This article was first published in the June 2011 International edition of Accounting and Business magazine.
This spring, the US Senate began an inquiry into what the audit profession might do to help prevent another global financial crisis. A senior committee of the UK House of Lords also published a report that sought to learn lessons from the role the profession played in the run-up to the last crisis. The EU was already undertaking a wide-ranging review of what audit is and should be about and how auditors are regulated. The level of interest being shown in the future of audit around the world has become intense.
Scope and competition are two major issues that feature in the current debate on the future of audit. The first concerns the nature of the audit function, while the second deals with the marketplace within which audit services are provided.
On the first point, ACCA has engaged actively in that debate from an early stage. It has carried out an extensive programme of consultation with members and stakeholders, and on the strength of this has argued that the scope of audit needs to expand in order to keep pace with the information demands of the marketplace. We have proposed that the auditor, in future, should be prepared to take on new responsibilities, such as reporting on companies’ risk-management arrangements and on the financial assumptions underlying their business models, as a means of addressing the evolving information needs of shareholders and the markets.
On the second, the authorities worldwide are conscious that the market for audit services to the biggest companies is dominated by a small number of large firms. This situation has implications for fair competition, and for the corporate sector’s continuing access to audit services should one or more of the Big Four withdraw from the market.
Both these strands are relevant to another developing theme of the debate on the future of auditing, namely the auditor’s exposure to liability for negligent work.
Auditors will invariably owe a duty of care to the entities that they audit. This involves a responsibility in law to carry out their work with the skill and competence that society, and end-users, should be entitled to expect. Where this duty exists, and where the work is not carried out to the standard required, those end-users will have the right to take legal action against the auditors to seek compensation for any loss that their negligence has caused them.
This exposure to liability is usually seen as a good thing, since it concentrates the minds of advisers and acts as a driver of quality and customer care. If advisers were not motivated by the prospect of retribution for careless or poor-quality work on their part there would be a danger of moral hazard; they could become so unconcerned by the possibility of repercussions that they fail to exercise the level of skill and care that they should do. The rules governing liability can become counter-productive, however, when they are seen as being so restrictive that they inhibit innovation and encourage ‘defensive’ and risk-averse practices.
Duty of care
Under the system of joint and several liability, which applies in the UK and many common law-based jurisdictions around the world, a person who has been owed a duty of care, and who claims to have suffered loss, can sue all or any of the parties alleged to have caused that loss: where one of the parties is considered to be better off, and hence more likely to be in a position to actually pay the damages claimed, the plaintiff can choose to sue just that party, with the others being effectively let off. In the context of audit, this means where an auditor carries out an audit of a set of accounts prepared by the board of directors and management of a company, they can be sued by the shareholders for the whole of the loss that they claim to have suffered if the audit does not spot that the accounts misrepresent the company’s financial position, or that fraud has been perpetrated on the company (or by the company). This is even though the directors or management may have been directly responsible for the fraud or misrepresentation that has occurred.
In the case of large-company failures, the damages claimed can be enormous. As it happens, over the years, auditors have very often been seen as the best hope for securing damages for the somewhat perverse reason that they are well regulated and are known to carry extensive professional indemnity insurance.
This state of affairs is likely to have at least two unfortunate results. First, if auditors feel so constrained by the threat of being sued, they will be reluctant to get involved in innovative work that might actually produce real benefits to stakeholders. The audit profession has been accused regularly of being too conservative and of couching audit reports in defensive, legalistic terms that are rooted in a concern to avoid giving rise to litigation. At this time, when stakeholders and regulatory bodies are increasingly looking for auditors to provide assurance on new areas, we need auditors to feel able to expand the scope of their work without the ever-present threat of litigation, which could put them out of business.
Threat of being sued
Second, and directly relevant to the issue of competition, the threat of being sued on an unlimited basis is likely to serve as a disincentive to smaller firms becoming involved with the audit of large companies. Even if a firm considered itself to have the skills, experience and resources to take on the audit of a large company, it may well be forced to refrain from tendering for such an engagement if the financial risk associated with audit failure were sufficient to wipe out the firm.
