Auditors: Market concentration and their role - Economic Affairs Committee Contents

CHAPTER 6: Bank audits and the financial crisis


134.  During the course of our inquiry we have increasingly been led into issues that arise in their most acute form with the auditing of banks. Thus in the previous chapter, which exposes some of the shortcomings of IFRS, it is clear that these shortcomings are at their most serious in the case of the accounts of banks. There are at least two interconnected reasons for this.

135.  First, an important part of the accountancy process is the correct valuation of assets. Indeed, a new process, customarily known as mark-to-market, under which assets are accounted for at market rather than book value, was introduced for just this reason. But the difficulty of correctly valuing the financial assets held by banks, particularly the highly complex and often somewhat artificially constructed financial instruments that have proliferated since the millennium, is of a wholly different order of magnitude from the difficulty of valuing the bulk of the assets held by the general run of companies. Moreover, in many cases and at many times the 'market' is a dangerously narrow one. Indeed, in many cases it is narrow to the point of non-existence, in which case the accepted practice is to use what is known as 'mark-to-model', valuing assets on the basis of financial models. This inevitably adds to the problems of complexity and an inadequate market the problem of the real-world (as opposed to mathematical) reliability of the model.

136.  Second, given these complexities and uncertainties of valuation, it is all the more important that auditors should err on the side of prudence. Yet the evidence we have received has demonstrated that the advent of IFRS has led to a culture of box-ticking and 'neutrality' at the expense of prudence. This is particularly serious in the case of banks where, given their crucial importance to the health of the economy as a whole and the uniquely troubling consequences of a major bank failure, the necessity of erring on the side of prudence cannot be overstated.

137.  But during the course of our inquiry we have found some other grave defects in the auditing of banks, unrelated to the advent of IFRS, and it is to these we now turn in this chapter.

138.  The banking crisis of 2007-09 raised the question (among others) why there was so little warning that so many banks were in trouble and that the world's financial system was at risk. The role of auditors in the crisis is naturally of most interest to this inquiry. We do not seek to apportion blame but to draw lessons, bearing in mind that, with hindsight, responsibility for the crisis and the lack of warning was shared by almost all the players in the system. As Lord Myners put it, "the financial crisis revealed the failure of just about everybody ... [but] the auditing profession, the accounting profession, cannot be excluded from those who must share responsibility and, more importantly, seek to learn lessons."[171]

139.  To learn the right lessons, it helps to know what happened. With audit, this is not easy. Although, in the words of Professor Vivien Beattie of Glasgow University, "accounting and auditing is what underpins the capital markets"[172], the uninitiated cannot see it. Only the auditors themselves, and perhaps the client's Audit Committee and the FRC's Audit Inspection Unit (AIU) know just how thorough was a given audit and what it saw. Except in rare cases where the accounts are qualified, others make do with an anodyne assurance that the financial statements drawn up by the audited company are not misleading. As Professor Stella Fearnley of the University of Bournemouth said: "The quality of the audit is quite often unobservable to the client themselves."[173] In the words of Mr Guy Jubb, Head of Corporate Governance at Standard Life Investments, "the output of the audit is the audit report and that is what we see. We have very little transparency currently as to what the actual audit process involves … audit reports ... are very, very standardised in their content ... are often ... riddled with 'get out of jail free' clauses".[174] Mr Jubb was nevertheless clear that "the reliability that we have to place upon audited financial information is the lifeblood of capital markets".[175]

140.  There is a particular—and particularly serious—problem with the auditing of banks which has to be faced. An auditor who encounters a problem which might, in the ordinary course of events, justify a published qualification to the accounts, might understandably be reluctant to insist on this in the case of a bank. They might fear that to do so could cause a collapse of confidence and a run on the bank, to the detriment of the shareholders and, quite possibly, of the wider public interest. While this problem cannot be entirely avoided, we recommend in paragraphs 164, 165 and 167 how it can best be minimised.

