Home >Companies >News >The fight to fix the fault in our audits

MUMBAI : In early February, the ministry of corporate affairs (MCA) began its latest push in a months-long battle to fix the faults in India’s corporate audit system. It came in the form of a discussion paper that proposed sweeping new changes.

What ensued perfectly describes the muddled mess of the country’s regulatory architecture. The paper had liberally used the names of audit firms (which are usually kept anonymous), in some cases, as examples of model behaviour. It had to be hurriedly taken down and replaced after a gap of a few days. And then things just became worse as analysts and experts started reading the fine print.

“Bad English is a shortcoming, but the intellectual quality of the work is (also) underwhelming," said R. Narayanaswamy, a professor of finance and accounting at the Indian Institute of Management Bangalore (IIM-B).

What the paper was attempting to do was inch forward on new regulations that could resolve what has become a central concern in an era of corporate and banking frauds. Why are auditors repeatedly failing to give an honest and reliable reading of the balance sheets of companies? And what can be done to change that?

The discussion paper has at least a few radical ideas: put a quota on the number of audits one firm can do so that there is no concentration, or prohibit audit firms from offering consultancy work to the companies they audit, or allow the Comptroller and Auditor General of India to appoint audit firms instead of letting the companies do it themselves.

The audit industry is clearly worried and views many of the proposals as regulatory overreach. One senior partner in a leading audit firm, who chose not to be named, said that while enhanced regulation is the need of the hour, “the MCA paper is disappointing as the tone of the paper is rather derogatory (since it paints all auditors as thieves)".

“This approach is rather regressive and will take the industry back several years," he added.

It remains to be seen whether anything tangible comes out of this latest attempt at a radical overhaul. However, it is undeniable that for decades, the world of auditing in India had been plagued by issues of regulatory overlap, concentration risks due to the presence of just a few big firms, and low audit fees compared to fees paid out for non-audit work, which essentially allowed companies to dangle consultancy work as a favour for an “ask no questions" audit.

Everyone was aware, but status quo suited most firms. Until an avalanche of fraud started tumbling out. And a backlash began roughly a couple of years ago.

Curiously, it began as a “swadeshi" concern, since the leading audit firms that corner a bulk of the business—earning them the title “the Big 4"—are all affiliated with global multinational entities: EY India, Deloitte India, Price Waterhouse Coopers (PwC) and KPMG. It didn’t matter that the companies were essentially Indian firms, which were using their network partner’s name merely for the brand value.

Even Prime Minister Narendra Modi waded into the debate and said: “People talk of the Big 4 accounting firms. Sadly, there is no Indian firm there. By 2022, let us have a Big 8, where four firms are Indian."

But it became fairly obvious soon enough that the quality of the audit was the key concern, not whether the firms were Indian or otherwise. As regulators began tightening the screws, the markets could smell that something was brewing. In the first half of 2018, nearly 32 auditors quit from listed firms.

What made the cookie completely crumble, however, was the near-collapse of Infrastructure Leasing and Financial Services Ltd (IL&FS) in September 2018, which left a 99,000 crore hole in the country’s financial system and sent the NBFC (non-banking financial company) sector into a tailspin.

The ripples which were set off by that one mammoth default are yet to die down. Naturally, questions began to be asked: Were the auditors sleeping? How did they miss the elephant in the room while looking at IL&FS’s finances?

The list of companies in which auditors were caught napping over the last decade alone is a long one: IL&FS, Yes Bank Ltd, Satyam Computers, Manpasand Beverages Ltd, Vakrangee Ltd, among others. All these cases of alleged financial misreporting and irregularities highlighted audit quality concerns or, in some cases, even audit failures. The audit process, which is meant to certify whether the accounts stated by companies are true, failed to flag gaping holes.

