Startling take on Big Four

print   ·  

THIS is not a story that Big Four accounting firms may like to read. Because it is about the gloomy report card they earned in the hands of the Canadian Public Accountability Board (CPAB). Big Four accounting firms "have more work to do in a number of areas to improve audit quality and achieve consistent adherence to internal and professional standards," said the Board about a week ago, when issuing its third public report after inspecting the firms.

We don't seem to have any such report, as yet, so it makes eminent sense to read the Canadian regulator's findings, for possible insights.

But first, what is CPAB's job? Its mission is "to contribute to public confidence in the integrity of financial reporting of reporting issuers by promoting high quality, independent auditing," informs "It is responsible for implementing an oversight program that includes regular and rigorous inspections of the auditors of Canada's public companies."

Ensuring public confidence in the integrity of the financial statements of publicly traded companies is key to maintaining viable capital markets, declares the site, right on top. It was in July 2002 that Federal and provincial financial and securities regulators, and Canada's chartered accountants, announced the creation of CPAB, "a new independent public oversight system for accountants and accounting firms that audit reporting issuers." The first public report was out in October 2004, and the second, in August 2005.

A page titled `How we work' informs that CPAB carries out its mission by conducting inspections of the firms over which it has oversight responsibility.

"Firms with 50 or more reporting issuer clients will be inspected annually while those with less than 50 will be inspected on a three-year cycle," informs the Board. CPAB has developed a comprehensive inspection programme to review the quality control systems in place in participating audit firms, one learns.

Interviews, focus groups

The first report (October 2004) focussed on `the four largest public accounting firms' Deloitte, E&Y, KPMG and PwC. But why single them out? Because these firms audit more than 4,000 public companies or other reporting issuers in Canada, accounting for about 70 per cent of the total market in terms of number of clients, and "more than 90 per cent if measured by the market capitalisation of the entities audited." Do we have the numbers for the Indian scene?

CPAB's inspection sought to acquire an understanding of the firms' quality control with regard to leadership, independence and ethics, client, human resources, audit performance, and so on. In each firm, the Board tested compliance with professional standards, interviewed 30-40 senior individuals "with management responsibilities that are relevant to audit quality." Also examined were working papers, policy manuals, "quality-related communications to partners and staff," training curricula, attendance records, and staff satisfaction survey results.

There was more: In each firm, 10-12 focus groups of about 10-15 individuals each received the input of a variety of partners and staff with respect to certain quality-related issues. The group participants "expressed their opinions by using electronic keypads (to ensure anonymity of individual response) to `vote' on the extent to which they agreed or disagreed with approximately 25 assertions related directly or indirectly to audit quality." The Board notes with satisfaction that the process helped it learn about "issues germane to audit quality that might not otherwise have come to our attention."

CPAB is not particularly happy that firms removed from audit-file documents said to be subject to legal privilege. "While we understand the reasons for the removal of privileged documents, any restriction on the scope of our review is unsatisfactory to CPAB and contrary to its purpose," is a line that bristles with annoyance. CPAB has decided, as a result, to seek statutory authority to have access to privileged information.

Independence hit

The Board found that all firms operated "electronic investment monitoring systems into which individual partners and certain staff must enter their personal investment portfolios and transactions." What do these systems do? They compare individuals' investments against the firm's master list of `prohibited' audit client securities that are ineligible investments for some or all of the firm's partners and staff.

"Any exception that is revealed by this comparison is typically reported to independence specialists in the firm, who work with the affected individual to ensure that the situation is investigated and resolved in a timely and appropriate manner, if necessary by disposal of the securities in question." Firms also used `annual independence confirmations' obtained from partners and staff to screen for exceptions.

The Board's recommendation to the firms was to have `more timely follow-up of reported exceptions' and to include within the filter "staff on maternity and other temporary leaves of absence".

CPAB found that firms gave their staff client list but, at times, excluded "operating subsidiaries or other affiliates, which may carry on business in a different country or under a different name not commonly associated with the parent."

The Board frowned upon the absence of `code of conduct' and `whistleblower' procedure in some firms. "Performance evaluations are not as timely as they should be," noted the 2004 report. Specific recommendations of CPAB were on areas such as documentation of `consultation on difficult or contentious matters', and `accuracy, completeness, and transparency of reports to audit committees.'

