Get audit wise

Trust and confidence in a company audit is nothing short of essential. As per the Institute of Chartered Accountants in England and Wales (ICAEW), an audit’s purpose is to “enhance the degree of confidence of intended users in the financial statements”. Investors certainly fall into this category. Again, as per the ICAEW, this confidence is instilled “by the auditor giving an opinion on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework”. That framework relates to a long list of accounting standards – which help homogenise the process – while “material respects” might explain the single biggest risk with audits in just two words.

What’s material?

The concept of ‘materiality’ is one of the first principles established at the start of an audit. In a sense, it is negatively defined; the International Standards on Auditing require that auditors “obtain reasonable assurance” about whether “the financial statements as a whole are free from material misstatement, whether due to fraud or error”. It also allows for a dose of subjectivity, requiring auditors to decide upfront what constitutes a ‘material’ error. It’s a financial figure, which effectively acts as a threshold throughout the entire process. Any misstatement, omission or error that falls below that cap in a quantitative sense can either be ignored or reasoned away.

Getting to that figure can be done in several ways, and is often specific to the type of company under audit. As per ICAEW guidelines, it might be more appropriate to use a percentage of gross assets in relation to a property investment company, a percentage of total expenditure for a charity or a portion of pre-tax profits for a retailer. Auditors are simply urged to use their judgement to determine and justify an appropriate benchmark.

The problem with materiality

Yet determining materiality can cause any number of issues down the line. In the past, it was not unusual for auditors to use an average across several different types of figures to determine materiality. For example, even a fairly traditional business model can experience volatile profits from year to year, thereby rendering a straightforward approach inappropriate. But there’s debate among accounting professionals on this issue, with many arguing that a compounded calculation distorts materiality and makes the eventual figure far too large. Even the ICAEW admits it’s becoming a less popular approach.

The materiality principle is hugely complex, and the ICAEW has produced a 34-page document on how auditors and other financial professionals should treat it. But the basics are not difficult to grasp. Assume you’re auditing a mid-size company with turnover of £1m. As a percentage of turnover, materiality could hypothetically be set at 1-3 per cent (between £10,000 and £30,000). Auditors must look for errors or omissions that exceed this amount and find reasonable explanation as to why it could be. If they can’t find a reason, they shouldn’t sign off the audit – in theory.

Generally speaking, auditors will find ways to rectify or reason away material errors so that the accounts can be signed off, often with some variation on the assurance that “these financial statements are a true and fair reflection” of a company’s financial affairs on a specific date. Translated, that means the financial accounts aren’t perfect, but believed to be free of errors that could mean the difference between a going concern or a company on the brink of collapse.

Critical distance?

Imagine the auditors have discovered a material error in the accounts. In theory, this should prevent them from signing off, especially if the company in question can’t come up with a reasonable justification as to why this won’t affect the future of the business. So why does this rarely – if ever – happen?

It’s now that we enter the murky world of client relationships, something audit sceptics have blamed for endangering both investor capital and the financial industry’s reputation. Audits generate huge amounts of fees for professional services firms; according to Financial Director magazine, the accountants of FTSE 350 companies were paid £728m in aggregate in 2016, as well as a further £121m in audit-related fees. But the cross-selling of consultancy and tax work is also lucrative, adding a further £275m to the £1.1bn paid by the FTSE 350 to the top-six auditors, and audits are often the backbone of these relationships, often for a very long time.

Regulatory champions are likely to point to the evolving rules around audit rotation, which are expected to ease concerns about the nature of these client/firm relationships. But current EU-directed rules only dictate that public companies put their audit work up for tender every decade and change auditors every 20 years. Those rules also only apply to accounting periods starting after June 2016, and transitional arrangements are recommended for audit engagements arranged prior to this date.

But some suggest the new rules have only encouraged auditors to push the limit on the broader range of services they offer clients, so that when rotation happens, fee income isn’t too badly damaged. Others believe that a cap on other service fees worth 70 per cent of the audit fee is sufficient to keep these relationships in check. Shareholders, meanwhile, appear supine, with few ever questioning the reappointment of auditors at annual meetings.