141.  We were especially interested in how the bank auditors had approached their tasks at the end of 2007, when as we now know the crisis was already under way, and at the end of 2008, when several banks were on their knees. We wished to know if they had seen signs of impending trouble in 2007 and, if so, what action they had taken. And for 2008, at the height of the crisis, with various banks needing state bailouts to survive, we wanted to know on what basis the auditors had signed off their financial statements, and opined that banks were still going concerns and we also wanted to know if they had had assurances of support from the Government. We questioned the senior partners in the UK of the Big Four (of which only three, Deloitte, KPMG and PwC, audit large British banks).

142.  The Big Four expressed the general view that in auditing banks before and during the crisis they had carried out their duties properly. Mr John Connolly, Senior Partner and Chief Executive, Deloitte, denied there was a failure of audit.[176] Mr John Griffith-Jones, Chairman, KPMG, recalled that the scope of statutory audit is limited: "The auditor's primary role is to count the score at the end of the accounting period ... not trying to forecast next year's profits … not responsible ... for making an assessment of the risk of the business ... if you have a company that has leverage of 100 times and a company that has no leverage at all, the audit report is the same ... It is the role of the auditors to point out weaknesses in controls."[177] Mr Ian Powell, Chairman and Senior Partner, PwC, agreed: "It's not the job of the auditor presently to look at the business model of a business. That is the job of management."[178] He acknowledged however that in "undertaking an audit you do look at the market conditions that were extant at the time of signing off the audit."[179] We do not accept the defence that bank auditors did all that was required of them. In the light of what we now know, that defence appears disconcertingly complacent. It may be that the Big Four carried out their duties properly in the strictly legal sense, but we have to conclude that, in the wider sense, they did not do so.

143.  There is inevitably a connection between the assessment of the Big Four's performance and the question, discussed earlier, of market concentration. The point is that, in the case of auditing, the benefits that might be expected from competition have to be weighed against the fact that oligopoly allows the existence of audit firms that have the size, strength and competence both to conduct the effective audit of large, highly complex, and often global banking groups, and to avoid being cowed by such clients. To the extent that the gain from oligopoly may appear in practice to have been somewhat disappointing, the case for more competition is enhanced.

144.  We were told that in assessing whether to endorse a company as a going concern an auditor takes account of "the business's projected net cash generation and its ability to obtain funding (regardless of the source ... or the circumstances in which the funding is required)" and that in banks, where financing is obtained mainly from deposits, and their retention depends on confidence, "going concern in a bank is therefore inextricably linked with a question of confidence. Whilst confidence is maintained the bank is a going concern; when confidence is lost then it is no longer a going concern."[180] We received evidence from the Big Four, for example at paragraph 149 below, which seemed to suggest that an auditor might properly regard a bank as a going concern even when a non-bank in a similar position might not be so regarded, since a bank that got into difficulties would be bailed out. It cannot (or at least should not) be taken for granted by auditors that banks in difficulties will be bailed out by the authorities and the taxpayers. We do not accept therefore that this should at any time be a decisive consideration in making the 'going concern' judgment.

145.  It could be argued that, until 2006, confidence remained generally high in the British and global economy and financial system. The role of bank audits was not then in question. Even at Northern Rock, when PwC concluded its audit for 2006 in January 2007 the company "had a history of profitable operations and had a track record of ready access to funds ... none of the information available to us indicated anything that would constitute a 'material uncertainty' ... we concluded that in our opinion there were no matters relating to the going concern basis of accounting that were required to be reported to shareholders."[181] We find this complacency disturbing. In 2006 Northern Rock was already operating a dangerously risky business model. The FSA said: "Northern Rock, relative to its peers, [had] a high public target for asset growth (15-25% year-on-year) and for profit growth; a low net interest margin; a low cost:income ratio; and relatively high reliance on wholesale funding and securitisation."[182]As a result of this business model it was able to increase its share of the UK mortgage market at an extraordinary rate. Northern Rock's market share of net residential lending[183] jumped from 11.2% in 2004 to 18.9% in the first half of 2007.[184] We are astonished that PwC appeared not to recognize an amber light that flashed so brightly.

146.  The Bank of England's timeline of crisis events, annexed to its Financial Stability Report of June 2009, starts only in March 2007.[185] It may be argued that it would have required unusual prescience on the part of auditors to spot trouble coming in banks' financial statements for the year 2006, although this does not apply in the case of Northern Rock. It is true that, even if the auditors did have concerns, they were confronted with the problem referred to in paragraph 140 above. But we were provided with no evidence from the Big Four that they did, in fact, have any concerns.

