Top Ten Things Lawyers Should Know About Auditors
In preparation for my appearance tonight at the New York County Lawyers Association program, A Crisis of Our Own Design, I’ve put together some information about the accounting industry for lawyers.
Lawyers and auditors often work hand in hand. The modern corporation can’t live with them but they, nevertheless, can’t live without them. Executive compensation, mergers and acquisitions, taxes, financial disclosure… Accounting and the legal professionals weigh in, often together, sometimes in opposition, on decisions that affect all of us as investors, employees, vendors and customers.
Even though the largest global accounting firms are organized as partnerships – just like law firms – the similarities pretty much end there. Professional services is a unique industry – law, accounting, consulting, technology, executive search, even advertising have many common methods and madnesses. One of the primary differences between law and audit, the specialized service provided by accounting firms to a captive audience, is the client perspective.
In the Matter of: CHARLES E. FALK, CPA…The Commission’s Codification of Financial Reporting Policies, which interprets Regulation S-X, prohibits members of accounting firms from acting as counsel to the firm’s audit clients. Specifically, Section 602.02.e.i. of the Codification of Financial Reporting Policies states that “[c]ertain concurrent occupations of accountants engaged in the practice of public accounting involve relationships with clients which may jeopardize the accountant’s objectivity and, therefore, his independence . . . . Acting as counsel [is one of the] occupations so classified.” Section 602.02.e.ii. of the Codification of Financial Reporting Policies explains that a “legal counsel enters into a personal relationship with a client and is primarily concerned with the personal rights and interests of such client. An independent accountant is precluded from such a relationship . . . because the role is inconsistent with the appearance of independence required of accountants in reporting to public investors.”
That prohibition is grounded in the fundamental conflict that exists between the roles of independent auditor and attorney. Auditors have an obligation to the investing public to be skeptical about the information reported to them by their clients, which demands total independence from the client at all times. Attorneys, on the other hand, have a duty to serve as the client’s confidential advisor and loyal advocate.
The auditor’s role is to be a gatekeeper. A watchdog. An advocate for the shareholders. Their true client is not the executive who contracts with them and pays the bill.
This is their public duty.
U.S. v Arthur Young & Co., 465 U.S. 805, 817-818 (1984)
…By certifying the public reports that collectively depict a corporation’s financial status, the independent auditor assumes a public responsibility transcending any employment relationship with the client. The independent public accountant performing this special function owes ultimate allegiance to the corporation’s creditors and stockholders, as well as to the investing public. This “public watchdog” function demands that the accountant maintain total independence from the client at all times, and requires complete fidelity to the public trust. To insulate from disclosure a certified public accountant’s interpretations of the client’s financial statements would be to ignore the significance of the accountant’s role as a disinterested analyst charged with public obligations.
This public obligation is mandated and subsidized by a government-sponsored franchise. All companies listed on major stock exchanges must have an audit opinion. Audit firms are meant to be shareholders’ first line of defense, and they are hired by and report to the independent Audit Committee of the Board of Directors not the company’s executives.
Today is the second anniversary of the Lehman Brothers bankruptcy. As such it is an honor to be on a panel tonight with Anton Valukas, the Lehman Bankruptcy Examiner. It was his report that brought auditors, finally, into the discussion of the causes of the financal crisis. It was Valukas’ report that introduced “fraud” into the dissection of the financial crisis. My remarks tonight will touch on the now tenuous relationship between auditors/audits and identifying, mitigating, and preventing fraud.
Mr. Valukas highlighted several issues – colorable claims – where Lehman shareholders and society as a whole should hold Ernst & Young, Lehman’s auditors, liable.
There are two specific issues I’d like to highlight now, in preparation for our discussion tonight. I think they deserve more scrutiny and, potentially, the bright light of a trial.
First, there was an ongoing contradiction between the accounting treatment ( a sale transaction) and the disclosure (a financing transaction) of Repo 105 transactions by Lehman. Ernst & Young, Lehman’s long time auditors and designers of the Repo 105 strategy, knew the accounting treatment used was an aggressive interpretation of the accounting standards. The treatment was blessed by a UK law firm. However, financial statement disclosure by Lehman always characterized repurchase transactions as financing arrangements.
