The Financial Reporting Council (FRC), the United Kingdom’s corporate governance watchdog, unveiled its “world-leading” principles for the Big Four firms to separate their audit units from the rest of the business by 2024.
The move is meant to ensure that audit independence is maintained while conflicts of interest are avoided.
The FRC hopes that because audit work will be ring-fenced, Deloitte, EY, KPMG, and PwC will focus on driving their external audit business through quality, rather than relying on more profitable services elsewhere in the firm to subsidize a part of the business where profit margins have been harder to achieve.
Traditionally, external audit has been seen as a loss-leading service that the Big Four firms have leveraged to provide large companies—which by law must have an annual audit—with additional and more lucrative consultancy services. However, the FRC has said this has caused a drop in audit quality as auditors have taken a more “tick box” approach to meet the bare minimum requirements. Audit firms, however, have blamed an “expectations gap” between what an audit is mandated to do and what clients think it ought to deliver.
“I would force every company to show the pig first then allow them to apply the makeup afterwards.”
Ian Smith, Director, Invu
The FRC’s latest set of 22 principles—rather than rules—are meant to encourage audit firms to act in the public interest (rather than be beholden to their clients) and improve their ethical behavior while also providing greater challenge and professional skepticism in the auditing of company accounts.
They also mean that lead audit partners will be held more directly accountable for audit work, namely by linking remuneration and any profit-sharing to the audit practice’s performance and the level of risk and difficulty involved in particular aspects of audit work, while firms will need to report more transparently how much fee income they generate from external audit work alone to ensure both sides of the business are kept at arm’s length.
The FRC—or its successor, most likely—will provide an annual assessment from 2024 onwards about how well the firms have complied.
Deadline for compliance
The Big Four now have until June 30, 2024 to finalize splitting their audit arms from other consultancy services and must submit their plans to the FRC by Oct. 23 on how they are going to do this. The regulator will then agree on a “transition timetable” with them.
The Big Four have backed the plan. Stephen Griggs, deputy CEO and managing partner audit and assurance at Deloitte in the United Kingdom, told Compliance Week the firm “welcomes this clarity from the FRC on the principles of operational separation and will continue working with them to develop our plans over the coming months.” However, he added that splitting the audit firms “must also be considered alongside a wider package of reform, including in vital areas such as corporate reporting, the role of directors and the regulatory environment in which we operate.”
The United Kingdom has been grappling for decades with the problem of how to improve external audit quality. Regulators have decried the need to open up the market to reduce the dominance of the Big Four, as well as implement measures to prevent conflicts of interest or “cozy relationships” as auditors pitch their clients consultancy-type services.
The push for reform has come about largely as a result of a spate of accounting scandals in recent years where “at risk” companies were given clean bills of health. One of the most notorious examples is that of construction group Carillion, which collapsed in 2018 with debts of more than £1.3 billion (U.S. $1.6 billion), prompting U.K. government liquidators in May to sue its auditor KPMG for £250 million (U.S. $306 million) for alleged negligent audits—the first time such a course of action has ever been taken against a Big Four firm.
Other high-profile accounting disasters over the past two years include football pitch operator Goals Soccer Centres, café-chain Patisserie Valerie, retailer BHS, travel company Thomas Cook, and investment firm London Capital & Finance. Auditors in each case are under investigation.
Will new rules really make an impact?
However, experts appear unimpressed with the FRC’s attempts to improve auditors’ work. Ian Smith, director at accounting software vendor Invu, does not believe that splitting the audit firms will prevent other accounting scandals from happening or result in better audit quality. Instead, he suggests audit reports need to be simplified, and that auditors need to focus on getting the basics right—how much cash the business actually has in the bank and where it is getting it from.
“How can you possibly get cash so wrong? How can you get stock inventory so wrong? How can you pay a dividend when the only cash generation is from extended payments to suppliers?” he says, referring to the accounting scandals at Patisserie Valerie, Ted Baker, and Carillion. “Valuation is difficult but at restaurant chain Pizza Express the auditors must have had a magic mushroom topping. The company had sold forward its future cash flows. That’s what a balance sheet with £100 million (U.S. $126 million) of operating capital employed and £900 million (U.S. $1.13 billion) of intangibles (primarily goodwill and brand value) funded by £1.1 billion (U.S. $1.38 billion) of debt tells me.”
Smith says that one of the worst problems is that “we currently have huge annual reports that tell you how wonderful the company has done measured by some adjusted EBITDA figure, split by one profitable segment after another. Then on page 100, the accounts finally say the business as a whole is consuming boatloads of cash and under accounting standards has made a huge loss. I would force every company to show the pig first then allow them to apply the makeup afterwards.”
