Who’s Who in Accounting & Payroll (Special Publication)
NOWHERE IS CORPORATE do-goodery more on show than in a firm’s sustainability report. Today 58% of companies in America’s S&P 500 index publish one, up from 37% in 2011, according to Datamaran, a software provider. Among the photos of blooming flowers and smiling children, firms sneak in environmental, social and governance (ESG) data, such as their carbon footprint or the share of women on boards. But the information differs wildly from firm to firm.
The Reporting Exchange, a website that helps corporations disclose sustainability data, tracks various ESG-related guidelines, such as regulations and standards. Across the world the number grew from around 700 in 2009 to more than 1,700 in 2019. That includes more than 360 different ESG accounting standards.
Some observers, then, may have rolled their eyes on September 22nd when the World Economic Forum (WEF) announced—with the backing of the big four accounting firms, Deloitte, EY, KPMG and PwC—a new set of ESG metrics for firms to report. Those involved are at pains to stress that this is not yet another new standard, but instead a collection of useful measures picked from other standards. The intention, they claim, is to simplify ESG reporting, not to add to the confusion.
Simplification is sorely needed. Investors complain that the proliferation of standards hinders comparability. Environmental activists note that it lets companies cherry-pick flattering results. And corporate bosses moan that they do not know what to disclose and that the array of options is confusing. Many want an ESG equivalent to the Generally Accepted Accounting Principles used in financial reporting. But these took years to agree on. Today, says the boss of a big pension fund with a large ESG portfolio, “there is greater urgency” to coalesce around a set of common standards. Even so, this is expected to take at least five to ten years, slowed by competing interests and disagreements about what to measure.
Four standards dominate ESG’s alphabet soup. The Global Reporting Initiative (GRI) focuses on metrics that show the impact of firms on society and the planet. By contrast, the Sustainability Accounting Standards Board (SASB) includes only ESG factors that have a material effect on a firm’s performance. The Task Force on Climate-related Financial Disclosures (TCFD) and the Carbon Disclosure Project (CDP) are chiefly concerned with climate change—specifically companies’ exposure to its physical effects and to potential regulations to curb carbon emissions.
GRI is the most popular of these, in part because it is the oldest, founded in 1997. It has been embraced by perhaps 6,000 firms worldwide. According to Datamaran, 40% of S&P 500 companies cite GRI in their sustainability reports. But SASB is gaining ground in America. One in four members of the S&P 500 makes reference to it, up from one in 20 two years ago. TCFD has experienced a similar uptick. It is backed by the Financial Stability Board, a global group of regulators. Both SASB and TCFD have risen partly thanks to support from large asset managers, including BlackRock and State Street.
Further simplification may be afoot. In September five big standard-setters announced that they would try to co-operate more and harmonise some measures. But few observers expect the end result to be a single standard. Among the five are SASB and GRI, each of which claims that it could coexist with the other.
How long such coexistence can last is unclear. As well as the WEF, other global bodies are taking an interest. The International Financial Reporting Standards Foundation, a global financial-accounting standard-setter, is considering its own ESG standard. Moreover, the EU is planning rules that will force big companies to disclose more ESG information; it is still thinking about which measures to use. If the ESG standard-setters cannot decide which metrics matter most, others may decide for them. ■
This article appeared in the Business section of the print edition under the headline “In the soup”
Britain’s audit regulator, the Financial Reporting Council, put out new rules July 6 intended to boost auditors’ independence. The rules focus on how audit partners are paid—so that fees from consulting, which requires a certain degree of obsequiousness toward clients, do not overly slacken auditors’ skepticism toward those clients.
These new rules are well-meaning. But they are not enough. Auditors could easily use the new rules to raise audit fees on their clients, but that does not mean they will be more challenging toward their clients. Indeed, it is easy to see how the audit firms comply with the letter of these new rules without honoring their intent. The very fact that the audit firms have come out broadly supportive of the new rules should give the regulators some pause as to whether they have been had.
The new rules are seemingly catalyzed by the Wirecard accounting scandal. A DAX 30 company, and one of Europe’s embarrassingly few tech success stories, Wirecard has collapsed under what appears to be a simple cash fraud. The auditors apparently relied on third-party representations of their client’s cash balances. This is absurd. Even my landlord, who is not an auditor and who knows of my professorial role at Oxford, demands a higher standard of proof to verify my income.
It is not that the auditors don’t know how to do their job—most audit partners I have met are hugely competent. It is because the culture in their own firms does not sufficiently reward challenge. To have gone back to Wirecard to chase after more evidence on cash balances would have been unpleasant for the auditors—it suggests to the client that the auditor does not trust them. And to be so aggressive with clients is anathema, even for partners in the firms. Not surprisingly, the juniors also learn how to sing in this choir.
Bethany McLean is a hero among financial journalists. In 2001, the then 30-year-old Fortune magazine reporter authored a critical piece questioning one of the world’s most valuable and feared companies: Enron. Her article helped unravel the massive accounting fraud upon which Enron was built, and it helped bring down both the company and its auditor, Arthur Andersen, which was at the time one of the world’s most revered audit firms.
The story of Bethany McLean’s chutzpah is legend in business school and journalism classrooms—the story of a David who brought down Goliath. I haven’t met a serious financial journalist who doesn’t yearn for a “hit” like McLean’s Enron piece.
What are the McLean-like watercooler stories within audit firms? What are the hero narratives on which novice auditors are initiated and reared into the partnership? These narratives exist—every organization has culture-building stories, even if they are not the ones the CEO likes to tell—but within audit firms today these narratives have little to do with challenging clients’ management.
