Toronto, July 2002
Current Problems in Accounting and Auditing
By Rodney Gascoyne CA
1: Standards Setting:
Standards and Guidelines for Accounting and Auditing are set mainly by the accounting bodies in the US, Canada, the UK and Australia with minor input from other institutions around the world. These have been generally accepted and supported by Regulators for the major stock markets and in some cases reporting requirements have been extended or modified by them. The main accounting bodies are the CPA or Chartered Accountant institutes and they in their turn are largely controlled and influenced by the partners of the major accounting firms internationally. Each Institute operates in these areas by leave of their national government and legislation, under their claims to protect the interests and rights of the general public. This power could now change because of recent events.
The current mess arises from the inadequacy of the Generally Accepted Accounting Principles (GAAP) and the non compliance by auditors to the Generally Accepted Auditing Standards (GAAS). In each separate country, the local Institute determines the requirements for companies registered in their jurisdiction or for those reporting to local stock markets where they are listed. In the case of international groups of companies they may be required to meet local standards in each place they operate and then the group accounts must follow the rules for the residency of the Head Office and places those group holding shares are traded. For many years there have been attempts to produce one set of internationally recognized GAAP or GAAS rules that would harmonize local rules and remove the reporting and related confusion. The European Union is only now starting to arrive at one set of comprehensive standards that might eventually apply across all their member countries.
US GAAP are a set of distinct rules for accounting treatment of specific items whereas other Institutes apply a principles based approach. The rules based method allows more loopholes and freedom to act in areas that are not specifically covered or where the stated conditions can be said not to fully apply. The principles based approach states the generally desirable goal for measures and requires the application of professional judgment to find the proper treatment for items based on that guidance. The US rules are generally less conservative and provided greater latitude for companies to play the rules as it best suited their interests. It also allowed lawyers and others to argue pedantically over wording and to ignore the application of appropriate judgment. This often led to inflation of Net Profit and Financial Statement values on translation from other to US rules.
When trying to arrive at International standards for GAAP and GAAS, the US body has always maintained a veto position and taken the view that they will only approve those measures that they like. This mainly means them only approving of items they originated and rejecting attempts from all the other bodies to widen or deepen any issues. It is hard to believe that this attitude will change given their current general approach to almost all matters from foreign policy on down.
The influence of the major accounting firms should not be underestimated. Those Institutes are basically at the 'beck and call' of their senior partners. Much of the committee work and other academic studies could not be carried out without a large amount of volunteer time from members and most for this work is staffed and led by members and partners from those firms. Their senior members also figure conspicuously each year on the leadership positions that seem to get rotated mostly among themselves or current business leaders who are audited by or were trained by the major firms. In effect, over the last many decades, nothing has come out of those Institutes that they would find inconvenient or has failed to serve their interests. It is hard to image how this can be changed in the short term.
2: Auditor Independence:
Back in the 80's the position of auditors started to change in small ways. Till then audit fees had been an almost automatic thing and were increased each year in line with costs and possibly a desire by firms to increase their margins. It was also normal to reappoint the auditor ad infinitum. Management of companies started to question this and initially put pressure on auditors to reduce their fees or at least their increases each year. To apply greater pressure it was also suggested that audits should be put up for open bidding on a periodic basis. Without their normal level of co-ordination on such issues of self interest, the firms began to tender against each other and this drove down the fees they would put forward. Part of their reasoning was that they could make up this lost ground from the lucrative tax and consulting work they could then attract from those audit clients. Their marketing for such services increased considerably at this time and this formed an atmosphere of mutual interests between them and senior management that is the root of our current problems. The audit fee situation became one of a 'loss leader' they could accommodate.
Costs were a main problem and so firms generally, not just the majors, began to look for ways to control and reduce them. For many years GAAS and academic studies had endorsed more efficient methods for conducting the audit work, using analytical review and some reliance on the client's systems of internal accounting control. This lessened the amount of detailed testing of transactions that was needed to provide adequate assurance and confidence. Many studies were also carried out to find acceptable methods for sampling that would provide some mathematical certainty and the basis to be able to estimate the impact of errors found in monetary terms. This should have added to the quality and depth of coverage that was then possible for all audits.
