The accounting profession is joining in the broad-based enthusiasm for a future of greatly expanded attention to corporate reporting in the areas of Environmental, Social and Governance / Diversity, Equity and Inclusion. Whether the stampede is toward a new promised land of useful information, or a cliff-edge of hazard -- that remains to be seen.
My own recent contribution appears in this winter's special edition of the International Journal of Auditing (V.26, Issue 1), published by Wiley in the United Kingdom at the initiative of Dr. Ilias Basioutes, senior lecturer in Accounting at the Aston Business School in Birmingham, as an extension of the annual Audit & Assurance Conference under the auspices of the school and the Audit Group of the British Accounting Association. With his kind permission it appears here:
THE FUTURE OF EXTERNAL AUDIT: ISSUES AND QUESTIONS
Introduction
Prediction is very difficult, especially if it's about the future!
- Attributed most reliably to Danish physicist Niels Bohr
What does the future hold for ‘Big Audit’—the function that emerged in the Victorian era 1 to offer third-party assurance on company-provided information, valued and used by the world's capital markets?
Audits of public company financial statements, leading to the all-too-familiar ”true and fair view” opinion, are at the core of a formidable professional services franchise.2
Pressures on the model are multidimensional:
- The traditional ‘pass/fail’ opinion is criticized as simplistically inadequate to address the complexities of modern business reporting.
- The firms are stressed to embrace rapid developments in technology, big data and artificial intelligence and to cope with staffing and employee issues under the COVID-19 pandemic and the work/life concerns of younger generations of their workforce.
- Despite decades of attention to audit quality, costly corporate collapse and white-collar malfeasance persist—in recent years spanning from Carillion in the UK to WireCard in Germany. Highly publicized scandals generate both the expected question, “Where were the auditors?” and litigation at levels posing existential threat to the firms' survival.3
Little should be expected from the politicians and regulators. The consultation initiated by the UK government in March 2021, “Restoring Trust in Audit and Corporate Governance,” portends extended attention to the mission, scope and structure of a reconstructed UK audit regulator but is essentially silent on changes to the basic model of the firms themselves.
Driving real change, however, will be the loud and demanding calls for expanded corporate transparency in a multitude of areas— loosely gathered as Environmental, Social and Governance (ESG) and lately extended to the rubrics of Diversity, Equity and Inclusion (DEI).
Under the imperatives and opportunities of the capital markets, new corporate disclosures may be supported by third-party assurance from sources still to be determined. In that new landscape, where would the accountants find themselves? What might or could they do? Prudently considered, what should they do?
The Accountants Should Be There
The accounting profession has a prima facie claim for a seat at the table. Evidence that assurance providers were “counting the stuff’ goes back to the Sumerian era, when clay tablets were inscribed to record quantities of grain and livestock. At the meta-level, the auditors have provided assurance process innovation and application for 170 years.4 Whether that history supports a claim for primacy may be another matter.
Along with the accounting firms themselves, bodies including the International Federation of Accountants, the ICAEW in the United Kingdom and the Center for Audit Quality in the United States are tub-thumping advocates of a presumptively leading role for the profession.
Observers such as Sir Donald Brydon are more measured. His report of December 2019 on his “Independent Review into the Quality and Effectiveness of Audit” expresses the desirability of a new professional designation—the corporate auditor—contemplating a remit well beyond that of statutory auditors, “to encompass today's auditors and others with appropriate education and authorization” (¶ 6.0.11).
The Brydon report's salient observations suggest that the range of subject matter expertise and competencies required to put flesh on the auditors' process skeleton may be more extensive than is presently available or as envisioned in the self-regarding eyes of the profession itself (all emphasis added):
“... It is far from clear that an accountant is best placed to opine on many of the variables involved (¶ 6.0.13).
“Whilst in this new environment there may be environmental auditors, cyber security auditors and financial statement auditors, only some would need to have an accountancy qualification as known today” (¶ 6.0.14).
Some Threshold Questions
There are threshold questions in the ESG/DEI discussion, answers to which are still on the far horizon. They start with the challenge of articulating the “standards” against which companies will report and under which auditors may provide some form of assurance.
Simply, what is a “standard,” and how is it to be interpreted, applied and enforced?