147.  A year later, as bank audits were prepared in late 2007, the writing was on the wall. Mr Powell said: "The closure of the wholesale markets in the second half of 2007 created real difficulty for many banks ... one of the key questions around the banks ... at the year-end 31 December 2007 was ... is there adequate liquidity or is there likely to be liquidity provided to these banks to survive"[186] so that auditors could sign off a going-concern opinion. He added that PwC reported to the FSA on 11 September 2007 that they "had concerns about the going concern of Northern Rock" and "Northern Rock asked for emergency support from the Bank of England on 13 September and were granted that"[187]. But since "other banks were all still funding themselves in the short-term wholesale markets at the end of 2007 and market conditions were still showing signs of easing when banks announced their results in February 2008 ... auditors ... had no reason to believe that a going concern qualification was appropriate with respect to the financial reports for the financial years ending 31 December 2007"[188]. We do not accept this. A going concern qualification was clearly warranted in several cases, even if the auditors may understandably have been reluctant to make it for the reason referred to in paragraphs 140 and 144 above.

148.  Other bank auditors also maintained that circumstances at the end of 2007 were not so difficult as to justify qualifying going concern opinions on banks. In KPMG's view, there were "two key issues which had given cause for concern during the year—firstly in relation to lack of liquidity, particularly in respect of the securitisation markets, and secondly in relation to the valuation of securitised assets". But "for the UK banking industry in general there was insufficient evidence to believe at that time that a material uncertainty in relation to going concern existed in this regard."[189] Deloitte's view was similar and was reinforced by official intervention in the markets: "We did not have significant concerns about going concern for the majority of our clients. This assessment was reached after considering both the state of the banking market and the actions of the Treasury, the Bank of England and others following the collapse of Northern Rock ... nobody ... predicted the total market dislocation that would occur later in 2008."[190]

149.  In late 2008 and early 2009, banks were audited during a general loss of confidence following the bankruptcy of Lehman Brothers. The Big Four auditors were in close touch with the authorities. Mr Scott Halliday, Managing Partner, Ernst & Young, said: "At the banking crisis, all four of us had meetings with the Bank of England around trying to improve the dialogue between the Bank of England and the firms."[191] Mr Connolly described the Big Four's approach to the Chancellor of the Exchequer[192], which resulted in a meeting at the Treasury on 16 December 2008 with the then Financial Services Secretary, Lord Myners. "All four of the people here had detailed discussions, instigated by the Big Four, with Lord Myners because of the circumstances we were in. It was recognised that the banks would only be going concerns if there was support forthcoming ... it was a proper and appropriate act from the four firms to seek to understand the likelihood of support being forthcoming ... had we concluded ... that there was not going to be support, then a different audit opinion would have been given."[193] Lord Myners "provided evidence of the Government's actions and the extent of their commitment which would support the management, directors and auditors in forming their view on going concern[194] ... we also considered the evidence obtained by ... our banking clients [on] the recapitalisation scheme, the Bank of England's Liquidity Scheme and the Treasury's Credit Guarantee Scheme ... concluded that ... support ... would ... avoid ... significant uncertainty as to going concern."[195]

150.  Lord Myners also gave us his account of the meeting described by Mr Connolly. To the best of his knowledge it was a unique event; there were no similar meetings in 2007 or 2009[196]. Lord Myners reminded the auditors that the "Government were committed to taking whatever action they regarded as necessary to maintain financial stability" and said he would "like to maintain a regular dialogue with them on this issue relating to the preparation and completion of year-end accounts" but "they did not seek an additional meeting." His subsequent letter in reply to Mr Griffith-Jones included the statement that the Government remained "committed to taking whatever action is necessary to maintain financial stability and to protect depositors and the taxpayer."[197] Lord Myners also told us that "with auditing and accounting for banks ... there has to be an underlying assumption of continued confidence."[198]

151.  Lord Myners added that, around the time of his meetings with the Big Four auditors, he invited the chairs of audit companies of major banks to meetings, and was disappointed that they mostly showed only a "cloudy" grasp of valuation models of complex financial instruments.[199] In defence of the audit chairs, it has to be said that very few in senior management positions in the major banks had more than a 'cloudy' grasp themselves of the mathematical models used to value the banks' complex financial instruments.[200] It is clear, moreover, that the models, whether grasped cloudily or not, gave a false sense of security to the banks. We are not clear, however, to what extent if at all the Big Four conducted an independent assessment of the reliability of these models.