As fee and cost pressures increased, partners began to cut back on any work they considered unnecessary, not always accompanied by a reworking of their audit manuals and their stated standards and methods for achieving GAAS. Documentation and evaluation of internal controls were seen as a costly approach and required deeper training of staff. Much of this work was curtailed or abandoned altogether, but without the required increase of other work or testing levels to compensate. Sample sizes were also reduced and became what can only be described as judgmental samples and no longer representative ones that were statistically valid. At the same time they continued to apply estimation techniques to errors found when there was no longer a mathematical basis for so doing. Some firms even set an arbitrary maximum sample size like 40 items that had no bearing on audit risks or materiality for the audit in question.
At the time when companies were moving more and more to computerized accounting methods, the auditing firms also became less interested in performing work to document and understand the nature, control and conduct of those systems and hence the impact such practices could have on the associated audit risks, and the reliance that could be placed on financial statements prepared from those records. For similar reasons they often considered the use of Computer Assisted Audit Techniques (CAATs) to be generally unproductive, time and cost consuming, as well as requiring better trained staff and other resources that had their own overhead.
More and more emphasis was placed on esoteric analytical review and supposed use of judgment to support an audit opinion that was less and less evidenced and documented. The final partner review and clearing of issues, as well as their own intimate knowledge of the company and management, became the basis of reliance. But at the same time their own interests were more and more bound up with those of the client and in the need to gain additional fee generating work, to meet their own annually increasing targets and fellow partner expectations. We should not also underrate the influence and feelings of mutual symbiosis from interchanges between the auditing firms and their client companies - both auditors who joined management and the rarer opportunities for senior managers to transfer to the firms as consultants as they approached retirement.
To increase the appearance of proper auditing standards being applied, and in response to earlier scandals and evidence of inadequacies, many institutes introduced what were called 'peer reviews'. This provided for other firms to check the work, standards and methodology employed by firms together with a review of the evidence maintained in a sample of audit files. In the case of the big firms, this review work was largely carried out by other major firms on the argument they were best able to understand and assess the adequacy of the work carried out. Unfortunately they were also those most interested in not finding fault in those that also had to assess them. As in all other institutional issues, the major firms seem to act as a cartel and in their own joint interests, just as with standards setting and all other matters of regulation within the profession.
3: Corporate Governance:
The late 80's and early 90's were littered with a series of scandals, in the US with Savings and Loans, but elsewhere and other clients too, that disclosed problems of optimistic accounting treatments and the accompanying lack of auditor awareness or concern with the practices, that led to many spectacular company failures. Partly in response to that the US Congress started a process known as COSO to suggest and promulgate new means of corporate accountability combined with proper standards for corporate management practices. In Canada these were picked up and extended as CoCo and, in the UK, recommendations that followed from the findings of the Cadbury Commission. Australia also had their own response to the situation and ideas that spread worldwide.
Corporate governance was seen as the necessary protection for shareholders and other company stakeholders. By following risk management and control principles, combined with appropriate policies and practices, together with full accountability and annual statements of compliance from senior management, such recurrences were not meant to happen. In the absence of enforcement rules or independent assessments for adequacy, there was little direct change in practical terms. All that they introduced was a written statement by management that they had followed the recommendations and attained appropriate control, attached to their annual report, required for quoted members on major exchanges, but the initiative soon lost focus and interest. Major audit firms offered to train company staff at vast expense but otherwise had no part in the process. After a few years the goals to be achieved seemed to be forgotten, perhaps because management very rarely wants to be measured and criticized in any public way. Internal Audit departments also started to become vogue at the same time but it soon became obvious that management's wish was for the appearance of independent review of their performance rather than real substance.
By the late 90's the topic was passé and it slipped from everyone's attention. Recent events have caused the terms and ideals to be reawakened but the focus now seems to be more towards criminal punishment and personal responsibility than in setting up a coherent and workable solution to the malaise in business conduct. Another underlying cause was also the personal and corporate acceptance of the notions of greed, that emerged into common business motivations from energized expectations of potential profits, fired by the same unrealistic short-term goals that led to the bubble in Internet companies. Morals or honesty or even reputation were no longer seem as requirements or matters of long lasting importance. Make what you can, however you can, while you can. Accountability seemed escapable. Make you profits and get out quick.