Rather they are narratives about whistleblowers who get shunted out and troublemakers who get denied promotions. The junior auditors know what is best for them if they want to stay and draw partner-level salaries—and rocking the client’s boat is not advised.
The Wirecard fraud has again brought to public attention the invidious negligence of some auditors. The crisis in auditing is at the heart of the current crisis in capitalism—many people don’t trust capitalism because they see it as an inside job; auditors are supposed to safeguard against expropriation, but they are too often caught asleep at the wheel.
What we need to see from the audit firms is a genuine commitment to getting their internal culture right—a culture of intense challenge and skepticism of clients’ management practices. Many clients will not like this; but that is precisely why we need auditors and why we made audits statutory. Until we know that audit rookies are being inducted with watercooler tales of how their firms’ most respected partners felled duplicitous CFOs through dogged investigation, no amount of new rules will matter.
Karthik Ramanna is professor of business and public policy at the University of Oxford’s Blavatnik School of Government.
The firms will have until June 2024 to complete their operational separations.
The reforms are part of a suite of recommendations from a review of the quality and effectiveness of audits by former London Stock Exchange chairman, Sir Donald Brydon, that was completed late last year.
The review was prompted by a string of corporate failures, most notably the big construction services group, Carillion, in 2018. Its recommendations have, however, been given a sharper focus by the collapse of Wirecard and the failure of its auditors, EY, to uncover what it has described as an “elaborate fraud” enacted over a number of years.
In fact there had been external cynicism about the previously high-flying Wirecard’s finances from journalists and short-sellers for more than a decade, along with several investigations by Germany’s regulators.
Even without Wirecard to provide a focus for reform the Brydon review was being watched closely by regulators and legislators elsewhere.
In Australia the Parliamentary Joint Committee on Corporations and Financial Services has been conducting its own review and published an interim report earlier this year, with a final report (delayed by the coronavirus outbreak) scheduled to be delivered in December.
In the committee’s interim report it recommended: more disclosure of fees for audit and non-audit services; an explicit prohibition on some services that audit firms can provide the companies they audit; a prohibition on audit partners being remunerated for selling non-audit services to audited entities; the introduction of a quasi-mandatory tendering regime for audits and a review of the effectiveness of reporting requirements in preventing and detecting fraud, among other measures.
EY has been caught up in a class action in relation to Wirecard’s collapse, which has been likened to the collapse of Enron, where there was also large-scale and elaborate accounting fraud.
Enron’s auditor, Arthur Andersen, was indicted and convicted in 2002 by US authorities for its role in facilitating the fraud and the collapse and the venerable firm – it was founded in 1929 – imploded even though the US Supreme Court later over-turned the conviction. Its consultancy and out-sourcing businesses, which had split from the firm just ahead of Enron’s collapse, survive and have prospered as Accenture.
Then, and now, there has been a lot of debate about the role of auditors and its limitations.
Auditors have long (and frequently) referred to an “expectations gap” between what they are legally required to do and what the wider public thinks and expects them to do.
Audit statements generally say that the company’s accounts provide a “true and fair” view of the state of the company’s affairs and that the financial statements have been presented in accordance with accounting standards.
While there is some responsibility on auditors, in providing their assurances, to uncover frauds, that isn’t their primary function.
The Wirecard, Carillion, Enron, Parmalat and many other big collapses involved quite elaborate and difficult-to-detect accounting frauds. Auditors argue that their primary role isn’t to uncover or go actively seeking frauds of that complexity and involving such sophisticated deceptions.
Brydon dealt with that in his review by saying that the “expectation gap” is a distraction.
The purpose of an audit was, he said, to help establish and maintain deserved confidence in a company and its directors and the information in their reports and financial statements. He wants to see the auditor’s role expanded to enable them to have access to and consider information beyond financial statements.
There has long been a viewpoint that closing the expectations gap is not simply a matter of tinkering with auditors’ responsibilities – or educating the wider public about the limitations of the existing audit functions – but changing the substance of the audits themselves to make an auditor far more of a watchdog over boards and managements.
The scope of an audit would be very different if, rather than having a reasonable expectation that financial statements don’t contain material misstatements, auditors were actively obliged to detect fraudulent activities and pass public judgements on the internal controls that companies themselves have in place to prevent and detect them.
Given that the companies choose and pay the auditors – whose firms might also provide other, more lucrative, non-audit services – an enlarged, more expensive and potentially more dangerous role for auditors generates ancillary questions as to who should choose the audit firm and decide the fee structure.
There have been suggestions in the past that the Australian Securities and Investments Commission should appoint auditors from a panel it has approved.
In the wake of the big corporate collapse the role of auditors is always the subject of intense scrutiny and discussion (they are of great interest to creditors and shareholders because they have professional indemnity insurance) but the primary responsibility for ensuring solvency and preventing fraud does, of course, sit with directors and managements.
Auditors are a third, or perhaps fourth (after internal auditors) line of defence.
That doesn’t mean that there shouldn’t be discussion about, and reforms to, the breadth of their role and responsibilities, or structural approaches to dealing with conflicts of interest, but there will always be practical and financial limitations to the ability of external auditors to deliver on the more ambitious expectations that the community has of them unless those the very nature of an audit is transformed.
Stephen is one of Australia’s most respected business journalists. He was most recently co-founder and associate editor of the Business Spectator website and an associate editor and senior columnist at The Australian.