152.  Press reports of the time make clear that it was known publicly that a meeting between the Big Four auditors and the responsible Treasury Minister had taken place[201]. Audited financial statements by banks for 2008 were issued at the usual time in early 2009. That of Royal Bank of Scotland included "extensive disclosure of the liquidity provided by central banks ... and support from the UK Government ... also a going concern statement which referred explicitly to the UK Government's support."[202]

153.  By the time banks were audited in late 2008, events had shattered confidence in most of them. Auditors and Ministers recognised that banks could be seen as going concerns only if continuing support by the Government was assured. They reached an understanding to enable auditors to sign off on banks' financial statements—some of which acknowledged dependence on Government support.

154.  We are concerned at a number of aspects of the above narrative. Not only were the contacts between the Big Four and the authorities few and far between, but they appear to have occurred very late in the day, in particular the meeting with Lord Myners in December 2008. Moreover Mr Halliday of Ernst & Young referred only to "meetings with the Bank of England around trying to improve the dialogue between the Bank of England and the firms"[203], despite the fact that the authority responsible for the supervision of the banks was, and had been since 1997, the Financial Services Authority.

155.  Adequate and timely dialogue between bank auditors and supervisors is of the first importance. It is essential not only to enable the auditors to audit more effectively and the supervisors to supervise more effectively, but in particular to overcome the problem caused by the understandable reluctance of auditors to qualify banks' accounts. It is to this we now turn.

Dialogue between bank auditors and supervisors

156.  The importance of close dialogue between bank auditors and supervisors first came to the fore in the wake of the collapse of Johnson Matthey Bankers in 1984, which led to the Bank of England (at that time responsible for bank supervision in the UK, a responsibility which it lost to the Financial Services Authority in 1997 and which it is now about to resume) acquiring JMB and all its liabilities (for the sum of £1). It rapidly became clear both that the Bank had fallen down badly in the exercise of its supervisory responsibilities and that JMB's auditors, Arthur Young, had also failed to do their job adequately.[204]

157.  Accordingly, the Bank commenced legal action against the auditors for negligence which led Arthur Young to make a substantial payment to the Bank in an out-of-court settlement; and on the wider issue of bank supervision in general the Chancellor appointed a Committee of Inquiry, under the chairmanship of the Governor. The Committee's report was published in June 1985 and, among other recommendations, proposed: "A mechanism should be established to enable a regular dialogue to take place between the supervisors and banks' auditors. Existing confidentiality restraints on both parties should be removed … as soon as possible by legislation."[205] This duly appeared as one of the more significant proposals of the White Paper on Banking Supervision published in December 1985, and was translated into legislative form in the Banking Act of 1987.[206]

158.  This overcame what had previously been seen as a practical impediment to regular and adequate dialogue, including the sharing of information, between bank auditors and supervisors, namely the concern of many auditors that this would breach their duty of confidentiality to their client. (It was also the case that the previous Government's 1979 Banking Act, which the 1987 Act was to replace, appeared to prohibit the supervisor passing information to the auditors). The 1987 Act, among a number of other provisions, in the explicit interest of furthering a regular dialogue, established for the first time that a bank auditor who provided the supervisor with confidential information or opinions about a client for the purpose of better supervision would have full statutory protection against any action for breach of good faith or confidentiality. It also gave a reserve power to the Treasury to oblige the auditor to disclose such information, should this appear not to be occurring—if, for example, it was not required by the accountant's professional body.[207]

159.  The provisions of the 1987 Act explicitly concerned communication between the auditors and the Bank of England, which was then the supervisory authority. The transfer in 1997 of this responsibility from the Bank to the Financial Services Authority meant that the relevant provisions needed to be reenacted in the legislation implementing the transfer, so as to ensure the necessary dialogue between the auditors and the FSA.

