, using boiler plate materials and templates. The bigger firms have also commoditized the “audit”, albeit for 10 times the fee charged by a small firm. Banks smugly accept these, giving disproportionate loans on the strength of a piece of paper, which end up hurting the economy, govt finances and the resulting domino effect. Govt Depts which require audited financials for renewal of the trade licence also pay scant regard to the quality of the audit.
What is needed is a thorough overhaul of the ENVIRONMENT surrounding the external audit profession, so that only when an external audit is really required, then only it gets done, to the highest professional standards. It will take a lot of thought and planning to extricate this profession from the abyss into which it is falling rapidly, so much so that when it emerges from the abyss, it may bear little resemblance to what it appeared like originally. But then, as they say, those who accept the world as it is don’t create any lasting change for the better, those who change the world for the better are those who put in the effort after rejecting the status quo.
I take the point you make, and audit has been a “mature” industry for many years now, so you have strong competition, little differentiation between the market leaders and low margins, hence cutting corners. Hence also the emphasis on higher margin consultancy work.
However, I think the whole purpose of the audit needs to be rethought as the current view of the public (audit’s purpose is to uncover wrong-doing and the published financial statements are guaranteed accurate) is denied by the profession. Hence the public incomprehension when fraud or mis-statement of figures causes a company to crash, following unqualified audits. Furthermore the traditional primary responsibility to the shareholders (gradually being broadened to the consternation of the profession), coupled with the contract being in the hands of management, as you say, ignores the fact that other important stakeholders rely on the audit for their comfort and security.
Finally, the point I’m trying to get across is that, to protect themselves from legal challenges, the audit is so circumscribed with limitation clauses that commonsense goes out of the window and companies can get a technical clean bill of health when the market knows there is something wrong.