Auditors are responsible for reviewing the interim financial statements, including the footnote disclosures every quarter end. Their job is to make sure, amongst other things, that disclosures match the accounting and are sufficient to support the public investors’ right to transparency of financial information. The existence of a contradiction between Lehman’s accounting treatment of Repo 105 transactions and a lack of matching disclosure of this treatment is supported by the examiner’s report.
Lehman Bankruptcy Examiner’s Report, Volume 3, pages 1037-1038
Moreover, in addition to its duty to report a determination that there is evidence that fraud “may” have occurred, Ernst & Young was required to discuss with the Audit Committee the quality of Lehman’s accounting principles as applied to financial reporting, see AU § 380.11, which would include moving $30‐$50 billion temporarily off the balance sheet at quarter‐end through overseas “true sale” legal opinions that could not be obtained in the United States. Indeed, AU Section 380.11 states that auditors should discuss accounting policies, unusual transactions, the clarity and completeness of the financial statements, and unusual transactions with the audit committee.
Specifically, that standard states that an auditor:
should discuss with the audit committee the auditorʹs judgments about the quality, not just the acceptability, of the entityʹs accounting principles as applied in its financial reporting. . . The discussion . . . should include such matters as the consistency of the entityʹs accounting policies and their application, and the clarity and completeness of the entityʹs financial statements, which include related disclosures. The discussion should also include items that have a significant impact on the representational faithfulness, verifiability, and neutrality of the accounting information included in the financial statements.
Secondly, another compelling negative for EY, in my opinion, is EY’s claim in later public statements in response to the Lehman Bankruptcy Examiner’s report of an arbitrary cutoff for responsibility for the audit after the 2007 10K. Lehman remained an EY client, up to the bankruptcy in September 2008. This period included two more 10Qs.
Although the Lattanzio decision typically limits responsibility for auditor’s opinions to only the annual report, this is because typically the quarterly reviews are done off line, with no written report or opinion included in 10Qs. (The Second Circuit reaffirmed in Lattanzio v. Deloitte & Touche LLP (Warnaco Sec. Litig.), 476 F.3d 147, 154-156 (2d Cir. 2007) that there’s no auditor liability for alleged misstatements in unaudited quarterly financial statements.) However, in the Lehman case, and for many other financial firms, EY and the other large audit firms consented to inclusion of signed reports of their quarterly reviews (as opposed to an opinion which has a very strict definition in the standards and the law) in the two 10Qs for 2008.
I think EY is vulnerable on this point.
So, without further ado…
“The Top Ten Facts Lawyers Should Know About Auditors”
A list à la David Letterman: the Top Ten facts that attorneys – regulators, legislators, judges, defense and plaintiffs’ bar – should know about the Big 4 global audit firms:
10. The Big 4 audit firms don’t bother looking for fraud. Why? First, it takes time and money to perform a detailed fraud risk analysis (SAS 99). But instead of supporting fraud risk analyses, in the post-SOX 404 environment, CFOs are back to pressuring auditors to reduce their fees and to do more for less—instead of more for more. Second, senior management is almost always the source of fraud risk—but that’s who audit firms see as their client because that’s who pays the bill. Who loses? Investors and the capitalist system. How else to explain Big 4 audit firms as auditors of all the major feeder hedge funds that poured billions into Madoff’s fund and yet none of them saw anything, heard anything or said anything about the numerous fraud red flags so obvious to anyone like Markopolous that looked?
9. The Big 4 firms aren’t comfortable being watchdogs. They don’t even like being CALLED watchdogs, in spite of a 1984 Supreme Court decision that reiterated their public duty. When an audit misses the really big frauds, the whoppers, their first move is to evade responsibility. The Big 4 don’t even like being called AUDITORS. Rather they provide “ASSURANCE Services, ” and act as “TRUSTED ADVISORS”. This isn’t just rhetorical. It’s a cynical PR move and an effort to limit their liability.