4: Market Forces:
The factor of greed was widespread. Shareholders and investors were quite happy with spectacular and irrational rewards just as long as they were winning and share values kept rising. Over the 90's the markets rewarded companies and their managers while they could maintain an aggressive up tick for the shares and could continue to show ever increasing returns and values. There were and still are not any realistic limits to those expectations - its seems that the ideals of pyramid selling are all fine and well as long as the game continues to be played - just ask the Albanians where such excesses were state sponsored. Eventually every bubble will burst. Some of the major forces fanning these expectations were the financial services industry members themselves, albeit for very self interested reasons. Everyone's focus was on the very short term.
Rewards for management further fuelled this lunacy, almost encouraged by the market players whose clients' long term interests could only eventual suffer and take the resulting fall. Professional investors and money managers stood by as salaries and bonuses for senior management and particularly CEO's rose to hideous heights. Initially this was to be responsive to results achieved but as later markets fell, the same remuneration levels were maintained or ever increased again. A new tool for reward was also used widely by granting executives either options on shares or direct subsidies on company shares awarded to them that were used as a further incentive.
The eventual impact of many of these rewards was the reverse of that intended. Instead of making management focus on the real and continual increase in shareholder value over the long term, management were able to gain quickly by looking at short term increases and returns at the expense of the longer term needs of the company as a whole. Many service contracts also made provision for golden handshakes and golden parachutes either at retirement or when they were let go early. This was also mostly underpinned by exceedingly generous pension rights that would allow many executives to retire with immunity after only a few years commitment.
And lets not forget that the old shell game has always been present where directorships are rewards for friends who use their influence and connections in ways that best help their compatriots. Even 'outside directors' and their supposed control over audit committees and management remuneration, all measures introduced as a check on excessive actions by management and as an assurance for the recognition of shareholders' rights and interests, can now be seen as another shell game. In all this there has always been a conspiracy of silence by all those with personal interests, no matter what their professional background, to not rock the boat or cry wolf until the bitter end. Of course, those were not the same people who would pick up the cheque for the final and inevitable collapse - they are well aware of the methods by which they can hedge their risks.
Some of the same old remedies are being trotted out again for this set of scandals and malfeasance as for past times when accountability issues hit the headlines. Suggestions for new standards, for tighter control and criminal prosecutions head the list as well as suggestions for new oversight boards or commissions. For anyone with any real memory of the past 25 years or so, this all smacks at déja vu and gives one as much confidence as an aspirin for a major wound. It is very likely that those in the driving seat and responsible for the past will create yet one more shell game if they are left in place.
This is an international problem but yet it is not likely that some international body or set of standards could be created that could fix the problem. You only have to look at the United Nations to see that nothing sensible can come out of any international committee or body where only politics seems to be able to survive. The same with the EU for Europe - they would swamp everything in bureaucratic lunacy. Certainly there should exist a set of universal standards for GAAP and GAAS but how can they be arrived at even with limited national input while the US feels to be supreme and, in its own way, unaccountable to others.
Market oversight and regulation of the issues sounds attractive but then their interactions of the past have not had any noticeable impact nor have they prevented any failures to date. Who would be the master regulators and where they would be based are just two of the first hurdles, plus how would it be funded? No government inspired or run body seems capable of performing effectively and efficiently, let alone economically. What chances for a super regulator to work out?
A revamping of the current setup certainly needs to happen and then all the old ties need to be cut too. The main checks and balances thought to exist where different groups or professions were supposed to cross check each other has never really worked where they can find any mutual self interests. One body that does sound attractive is the professional fund managers who have the knowledge and leverage to hold management accountable and yet it can be seen that their own results and hence remuneration can also be dependent on and rewarded by the status quo.
Auditing firms that have no other business interests and where partners and senior staff are required to record all their outside financial interests, just like many politicians, could be one approach as well as extra reporting responsibilities such as for Corporate Governance. Their total independence and dedication to their duties must be assured to provide any confidence.
In addition, company directors, CEO's and others active in markets and publicly owned businesses should make an annual declaration, in writing, with respect to their compliance to tougher fiduciary responsibilities and regulations, such that proof that they lied in that statement would in itself be grounds for criminal prosecution and liability. Fines should ensure that any rewards from malfeasance are totally recovered from assets those people can control and/or benefit from. When found guilty those persons should be publicly identified and denied the right to act in those same areas for an appropriate period in those circumstances. If many people are not willing to act honestly on their own accord they should be compelled to recognize the overriding interests of the greater public. Perhaps they and public companies should also be required to carry full insurance coverage and then it would be those organizations that would have a vested interested in keeping everyone on track as well as protecting the innocent.