Ad hoc communities of the great and the good are vying among themselves to proclaim both virtue and competence in standards setting. Self-designation carries no real weight, however; history teaches that stature and credibility are only achieved, and legitimacy bestowed and maintained, through public acceptance, when and if value is demonstrated and responsibility is accepted and enforced.
There is some inchoate understanding, visible among the players, of the uncertainties involved:
- The merger of the International Integrated Reporting Council and the Sustainability Accounting Standards Board into a newly launched Value Reporting Foundation reflected the reality that streamlining and convergence are essential.
- On 3 November 2021, the IFRS Foundation Trustees announced the long-awaited and much-promoted launch of the new International Sustainability Standards Board, one approach to the ultimate need for broadly endorsed official standards recognition and sanction.
Complete global convergence is unlikely, however, as already signaled by separate efforts of the SEC in the United States on climate disclosure and unilateral movement in the European Union toward mandated assurance.5
The Overhanging Issues of Liability
The skunk at this otherwise optimistic and congenial garden party is that of legal liability. While the prospect of major exposures looms on the horizon, there is no likelihood of short or medium term change in the liability exposure for auditors offering ESG/DEI assurance:
- Barring the unlikely adoption of “safe harbour” protection for assurance in whatever form, inevitable lawsuits will assert liability based on the broad association of the provider's name and brand, whatever the ostensible limitations of its report language. Under the particular conditions of each individual case, it will be asserted that the “standards” were unsatisfactory or deficient to protect the interests of users, or that if the standards had only been properly understood and applied, an allegedly deficient report would and should not have been issued.
- Engagement contract provisions between auditors and clients, to cap or otherwise mitigate potential exposures, have failed to attract widespread or indeed any significant adoption. Public companies in the United States are prohibited by the SEC from using such provisions in any event. Future adoption cannot be anticipated.
- There is no public appetite to relieve the auditors of their generally unlimited liability to investors and others; no realistic expectation exists of liability “reform,” caps on damages or other relief.
Some Nightmare Examples
When an assurance engagement thought to be low risk does go wrong, as some number surely will, the consequences can be wildly disproportionate to a firm's approach to its risk assessment or to the quality of resources and performance actually delivered.
It requires little enough to hypothesize a menu of situations that would spawn serious litigation against ESG/DEI assurance providers, whoever they may be—auditors or others:
- Hard on the heels of an opinion on the controls and governance of a dealer in precious metals, a whistle-blower reveals the entity to be engaged in systematic gold smuggling and money laundering.
- Within a year of an environmental safety report, offering assurance on a global energy company's procedures for controlling the completion of its offshore oil wells, a new blowout occurs on the scale of the 2010 Deepwater Horizon. Weeks are needed to bring it under control; it causes unquantifiable ocean pollution and damages in the billions to regional businesses, fisheries and wildlife, resorts and tourism.
- Directly after a “reasonableness” opinion on a global clothing manufacturer's disclosures of the structural safety of its factories, a high-rise sweatshop in a developing country collapses. Building and contents are a total loss, along with extensive fatalities among the trapped workers.
- An assurance report is delivered on a company's compliance with its country's standards for the number of vehicles necessary for timely evacuation of a factory's workers in an emergency. Unfortunately, a massive accident destroys the facility, with an 80% fatality rate among the workers. Subsequent investigation reveals that while the number of vehicles on site was in compliance with the minimum set by the standards, one third were inoperable and awaiting maintenance; in any event, even the total number could at most have accommodated no more than half the number of workers on site at the time of the evacuation order.
The Profession’s Own Perspective
Optimism and “success bias” are deeply embedded in the DNA of the accounting profession. Well they should be, to meet the complex needs involved in building and leading large organizations in fast- evolving conditions.
But—a personal perspective—in dealing for nearly 50 years with the threats against auditors in their most difficult and dangerous situations, I have long seen their continuing desire to focus on “all the things we do right, that we never get credit for.”
That is especially true for assurance other than statutory audit— whether compilation or reviews, agreed-upon procedures or opinions worded in “limited” or “reasonableness” language. For these, the default attitude is “they're low risk, and people have to understand our role.”
Both of which are true, most of the time. But not always. To invoke the maxim for the occasional discipline of unruly small children, “When I do good, nobody remembers; when I do bad, nobody forgets.”
