Tag Archives: Boards

The audit punch-bag: Where is the voice of industry?

Punchbag auditStorm clouds are gathering over the audit market. Government, politicians, media and regulators are all queueing up to condemn companies and auditors over the few, but well-publicised, failures of certain companies. Lack of knowledge about the audit process is no bar to these opinion-formers. Meanwhile industry bodies are supine in defending business and signally failing to provide the missing knowledge as to what actually happens and what went wrong.

Having attended some 200 Audit committee meetings across 10 companies of all sizes and ownerships over the last 25 years, I have seen how audits actually work for companies and shareholders.

Is there a fundamental problem with the audit process?

There are hundreds of thousands of audits completed every year in the UK. There has been a handful of, admittedly large, company failures in recent years. There are even fewer cases where an auditor has been found culpable, remembering that it is not an auditor’s job to stop a company failing. There certainly have been issues in auditing, like any business, but it is not legitimate to conclude that the system is fundamentally flawed based on a few examples.

Has greater regulation helped in the past?

In 1998, I along with many other Finance Directors pleaded with the then competition regulator, the Monopolies and Mergers Commission, not to allow the merger of Coopers & Lybrand with Price Waterhouse. This, coming soon after the demise of Arthur Anderson, would mean that we would be left with only four global auditing firms. Industry was ignored, as the regulator knew better and convinced itself that competition would be maintained. Move forward 20 years, and the current regulator, the Competition and Markets Authority, is without a single blush of shame, looking at whether the Big Four are too concentrated. Industry told them 20 years ago that this was a bad thing. What chance that the regulator will listen to industry this time?

The European Union decided in 2014 that the answer would be compulsory tenders and controls on non-audit work. This hasn’t increased competition between auditors and especially non-Big Four, who haven’t won more work. It has created an industry in pitching for new audits, which itself disadvantages the smaller players who cannot afford such expense and who are increasingly not bothering to pitch for larger company work. Moreover, the banning of a company’s auditors from doing non-audit work has actually reduced choice where other Big Four firms are already providing tax, advisory or internal audit services. The choice can end up between two firms, one of whom might then be ruled ineligible as a long-standing incumbent.

In the UK, audit quality is monitored by the Audit Quality Review team, part of the Financial Reporting Council. It reviews about 25 audits for each of the Big Four and a handful each for another four firms. The reviews are effectively an audit on the audit. Although the AQR says that it contacts each Audit Committee Chair at the start and sometimes at the end of each review, there is no evidence in the reports that any weight is attached to their views. For example, the typical Audit Committee concerns; responsiveness, clarity on technical issues and speed are not mentioned in these reports. It is clear that the regulator feels it knows best what makes a good audit.

In short, the evidence is that greater regulation and intervention have proved at best ineffective, largely counter-productive and have actually reduced competition in the audit market.

Is new regulation going to help?

The Government has asked the Kingman inquiry and the CMA to look at aspects of the audit process. There are two key themes; increasing competition in the audit market and looking at a regulator taking over the responsibility for appointing a company’s auditors.

Increasing competition in the audit market

Commentators often wonder why so many companies, especially large ones, principally use the Big Four. The answer is simple. Multinational companies need to be sure that they will get a high-quality audit in all their countries, and the Big Four have the best international networks. Coordinating different auditors in different countries with different technical outlooks and rules is an unwanted significant additional complexity for companies.

There are high quality people in all audit firms, but, from my experience, there is significantly less quality in depth in the non-Big 4. They don’t have the resources, attractiveness and career development that the largest players do. If the objective is higher quality audits, forcing companies to employ less well-suited auditors is a strange response.

Breaking up the Big Four would be very problematic. These are international alliances of companies, so breaking up the UK firms wouldn’t solve the issue the international issue. It is very difficult to imagine that a coordinated multilateral effort could successfully break up the alliances across the world. The Government could encourage or subsidise the non-Big Four to merge, invest, grow their expertise and better develop international partnerships, but this feels pretty tricky. The most plausible change would be to force UK firms to divest all their non-audit work. The auditors worry that this would make audit firms less attractive as employers, and that this would damage audit quality. They may well be right, but industries also have a habit of accommodating such change, not least by increasing salaries.