There’s little evidence to suggest current rules have helped neutralise these relationships. In fact, a survey conducted by EY when rotation changes were introduced two years ago found that 17 per cent of FTSE 350 companies admitted to only having “some knowledge” of the updated regulation. In the face of tightening rules, only 42 per cent said they had a full strategic plan in place, while close to a fifth admitted they had no plan in place at all and didn’t know when their company should be putting their audit work up for tender. It’s difficult to say whether this apparent indifference persists.

Conflicts of interest

One of the biggest concerns with cross-selling services is that auditing firms have major conflicts of interest – even within one client, let alone offering the same services to rival groups. And, if an auditor is discovered to have made mistakes or unjustified corrections during the audit, this could understandably cast doubt over the quality of the work across the rest of the business. Suffice to say, if the auditor has been involved with a company for up to two decades, and across multiple business areas, a loss of impartiality seems highly possible.

Tesco's (TSCO) accounting scandal served as an interesting test of this dynamic. In 2014, around £2bn was wiped from the company’s market value after Dave Lewis – at the time the newly appointed chief executive – admitted that first-half profits had been overstated by £250m. In interim accounts, audited by PwC, payments to suppliers had been misreported and other costs had been ignored. At the time, forensic accountants from Deloitte were drafted in alongside those from Freshfields to re-analyse the books and make sense of how PwC could have missed the mistake. Ultimately, and despite a two-and-a-half-year investigation, PwC escaped without censure from watchdog the Financial Reporting Council (FRC). But in 2015 the grocer replaced its auditor of 32 years with Deloitte. There is an ironic twist in this tale, however; last week shareholders in troubled construction materials group SIG (SHI) rejected the reappointment of Deloitte as the company’s auditor, after it was revealed that profits and cash balances had been overstated in previous years.

Conviviality: when it all goes wrong

This year, the retail sector has already provided another major shock via the collapse of former Bargain Booze owner and drinks wholesaler Conviviality (CVR). The time between interim results at the end of January – labelled a ‘blip’ by several City analysts – and the company’s collapse at the start of April was rapid, not to mention unexpected. True, margins were struggling as the group invested in technology and integrated two large acquisitions. But news of a hidden, and very material £30m tax bill – which was suddenly payable within weeks – and the subsequent cancellation of the dividend really marked the beginning of the end.

How did Conviviality’s annual audit, completed just six months prior to the debacle, miss this? MPs have called for the company’s auditor, KPMG, to answer questions over the group’s demise, and have even suggested a formal investigation take place. Frank Field, and chair of the Work and Pensions Committee, was quoted in the context of the Conviviality debacle that audit reports “aren’t worth the paper they’re written on”.

In truth, it’s still too soon to understand what went wrong or what – if anything – KPMG overlooked. The auditor is unlikely to volunteer such information. But analysts at Shore Capital have already drawn several conclusions from the disaster. These include viewing the integration of material acquisitions as a longer-term risk and treating “less material issues” – such as delayed cost synergies – with greater scepticism. Matters an auditor defines as immaterial can still pose a huge risk in the future.

In Shore Capital’s view, these questions are also largely to do with cash. The adage that growing profits are not the same as strong cash flows still stands, and given our previous analysis on Conviviality’s extended debtor days, we can assume the business wasn’t bringing in cash as quickly as it was recording sales. Suffice to say, it speaks to lax controls within the business – something that should be tested thoroughly by the auditor. The company would have found itself in what Shore Capital calls “a vicious cash cycle”. After the £30m tax issue came to light, Conviviality found itself disclosing details around its banking covenants that analysts believe prompted its bank to start managing risk exposure, with suppliers retreating to tighter commercial terms. 

Carillion: contracts, contracts everywhere

It remains to be seen whether KPMG will face investigation for its work with Conviviality. But the collapse of government contractor Carillion in January has already led to calls for further restrictions on the range of services auditors can offer their clients. All of the big four audit firms were involved with Carillion in one way or another – as two separate parliamentary committees have heard. Since 2008, KPMG has billed Carillion, its pension scheme and the government £20.2m for work, PwC has billed £21.1m, Deloitte £12m and Ernst & Young £18.3m. That makes a total of £71.6m billed for work on Carillion, sponsored pension schemes and the government (in relation to its Carillion contracts). Since Carillion moved into receivership, PwC has retained its role as the group’s special manager.