The Board wished for `one important quality control' that an independent review be made part of public company audit, "prior to the signing of the opinion, by a partner other than the partner responsible for the engagement." The first report wrapped up with the exhortation that Canada needed, "as soon as possible, a robust, world-class audit documentation standard."

It also emphasised the need for "getting it right every time, with no tolerance for substandard performance."

High-risk audits

The second report (August 2005) was based on inspections of 23 accounting firms, auditing more than 5,500 public companies, "representing about 80 per cent of the total market in terms of number of clients and well over 90 per cent if measured by market capitalisation." The firms inspected included the Big 4.

CPAB spoke of `restrictions' on four firms (out of the 19 smaller ones?) as follows: "Requiring three firms to not accept any new reporting issuer audit clients until all of CPAB's recommendations have been dealt with in a satisfactory manner. And requiring a fourth firm to permit only certain partners to carry out engagement quality control reviews and specifically prohibiting certain other partners from performing such reviews."

The Board demanded `substantial improvement' from `the weakest firms', where the following shortcomings were unearthed:

Absence of internal controls to prevent or detect independence violations.

Partners operating substantially autonomously on their individual client portfolios with little internal firm oversight of audit quality.

Apparent willingness to accept or retain almost any entity as an audit client, "despite clear evidence from the audit work that the integrity of management was in significant doubt."

Rudimentary HR systems, with little evidence of effective counselling and staff evaluation, and even lacking personnel files.

Ad hoc training, with no prescribed curriculum for ensuring that the firm's intellectual capital is maintained, and, as a result, some practitioners not being sufficiently familiar with current accounting and auditing requirements.

Audit methodologies not addressing certain requirements of GAAS (Generally Accepted Auditing Standards).

The Board condemned the practice of taking up work where competencies were lacking.

One example of such inappropriateness cited in the report is of firms doing audits of SEC registrants (the US Securities and Exchange Commission) despite lacking expertise in US accounting principles and auditing standards.

Another example is about "audits of companies with significant operations in China that have access to Canadian equity markets by means of reverse takeovers of inactive companies that were already reporting issuers in Canada." The Board cautions that these audits are high risk, and therefore to be undertaken "only by audit firms with professionals who possess both the relevant linguistic skills and a sound understanding of Chinese business practices."

Big Four revisited

The latest report, the third, is again on the Big Four. Out of a total of 87 audit engagements selected for review, five engagements had such serious deficiencies that the Board felt that those audits were not conducted in accordance with GAAS. "A significant number of other engagements had departures from firm and professional standards."

If you thought that the Board stops with just shedding tears and making reports, you may be wrong. Because, it expects firms to implement the recommendations within 180 days. "When a stronger message is needed, CPAB imposes requirements instead of recommendations." What if a firm failed to pay heed to requirements too? "CPAB would consider making that fact public and, in certain cases, could choose to impose restrictions or sanctions on that firm to protect the public interest... In the most extreme case, CPAB could declare that an audit firm is not a participant in good standing, meaning that firm could no longer audit public companies in Canada."

The Board was not too happy with the results of the review of Big Four work. Results are `startlingly poor,' said the CPAB. "In each of the four firms, more than 50 per cent of the individuals subject to audit were found to be in violation of at least one aspect of firm polices."

The main culprit was the investment monitoring. "For example, in one firm, the compliance audit revealed that there were 49 clients whose securities were held by partners."

On the thinking by some firms that minor infractions need not be reported to clients, the Board says, "Every infraction must be reported and the audit committee can decide whether the infraction is minor or not."

The Board bewails that its inspection identified too many wrongs and compliance problems. "We expect that each firm will share our sense of disappointment and will work diligently to impress upon its partners and staff the need to improve compliance in future."

We don't lament thus. Perhaps because our regulators are too busy to subject the Big Four to any serious inspection.

D. Murali

(This article was published in the Business Line print edition dated December 29, 2005)
XThese are links to The Hindu Business Line suggested by Outbrain, which may or may not be relevant to the other content on this page. You can read Outbrain's privacy and cookie policy here.



Recent Article in OPINION

Get the diagnosis right

Snapdeal is only a symptom of a bigger regulatory problem »

Comments to: Copyright © 2015, The Hindu Business Line.