Audit in the middle market: The public interest: responsibilities, proportionality, & incentives

This article, written by the Public Interest Committee of RSM UK Audit LLP, looks at how audit in the middle market currently serves the public interest and how it might evolve.

The role of audit in a market economy

Statutory duties are placed on company directors to present financial accounts that properly reveal a company's financial position; it is a particular responsibility of Audit Committees of companies to ensure this. Audit has developed to provide an objective assessment on whether or not these financial statements show ‘a true and fair view’. As such, audit serves the public interest by helping to regulate the compliance of directors with their legal duties.

Audit is primarily a tool for owners of companies, not-for profit organisations, and for trustees of charities, providing an important check on management. This private interest is paid for by owners and trusts through the entity being audited. Where a company is widely owned and listed on a major stock exchange, investment management companies may also find audit opinions useful elements in their analysis of a company's prospects; where this improves investment decisions, audit also provides a public interest. (See, esp, letter, Green Paper - Audit Policy: Lessons from the Crisis, 7th December 2010, from Liz Murrell, Director Corporate governance & Reporting, Investment Management). 

Value-investors, who are concerned with the longer term prospects of companies, should be distinguished from arbitrageurs, who are concerned to predict the short term market values of shares on listed markets. Value-investors want to add the results of audit to other information they may collect. They may also find it useful to know what difference has been made by the audit process; the value of an audit may accrue from the challenges made to management during an audit.

For example, part of an auditor’s skill lies in performing impairment reviews that challenge management’s impairment model. In doing so the auditor assesses the assumptions around the sustainability of income-streams, whether such income streams are consistent with forecast information used to support other accounting estimates and judgements for example, valuation of intangibles, and determining whether the discount rate used to take into account the value of money over time is appropriate and applied correctly.

In a dynamic market economy, there is also a public interest in the encouragement of innovation and the creation of new companies; and, in a social market economy, in the existence, and creation, of not-for profit entities ranging from charities, though mutuals, to companies listed by guarantee. The public interest covers the different interests of different groups; its nature depends on the situation. It is a mistake to define these interests too narrowly or to try to encapsulate them into ever more complex rules and audit regulation, set by regulators and interpreted by accountants and lawyers.

Audit can be crucial to the good operation of these entities, provided that it is proportionate to the circumstances of the entity; the costs of an over-elaborate audit are a financial burden. External regulation of audit must be proportional to the public interest; private interests are best achieved through market forces. Regulation can provide a public benefit if it encourages audit and assurance services and improves their quality.

Regulators perform well when their regulated bodies perform well. Their role is indirect, and only in the public interest when acting in ways that are proportionate to the circumstances. The shift now taking place from self-regulation by professional bodies, such as the ICAEW and the ICAS, to government regulation, the Financial Reporting Council (FRC) creates the danger of mission creep. 

The structure of incentives facing audited companies and their auditors is currently not well attuned to serving the public interest in the middle market. Regulation has encouraged a ‘one-size-fits-all’ approach, concentrating on the ticking of boxes rather than exploration of diversity, risk and uncertainty.

The results of the inquiries into the conduct of HBOS, especially the respective responsibilities of the Directors of HBOS and/or their auditors, KPMG, will reawaken the debate about the responsibility of auditors for authenticating the content of financial statements. The Caparo judgment still sets the bar in this respect, limited that responsibility, and with it the liability in damages of Auditors. Consistent with that judgment, the prime responsibility must rest with the Directors of HBOS and every other audited entity.

However, in a middle market context, any legal liability for damages can bear disproportionally on them, given the vagaries of joint and several liability and the associated effects on professional reputation, which the Law Commissions would do well to examine afresh in the light of experience in other Commonwealth jurisdictions, such as Australia where a proportionate liability statute has operated, apparently quite successfully, for many years.

The Supply of Audit

There has been a significant increase in concentration in the audit market which limited regulatory intervention has done nothing to address. Four large firms now supply the bulk of the market. This has implications for choice and competition; diversity has been reduced and the market power of the big companies has increased. This raises competitive concerns, which regulators seem reluctant to address; indeed these concerns may be intensified by the present fear of regulators to firm exit: that fear is that regulators and their one-size fits all approach will encourage firm's to leave public interest professional services. The FRC should be vigorously supporting, in the public interest, the promotion of a more credible and broader choice in the audit market for audit committees and investors, and the present government’s interest in fundamentally altering corporate governance should ensure its recent Green Paper includes market competition in its remit.

The FRC emphasises the undesirability of the exit of a large audit firm, relying on the separation of audit services and other accounting services to limit monopoly power. By adopting a uniform approach to inspection of audits, the FRC pushes audit firms into playing safe and ticking all the right boxes, rather than drawing attention to the major risks and uncertainties in an audited company's financial position (though the direction that regulation is taking may change this).

These policies may serve to limit the market power of the oligopolists, yet at the same time underpin their existing market positions and share. They tend to support accounting rules and conventions at the expense of reducing diversity and questioning in audit.

The public interest should encourage the FRC to support competition, looking at the way the public interest relates to different parts of the audit market, and to take greater care not to impose disproportionate burdens on audit practice, burdens which reduce the supply of audit by reducing profitability, and reduce the demand for audit by raising costs.

