What is auditing failure?
Audit failure is when an audit does not achieve what it is supposed to achieve. Now, what an audit is supposed to achieve is a bit of a tricky question, because different people have different answers. But there is a general agreement that audits exist to provide useful, impartial information about a company’s finances to its stakeholders, and in particular that audits should detect any fraud, accounting mistakes and other questionable financial practices that might lead to the company having business troubles. That in turn should help minimise any costs being imposed on its stakeholders, of both the financial and wellbeing kind.
Many people, including the UK government, believe that the auditing industry as a whole is failing to meet this standard. This perception has been sharpened in recent years by the sudden and devastating collapse of well-known firms such as Carillion, Thomas Cook, BHS and Patisserie Valerie, all of which led to thousands of jobs and millions of pounds being lost. In each case, some of the blame was laid at the door of the auditor for not spotting or sounding the alarm over what turned out to be rather clear warning signs that the companies were in financial trouble. And because the auditors for these companies included every one of the Big Four, it’s easy to see why many are drawing the conclusion that there is a problem with the entire auditing industry.
So, what exactly is going wrong? Well, common criticisms fall into the following broad areas:
Conflicts of interest
The relationship between auditors and the companies they audit is often seen as far too cosy. Part of the problem is that companies get to choose who they hire to audit them each year. Auditing companies obviously want to win these contracts, and win them repeatedly. (Side note: the biggest companies are required by UK law to switch auditors, but only about every 20 years.)
Imagine you’re a business trying to decide between two auditing companies. One will take up a lot of your time and money scrutinising everything you do, and may cause you business problems by pointing out to investors and other stakeholders every last financial weakness or mistake in your company. The other auditor will wave your accounts though in a way that makes things quick and stress-free for you. Which one would you be more likely to pick?
This thought exercise is an oversimplification of reality, but it should give you an idea of how auditing firms end up being incentivised to audit in a way that will make the company they are auditing happy… rather than the company stakeholders they should be serving.
And while not all senior company officials are getting up to something dodgy, this system makes it easy for those that are to hide their tracks. Which is how we end up with the Enrons and Carillions and other big busts that have caused a lot of layoffs, financial losses, large taxpayer bills and other economic pain… all of which could have been lessened if auditors had sounded the alarm a lot earlier on.
On top of that conflict-of-interest problem is another one: most auditing firms don’t just do auditing. They provide a range of services to companies, including consulting. What sort of consulting might auditing firms be particularly good at providing? How about how to structure your accounts so an auditor will respond to them in the way that best benefits the company? That’s the shadiest version of events; plenty of the advice auditing companies dole out is not this closely related to audit. But it still creates a similar financial incentive to the one above, where auditors may go soft on a business’ audit if that firm is also a client - or a potential future client - of the auditor’s other services. After all, they want to be able to keep selling to them.
Plus all these potential conflicts of interest we’re talking about here are far more likely to happen because the industry is so consolidated. As we mentioned above, almost all of the big business auditing stuff is done by just four firms: PwC, Deloitte, EY and KPMG.
Conflict of interest is an area where campaigners have managed to make their point to some degree. Several of the auditing firms are now moving away from providing both auditing and consulting services.
Incorrect principles
This one is a bit more debated, because it’s a belief that some (or all) of the current guidelines and practices which audits follow aren’t good (enough) rules.
There’s a bunch of different specific criticisms that are part of this idea, but most of them essentially boil down to a belief that audits should look into stuff they currently don’t. And a lot of the time, the rationale behind including this new stuff is that it is stuff that has a big impact on stakeholders.
For example, there’s a principle called capital maintenance that basically means company executives’ first and foremost priority should be to ensure that their business is resilient. Resilience is about having enough rainy day funds to ensure it won’t go bust if things take an unexpected turn for the worse… say because a pandemic hits. Companies that are really big into chasing profit and who have a big appetite for risk often don’t prioritise capital maintenance, because why keep a stack of money on hand for emergencies when you could spend it on stuff that will generate profit in the here and now? So an argument audit reformers have made is that if audits reported specifically on capital maintenance then companies might do a better job of doing it, especially as it would be easier for their stakeholders to call them out on it. This could then end up doing things like saving jobs during financial crises, because struggling companies have that rainy-day fund to draw on.
Another idea that is growing in popularity is that audits should look at where the company stands in relation to some of the big environmental, social and governance (ESG) criteria. According to Client Earth, a charity, 90 percent of recent audits for the FTSE 250 make zero references to climate risks and how they might affect a company’s finances. But this could be valuable information to stakeholders, including investors who might decide they don’t want to put their money into a business that they don’t believe is doing enough to combat the climate crisis.
Ignoring climate risks in audits could also make it easier for companies to duck their responsibility to help combat climate change, and also to underestimate how much being exposed to climate risks could hurt their business. Take a company that over-values its environmentally-unfriendly assets like oil and coal rather than recognising that they need to be phased out. In the longer run, that’s likely to be bad for their profits as well as the planet, as concerns about planetary destruction push societies into backing more sustainable businesses and putting blame on those who helped speed the crisis along in the past.
Slightly separate to this sort of thing is a line of thinking that says auditors should include more of their subjective opinions on how the accounts look, rather than simply confirming whether they pass or fail a narrow set of guidelines. Fans of this approach say it would give auditors space to flag things that might be concerning to stakeholders, even if the company technically isn’t violating any rules.
Aside from what ends up in them, some people have called for audit reports to be made much more accessible. As you may have noticed throughout these explainers, the language is often jargon-y and confusing. Plus, reports are currently only required to be sent to shareholders, and not to other stakeholders like employees.
Insufficient punishments
The entire rationale behind an audit is that it will stop a company behaving in ways that cause financial problems for stakeholders. But many people think auditing in its current form is simply not enough of a deterrent to stop this bad behaviour.
Auditors are often pictured as being like watchdogs that add an extra incentive for directors to ensure everyone in their company is acting ethically. (Although engaging in fraud themselves is illegal, directors have a surprisingly limited legal obligation to seek out or deter fraud generally. They also rarely have to give back their bonuses if their company collapses.) But auditors are currently watchdogs without much bite. For a start, they aren’t actually compelled to report all the problems they see, let alone all the problems they expect to see if a company carries on doing what it’s doing. They don’t even have to report some kinds of fraud!
That’s because under the current rules auditors ignore transactions that don’t have materiality i.e. aren’t seen as that important because they are for small amounts of money or won’t have much of an impact on the overall business. The idea behind cutting these immaterial transactions out is that it makes audits much quicker and easier to complete. But the auditor decides where the materiality boundaries lie, which brings us back to all those conflicts of interest problems we talked about earlier.
Of course, if auditors really muck up and give a company an audit that outright breaks the rules, they can be punished for it. This tends to take the form of fines, sometimes to the tune of millions of pounds. That sounds like a lot of money. But for those Big Four companies that do most of the auditing it’s only a tiny fraction of their overall revenues. Take the £3.5 million fine EY was given in the summer of 2021 for doing a poor audit of Stagecoach, the transport company. In the year before the ruling, EY’s revenues were £28.9 billion. So the fine cost it about 0.01 percent of its takings. How likely do you think you’d be to stop doing something that benefited you if the worst thing that could happen is that someone might take a couple of quid out of your salary?
