Fanning the audit flames

AUDITORS FOLLOWING press reports in recent months could be forgiven for feeling numb. Having been told they had had a “good crisis” in the immediate aftermath of the banking meltdown, they now find their position challenged on all sides.

How could auditors sign off bank audits, only to see banks fail months later? Are audits worthwhile? What do audits do and should they do something different?
Of course there is a degree of finger pointing in the responses to the crisis. Banks and their regulators haven’t looked very bright themselves. However, rather like a Molotov cocktail thrown into a smouldering grate, the crisis has acted as an accelerant, fanning the flames of a legitimate and overdue debate on the nature and purpose of audit and assurance.

The primary purpose of audit has been to validate financial statements, in order to give investors assurance of adequate stewardship and to indicate that reported earnings have some resilience. Through this periodic validation the audit has created a currency of trust that extends to the audited company’s other communications to the markets, in the safe knowledge that what company’s inform the market of has to reconcile with audited information in a relatively short timescale. This currency of trust was depreciating before the banking crisis. Why? Audit has not fundamentally changed – it may be more scientific, more sophisticated, more risk based and more technological – but it still aims to report in the same terms it always has – on whether, fundamentally, a set of accounts has been properly prepared under a particular accounting framework.

The rest of the world has changed. Listed companies communicate with markets and investors more frequently and more quickly. Most investment decisions are made without reference to accounts themselves – indeed most shareholders probably never see the annual reports, which go to nominee companies.

Additionally the world of accounting has become has become increasingly complex, most often in areas which company directors regard as peripheral at best – notional charges against income for share options, “fair values” of assets being incorporated into balance sheets for which no real market may exist, such as brands or customer lists, and so on.

Companies are therefore using their own performance measures, and a disconnect therefore arises between what may be presented at, for example, an analysts’ briefing and the accounts themselves. The currency of trust becomes over-extended.

As one moves away from the public company arena directors and owners are increasingly bewildered by accounting treatments. The likelihood is that they will be more bewildered when “IFRS for SMEs” is introduced. So there is a clear case for simplifying financial reporting: but is there more or less that auditors should do to re-establish the currency of trust irrespective of this?

There are a number of actions that could be taken to improve this position, as well as reducing complexity in reporting. Let’s look at two examples:

•?Requirements for audits. Why mandate an audit for all private companies? If owners and directors need external assurance they can contract for what they need. If lenders need it they can require appropriate assurance in the terms of lending. HMRC now carries out detailed reviews where it wishes to question tax returns. The same applies to subsidiaries of companies preparing group accounts. A change of substance in the statutory audit limits could save UK PLC a lot of money, reduce the burden of regulation, and take much commercial work out of the straight jacket of statute, without a proportional increase in risk.

•?Narrative assurance for FTSE companies. As well as wanting simplicity and comparability at the back end of the accounts there is a drive for clarity around the words in the front end. The market wants to be told the story about the company, its past, present and future, in a full and fair way. There is a substantial case for introducing assurance to FTSE companies narrative reporting and their other market communications. Such assurance needn’t be established under statute, allowing it to flex with challenging market needs. This would enable assurance reporting to be less formulaic then audit reports are, and to be discursive where needed.

These two changes are substantial. They imply the development of a tiered approach to assurance outside the core of statutory audit, which is available to supplement or replace the blanket “one size fits all” statutory duty. If properly developed (with users rather than practitioners’ requirements in mind) it should be possible to tightly define models of assurance that meet individual user groups’ needs and are appropriate to the scale and complexity of the business, focusing auditors on identified needs and away from a historical model that is outmoded and less and less appropriate in fostering trust in corporate reporting.

James Roberts is an audit partner at BDO


Related reading