Home / more articles - The author - Contact

Auditors GraphicHow can auditors provide other services and still be objective?
Practical proposals for open relationships between external auditors and their clients

by Matthew Leitch, 3 March 2003.


Enron
Time for more openness
What do external auditors do to sell extra services?
Items for the auditor-auditee agreement
- investigating potential sales
- reporting issues
- sharing information
- achieving audit and non-audit objectives through the same work
Conclusion

Enron

For many years there has been a battle raging over whether external auditors should be allowed to provide services other than audits and the work auditors are normally required to do, such as reports needed for a listing. The trend has been a gradual tightening of restrictions, and the most visible effect of this so far has been that the big firms have split from their consulting businesses because the restrictions imposed by the SEC (the regulator for the USA) were hampering the consulting activities.

The audit failure revealed by the collapse of Enron in 2001 accelerated the trend. In June 2002, the Sarbanes-Oxley Act was passed in the USA to introduce a range of rules to reduce the risk of another Enron. This included new rules on what services could not be performed by auditors and a requirement for most non-audit work to be approved in advance by a company's audit committee.

Time for more openness

However, these reforms are not quite enough on their own to bring about the kind of openness and assured objectivity investors and regulators are looking for. Every company needs to agree with their auditors how they will manage the risk to objectivity posed by sales of extra services.

Although the simplest way to do this is to decide never to buy non-audit services from the auditor many companies would prefer to retain the option of using their services when they are the best choice. To do this requires a clear agreement between both parties as to how the relationship will be conducted. The client needs to be in control, but in such a way that the auditor has a fair chance.

To some extent this has already happened. Many listed companies have drafted rules about what types of service their auditors can be considered for, and there is often a requirement for audit committee approval of any proposal for extra services.

However, this on its own is not a practical approach. If employees know that board audit committee approval is needed and may not be given on the grounds that the proposed work is deemed inappropriate they will usually avoid discussing any extra work with the auditors. Consequently, although it may be technically possible for the auditors to provide other services in practice they will rarely get the chance.

A more subtle and comprehensive agreement is needed, and to understand what that should cover we need to look at how external auditors try to sell their other services.

What do external auditors do to sell extra services?

Audit firms have, traditionally, regarded their audit relationships as valuable means of selling additional services. Internally, they talk about "leveraging our audit relationships more effectively". This sometimes leads to some behaviours, and situations, that not all audit clients are happy with. Here are the main problem areas:

Items for the auditor-auditee agreement

Sales activity needs to come out into the open so that it can be managed by the audit client. The main areas to be included in the auditor-auditee agreement to achieve this are:

Investigating potential sales

Auditors should not attempt to investigate a potential sales opportunity without prior approval from the board audit committee, or someone delegated that power. Regular meetings should be held at which the auditor can present hypotheses about issues and potential solutions they could provide, suggest the scope and approach for further investigation, and have those ideas approved or rejected for further exploration. Such approval does not imply that any proposal resulting will also be approved by the audit committee. Neither does the approval mean that employees of the company should cooperate with the auditors in investigating the hypothesis, though of course a director could also give that instruction.

It is probably also necessary to have a mechanism by which the auditors can propose a hypothesis and investigation at other times, and someone in the client organisation should be delegated the power to give approvals at short notice.

Compared to having no such mechanism in place this is better for both auditee and auditor. The client is in control and can put an end to time wasting explorations by the auditor, while also steering the auditor towards items that may be worth further consideration. The auditor avoids the problem of having to try to investigate possible sales with the threat of having the proposal rejected by the audit committee. The auditor also gets a regular opportunity to present ideas for improving the client's business and invaluable feedback about where the client might be open to ideas.

Reporting issues

Sometimes issues raised in the auditor's report to management could be addressed by services provided by the auditor. The auditor should disclose in the report which these issues are. If disclosure is omitted and, subsequently, the auditor proposes to investigate the issue to see if a service could be proposed, the auditor should point out the omission and explain the circumstances.

Obviously most clients will prefer that the disclosure does not become an extensive advertisement for the auditor's other services. A discreet disclosure is all that is required.

Again, this is better for both parties. The auditee knows when the auditor may have commercial reasons for raising an issue. The auditor has an opportunity to state that he can help the client with certain issues. The disclosure may be discreet, but it is still a form of advertising.

Sharing information

The auditor should disclose to the auditee where specialists will be used within the audit, and give an indication of the other services they provide.

The audit team may not share information with others within their firm for the purpose of business development, except as agreed with the auditee. This agreement could be a set of general rules, or specific agreements given from time to time. Approval to investigate potential sales opportunities may include permission to discuss certain information with specialists outside the audit.

Once again, the auditee has more information and more control over the relationship, but the auditor also gains a right to explain his services and expertise.

Achieving audit and non-audit objectives through the same work

"Adding value through the audit" is something most people want, but it's not always easy and has to be managed properly to ensure that the external audit - and its fee - are just that, while the additional value provided is also recognised and rewarded. Auditors and their clients should agree some general principles and also agree the approach to any specific work where audit and non-audit objectives will be achieved through the same work.

Here are some of the ways in which objectives can be combined:

Conclusion

The approach described above puts audit clients in control of the way their auditors develop opportunities for other services, but does so in a way that works for auditors too.

The reality is that auditees don't like the nagging feeling that their auditors are up to something, and auditors don't like trying to sell other services in an atmosphere that makes it risky and stressful. There's no need for this. By adopting the type of relationship I have described this discomfort can be eliminated.

Perhaps most important of all is the impact for corporate governance. By bringing sales activity into the open and making it visible at audit committee level, from the birth of an idea to the approval of a proposal, the risk of fees being linked to audit opinions without the knowledge of non-executives is minimised.



About the author: Matthew Leitch's interests include risk and uncertainty management, cognitive psychology, mathematics, internal control systems, design, the internet, and human knowledge. He is a Chartered Accountant with a BSc in psychology from University College London. Until very recently he worked as a consultant in risk management and systems for a leading professional services firm. He pioneered new methods for designing internal control systems for large scale business and financial processes, through projects for internationally known clients. However, this web site is not connected in any way with his former employer nor are the views expressed here connected with the views of that organisation.

Contact the author at: matthew@dynamicmanagement.me.uk

Words © 2003 Matthew Leitch

Home / more articles - The author - Contact