Accountancy regulator the Financial Reporting Council (FRC) has announced that it is investigating PwC’s auditing of BT, following a huge financial scandal at the telecom company’s Italian operation.
The FRC, which monitors and enforces accounting standards, is focusing on PwC’s auditing of BT's financial statements from 2015 to 2017, which is when a £531M fraud is alleged to have been committed by employees.
FRC investigators will be looking to see how the fraud failed to show up on the audits. Reports into the scandal have indicated that contracts, invoices and revenue from BT-installed phone lines were inaccurately recorded or exaggerated by staff so that they could show they had met targets. BT itself has stated there were improper sales, purchase and leasing transactions and improper accounting practices.
The FRC, which is partially funded by the U.K. government, has the power to issue fines or bans to companies it deems to be found in serious breach of its rules. The 2010 “International Standard on Auditing (UK and Ireland) 240’’ expects auditors to identify and assess the risks of fraud, seek evidence of it and “respond appropriately’’ to fraud or suspected fraud if it is identified during an audit.
And it seems to be taking a very close look at the behaviour of the accounting and auditing profession.
At Rahman Ravelli, we have been urging accountants to not only be aware of the standards they must maintain but also recognise what they must do to keep maintaining them. The FRC’s recent activities are a reminder of this.
In May, the FRC dropped its investigation into PwC's auditing of Tesco after the supermarket group admitted a £326M black hole in its 2014 accounts was due to incorrect booking of payments from suppliers.
But the FRC will be unwilling to drop any more investigations. It appears to be taking an increasingly tough stance on those it believes are falling short in their duties.
In May, it fined PwC a record £5m for “misconduct” in relation to the audit of Connaught, the social housing maintenance group that went into administration seven years ago. Last year, PwC had to pay £3M in fines and costs due to its audit of the collapsed financial services group, Cattles.
But this is not just about PwC. Earlier this year, the FRC warned companies after finding faults in a third of the accounts it examined from the UK’s six largest audit firms.
Such penalties indicate that the FRC is looking to come down hard on those it feels are not fully meeting their obligations. While it does not have the unique range of powers that the Serious Fraud Office (SFO) can boast, the cases mentioned earlier prove that it can and will punish those it believes are failing in their duties as accountants or auditors.
Auditors are regarded as the ones who examine the accounts that the accountants have compiled. Directors and senior management attach great weight to the “health check’’ that an auditor’s report gives to a company. And with good reason. It is the auditors who are expected to examine the finances and internal workings of a company, use statistical sampling to gain an accurate picture of its wellbeing and raise any concerns they may have after assessing all this.
It may be unfair to expect an auditor to detect all fraud. Fraud prevention must be the company’s responsibility. But it is the accountants who compile all the relevant information and the auditors who check it. The argument, therefore, is that the auditors – and, arguably, company accountants - should be seeing any fraud before anyone else.
While this argument may have some merit, it would be unfair to expect someone coming into a company, as an auditor is, to instantly recognise problems.
When the auditors do go in, however, they should be asking detailed questions about the company’s approach to preventing or recognising fraud;
Questions such as:
- The exact nature of the company’s business.
- What are the fraud risks to this company?
- Is the risk of fraud due to the geographical area or sector of business it trades in?
- What has been done to minimise the risks?
- What could indicate that fraud is being committed?
- What opportunities or incentives exist for those looking to commit fraud?
- What level of scrutiny is given to this by those in seniority?
- The reasons for any patterns in the company’s finances.
If a company has an anti-fraud policy in place, the auditor must insist on having it explained to them. Only then can they hope to see the full picture when they come to do the audit – and identify anything that may indicate that fraud has been committed.
If there is no fraud prevention at a company about to be audited, it is in the auditor’s interests to seek explanations about why there isn’t any. They should also insist on a detailed, thorough explanation of the company’s workings so that they are fully informed before carried out the audit.
While it may sound obsessive, they should also keep clear and detailed records of all communication they have with staff or other representatives of the company they are auditing.
It may also be worth instigating a series of on-the-spot, unannounced audits. These will provide a valuable snapshot of a business’ workings and make it difficult for anyone committing fraud to cover their tracks.
Such an approach outlined here will minimise the chances of an auditor missing fraud. But if fraud is still missed by an auditor and they become the subject of an FRC investigation, they must seek immediate advice from a legal firm that specialises in business crime.
Auditors should also equip themselves with a working knowledge of the Proceeds of Crime Act and Money Laundering Regulations, so that they do not miss any obvious signs of money laundering; which could also attract the attention of the FRC. They have to be aware of all relevant law – and seek legal assistance if they are not.