8. Big 4 firms should NEVER be asked to conduct internal investigations into alleged illegal activities for their audit clients. But companies continue to pull them into messy situations. A whistle-blower, allegations of illegalities or improprieties, concern about corruption in a business unit… An auditor may be part of the problem. That means embarrassing and costly lack of independence. (Read, “E&Y at Lehman” or “KPMG at Siemens”).
7. You know what Global Network means? It means shifting blame. The audit industry is a profitable $100 billion revenue global business, employing hundreds of thousands of people. The “Global Network” is the legal vehicle the audit industry uses to drive liability around, in the Big 4 version of ”Catch Me If You Can.” Pick a legal entity to sue, any one, all of them and the Big 4 always win because they’re behind the wheel. Each so-called “Member Firm” and the Global Network as a whole is legally insulated from the actions of any other “Member Firm.” Even second-tier accounting firms use this tactic (read, “Grant Thornton and Parmalat”), but the bigger firms have it down to a (legal) science. They’re members and partners until trouble hits. Then, sayonara! Can you say PwC and their problematic Japanese or Russian or Indian – firms?
6. The Big 4 will never again be indicted for an audit failure. Indicting Arthur Andersen proved one thing: All you have to do to destroy a big audit firm is make one criminal indictment. The SEC, the DOJ, even the PCAOB all have acknowledged that they can’t afford the loss of another Big 4 audit firm. Why not? Because they don’t have a plan for ensuring the integrity of financial information for investors if the current model falls apart. And in this environment, who’s going to willingly wipe out 100,000 jobs? The audit firms hold a ”Get Out Of Jail Free” card, and they know it. They don’t fear being indicted. Individuals may be scapegoats (read, “KPMG and their tax partners” or “Flanagan at Deloitte”), but now the Big 4 have as much moral hazard as anyone. Unfortunately, the result is “assurance” provided by walking wounded – firms so severely strained financially and strategically by billions of dollars of pending litigation that their leaders spend most of their time addressing, evading or settling claims instead of improving audit quality.
6.a “Final Four” means no competition and no straight answers. Ask a Big 4 audit partner for a Yes/No answer on valuation, for example, and you won’t get one. There’s only four global firms remaining that have the depth and global breadth to serve the largest multinationals. Each one is working for almost every bank on Wall Street and in The City in some form or another. Independence rules make walking this line a highwire act. If not serving as auditor they’re advising on M&A or internal audit, or internal controls. They may even be implementing new financial systems. For that reason, they’re loathe to criticize anyone or anything and more often will play Switzerland, staying neutral as long as possible, like PwC did between AIG and Goldman Sachs in one of the most notorious disputes of the financial crisis. Better, yet, just keep them out of the loop and everyone will be happy.
5. The auditors have a lock on the business (read, “ratings agencies”). Case in point? Ratings agencies. Both ratings agencies and audit firms have a governmental mandate to provide a legally required service. Both are paid by the clients they rate. And both repeatedly disappoint and even defraud the investing public. They aren’t in bed together, but they willingly endure sleeping with the enemy.
4. Why do the auditors support IFRS and mark-to-market accounting? International Financial Reporting Standards (IFRS) are supposedly on the way for the US, the last big holdout. Forget GAAP’s rules-based guidance, where it’s easier to say an accounting treatment is right or wrong. Principles-based guidance leaves wriggle room and a pretty sure shot at sneaking liability caps for the auditors in through the back door. They’re looking for a “safe harbors” for exercising their “judgment.” And, of course, any approach that causes confusion and complexity is the “next big thing” driving large fees for the firms. Any questions?
3. Campaign candy from K Street. The Big 4 firms spread the wealth on both sides of the aisle in Washington, but the hands out always seem to be the ones with power to effect financial and regulatory reform. Does that reform ever go as far as it should? No. Should it have reached the audit firms at least this time? Absolutely. Did it? No way.
