External Auditing UK Modern Corporations

External Auditing UK

Modern corporations are run by directors and managers, who are essentially investing the funds of investors. These managers owe a fiduciary duty to the investors, but as far back as Adam Smith it was recognized that managers could not be expected to treat the money of others with the same care that they would treat their own. Thus, it has been recognized for 275 years that some degree of corporate governance must be built into the management structure of modern corporations.

Corporate governance in the United Kingdom, at least with respect to firms traded on the London Stock Exchange, is based on the Combined Code. The code is based on the Code of 1998, with input from other codes and reports, dating as far back as the Cadbury Report of 1992, which marked the origins on modern corporate governance in the UK. This paper will explore the most significant developments in corporate governance in the United Kingdom, with a primary focus on the elements of the Combined Code. Brief mention will also be made of the Sarbanes-Oxley Act, an American legislation that applies to dozens of the largest British companies by virtue of their trading on the New York Stock Exchange. The objective of the paper is to analyze the process of corporate governance development in the UK over the past ten years. Lastly, the report will examine the impacts of the Combined Code on a couple of UK companies, with the intent of determining the precise impact that the code has had on British corporations.

Background

For most of capitalist history, there has been little in the way of formal corporate governance initiatives. A series of corporate scandals, however, culminated in the publishing of the Cadbury Report of 1992, upon which modern corporate governance legislation in the UK was based. In 1998, the Hampel Report was initiated as a review of the Cadbury Report's effectiveness in changing corporate governance in the UK (Hampel Report, 1998). The outcome of the Hampel Report was that the findings of the Cadbury Report and the Greenbury Report on director's compensation were combined.

The next significant event was the Higgs Report of 2003. The Higgs Report, titled the Review of the Role and Effectiveness on Non-Executive Directors was a review of said directors and of the audit committee, with the intent to bolster the Combined Code. This report came as a result of the scandals in the United States, including Enron, Tyco and WorldCom.

The United States responded to these crises with wholesale legislative change in the form of the Sarbanes-Oxley Act. This Act placed stringent corporate governance on all companies publicly traded in the U.S. Sarbanes-Oxley (SOX) did not directly impact the Combined Code, but it did impact British corporations. In effect, British companies trading in both London and New York were faced with double the corporate governance regulation, being subject to both SOX and the combined code. This dramatically increased the cost of governance, given that the Combined Code is principles-based, rather than SOX's rules-based code, and therefore much less costly to implement (Financial Reporting Council, 2006). The excessive cost of implementing the American governance code has lead many British companies to withdraw from U.S. markets (Madigan, 2007). Rules-based governance legislation, in particular SOX, was rejected by the Financial Report Council, which has long favoured a principles-based system.

Roughly concurrent with the Higgs Report was the Smith Report. This report addressed the independence of external auditors in light of the Arthur Andersen/Enron scandal in the U.S. The Smith Report was published as guidance for listed companies with respect to meeting audit requirements under the Combined Code (Smith Report, 2005).

External Auditing

The Combined Code provides guidance of all aspects of corporate governance. The role of auditors at the outset of the code was relatively minor. External auditors were expected to play their basic role under the earliest versions of the Combined Code. The Hampel Code had a provision that non-employee directors on the audit committee must understand the details of the business. The role of external auditors, however, was not explicitly addressed.

However, after the Arthur Andersen/Enron scandal, the role of external auditors was given more attention in the Combined Code. The Smith Report was the most important report in shaping the new expectations of auditors within the Code. The Smith Report came about as a response specifically to the auditing crises in the United States. Smith's report developed and codified the role of audit committees. These provisions included the following. The audit committee was to include at least three members, all of them independent non-executive directors. One of the members had to have relevant and recent financial experience. The roles of the audit committee were also laid out in the Smith Report: to monitor the integrity of the financial statements; to review the company's internal financial control system; to monitor and review the effectiveness of the company's internal audit function; to make recommendations concerning the appointment of external auditors; to review the independence and objectivity of external auditors, and to implement policy regarding non-audit services performed by the auditors (Smith Report, 2003). The code also specified that the audit committee be provided by the company with sufficient resources to perform these tasks.

Oversight of the Combined Code falls under the auspices of the Auditing Practices Board at the Financial Reporting Committee. The APB was founded in 1991, and was placed under the FRC in 2002.

The shifting role of auditors in the past ten years echoes the trend of years preceding this decade. Originally, external auditors were charged with the detection and prevention of fraud. Then came a move towards the verification of financial statements, which was one element of fraud detection. Scandals such as BCCI highlighted the need for renewed emphasis on fraud detection. Then, however, as consulting feeds increased, the role of auditors softened again (Ojo, 2006).

After the adoption of the Combined Code, the role of auditors began to change again. At that time, the Big Five still performed auditing services, but in many cases derived significantly more income from non-auditing services (Ibid). With increased scrutiny from shareholders and regulators with respect to accounting fraud, the major auditing firms were forced to re-emphasize the fraud detection and financial statement analysis portion of their business, at the expense of their consulting business.

To this end, the main industry associations governing external auditing in the UK adopted codes of ethics in the mid-2000s. The Institute of Chartered Accountants of Scotland, for example, adopted a version of the 2005 International Federation of Accountants (IFAC) Code (ICAS, 2009). The aforementioned Auditing Practices Board of the Institute of Chartered Accountants in England and Wales (ICAEW) issued its own code off ethics in 2004. The board readily admits that the changes were essentially thrust upon them by a worldwide move to end self-regulation of the auditing industry. When the APB issues its code of ethics, this was intended to supercede the codes previously issued by other professional associations in accountancy. One of the unique elements in this code of ethics was that it incorporates elements of public perception into the code. Previously, public perception had not been an issue in the external auditing industry. In light of the high-profile scandals on both sides of the Atlantic, however, public confidence had been shaken in the auditing profession.