KPMG had audited Carillion’s accounts every year since 1999 and, per published responses, had received £29.4m in fees over that time. Under parliamentary questioning, the firm said approximately 14 per cent of Carillion’s contracts had been lossmaking at the end of 2016 – the same time it signed off Carillion as a going concern. But MPs said auditors had not pressed the company to disclose further information about adopting a new revenue recognition accounting standard. Meanwhile, overall fees had fallen in value between 2008-16, despite higher hourly rates. That led some to question whether KPMG had reduced the amount of work done on the audit, opting instead to rely on past assurances. In response, KPMG said that the relevant staff conducted the project “appropriately and responsibly”, and it accepted no blame for the company’s collapse.

BT: the ripple effect

The 2017 scandal at BT (BT.) shows how poor accounting can create a ripple effect for a business. A “complex fraud” in Italy, unearthed at the start of the year, not only decimated profits at the telecoms giant but also sparked a litigation nightmare over the then-recent purchase of mobile company EE.

When Deutsche Telekom and Orange sold EE to BT for £12.5bn, both took on sizeable stakes in the UK group as part of the deal. But BT’s share price collapsed in the wake of the Italian revelations, prompting both Orange and Deutsche Telekom to either sell down part of their stake at a loss in the case of Orange or take a billion-pound charge on its value, as Deutsche was forced to. To end the potential legal battle, BT paid £225m to the former owners – on top of the £530m write-off it had been forced to take in relation to the Italy situation. Inevitably, this also led to the exit of some of BT’s top management.

This throws up questions about the audit process for businesses operating in multiple jurisdictions. All EU member states work with International Financial Reporting Standards (IFR), which aim to “provide a common global language for business affairs so that company accounts are understandable and comparable across international boundaries”. Theoretically, all companies across the world, but certainly in Europe, should be working within the same processes and regulations to ensure a thorough audit takes place, even subsidiary companies. But as is often the case with accounting standards, ensuring their equal emphasis under different jurisdictions is a difficult task. In developing economies, the quality and strength of institutions and regulatory and legal frameworks may vary.

Auditing the auditors

For those asking why there hasn’t been more done to improve the quality of audits, take comfort in the knowledge that the FRC conducts inspections on an annual basis. The last report was published in June 2017, and looked at the six largest firms in the UK: KPMG, Deloitte, PwC, EY, BDO and Grant Thornton.

The chief takeaway? That “the quality of audits of FTSE 350 companies in the UK is improving”, according to the FRC, with 81 per cent of audits reviewed in the period categorised as requiring “no more than limited improvements”, compared with 77 per cent in 2015-16. However, the FRC wants to push this metric up to 90 per cent for 2018-19. Unfortunately, the overall quality of audits showed no substantial improvement, given the requirement for “more than limited improvements” for audits conducted for companies outside the FTSE 350. And there may be some way to go, of 167 FTSE 350 audit reviews conducted by the FRC’s Audit Quality Review team between 2008 and 2013, 14 were found to require significant improvement.

Whether the FRC’s recommendations – including training for audit specialists, embedding data analytics into audits, and stronger internal monitoring arrangements – will help to bridge the gap and weed out the dunces remains to be seen.

Is it good enough?

Many City-watchers and investors are doubtful, and argue that the FRC simply slaps auditors on the wrist and rarely takes punitive action. Some cite the watchdog’s lengthy investigation of PwC over its 2012, 2013 and 2014 audits of Tesco, which resulted in the case being dropped and the conclusion that there was “not a realistic prospect” that PwC would be found guilty of misconduct. Effectively, this puts the onus back on Tesco managers – some of whom remain embattled in fraud retrials – who have been accused of knowingly delaying payments to suppliers to improve the group’s financial position.

True, auditors don’t always get away scot-free. In fact, the FRC has ruled against PwC three times: a £3m fine in 2016 for its audit of collapsed financial services group Cattles, a £1.4m fine for misconduct in compiling reports on JPMorgan Securities in 2012, and a £5m misconduct fine in relation to its audit of Connaught, brought last year. Critics say these fines are not nearly enough to act as a true deterrent.

Melanie McLaren, the FRC’s executive director for audit and actuarial regulation, concurs that “high-quality audit underpins public trust and confidence in business” and that “while the progress made by individual firms differs, all firms are investing in audit quality and have set out further action to improve”. But as to how tough the FRC is willing to get, that remains a grey area.

FTSE 100: Recent AQRs

FTSE 250: Recent AQRs