2. Big 4 firms have systematically avoided liability for audit failures. Audit firms are comprised of individuals who become accountants because (a) it’s a path to slow and steady financial success, (b) they’ve an affinity for details, and (c) they tend to be risk-averse. But they also work relatively autonomously, like a thousand franchise owners who are each expected to drive revenues and produce profits. So why are we shocked when (a) they are focused on fees and growing consulting services that make them rich, (b) they quietly but actively lobby for accounting rules that benefit their clients and laws that limit their accountability (read, “PSLRA” and the “Stoneridge” decision, (c) they use accounting rules (read, “special purpose entities,” “off-balance-sheet agreements,” “deferred tax assets,” etc.) to help clients justify almost anything, and (d) they are very good at avoiding liability and painting themselves as “victims” when they “miss” fraudulent activity? Isn’t this what they’re being paid for?
1. AND THE #1 THING TO KNOW ABOUT ACCOUNTING FIRMS…
Lawyers are perceived as part of the problem. Most accounting industry professionals certainly don’t see lawyers as part of the solution. The SEC’s Enforcement Division is comprised principally of attorneys who formerly represented corporations. The audit firms are run by lawyers, internal and external, because they face a crush of litigation. Whether you serve them as defense or plaintiff’s bar, your clients the accountants would rather do their work quietly, collect their money and not be bothered with you. Can regulatory organizations dominated by lawyers not trained in accounting standards or familiar with the history of audit failures, and who have never worked for an audit firm, themselves be watchdogs of the Big 4? Lawyers are trained to advocate for their clients; audit firms have forgotten who their clients really are – the shareholders… Can lawyers influence auditors to do the right thing or has the accounting profession become too suit-shy? Do the SEC’s lawyers have the right attitude to effectively ”guard the guardians”?
A magnificent presentation.
Thanks for the very edifying discourse.
Aubrey M. Farb, CPA, Diogenes in the green eyeshade.
This list without question reflects today’s audit environment to a T. Any foolish naysayer who dissents (ie Christie Malry) is either in denial or has been wearing the audit rosy shades for waay too long.
Hi Anonymous / #3
Far from it. I just look to the evidence in the world and what it tells us. And, in my opinion, it tells us that Francine is wrong. If that’s “missing the point” then perhaps you need a new point.
I refuse to be bullied by idle threats such as “anyone who disagrees… is in denial”. You’re welcome any time to refute any of the comments I’ve made in my blog post, either at my blog or I’m sure Francine won’t mind you refuting them here. But I won’t be holding my breath.
Rebuttals for your rebuttals:
10. You said, “There’s an entire auditing standard – ISA 240 – dedicated to explaining what auditors must do in respect of assessing the risk of fraud in the financial statements. The big firms now follow a global methodology that is consistent with ISAs.”
–So what if there are methodologies out there guiding auditors to assess the risk of fraud? The last I checked, the disclosure of fraud and illegal acts to parties other than senior management & those charged with governance is not part of the auditor’s responsibility. If audit firms are allowed to walk away quietly when they encounter fraud and illegal acts, does that not tell you that there’s something wrong with the design of the system? Just look at Greenwich Sentry, Madoff’s largest feeder fund with $7BB invested. Three different year-ends, three different accounting firms in three different countries. Each of these accounting firms felt uncomfortable after their first year’s audit and withdrew silently. If this is what happened then the accounting profession’s code of ethics needs to change to mandate reporting to the authorities when fraud is either encountered or suspected.
9. You said, “Auditing standards in recent years have extended their role considerably, beyond the plodding watchdog. So it’s small wonder they don’t like being called watchdogs; the term simply isn’t relevant any more, unless you like living in the 1890s.”
–Your argument is based on the etymology of the word “watchdog,” which has no relevance to Francine’s argument. Call the auditors what you may, but their job is to give credibility to the financial statement. The public depends on the audit firms to report on financial statements issued by the inherently biased company. The audit firms are in the business of public service operating with $100BB in revenues.
8. You said, “Rubbish, it makes sense to permit those charged with governance complete freedom to decide for themselves who is the best appointee. The alternative means hiring a complete unknown who will need time to get up to speed with things, in a situation where time is usually of the essence.”
