On both sides of the Atlantic, tightened competition and limited choice in the audit market are a growing concern. Since the collapse of Andersen in 2002, the audit sector in both the US and UK is dominated by the Big Four accountancy firms. It is generally agreed that a failure of any of these firms would have far reaching ramifications.
Thus, a prevailing argument favoring limits on audit firm liability is to protect these firms from bearing the brunt of investor lawsuits arising from frauds committed by or within their client companies. Additionally, because higher liability risks go hand-in-hand with big ticket auditing work, limiting liability is seen as a way to lift the barriers between smaller firms and the high-end audit market. On the flip side, many contend that it is the risk of liability that has led to more stringent auditing practices and strengthened auditors’ objectivity, impartiality and independence. Enhancing the credibility of audited statements is critical to maintaining confidence in the financial markets and aids in the early detection of fraud. These objectives are undermined by limiting auditor liability.
On April 6, 2008, provisions of the Companies Act 2006 (the “Act”) directed toward auditors, including provisions that allow auditors and their clients to agree to cap the auditor’s liability exposure to the company, went into effect. Such agreements are not permitted in the US and, despite calls for liability caps from US auditing firms, neither the Congress nor the Securities and Exchange Commission appear poised to press for limits in the near term.
New UK Rules
Under the Act, auditors in the UK are allowed to enter into agreements with client companies to limit their liability arising from negligence, default or breach of fiduciary duties occurring in the course of an audit. The Financial Reporting Council (“FRC”), the UK’s audit oversight body, has issued “proposed” guidance on the use of liability limitation agreements, setting out the factors which may be relevant when making the case for an agreement, the likely approaches and providing template agreements. According to the FRC, most agreements will adopt one of three approaches: (1) a fixed limit based upon a specified amount or formula, such as a multiple of the auditor’s fees; (2) a proportionate share based upon the auditor’s responsibility for any loss; or (3) a combination of the fixed and proportionate schemes. The draft guidance contains suggested wordings for each of these approaches.
Two significant safeguards are included in the Act: (1) an agreement cannot limit the auditor’s liability to less than a fair and reasonable amount; and (2) such agreements must be approved by shareholders. An agreement is not fair and reasonable if it does not appropriately reflect the auditor’s responsibilities under the Act, the professional standards expected of the auditor or the nature and purpose of the auditor’s obligations to its client. Ultimately, the definition of “fair and reasonable” will be a question for the English courts to be decided in the context of particular circumstances. If a court concludes that the limit is less than fair and reasonable, it can set aside the agreed-upon limits for whatever limits it determines is fair and reasonable, including imposing no limits at all.
Additionally, all agreements must be authorized by the shareholders of the client company. Moreover, any agreement must specify the financial year in which it applies and cannot cover more than one financial year, thus requiring the shareholders to review the use of such agreements on an annual basis. Where a company is formed of a parent company and its subsidiaries, consideration must be given to which entities are bound by the agreement, and thus which shareholder constituencies must approve the agreement. In a similar vein, group companies must gain approval of each new liability limitation agreement for each member company. Particular attention also should be paid to whether the company is subject to the law of other jurisdictions, many of which prohibit liability limitation agreements, and liability limitation agreements should be drafted to ensure that only eligible parts of the company are agreeing to limited liability terms.
It is important to note that in the absence of a liability limitation agreement, the existing provisions will still apply – if a company can show breach or negligence, it can recover all of its loss from the auditor. Although an auditor can later bring a claim seeking contribution from others, such as a fraudulent employee, auditors find this to be a less than ideal remedy because, if the contributory party is insolvent or unable to pay a judgment, the auditors are still left absorbing the full loss. Given that it is not compulsory for companies incorporated in England and Wales (except companies regulated by the Financial Services Authority) to purchase directors and officers insurance, auditors may not be able to recover from either the individuals or the company, which is vicariously liable for the acts of its directors and officers.