Fiona Czerniawska, joint managing director of Source Global Research, a provider of research about the global professional services market, believes that breaking up or separating the auditing practices of Big Four firms will have much less impact than it might have done 20 years ago in the aftermath of the Enron debacle. “Regulatory changes since then have ensured that there are far fewer links between audit and assurance work and consulting and tax than there were in the past,” she says.
Furthermore, while separating audit from other services might present a “cultural shock” for these firms, she says, the changes “would still allow them to sell tax and consulting work to organizations that have been audit clients, theoretically allowing them to sell more services”—a possibility that would greatly undermine the FRC’s efforts.
Czerniawska believes that the biggest driver of change in audit compliance is not regulation but technology, and that client demands for an audit process that is faster, cheaper, more intelligent, and more accurate may open the market more readily to challenger audit firms that have a more technology-driven service offering.
“Our research suggests that more than 90 percent of U.S.-based audit clients expect technology to have a significant impact on the audit process in the next 5-10 years,” says Czerniawska. “Much of the work currently done by auditors remains manual, and while the Big Four have invested heavily in this area over the last 2-3 years, it’s likely that the COVID-19 crisis will put pressure on them to automate even more. At the same time, the growing importance of technology in the audit process opens the door to new competitors, particularly around the way in which audit data is gathered—and this poses a significant challenge for all major audit firms.”
Another key factor in ensuring audit quality is to have effective monitoring and strong regulatory enforcement. Unfortunately, the United Kingdom’s record is decidedly mixed.
Will a new U.K. audit regulator make a difference?
Critics say the FRC has been slow or reluctant to investigate cases of wrongdoing in the past, and that when it has pursued cases, some have spectacularly backfired. For example, in June the regulator ended its third and final investigation into the Tesco accounting scandal after being unable to find anyone responsible within the company for overstating its profits by £250 million (U.S. $315.5 million).
Part of the reason for the FRC’s lack of success is its limited remit. Currently, the FRC can only take action against directors for failing in their duties if they are qualified auditors, accountants, or actuaries. Executives who have none of these qualifications are beyond the regulator’s reach, even if they might be CFOs.
Gareth Rees, partner at law firm Morrison & Foerster and former executive counsel at the FRC between 2012 and 2017, believes that regulatory supervision and enforcement needs to improve if auditors are going to take their duties more seriously.
During his five years at the FRC, Rees was involved in several misconduct cases that led to record fines for both firms and their partners, including Deloitte for its work on both Aero Inventory and MG Rover—the latter initially attracting a £3 million (U.S. $3.8 million) fine—and PwC receiving a fine of £5.1 million (U.S. $6.4 million) in 2017 over failures in its audit of RSM Tenon.
Last year the FRC handed out a record £43 million (U.S. $54.1 million) in fines for the financial period 2018-2019 against audit firms for sub-standard audits. PwC received the largest ever fine of £10 million (U.S. $12.6 million) for its audit of BHS, and while the figure was reduced to £6.5 million (U.S. $8.2 million), it remains the largest financial penalty given for misconduct in an audit in the United Kingdom.
However, Rees says that—despite the increase in financial penalties—“money is not the answer.”
“Fines are one weapon, but they do not change behavior much in the long-term. Multi-million-pound fines mean very little to companies with turnovers worth billions,” says Rees. “Instead, you need to impose bans on audit firms, make them adopt special compliance measures that are subject to regulatory oversight and monitoring—like the SFO does when it offers deferred prosecution agreements (DPAs)—and make audit partners much more directly accountable.”
The FRC is set to be replaced by a new body called the Audit, Reporting and Governance Authority (ARGA), but the timetable is “open.” Once operational, the new regulator is meant to have an overarching duty to promote the interests of consumers of financial information—not the producers of it—while any company director involved in putting together the financial report, and not just those with a professional audit, actuary, or accounting qualification, can be subject to direct enforcement action. It can also remove auditors and retender the work, if necessary.
Whether that will happen is anybody’s guess: the U.K. economy is in recession due to the coronavirus pandemic, and few expect the country’s fortunes to improve with the strong likelihood of a “no-deal Brexit” by the end of the year. Even if ARGA does get up and running soon, experts do not expect it to have much of an appetite to go after offenders in anything but worst-case scenarios. As one audit insider put it: “Does anyone seriously expect a new regulator to come into play and start laying the law down when you want corporate activity to get back up and running? You must have rocks in your head if you think so.”