As For Possible Future Directions?
So what might the future hold? Assuming medium-term formalization of standards and reporting for ESG/DEI, either voluntarily or by official mandate, and the publication of a critical mass of assurance reports, there will follow a small but non-zero number of corporate breakdowns that involve and implicate the performance of the providers.
Some number of accountants and other assurance providers, convinced to accept engagements to provide “limited” or “reasonableness” opinions, will find their work challenged in the courts. Defenses against asserted damages at potentially catastrophic levels will be required. Litigation outcomes being unpredictable, at minimum those firms will incur and expend extensive time, expense and settlement costs.
Other providers, in their exercise of risk assessment, will have foregone the acceptance of ESG/DEI assurance engagements, unless protected from exposure to potentially ruinous liability. It may be expected that such decisions will predominate both in the US and for ex-US companies whose US-traded securities open the door to litigation under that country's legal system.
There is a third scenario for the accountants, if allowed to chart their own course over an uncertain ESG/DEI landscape that lacks dependable signage and is fraught with hazards. By analogy to the tax consulting services that the firms have delivered for decades, they would have a consultative role, both valuable and manageable, bringing expertise and discipline in support of their clients' disclosures, while refraining from extending their own opinions where the value is uncertain and the risks are increased, unpredictable and beyond quantification.
Two factors could complicate such a strategy. The first is that zealous regulators could attempt to mandate ESG/DEI assurance, despite or without adequate assessment of the limitations and complexities.6
Second, the scope of technical competencies and expertise required to support broadened ESG/DEI reporting and assurance has potential to clash with the rules of independence and permissible scope of services that constrain the accountants, particularly in tension with their statutory audits.
That is, because ESG/DEI assurance is likely to be viewed by regulators as insufficiently related to statutory audit to be a permissible service to those clients, firms could be deterred from investing to build that practice in the first place. Further, attempts to house these ancillary non-audit resources inefficiently in separate parts of their organizational structures may not satisfy narrowly read prohibitions. At worst, the competitive tensions between separate practices could renew and exacerbate the dynamics that led to the divorce between audit and consulting that split up the Arthur Andersen organization in the late 1990s.
Conclusion
It should surprise nobody that the concerns in this rapidly evolving area are real and complex. Absent full and robust attention, constructively addressed at an early stage, adverse consequences can be expected; because they are identifiable now, they will not in the future honestly qualify as “unintended.”
1 Research in the archives of the British National Library for my book, Count Down: The Past, Present and Uncertain Future of the Big Four Accounting Firms (Emerald Books 2d ed 2017), pages 28–34, shows what may be the first modern independent auditor's opinion, dated and signed by William Welch Deloitte on 8 February 1850, on the financial statements of the Great Western Railway for the half-year ended 31 December 1849.
2 Together, the dominant Big Four international networks—Deloitte, EY, KPMG and PwC—have over 1.1 million employees and generated 2020 global revenue of $157 billion.
3 For calculations of the shockingly low litigation “tipping points” that would drive a Big Four firm into the death spiral that was fatal to Arthur Andersen in 2002—never publicly disputed or contradicted—see pages 56–64 of Count Down.
4 This was Mr. Deloitte's description of his scope for Great Western in 1850 (see Count Down page 31):
“Every item has been minutely examined by the Auditors, the vouchers and receipts have been inspected, and the purpose to which the payments were applied has been ascertained. “
5 A close-by context confirms that view, by analogy: The widespread adoption of the International Financial Reporting Standards for financial statement reporting has not overcome some local authorities' retention of their own reporting frameworks.
Broader still, as if confirmation were needed that there will be no arrival at a Nirvana of fully converged ESG/DEI standards, consider the impact on the global economies of the costs and inefficiencies of such competing national choices as between left versus right-hand driving, or the use of imperial versus metric measures of weights, volumes and distances.
6 If so, it would not be the first instance of such overreach. The consequences are still developing on the EC's misguided imposition of mandatory auditor rotation. Meanwhile, in the United Kingdom, only an outbreak of good sense stands in the way of the government's consultation proposal for “mandated shared audits” for FTSE 350 companies.
Thanks for joining this dialog. Please share with friends and colleagues. Comments are invited and welcome, and subscription sign-up is easy and free -- both at the Main page.