A regulator appointing auditors

Some believe that companies select auditors who are more malleable to management. However, I can find no suggestion that some auditors are too lenient in any of the AQR reviews of audits, nor indeed any other evidence of this anywhere else. My experience from seven tenders that I have participated in, is that auditors are chosen largely on how sharp, commercially-aware and technically-competent the lead partner and top team are. Never has an auditor even implied that they would allow management more leeway than others. Moreover, if this were the case, then our whole governance structure with independent non-executives and audit committees would be failing. The answer then would be in governance change, rather in imposing audit appointments.

On what basis would a regulator appoint an auditor to an individual company? Would they use sector expertise? This would inevitably lead to a greater concentration of audits as it would be self-reinforcing. Would it be a cab-rank principle like barristers? But this couldn’t cope with companies needing sector-expertise or international coverage. How would allocating audits on a ‘buggins’ turn basis contribute to effective competition between auditors? If a company were allocated a poor performing audit partner, what recourse could it have when the audit is imposed on them? And how would this enhance competition?

An audit does much more than simply agree a profit number. A good audit works closely with management in order to get under the skin of a business and use that knowledge to make judgements, challenge assumptions, identify risks and suggest improvements in processes. The Audit Committee, in consultation with management, is in a good position to assess an auditor’s success in achieving this. How would a regulator be better placed to make this call for an individual audit, along with thousands of other appointments that it would have to make?

There is a problem, but how do we get to a solution?

There are issues with the quality of some audits, but there is no evidence that this is widespread. In fact, the continued repetition of Carillion and BHS as evidence actually suggests that there are relatively few known examples. Clearly there were issues to investigate at Carillion, BHS, Patisserie Valerie, and Conviviality, but no-one is really trying to understand how the audit process contributed to those failures. The media, government, Select Committees and regulators have focussed on allocating blame to individuals. This is not the same as understanding what happened. In fact, searching for blame is pretty much guaranteed to block thoughtful impartial analysis.

It does make sense not to allow any company to become too important to an audit firm. It may well be helpful to separate out completely non-audit work from all audit firms. But making auditors more nervous and cautious about signing off a company’s going concern statement won’t save companies from going bust. In fact, it is likely to increase it, as companies that could perhaps have been saved, have to through in the towel after being unable to get their accounts signed off as a going concern.

The current pressure to increase audit regulation is likely, on past experience, to be counter-productive. It may buy some good headlines for a beleaguered government, but responsible regulation has to be built on evidence, clear thinking and understanding of all the consequences (whether intended or not). It also requires the humility that would come from accepting the failures of past measures and decisions.

The likelihood is that we will end up with more regulation proposed by the ‘great and the good’, few of whom have actual experience of company audits, based on little evidence, but genuflecting to politicians with little or no understanding of business.

And where is the voice of business? The trade bodies remain craven to the government and fearful of a political backlash. The accountancy bodies, dominated by auditors, keep their heads down. It is no wonder that companies are likely to end up being the punch bag for yet more political games.



Motherhood & apple pie – the latest corporate governance regulations for private companies

Wates cover

The FRC has set out new proposals for more corporate governance regulation (the Wates Report) for large private companies.

This is my response to the consultation.





High quality regulation should focus on outcomes and provide evidence to support new rules and principles. Both the government and the FRC seem to be impervious to either. The Wates proposals identify neither outcomes nor evidence. They require private companies to disclose more about governance, but don’t identify who will use this information nor what they will do with it.

The FRC has missed another opportunity to research and think deeply about why companies get into difficulties and how it can reduce the likelihood of this happening. Clear corporate governance is probably a ‘good’ thing for all companies, but there is little evidence that it actually leads to better outcomes. The corporate governance principles proposed for private companies are well-meaning and are hard to disagree with, but, as currently written, are not specific enough to be other than a gentle nudge to companies, and more likely a cause of more boiler-plate wording in annual reports. A few specific questions for companies to answer would give clearer disclosure. The Principles need also to be applied to the actual governance of companies, rather than their legal structures.