The argument for the reform of liability rules has been widely accepted, at least in principle, and remedial action has been taken in the recent past to try to protect auditors and as a consequence to increase competition in the audit market.
Many countries now allow audit firms to incorporate, with the result that individual ‘partners’ are able to separate their personal assets from those of their firm. This is not a comprehensive solution to concerns over liability, though, since incorporation only acts to protect the individual partners from the liabilities of their firm: catastrophic damages awards, or trading losses, can still bring down the firm itself.
In 2006, UK law changed to allow audit firms and their corporate clients to enter into voluntary liability-limitation agreements. These amount to bilateral contracts between company and auditor that specify the limit of any damages that the client company may claim against its auditor in respect of negligent audit work. To date, though, the use made of this reform has not been high, thanks to a combination of shareholders’ reluctance to forego their rights to claim and the unfavourable attitude towards contracts of this kind on the part of some market regulators.
Some countries have statutory caps on the liability of auditors for negligent work that they might be responsible for – Germany, for example, imposes a basic cap of €4 million in respect of audits of listed companies.
In 2008, the EU issued a formal recommendation to member states to encourage them to put in place limitations on liability for audit work. This followed a review that found there was no evidence that limitation of liability, either by statutory caps or other means, had any detrimental effect on the quality of audit work.
Some common-law jurisdictions have moved away from the joint and several liability rule, towards a system where financial responsibility is apportioned by reference to a defendant’s share of blame for loss caused – usually referred to as ‘proportionate liability’. Under this system, the plaintiff is entitled to sue each wrongdoer whom he considers bears some responsibility for the loss suffered, and each wrongdoer will be liable for that share of the plaintiff’s loss that arises from their own negligence, as decided by a court.
Since 2000, Australia has reformed the whole basis of its federal law on civil liability. In the wake of a national crisis over the availability and cost of professional indemnity insurance (which saw audit firm premiums rise by up to 400% in some cases), it has replaced the principle of joint and several liability (at least in cases involving economic loss and damage to property) with a general assumption of proportionate liability. This new system applies to the work of company auditors via changes made to the federal Corporations Act.
Proportionate liability under the Australian model does not provide wholesale exemption from liability. It does not apply where a party’s conduct is deemed to have been fraudulent or intentional. And if a court considers that an auditor has been 100% to blame for shareholders’ losses, the auditor can be sued for the whole of that amount, as happens under joint and several liability. In some states, proportionate liability can even be contracted out of and overridden by indemnities. There is, accordingly, no cause to conclude that an auditor’s ultimate financial responsibility has decreased as a result of the move towards proportional responsibility.
Increase in class actions
In the US, meanwhile, a measure of proportionate liability applies in class actions by virtue of the Private Securities Litigation Reform Act 1995. The Reform Act was passed following a boom in class actions in the 1980s, which caused what are now the Big Four firms to pay a reported $650 million, or 12% of their gross revenues, in legal costs by 1993. The Reform Act restricts class-action claims to a proportionate liability basis, although joint and several liability remains where a criminal offence has been committed (other assurances are additionally demanded of auditors).
Even in those jurisdictions that have moved towards proportionate liability, the reforms have been controversial, with strong arguments against change. ACCA considers, however, that some movement on auditor liability would help to encourage the scope of audit being expanded, and at the same time address competition in the market.
We would not suggest that auditors should be freed from the threat of liability – as outlined earlier, exposure to liability is a driver of quality and should remain. But there needs to be some additional recognition of the fact that auditors do not ‘guarantee’ the accuracy of a company’s accounts or the integrity of the underlying records and that, in some cases, auditors can and are deceived by directors and management. We agree that auditors should be responsible for their own mistakes, but query whether they should be also held responsible for the failings, or wilful deceit, of others.
John Davies, head of technical, ACCA