A flashback to February 1993 in The Bottom Line: (Unaltered from original copy)
After writing this paper I went back over some of my past articles and found the following:
Banner Title: Auditors At Risk of Becoming Irrelevant
Header: Viewpoint - Has auditing become a no-value service?
The problem with modern auditing is that there is often little - if any - value to the process accruing to shareholders, management, investors, creditors and the public at large.
Recently I had a conversation with a CFO of a multinational corporation based in Toronto.
He stated that he finds almost no value in the audits of his companies and that management's move to have the audits put up for tender at regular intervals is a reaction to ensure that it pays the least possible fee for this no-value service.
He is aware that the major firms are low-balling their quotes and that, as a result, the quality and extent of much of the work will deteriorate further.
Of even greater interest is the fact that I have heard senior audit people agree with this opinion of present-day auditing.
Why, you might ask, is this of concern for a columnist whose bailiwick is computer auditing and audit automation? In a previous article ("Are we giving up the lead in EDP Auditing?" - TBL November 1992, p.26), I stated that the weakening of current standards and auditing guidelines is affecting the audit of computerized systems. The problem is that the negative influences in this area also affect the way that many computer audits are conducted. "Auditing around the computer" is just one illustration - an international one, at that - of insufficient audit work that results from serious "underauditing".
What I am presenting here is my vision of the wider audit picture - which, if it can be cleaned up and corrected - will lead to proper computer-based auditing. This in turn, will help supply a large part of the added value that auditors can produce as an essential benefit of their audits.
The apparent cause of this underauditing is defensive posturing by the major accounting firms and their over-competitive attitudes, which dictate that they must hold or build market share at any cost.
Because of the influence they have worldwide and with the major institutes, I believe they are responsible for the recent weakening and fudging of GAAS standards - both nationally and internationally - which makes it easier for them to do less work.
Part of their defensive posturing may also be based on the present litigious conditions that have arisen because of a long series of international frauds and financial sector and other commercial collapses, in which auditors were issuing clean opinions right up to the point of failure.
It is also clear that little has been done by any of the major institutes to seriously address the "expectation gap" - the well recognized difference between the public's expectations of what an auditor should do and the auditors' ability or willingness to deliver value and certainty as a result of their work.
It appears that we continue to refuse to recognize many of these obligations, and yet our institutes claim that their main responsibility is to protect the rights and interests of the public.
But all is not doom and gloom. What is required is "heads up" auditing, where we maintain a healthy interest and skepticism in all that we do and witness during our audit work.
The fact is that we know how to do our jobs properly; there are no gaps in our technical knowledge of the solutions and proper procedures. We have simply forgotten how to perform correctly because we have stopped doing so for a number of years.
We can, however, correct this position by educating the younger members of our audit teams and by providing revision course for more senior staff.
But this will require a change in the approach and attitude of the major firms; they will have to demand that correct and sufficient procedures are carried out on all jobs and strengthen national and international standards and auditing guidelines to ensure that all auditors are clearly aware of their obligations.
Such new and improved standards should also recognize the patently obvious fact that almost all audited financial records are now computerized and, therefore, should require that all audit work carried out includes the necessary computer auditing assessments and testing techniques.
This additional work will enable auditors to gain further knowledge and understanding of the companies they audit.
The sharing of this extra knowledge of the state of the business and its competitiveness, the state of management's control and the accuracy and completeness of its executive information systems, and the adequacy of the systems of internal control, including application and general computer controls, will supply added value that is gained as a byproduct of audit work but that can then be of direct benefit to management and shareholders.
Arguments are also being voiced to extend the role of external auditors. For example, some people believe that they should provide an independent analysis of the annual or periodic financial results, certify the adequacy of the internal controls system, or provide a running audit opinion of financial results that are provided electronically on a more regular and timely basis. Such additional responsibilities would provide even more value to the benefit of investors, creditors and the public at large.
The surprising but encouraging comment from the CFO I spoke with was that he would be quite willing to pay a much higher audit fee if his auditors would provide appropriate and substantial value to the numerous stakeholders in his companies.
Unless the leaders in the profession respond to this situation in a bold and positive manner, auditors run the risk of becoming irrelevant or even being relieved of some of their legislation-based duties.
We may not have much time left in which to respond to repeated calls to meet the standards the public and business community have been demanding for years.