  1. What is the objective?

It is not clear what the objective is of this exercise. Paragraph 2 talks about a loss of public trust in big business. Paragraph 3 refers to the ‘privileges of limited liability status’ and lower reporting and accountability requirements than listed companies, highlighting public interest in whether companies ‘operate in a sustainable and responsible manner’. The Consultation Questions explain that ‘The Principles and the guidance are designed to improve corporate governance practice…’ Presumably, the assumption is that ‘good’ corporate governance will build public trust. Sadly, the evidence from the listed arena is that this is not true. Carillion, for example, complied very closely with the Corporate Governance Code.

The foreword explains that the Principles are intended to help companies comply with a new legislative requirement on governance. The FRC is simply responding to a government edict. Without a clear objective, it is not easy to test whether the principles meet their aim, other than to turn a vague statutory requirement into something that companies can comply with.

There is no estimate of how many companies will be caught by those provisions, nor how much it will cost to comply, and least of all any idea of what the benefit will be.


  1. Are the Principles sufficiently specific to achieve the objective?

The Principles themselves are a set of very high-level statements, with which it is difficult to disagree. It’s unclear how a company can realistically claim not to comply with them. Turn each of the sentences into the negative and see who would claim that this applies to them;

  1. The board does not promote the purposes of the company.
  2. The board does not have an effective chair. The size of the board is not guided by scale & complexity of the company.
  3. The board does not have a clear understanding of its accountability and terms of reference.
  4. The board does not promote the long-term success of the company.
  5. The board does not promote executive remuneration aligned to sustainable long-term success of the company.
  6. The board does not have meaningful engagement with material stakeholders.

 What status does the more specific “guidance for consideration” have? It appears to be largely discursive, so would not need to form part of a company’s assessment as to whether it complies with the principles.  It seems that the FRC has pulled back from being too prescriptive, but in doing so has ended up with principles that, whilst undoubtedly worthy, are largely motherhood and apple pie.


  1. Do the Principles and guidance take account of the various ownership structures of private companies?

The Companies (Miscellaneous Reporting) Regulations 2018 confuses legal structure and governance. Legislators appear to believe that every company has a board that manages that individual business on a day to day basis. This may be true of some independent companies, but it doesn’t take account of group structures. A number of subsidiary companies may together constitute a group, which is managed by a board at that level. The size tests apply at company, rather than consolidated level. Yet many holding companies do not directly employ significant numbers of employees, not have large revenue themselves. The Regulations will therefore miss some large groups that are presumably the principal intended target of this legislation. It may also cause subsidiaries to invent bogus governance to comply or have to explain why they don’t comply.

The FRC should make it clear that the Principles apply to the board that actually constitutes the main governance for each entity, irrespective of the legal structure, provided that this is explained and disclosed in each company annual report. A subsidiary could simply report that its main governance structure sits with a parent entity and that details will be found in that company’s report and accounts.

The FRC should also clarify that the tests for the need to comply (employee numbers, turnover and net assets) should apply to the consolidated accounts, rather than the parent company alone.


  1. What more could be done?

To make these proposals have any meaning, the FRC should consider making adequate disclosure a key part of the Code. I appreciate that this is implied, but it should be made explicit and specific. The proposals in the guidance could be backed by a small set of simple disclosure requirements;


  1. Describe the values by which the Board and the Company operate.
  2. How does the Company promote behaviour in line with its values whilst discouraging misconduct and unethical practices?

Board composition

  1. How are board members appointed and what relationship does each have with the shareholders or parent group?
  2. What does each board member bring to the board?

Board responsibilities

  1. Describe how the board governs the company, including through use of subcommittees.
  2. How does the board ensure that the company systems and controls work effectively?

Opportunity and risk

  1. How does the board evaluate and manage risk?
  2. What is the board’s appetite for risk?


  1. How does the board set remuneration for directors and senior executives?


This list of disclosure questions should be kept short and high level. The risk is that everyone will want to add a question, but the longer the list the greater likelihood of a box ticking mentality and boiler plate answers. This should be the minimum number of questions that a company would need to answer to give adequate disclosure on the Principles.