–If “getting up to speed with things” trumps independence, then I have no more to say…And, FYI, “those charged with governance” are folks sleeping/eating/drinking with management; that’s why they were chosen.
7. Not sure what you’re trying to get at.
6. You said, “The employees at Arthur Andersen aren’t still unemployed; most of them found work immediately at the other accounting firms. Similarly, if a Big 4 firm were to fail, those audits would still need to be done, and would probably get done by many of the same staff who currently service them.”
–I will have to agree with you here. The crooks/evil aiders and abetters from Arthur Anderson are alive and amongst us at the Big 4.
I’ll respond to your remaining rebuttals when I find time.
“Audit firms are meant to be shareholders’ first line of defense, and they are hired by and report to the independent Audit Committee of the Board of Directors not the company’s executives.”
Yeah…. but we all know that a balance sheet audit only paints half of the picture. Despite this, the Big 4 so-called risk-based audit approach still focuses very heavily on this one-side. Only catching fraud after the fact. Only after the culprit attempts to move something through the B/S to wash it off the books. This is not a ‘line of defense’. It is a reaction to a fraud that has already been committed.
10. ISA 260, “Communication with Those Charged with Governance” requires disclosure to be made to the Board of Directors. Now, if you don’t think that’s good enough, and it’s quite clear that you don’t, then you need to argue for that bit of corporate governance to be fixed. But that’s a CG issue, not an auditing issue.
In the UK, where I work, auditors of banks must communicate with our banking regulator, the Financial Standards Authority, when they encounter certain types of issue. It’s pretty clear that the FSA didn’t treat these communications with anything like the degree of seriousness that they should have. Again, that’s a regulator issue, not an auditing issue.
9. Francine brought the watchdog issue up, so it’s worthwhile reminding people of the context in which the comment was originally made.
8. Again, if you don’t like those charged with governance, propose something better.
6. I think you have a fairly heartless, and frankly naive, interpretation of the Arthur Andersen debacle. There were some bad apples in the mix, for sure, but the vast majority of the staff at Arthur Andersen were decent and honest.
this is off the immediate topic, but….
will you be commenting on the Bell, California independent auditor, and the work at the other cities implicated in similar scandals?
I am not familiar with these stories. Send me some links and I will look into them to see if I can add anything to the discussion.
The CA State Controller has issued the first of three reports on the City of Bell management shenanigans…. Calif. State Controller’s Press Release and link to audit report:
A report to be issued later this year will be on the City of Bell’s independent auditor, who obviously did not perform audits according to GAAS. I’m guessing the auditor is a smallish local CPA, but who knows?
LA Times investigative article re: other CA cities:
My attempts to identify Bell’s outside auditor have been unsuccessful. I would love to know what their workpapers look like, and who did their peer review.
Thanks. I will look into it.
You say, “The auditor’s role is to be a gatekeeper. A watchdog. An advocate for the shareholders. Their true client is not the executive who contracts with them and pays the bill. This is their public duty.”
But this will never happen as long as corporate management selects the auditor. How can there be independence in such an arrangement? Does the dog bite the hand that feeds it? An independent assignment of auditors to corporations needs to be implemented. Corporate management cannot be allowed to choose their own auditor, their own scorer. What idiocy, naivete, and nonsense!
I just wish to know the exact job description for lawyers working in SAI i.e with auditors
Lawyers often work with auditors as tax specialists, determining the appropriate numbers of the tax related line items on the balance sheet. Lawyers are also often involved in tax work related to the tax impact of acquisitions and divestitures. This work is being done for audit clients under the guise of audit related work but it is really consulting.
Lawyers are also common in the corporate investigations practice at the audit firms. Typically an investigation is a consulting assignment but sometimes the investigations side of the firm is called in by the audit partner based on a whistleblower or hotline claim or a request form the client’s intern audit function. I am opposed to the auditor ever taking on a corporate investigations assignment. It rarely ends well. Ernst & Young’s half-ass investigation of the Lehman whistleblower claims is a prime example. KPMG and HBOS and KPMG and Siemens FCPA issues are two more.