06 November 2017 by Anthony Hilton
Audit and governance need to evolve to make them relevant to the public
In September, nine years after the spectacular collapse of Halifax Bank of Scotland (HBOS), the Financial Reporting Council (FRC) cleared KMPG of misconduct over its work as auditor on the last set of accounts produced before the bank’s demise.
After a 15-month investigation, the FRC concluded that KPMG could not have anticipated the extreme market conditions that led to the bank’s downfall.
Accordingly, the KPMG audit of the 2007 results ‘did not fall significantly short of the standards reasonably to be expected’ and its assessment of the bank’s health ‘was not unreasonable at the time’.
It is doubtful whether this clean bill of health will do much to restore KPMG’s reputation with the public, but it has certainly done damage to that of the FRC. As the body responsible for the corporate governance regime in the UK, that is not something to be taken lightly.
What the finding underlines is the gulf between public expectation of an audit and what the audit profession is willing to deliver. HBOS collapsed because the interbank lending market dried up after banks lost confidence in the solvency of their counterparties, namely the other banks.
This is what the FRC says could not have been predicted. That is what the public finds hard to accept.
This is because, just as the audit got underway, the nation had already been rocked by the collapse of Northern Rock – the first major banking collapse in this country for more than a century. The Rock was a bank that operated in the same domestic mortgage niche as the Halifax part of HBOS.
Moreover, its demise had come about because its interbank funding had also dried up. This was caused by a draining of confidence resulting from the early signs of collapse in the sub-prime market.
This was evident in the summer of 2007 with the collapse of hedge funds run by Bear Stearns, and strains in funds operated by BNP Paribas. These were all things that had not previously happened in living memory but were happening then.
Anyone who thought extreme market conditions were unforeseeable cannot have been paying attention. Had they really failed to notice those Northern Rock customers on the television queuing to withdraw their savings?
“If an auditor cannot pick up signs of strain in a banking audit on the eve of the biggest financial crash in a century, then what is the point of the audit?”
It is interesting too that the FRC should use the words ‘not unreasonable’ to describe KPMG’s assessment of the bank’s health.
As Paul Merison, a senior lecturer in audit, pointed out in a letter to the Financial Times, to describe something as ‘not unreasonable’ is the equivalent of asking if you are attractive and getting the reply that you are ‘not ugly’.
It means you can avoid the question by providing negative rather than positive assurance. It is however not the language you would expect from a regulator.
It suggests, says Merison, that the FRC either failed to do a detailed enough assessment of the audit work or that it was unwilling to say something more damning.
The problem is if an auditor cannot pick up signs of strain in a banking audit on the eve of the biggest financial crash in a century, then what is the point of the audit?
This also is the question being asked by increasing numbers of the bright young people who move from our top universities to the big accountancy firms. What these firms are finding – although loathe to admit it publicly – is that audit has lost its appeal.
The brightest and best do not want to do it, do not see the point of it, and much prefer to specialise in the other areas of tax and consulting that these firms have to offer. The quality of people opting for audit is in decline, and before too long the quality of those in charge of audit will reflect that decline.
You can detect similar sentiments elsewhere in the FRC’s domain. Currently it is trying to stimulate discussion on how corporate governance might develop over the next few years. However, the backdrop that should not be ignored is that what we have in place has again failed to give the public what it thinks it wants.
The gulf between what governance seeks to deliver and what the public thinks it should deliver is similar to the gulf in expectations over audit. Never has there been so much time and effort invested in following the pages of the Corporate Governance Code, yet there is still so little trust in big business.
The message is clear. Both audit and governance need to evolve in ways that make them relevant to the public and go closer to meeting their expectations. Otherwise they will quickly come to be seen as pointless.