The result has been a barrage of investigations against auditors. Interestingly, the headline-grabbing action has all been against the top 4 audit firms. And it has inevitably culminated in the MCA paper, which could potentially lead to changes in law. Mint spoke to various stakeholders to piece together what ails audits in India, and whether the steps taken to improve audits offer the possibility of any lasting solutions.

Multiple masters

For 70 years, the profession of audit has been governed by the Chartered Accountants Act of 1949 and regulated by the Institute of Chartered Accountants of India (ICAI), which was set up under the Act. A self-regulatory body, ICAI is made up of auditors. Familiarity is a big risk. In this case, considering how auditors were required to govern and punish wrongdoings of other auditors, the system was fraught with issues of conflict of interest.

It was the accounting fraud at Satyam Computers in 2009 which drastically moved the needle forward. What followed was a complete overhaul of the Companies Act in the rules of 2013, which gave more powers to the corporate affairs ministry to act against errant audit firms, and their company directors, in case of fraud. Capital market regulator Securities and Exchange Board of India (Sebi) also stepped in when lapses by auditors affected listed companies.

The Companies Act also made a provision to have an independent regulator for auditors through a newly constituted National Financial Reporting Authority (NFRA). This new regulator would take away the regulatory and penal powers away from ICAI. To be sure, ICAI would continue to govern auditing standards. For the next five years, the strong auditor lobby resisted the formation of NFRA. However, despite the resistance, the Act to set up NFRA was passed on 1 March 2018.

NFRA became fully functional towards the fag end of 2018 and alleged audit lapses at IL&FS became its first test case.

As things stand, auditors now face the heat from six regulators and enforcement agencies, which has created its own mess. Sebi scrutinizes auditors of listed companies; the Reserve Bank of India (RBI) for auditors of banks and non-banking financial companies; MCA tracks nearly every company under Companies Act 2013; then there are criminal proceedings by the Serious Fraud and Investigations Office (SFIO), penal action by NFRA for audit lapses, and disciplinary proceedings by ICAI.

But despite a number of regulators, or perhaps because of it, the enforcement of laws in general and regulations to protect investors, in particular, are weak. The legal procedures are complex and time-consuming.

According to Dinesh Kanabar founder, Dhruva Advisors, in India, regulations tend to be reactive. “A business failure is invariably regarded as an audit failure and then we tend to either over-legislate or over-regulate," said Kanabar.

Concentration risks

Since the start of this century, we have heard the terms ‘the big 4 auditors are too big to fail’ or ‘the big have become too big to leave room for smaller home-grown firms to grow’.

But the situation on the concentration risk front may not exactly be unmanageable. Data compiled by NSE Infobase run by Prime Database suggests a mixed bag.

Of the 1,813 NSE listed firms, the top 4 audit firms (namely the affiliates of EY India, Deloitte India, PwC and KPMG) are auditor of only 26% companies as of FY20. The concentration risks increase in larger companies. In the Nifty top 500 companies, the big 4 are doing 57% of the total audits. This contrasts with other major jurisdictions such as the US where 99% of S&P 500 companies are audited by the big 4, and Europe where that figure stands at 61%, and over 90% of FTSE 350 companies in the UK

However, the devil is in the detail. There are only 15 audit firms which audit 10 or more listed companies, for example. At the other end, as many as 654 audit firms audit a single listed company. This is a breeding ground for intimidation threats. For these 654 auditors, the threat of dismissal is very real if the management does not get a favourable view of their finances. The audit firm could easily be put out of work.

The MCA thought of a unique way of handling this. It suggested breaking the oligopoly of big 4 audit firms by suggesting a favourite government device: a quota. The government will set a cap on the number of audits a firm can undertake and limit the number of partners per audit.

“Limiting the number of audits per firm is unlikely to improve audit quality. However, there is a case to be made for limiting the number of audits per audit partner, given that businesses are becoming more complex as are accounting standards," said Hetal Dalal, COO, Institutional Investor Advisory Services, IIAS. According to Narayanswamy, India should address this issue of concentration before it becomes similar to other jurisdictions. He, however, added: “The solution is not to limit the number of engagements a big firm can accept. A sustainable approach would be to get mid-tier and small firms to merge and raise their scale and reach."