The new UK Rules only permit auditors to limit their liability with respect to the company they are auditing. In the vast majority of situations the company and, to a lesser degree, its current shareholders will be the only people to whom the auditor is liable. However, auditors may also be liable to third parties to whom they owe a duty of care.
The Act specifically continues the existing prohibition against a client company indemnifying or exempting its own auditors from liability. Additionally, although companies can continue to indemnify their auditors for the cost of successfully defending claims, the Act now prohibits companies from purchasing insurance on behalf of their auditors.
Finally, the Act ushered in other audit reforms, including: (1) requiring that a senior statutory auditor sign financial statements; (2) creating a new criminal offence where a firm or individual includes misleading material or knowingly or recklessly omits a required statement during the audit; (3) empowering shareholders of public companies with the right to raise questions about the work of the auditors; and (4) imposing new notification obligations when an auditor resigns, the aim being that this may assist investigations where there is any suggestion of fraud.
The EU Perspective
In May 2006, the European Parliament issued an Audit Directive (Directive 2006/43/EU) aimed at harmonizing audit requirements throughout the European Union. The Act brings the provisions of the Audit Directive into effect under English Law. The Act’s provisions allowing agreements to limit auditor liability, however, go beyond the Audit Directive, which called only for the European Commission to prepare a report on the impact of current national rules on auditor liability.
The approach to auditor liability varies considerably among the member states. Auditor’s liability is based in contract in some countries, in tort in other countries and in both contract and tort in yet other countries. Similarly, some countries limit the breadth of an auditor’s duty only to the company and not third parties. Other countries extend the duty to shareholders when they act on their own behalf in buying or selling shares. In other countries, the duty may also extend to third parties such as banks. Moreover, what constitutes a breach of that duty also varies by country. Although some states, such as France, do not permit auditors to limit their liability, others allow such agreements. Germany, Austria, Belgium, Greece and Slovenia each have enacted statutory limits on auditor liability.
Bridging the different approaches to auditor liability among the member states may prove daunting. The Commission’s report considered the positions of many constituencies, including investors, bankers, companies and auditors. The report also examines the impact of allowing auditors to limit their liability in terms of insurability conditions, audit quality, deep pocket syndrome, protecting against another Andersen-type collapse and increasing choice in the market. The Commission considered four options for limiting auditor liability and various combinations of those options: (1) a fixed monetary cap at the European level; (2) a cap based upon the size of the audited company; (3) a cap based on the audit fees; and (4) proportionate liability. Not surprisingly, responding auditing firms had a strong preference for liability caps based upon fees while those outside the auditing profession preferred proportionate liability.
Notably, the UK approach of allowing the auditor and its client to reach agreements setting the limits amongst themselves was not an option addressed in the Commission study. Instead, the Commission contemplated only statutorily prescribed limits.
The Status of Auditor Liability Reform in the US
Like their European brethren, US auditors are clamoring for limits on liability for flawed audits. Not only have they borne witness to the Andersen collapse, but also to large settlements by both Deloitte and PwC, for audits of Adelphia ($167.5 million) and Tyco ($225 million) respectively, Grant Thornton embroiled in the Refco fiasco and, in August 2007, a $521 million verdict against BDO Seidman awarded by a Florida jury. BDO was found negligent in its failure to detect fictitious accounts receivables in a scheme involving nine executives of E.S. Bankrest and at least one its clients. Bankrest’s CEO and its chairman had both previously been found guilty of fraud. The jury award against BDO was 2,100 times the $250,000 in fees it earned in the engagement. An appeal is pending.
Trade groups for the audit industry and auditing firms renewed their call for liability reform following the BDO verdict and, on October 2, 2007, Treasury Secretary Henry Paulson responded, announcing the membership of the Treasury Advisory Committee on the Auditing Profession and chartering them to “develop recommendations as to what best can be done to sustain a vibrant auditing profession, a profession whose work is critical to investor confidence in our capital markets.” The 26 members of the Committee were drawn from a broad spectrum of stakeholders, including investors, regulators, auditors, lawyers, insurance groups and large and small public companies. The Advisory Committee’s findings and recommendations are not expected until summer 2008.
