There's little doubt the existing self-regulatory system isn't working but simply introducing new rules isn't going to help unless there is effective enforcement.
Founder, Midas Touch Investors Association
‘Self-regulation doesn’t work as the ICAI rarely punishes members, nor are auditors sued for incorrect auditing’
In the wake of the Satyam scandal, there is a need for a complete overhaul of the audit system in the country. It is, for instance, inconceivable that the auditor could have been deceived by Satyam’s management continuously for the last seven years. The objective of an audit is to present a true and fair view of the financial position and the operating results of the company. Investors of all types rely on these financial reports to base their investment decisions on, and to deploy thousands of crores in these stocks.
The fact that those involved have no fear of being caught emboldens them and adds to the inadequacies in the system. These stem from the inherent conflict of interest of the regulator and regulated, i.e. the Institute of Chartered Accountants of India (ICAI) and its members; the absence of reporting requirements by listed companies to the regulator, i.e. Securities and Exchange Board of India (Sebi) and its subsequent checking; and the fact that there is no provision for payment of damages by the erring auditors to the client company and duped shareholders. The global sub-prime crisis and its aftermath has demonstrated that self-regulation may be destructive for the economy and that a liberal economy requires more regulation, not less.
The ICAI is mandated to regulate chartered accountants, and is empowered to cancel or suspend their registration. However, its track record in protecting the public interest by penalising its members for serious misconduct has been pathetic. In the last three years, it reportedly revoked the licence of one member for life and seven members for more than five years — these members were involved in frauds like signing of two sets of balance sheets of the same company. Similarly, the ICAI did not take any credible action, to the best of my knowledge, against the erring auditors of the 229 ‘vanishing’ companies — they robbed lakhs of small shareholders and were not traceable after they raised money through IPOs — who were identified by the high-powered committee during 1999-2002.
The institute’s lack of will to act against erring auditors raises doubts as to the efficacy of the self-regulation principle. This calls for putting in place an independent and autonomous board to oversee the role of auditors. Most countries follow this. In the US, the Public Company Accounting Oversight Board, created under the Sarbanes-Oxley Act (SOX), oversees the role of auditors in order to protect the interest of investors and further the public interest in the preparation of informative, fair and independent audit reports. For enforcement purposes, this body has investigative and disciplinary powers, including the imposition of monetary penalties and even the revocation of registration.
Filing with Sebi should be made mandatory, as is the practice in developed countries, including the US and UK, where there is a dual reporting system for listed companies. Monitoring, action and imposition of penalties, if required, are taken by the exchanges as well as by the regulator.
More From This Section
In the UK, companies can claim damages against the erring chartered accountants. Which is why the regulator, the Institute of Chartered Accountants, mandates personal indemnity insurance for all its members. Such a provision is a pre-requisite for effective protection of investors’ interest and should be incorporated in India.
Managing Partner, Governance Matrix
‘New rules alone can’t prevent fraud — Madoff, Fannie Mae and Satyam took place after SOX and Clause 49 were in place’
Every time a large fraud is unearthed, the role of auditors, their competence, quality of evidence and extent of verification comes under the scanner. Auditing in current times of information technology is itself a fairly complex process. The standards and practices that an auditor follows explicitly state that auditor’s tests are not designed to detect fraud in the normal course. Instead, they give a reasonable reassurance on the financial statements as against a certificate of correctness. It is the management, under various laws including the Companies Act and Clause 49 of the Listing Agreement, that is responsible for maintaining books of account that reflect the true state of affairs and the income of a company.
Auditors have this unique responsibility and consequent liability towards all stakeholders who may rely on an audit report. This includes shareholders, investors, creditors, government, employees, tax authorities, environmental groups, etc.
Expecting the auditor to spot the fraud and material mis-statements requires a forensic investigation rather than a statutory audit. This is counter-productive and would raise the cost of compliance and the time required to unusually high proportions.
Indian Auditing Standards are issued by the Institute of Chartered Accountants of India (ICAI) and are drawn from the International Standards of Auditing. There are further standards on quality controls and oversight. The oversight mechanism includes Peer Review of a firm by another firm of chartered accountants approved by the ICAI and the Quality Review Board. All members of the ICAI are subject to disciplinary jurisdiction of the institute. The Financial Reporting Review Board of the ICAI reviews a sample of financial reports for improvements.
The Sebi, RBI, CAG, Income Tax authorities, Ministry of Company Affairs (MCA) etc. have an influence on the overall audit process conducted by an auditor and some of these also monitor progress and take action against those found deficient in their duties. The board and the independent directors under Clause 49 have a responsibility to review and question the auditors; the audit committee, with independent directors, review the quality of auditors’ work every year before they are put up for re-appointment. These gatekeepers do make the process fairly robust as envisaged, but it is in the details where the cracks appear.
There are enough regulations to oversee commercial and corporate activities, but if these do not prevent economic crises, maybe we need to look at improving the enforcement of laws. To clamour for more regulation is knee-jerk. Such reactions make room for new regulations in a hurried manner like the Sarbanes-Oxley Act (SOX). Tighter regulations do not prevent intentional mis-statements or newer frauds from being committed — Madoff, Refco, Fannie Mae, Shell and Satyam happened after SOX and Clause 49 were in force. The best of laws will not help if these are not practised on the ground and if infarctions are not dealt with swiftly and transparently. In fact, what we need is a more streamlined and efficient regulatory and supervisory mechanism that performs effective oversight, and does not bring in more regulations.
The author, a chartered accountant, is co-author of Corporate Governance: Myth to Reality