THE recent high profile cases of financial misreporting by Tesco and Toshiba left investors with an eerily familiar feeling of Enron-era déjà vu and begs the question, what value does audit provide when accounting scandals occur?
The same can also be said when unanticipated corporate collapses occur without the auditors sounding the alarm bell, or when regulatory inspections highlight recurrent patterns of significant deficiencies in the audit process. Indeed, a 2014 IFIAR report flagged 47% deficiencies in audits across 948 global public company audits.
Cynicism about the value investors derive from auditors is also fuelled by what sometimes seems to be a game of musical chairs, whereby audit firms take turns to admit their sloppiness with regard to particular audits, and accept the fines from regulators in different countries.
Despite the never-ending slew of corporate misreporting episodes, the fact remains that company audits are necessary because they hold economic value for capital market participants. For many investors, company audits are pretty much a behind the scenes, black-box activity and there is often an assumption that they ensure reliability of reported numbers, hence the surprise whenever there is an egregious company misreporting episode.
Auditors frequently assert that there is an expectation gap between external stakeholders and auditors regarding their role, especially when companies have engaged in fraudulent misreporting. While this is true in so far as external parties may not be fully abreast of the scope, methodology and outputs of current audits, there is a legitimate question of how auditors can increase their relevance and enhance their value proposition for the benefit of investors. Three ideas come to mind.
A more informative auditor report
Firstly, a more informative auditor report – beyond the traditional ‘pass/fail’ – would be helpful. The requirements by the UK Financial Reporting Council (FRC) for an enhanced auditor report were certainly a step in the right direction, and the 2013 and 2014 editions of auditor reports have provided a reasonably good start. I hope there will be a global rollout of similar reporting requirements across all countries.
The best of these auditor reports (such as the Rolls Royce report) have provided incremental auditor insights into company-specific key risk areas, and have included both quantitative and qualitative information within the communication of key audit matters. The better reports have also tended to conform to the principles of good communication which include: an executive summary that outlines the scope of coverage and materiality; tables to parsimoniously present information; the avoidance of boiler plate descriptions of controls and audit methodology.
Nevertheless, the question remains: how can these newly enhanced auditor reports be further improved? Even with the many noted positives, there is scope for auditors to help readers better interpret any disclosed materiality (i.e. performance and overall materiality) and specifically how it relates to the scope of audit coverage. It is intriguing to observe the variation across entities on the materiality determination, which always seems to be 5% of one line item or the other e.g. assets, net income, and other line items . How should readers interpret when materiality varies across reporting entities and over time? Does the auditor’s view of materiality align with an investor’s view of materiality? What is the level of assurance that can be provided when there is significant measurement uncertainty.
Appetite for assurance
A second benefit to investors would be to explore the appetite for assurance beyond the current remit of traditional historical financial statements. There are a variety of relatively nascent initiatives assessing whether such an expansion in the scope of assurance is desirable. Standard setters have been grappling with this question in relation to integrated reporting, as has the ICAEW with respect to narrative reporting, bank capital and risk weight assets assurance. Questions being addressed across these initiatives include the level of assurance (process versus positive assurance on reported metrics) that is appropriate, as well as the question of who should provide the assurance.
All things being equal, it is hard to see how providing assurance in areas beyond the traditional financial statements which influence investor judgment on the value and prospects of companies, cannot be beneficial for investors. Investors sometimes articulate concern about how increased assurance could compromise the timeliness of desired information, but the spirit of innovation should guide the thinking by auditors on this matter and they ought to be alert to both latent and expressed investor needs for assurance. There should also be a recognition that because auditors do not always earmark audited versus non-audited information within the corporate reports, many investors might not be aware of whether or not assurance has been provided for specific areas outside the financial statements and in other sections of the corporate report.
A third area of enhancing the value of audit arises from technology-related developments. As corporate reporting evolves and the role of technology becomes more integral in the preparation and delivery of financial and other investment related information, investor expectations of assurance are bound to similarly evolve. Evidently, developments in technology and big data are transforming audit procedures including the analytical reviews that are done during the risk assessment stages of an audit and presumably extending to the nature of detailed substantive tests. There is, therefore, a need to articulate how audit quality is being enhanced as a result of these technology related developments to investors.
It is worth reiterating that company financial reporting is the bedrock of all capital market related information and is at the heart of corporate communication regarding performance, value creation and the future prospects of companies. There will always be a market need for independent assurance regarding information provided by companies on their performance but the scope and communication of value provided by this assurance needs to evolve if it is to be timely, relevant and meaningful to serve the needs of investors.
Vincent Papa, is a director of financial reporting policy at CFA Institute
Simon Wright of CareersinAudit.com discusses how an effective cyber defence force is critical to businesses worldwide and how internal auditors can make the transition to a new career in cyber security
The FRC has said that the investigation will 'consider, but not be restricted to, issues regarding misstated accounting balances'
Craig Maxwell joins the audit and assurance team in Scotland
Stephen Grayson to join the audit department in Manchester