Proportionality is key in the middle market, where there is great diversity of situation. In particular the positions of owners, investors, trustees and management differ from that of their counterparts in large companies whose stock is listed on major stock exchanges.

Audit quality

There can be no unique true and fair view; audit quality must be sufficient to satisfy owners and trustees and, where appropriate, the public interest. A high-quality audit crucially involves professional judgement about whether financial statements properly reflect the position of a business. Audit should promote integrity, taking full account of ethical issues. 

It is the Auditor’s skill to identify the key risks and uncertainties facing an audited entity that may have a significant impact on the financial statements. It is not their role to identify all of these but to spotlight the major ones that are worthy of specific comment, whether or not identified by management. These assessments may not always prove to be correct; but should be worth serious consideration by owners and trustees and their audit committees.

Where audited entities are large and listed on major stock exchanges the public interest justifies a need for the nature of these risk-identifications to be publicly disclosed, as indeed they are. The responsibility for such disclosure should rest primarily on company directors and in particular on audit committees. It may also be desirable to encourage wider dissemination by auditors of these risks and uncertainties: it is, though, firmly management's obligation to identify risks and uncertainties, to put risk management strategies in place to address them, and to share this information with their stakeholders. Auditors of public interest entities do have to disclose key audit matters but the principal obligation lies on management. 

Audit firms must have systems of internal checks, such as a well-resourced Quality Assurance Department, to ensure that audit quality is maintained and where necessary, enhanced. Audit firms should also promulgate, and enforce, ethical standards, ensuring that audit partners are fully committed to them. Audit firms should report publicly, in their Transparency Reports, the broad conclusions of such quality assessment, of the firm's management's response to such checks and the compliance with ethical standards. 

Accounting standards

There has been a considerable development of accounting standards in recent years, at both national and international levels. Not all these developments have been useful; indeed they may have raised an unjustified expectation that more sophisticated standards provide more useful information rather than more complications (See David Myddelton Unshackling Accountants IEA 2004) and so detract from the crucial importance of the judgements that an auditor must make before pronouncing that a company's financial statements do or do not show a true and fair view.

Auditing standards

The emphasis of Auditing Standards should be on assessing the key risks and uncertainties facing an audited entity that may have a material effect on the financial statements, performing procedures in respect of those risks and uncertainties and considering the possible qualifications that might arise as a result of such risks and uncertainties.

Desirable action

These considerations indicate the need for action to ensure continuous improvement in the audit process. At a general level, regulators should increasingly emphasise the importance of principles, focussing on achieving proportionate results. These principles should focus on the various aspects of the public interest, the diversity of the situation in different parts of the audit market, seeing audit as the protection of integrity. 

Diversity and choice should be encouraged. This should be linked to emphasis on honesty in audit and the identification of the accountabilities of the various agents involved. 

Within this approach, a number of specific actions should be taken:

  • Public policy (for which BEIS is primarily responsible) should give greater emphasis to the importance of the responsibilities of company directors and company audit committees, including links to their remuneration.
  • The FRC should emphasise the statutory duties of directors and of the work of audit committees (where relevant), including careful planning of the scope and conduct of an audit, and perhaps consider how the identity of directors who have been blacklisted under the CDDA statute could be brought more demonstrably into the public domain.  
  • The CMA should revisit the position concerning the diversity and choice available in the audit market, in particular the effect of the domination of the big four, and the current regulatory protection given to their position, at regular (say five year) intervals.
  • FRC should actively promote entry into the audit business at all levels, in order to promote choice and diversity and increase competition. A key aspect of such action should be to avoid the imposition of burdens through the employment of uniform inspection in different situations.
  • FRC, together with the professional bodies (ICAEW & ICAS), should promote greater simplicity, and greater frankness and honesty, in financial reporting, encouraging the disclosure where in the public interest, by company audit committees as well as auditors, of key aspects of the accounts, in particular key risks & uncertainties, in suitably granular form. This could be linked to discouraging the proliferation of subjects covered in company's annual Reports. 
  • In emphasising the importance of judgements by management and by the auditors of the key risks & uncertainties facing audited entities, FRC should recognise that such judgements/assessments are both the route to better information and prone to genuine error. They are in the public interest, provided that they are made without any attempt to deceive, so the FRC’s role as an ‘improvement regulator’ should be exercised in that context and not in a punitive manner. 
  • FRC should re-assess the public interest implications of the Caparo judgement; the FRC Report on the HBOS/KPMG case provides a good opportunity. 
  • Professional bodies, especially ICAEW & ICAS, should continue to promote ethical standards as an integral part of good professional behaviour. ICAS members are required to follow the principles in the ICAS Code of Ethics (see below).
  • Auditors should, as a function of risk mitigation, pay particular attention to the possibility of fraud or attempts to fail fully to investigate dubious practices.

ICAS The Power of One November 2015

ICAS members are required to follow the principles in the ICAS Code of Ethics:

  • integrity – being straightforward and honest in all professional and business relationships;
  • objectivity – not allowing bias, conflict of interest or undue influence of others to override professional or business judgements;
  • professional competence and due care – maintaining professional knowledge and skill to ensure that clients or employers receive competent professional service;
  • confidentiality – not disclosing to third parties or misusing any information acquired as a result of professional and business relationships; and
  • professional behaviour – complying with relevant laws and regulations and avoiding any action that discredits the profession.