The formation of the Advisory Committee may look like the first step toward liability reform, but the composition of the Committee, which includes many who care more about protecting investors than auditors, indicates that it is unlikely to rubberstamp the idea. Advocates for auditor liability limits need to overcome the perception, particularly given recent Supreme Court decisions, that litigation hurdles are sufficiently high to block frivolous claims of securities fraud against auditors.
From the outset of the suit, a securities fraud plaintiff must state with particularity both the facts constituting the alleged violation and the facts evidencing scienter (e.g., the defendant’s intent to deceive, manipulate or defraud). In other words, a lawsuit cannot survive the pleading stages if it simply rests upon a claim that the audit was bad – a showing of specific facts of clear wrongdoing are needed, and this showing must be made before any discovery is obtained in the case. In June 2007, in Tellabs, Inc. v. Makor Issues & Rights, Ltd., the United States Supreme Court not only reinforced the heightened pleading standard for securities fraud cases, it gave defendants in such cases a significant tool for attacking a plaintiff’s scienter showing. The plaintiff’s showing of scienter must now rest on a strong inference, arising from the alleged facts, that “must be more than merely plausible or reasonable . . . it must be cogent and at least as compelling as any opposing inference of nonfraudulent intent.” Therefore, following Tellabs, even if a plaintiff can show facts from which fraudulent intent can be inferred, a defendant can obtain a dismissal by explaining how those same facts can lead to inferences of non-culpable conduct. Thus, even in a case involving a bad audit, the plaintiff faces a nearly insurmountable bar in trying to show that the auditor acted with an intent to defraud shareholders.
Similarly, the Supreme Court’s January 15, 2008 decision in Stoneridge Investment Partners, LLC v. Scientific-Atlanta increased the plaintiff’s burden. In Stoneridge, investors in a cable company alleged that equipment suppliers assisted the cable company in a scheme that resulted in misleading financial statements. The Court held that the investors could not sue the suppliers because they had not relied upon statements or misrepresentations by the suppliers when purchasing the cable company’s stock. Admittedly, given the auditor’s role in disseminating financial statements, Stoneridge will filter out only a small subset of claims made against auditors. Plaintiffs, however, can no longer ensnarl auditors using a “scheme liability” theory in lieu of a showing of direct reliance on wrongfully and knowingly made misstatements or omissions by auditors.
Moreover, the principle of proportionality is already built into US proceedings. Even if the auditor is found to be liable, it can present evidence that other parties also are responsible for the plaintiff’s damages. If the auditor convinces the jury that it is only responsible for a portion of the plaintiff’s loss, say 25%, then the plaintiff is only entitled to a 25% recovery from the auditor. Many consider a jury determination of proportional fault in light of the specific facts and circumstances, as opposed to a pre-set liability cap, to be a fairer and more rationale approach.
Even if the Advisory Commission should reach a consensus and propose a recommendation for limitations on auditor liability, the political incentive to turn the proposal into law or regulation most likely will be lacking. Americans are focused on the presidential race, which many expect the Democrats, who now control the Congress, to win. Headlines about the subprime mortgage scandal, lucrative compensation packages for failed executives and volatile stock markets do not engender empathy for big business among the electorate, whom have long since forgotten the Andersen collapse of six years ago. In this political climate, garnering attention and support to adopt proposals, particularly those under the imprimatur of a lame-duck Treasury Secretary, will be challenging. Thus, even if the auditors convince the Advisory Commission to endorse liability reform, the proposal may sit dormant until the Republicans regain control of both the Congress and the White House. That is, of course, unless one of the Big Four implodes in the interim. Then, all bets are off.