Three recent and very serious US bank failures - Silicon Valley Bank (SVB), Signature and First Republic - have one common denominator: all three businesses were audited by one of the world's major professional services firms, KPMG.
The company has stood by its audits of the first two banks, which collapsed soon after publishing financial reports certified by KPMG. The FT reported in March that KPMG chief Paul Knopp said:
Now lawsuits have been filed against KPMG over its audit of First Republic, as well as over SVB's collapse. And the issues are not confined to one audit company. In fact, a series of scandals have engulfed members of the "big four" accounting firms of KPMG, Deloitte, Ernst & Young (EY) and PriceWaterhouse Coopers (PWC), which dominate the industry.
In recent years, EY has been criticised over its audits of failed financial firm Wirecard, as has Deloitte over its audit of transport company Go Ahead. More recently, PWC's Australia CEO resigned this position after reports of conflict of interest in terms of tax advice given to private clients.
Read more: PwC scandal shows consultants, like church officials, are best kept out of state affairs
I have researched similar issues to those being discussed today - in particular, whether auditors should have reported warning signs to regulators before the 2008 global financial crisis. Even with new regulations having been imposed since then, the industry needs a radical overhaul to become more transparent, competitive and accountable.
What do auditors do?
Audits provide an independent, professional endorsement of an organisation's own financial reports. As such, auditors get special access to a company's board and detailed information on its finances, risks and activities.
They have the opportunity to ask challenging questions and interview influential people within the audited company about their actions, strategies and forecasts for the future of the business. They are trained to undertake forensic analysis and question management on their risks and performance.
Large auditing firms often work with a significant proportion of an industry. KPMG is believed to audit more US banks than any of the other big four accounting firms, for example. This gives an auditor a unique view of the risks and opportunities in an industry, as well as the stresses and strains in various parts of a market.
So, in theory, auditors should be able to issue warnings - to regulators for example - about hidden or as-yet unidentified risks, as well as endemic false accounting. This would not only protect shareholders, employees and investors, but also society in general, from the collapse of a large company or an industry crisis.
A troubled history
After the 2008 global financial crisis, I researched the role of KPMG in the largest ever corporate failure in British history: the near-collapse of HBOS bank in 2008. As the fifth-largest bank in the UK at the time, HBOS had assets of Pound 690 billion.
My research indicated several strong signals of management hubris inside HBOS before its collapse: fast-paced growth, increasing inter-bank borrowing, and high-risk commercial property lending during a market bubble.
The bank's ex-head of group regulatory risk, Paul Moore, said he had raised concerns about "excessive risk-taking and mis-selling" internally, but was ignored and then sacked in 2004. An investigation by KPMG dismissed Moore's claims in 2005, three years before the bank's collapse.
In 2017, the Financial Reporting Council (FRC), the audit sector watchdog, cleared KPMG of misconduct in relation to its work on HBOS's financial reports, before the bank's failure. In a statement reported at the time, KPMG said it was pleased with this conclusion, adding:
But a separate House of Lords select committee investigation into bank audit failures after the 2008 financial crash concluded that the audit market is highly concentrated and uncompetitive. And the big four accountancy firms still dominate the audit industry for large, powerful multinational corporations to this day - despite lots of smaller firms providing the same services. This may in part be because the big four offer a vast range of commercial services and expertise on laws and regulations.
But my research has indicated instances of "regulatory arbitrage". This is when an audit firm uses its knowledge of the rules - on taxation, for example - built up in other parts of its business to help clients avoid certain costs and restraints.
This is legal, but can undermine business regulations by giving some firms an unfair advantage due to unequal access to professional advice. (KPMG did not provide a comment when asked about this issue.)
This is why I believe large, private, commercially minded firms with a range of advisory services cannot be relied upon to police other multinational corporations. Audits of systemically important institutions such as banks - the failure of which can trigger the collapse of an entire economic and financial system - should instead be undertaken by state auditors.
A new check on companies
In the UK, investigations and several reviews of the audit profession since the financial crisis have indicated the need for change, but this is happening slowly.
The most recent set of government proposals has resulted in a package of reforms, but no date yet for an expected draft audit reform bill. Changes include plans to transition the FRC, which currently oversees the audit profession, into a new body called the Audit, Reporting and Governance Authority (Arga) in 2024. This will keep auditing in the private sector, while giving more power to the regulator to act against poor audit quality.
A state auditor would be better. Many governments already have experience of auditing via institutions such as the US General Accounting Office and the UK National Audit Office. Staffed by experts, they have institutional separation and state-backed independence and powers, alongside a commitment to public service.
This would be more effective at safeguarding society and the financial system than a private company. Open and transparent rules, systems and processes, as well as close monitoring of risk both between and within industries and organisations, will limit the damage of future failures - in banking and beyond.
Author: Atul K. Shah - Professor, Accounting and Finance, City, University of London