Addressing conflicts

For years, audit firms have taken up non-audit work and subsidized audit work. The typical standard followed is non-audit fees (such as tax services and strategic consulting) is three times the audit fees for the same client. Low-earning audits were akin to a foot in the door for firms to get the more lucrative non-audit work.

The IL&FS fiasco which suggested Deloitte India allegedly compromised on the audit in lieu of high non-audit fees brought things to a head. In the middle of increasing calls that auditors should be barred from taking up non-audit work for their clients, MCA made this proposal in the discussion paper to increase auditor independence.

What followed was PW India and Deloitte India voluntarily giving up non-audit services. A similar step was taken by Grant Thornton (GT) India last year.

“We believe it will strengthen the audit profession, build trust in the capital markets and society at large," said Subramanian Vivek, Partner & Leader - Assurance, Price Waterhouse.

This leaves EY India and KPMG affiliates who are yet to firm up their position. A spokesperson for KPMG did not offer comment.

“We are in compliance with extant regulations to ensure that there is independence maintained on our audits. We have processes in place to ensure that there is no conflict in audits and non-audit services provided by the network," said Sudhir Soni, national director and partner, Assurance Services, SR Batliboi & Co. Llp, an EY India affiliate.

Interestingly, all the voluntary decisions have taken their own benchmark.

GT India decided to surrender lucrative tax and consultancy business for listed companies, Deloitte is taking ICAI defined companies to prohibit non-audit work, while PW India has taken companies covered under NFRA.

But since there is no universal definition of what constitutes ‘non-audit work’, voluntary action may always lead to “selective interpretations, decisions, and thereby omissions," said one senior bureaucrat who declined to be named.

The MCA paper mulled another way to resolve the crisis of concentration and auditor independence through joint audits. For companies of size and scale, two auditors would offer opinions. But few are convinced that would help.

“It is a choice already available and best left in the hands of companies and shareholders. There is no empirical data to prove it improves audit quality. A mandatory joint audit of a large company where there is no joint accountability and no full visibility is inconsistent with the suggestion that a holding company’s auditor must be responsible for the audits of the subsidiary," said PR Ramesh, former Chairman Deloitte India.

The concept of joint audit was explored by other countries too but it was dropped. For instances, it was abolished in Denmark in 2005.

According to Narayanswamy, in joint audits, no one can be held responsible and things fall through the cracks.

“Clever managers set up one audit firm against another and sadly the audit firms are willing to play along. Joint audit costs more than single audits but the benefits are not commensurate with the additional costs. We have had joint audits in public sector banks for years but that has not prevented large, recurrent and systematic understatement of bad loans by bank management with the auditors looking the other way," he said.

Narayanaswamy is the head of the audit committee of a large bank.

Way forward

Ultimately, audit as a tool which is meant for giving a fair and true picture of financials has often fallen short in detecting frauds.

One obvious path forward may lie in a blanket prohibition on auditors from providing non-audit services to their audit clients. This will prevent potential conflict of interest. “Listing specific services to be banned leads to a gaming of the law using creative and outlandish interpretations by auditors," said Narayanswamy.

Also, for meaningful competition, there should be about 20 firms of reasonable scale, he added. Merely placing arbitrary quotas on big firms may not help much.

“The profession has to mirror the constituency it serves. We need more large-firms with multi-disciplinary capabilities to deal with the complex audits of large companies. As the Indian economy grows, the number of large companies will only increase. Therefore, the issue to be addressed is lack of choice and not the size of the firms," said Ramesh.

Subscribe to newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.

Click here to read the Mint ePaperLivemint.com is now on Telegram. Join Livemint channel in your Telegram and stay updated

Close
×
My Reads Logout