The APB code highlights a couple of major shifts in the role that external auditors play in the corporate governance framework. One is that auditors were now subject to increased public scrutiny. They were forced to manage not only their actual independence but the public perception of independence. This represents a new level of accountability to shareholders. Corporate governance distills down to protecting the shareholders investments. The fact that shareholders at this point are so skeptical of external auditors' ability to fulfill their duties to the shareholders that 'perception of independence' clauses are deemed necessary shows the degree to which consulting services and auditing failures have shaken public confidence. Both the Smith Report and the APB code were born of the perception that auditors were no longer fulfilling their vital role as protectors of public confidence in the investment system (Groom, 2002).

The other major shift this hints at is a shift away from auditors as being the last line of defense. By the APB's own admission, their code of ethics was produced in response to a "world wide move to end self-regulation" (ICAEW, 2006). This indicates that the external auditor is no longer trusted with the role as the last line of defense. Indeed, Sarbanes-Oxley in the United States essentially strips that role away from external auditors and gives it to the PCAOB. In the United Kingdom, the authorities have not been as strict and the auditing industry still maintains its traditional role, but the public and the government are increasingly skeptical that the industry can fulfill that role.

The most recent change in the role of the external auditor in the corporate governance framework has been with respect to the Financial Reporting Council's "audit choice project." This project is considered to be the first major update to the Smith Guidance. It was felt that the update was required to shore up some of the deficiencies in the Smith Guidance that have emerged since it was published. There were characteristics of the market that it was felt needed to be addressed, in particular the oligopolistic nature, which exposed the market to considerable uncertainty in the event of a failure of one of the Big Four (FRC, 2008). This report remains a work in progress at this time.

Corporate Examples

One company that has been impacted by the changes brought about by the Combined Code is oil services firm Lamprell. The company joined the London Stock Exchange in early 2008 and was immediately required to make changes to its governance structure in order to comply with the Combined Code. The company needed to make several changes to its traditional Board structure. The first was that it needed bring in several new independent non-executive directors. Lamprell also needed to split the roles of chief executive and chairman (Bland, 2008).

In September 2008 Lamprell moved closer to Combined Code compliance by adopting a Policy on External Auditor Independence. The company's policy states that they will not use auditors for non-auditing services unless such services do not conflict with the auditor's independence (Lamprell, 2008). The external auditor must be independent of the company both in fact and in appearance. The policy specifies a wide variety of situations that would be interpreted to compromise auditor independence, and lays out ground rules for hiring auditors. All of these moves were new to the company, a consequence of listing on the LSE.

When the Combined Code was implemented, many UK firms were thus obligated to make changes to their corporate governance programs. One such company was Reed Elsevier, a content provider. This company has a strong Netherlands presence and was forced to comply with the Dutch corporate governance codes as well. Reed Elsevier's board, based in the Netherlands, was presented in 2005 with the need to improve their governance measures, to bring them in line with the Combined Code.

Ultimately, the changes enacted by the company were in compliance with the Combined Code, rather than the Dutch code. However, the company could have opted out of the Combined Code had it so desired, by taking advantage of the Code's "comply or explain" philosophy. The situation is an interesting parallel to the experience of British firms that evacuated the U.S. markets as a result of SOX, in that they could have opted out of the Combined Code if they complied with SOX, but the added expense of the American regulation negated any desire to take such action. Likewise, the Reed Elsevier experience also favoured the Combined Code vs. The Dutch regulations.

Among the changes enacted as a result of compliance with the Combined Code was the creation of an audit committee comprised of all independent non-executives. Another initiative was the establishment of a remuneration committee, again comprise of independent non-directors. The company had become cognizant of the corporate governance issues in the UK, and reacted accordingly.

Future Direction

The Combined Code is subject to frequent evaluation and update. While the results of recent studies and audits have found the Combined Code to function effectively, there is no particular reason why this should be the case. The Combined Code is a system based on principles rather than rules. Thus, enforcement capabilities are limited. Indeed, some recent studies have shown as few as 33% of LSE-listed firms adhere to the Combined Code in its strictest sense.

There are several ways in which the current UK corporate governance model can fall down. These include having a dominant CEO, having an ineffective or incompetent board, deliberate distortions of published financial figures, and employees who exploit their positions for personal gain. These are precisely the scenarios that led to many of the governance problems that provided the impetus for the Combined Code in the first place.

With the Financial Reporting Committee organizing another evaluation of the Combined Code for 2009, it is not expected that any significant changes are going to be made. The FRC is content with the current system, as is the business community in the UK. The currency system has all the right rules on the books, but because they are not mandatory, firms are not obliged to fulfill each and every component of the Combined Code.

However, it is fully reasonable to expect that the impetus for change will come as it has before, at the conclusion of a crisis. The Cadbury Report was precipitated by a crisis, as was the flurry of reports in the early 2000s. The corporate community in the UK prefers their version of corporate governance rules because they appear to be equally effective but without high cost. The London Stock Exchange certainly views the Combined Code as an advantage because it provides the LSE with a competitive advantage over New York and the SOX.

The Financial Reporting Committee's current work on updating the Smith Guidance is unlikely to yield any major changes to the role of auditors. The industry is heavily involved in the process. Additionally, the mandate of the updates does not speak directly to the role of auditors, but more towards how the market can be made to function better.