160.  However, in practice the regular dialogue which had been working well following the passage of the 1987 Act appeared to fall into desuetude following the 1997 transfer of supervisory responsibility from the Bank to the FSA. Of the three troubled banks which subsequently had to be bailed out by the taxpayer—Northern Rock, HBoS and the Royal Bank of Scotland—we were informed that in 2006 there was not a single meeting between the FSA and the external auditors of either Northern Rock (PwC) or HBoS (KPMG), and only one meeting between the auditor of RBS (Deloitte) and the FSA; and that in the whole of 2007 there was only one FSA/auditors meeting with each bank auditor. Even in 2008 there were only two meetings between the FSA and the auditors of Northern Rock and HBoS and none between the FSA and the auditors of RBS. As the FSA admitted to us, "the regular practice of auditor-supervisor meetings fell away gradually following the transition from the Bank of England to the FSA as banking supervisor."[208]

161.  We are unclear at what level and at what depth these very few meetings took place. We regard the recent paucity of meetings between bank auditors and regulators, particularly in a period of looming financial crisis as a dereliction of duty by both auditors and regulators.

162.  In its written evidence to us, the Bank of England acknowledged: "The working relationship between external auditors and the prudential supervisors had broken down in the period prior to the financial crisis. Prior to 2007, formal meetings between supervisors and external auditors no longer formed part of the routine supervisory framework and the informal channels of communication that existed when the Bank had responsibility for supervision had fallen away. The FSA had also in this period made much less frequent use of skilled persons' reports as a routine supervisory tool [these had been another innovation of the 1987 Act]. The regular meetings that these had previously engendered helpfully reinforced the links between the auditor and supervisor. All [that is, the Bank and the FSA] agreed that the auditor has an important role to play in the regulatory framework and that an effective relationship between the two parties needed to be re-established."[209]

163.  The way forward proposed by the Bank and the FSA was a code of practice for the relationship between the external auditor and the supervisor, and indeed a draft code with precisely this description was duly published by the FSA for 'guidance consultation' in February 2011.

164.  We welcome the Code of Practice proposed by the Bank of England and the FSA for the relationship between the external auditor and the supervisor. But in the light of the regrettable backsliding of the years 1997-2007, and of the manifest importance of this issue, we believe that a Code of Practice does not go far enough. A statutory obligation is required.

165.  This might take the form of a mandatory quarterly meeting, at the highest appropriate level, between the supervisory authority and the external auditor of each bank whose failure might, in the view of the supervisory authority, pose a systemic risk. There might be a further requirement for either side to initiate a meeting between the regular quarterly meetings should information come to light which might warrant such a meeting.

166.  We therefore welcome the statement by Mr Mark Hoban MP, Financial Secretary to the Treasury, in his evidence to us that "if the Bank were to say that we need this [the requirement for adequate dialogue between auditors and supervisors] in the statute, then I would be happy to see that happen."[210] We also note the statement by Mr Paul Lee, Director of Hermes Equity Ownership Services, speaking as a major bank shareholder, that despite the fact that the confidential information disclosed at private meetings between auditors and supervisors would not be available to shareholders, "we would not be concerned by such dialogue. We would welcome it."[211]

167.  There was no single cause of the banking meltdown of 2008-09. First and foremost, the banks have themselves to blame. As our predecessor Committee found in its report on Banking Supervision and Regulation in 2009, the supervisory system put in place in 1997 proved unfit for purpose. But we conclude that the complacency of bank auditors was a significant contributory factor. Either they were culpably unaware of the mounting dangers, or, if they were aware of them, they equally culpably failed to alert the supervisory authority of their concerns. Our recommendations are designed to address these failings and thus make a repetition less likely.

171   Q 483. Back

172   Q 2. Back

173   Q 10. Back

174   QQ 405-406. Back

175   Q 405. Back

176   Q 263. Back

177   Q 274. Back

178   Q 278. Back

179   Q 275. Back

180   ADT 35 (KPMG). Back

181   ADT 36. Back

182   FSA Internal Audit Division, The supervision of Northern Rock: a lessons learned review, Executive Summary, para 15, March 2008.  Back

183   Net residential lending refers to mortgages advanced in a given period minus redemptions. Back

184   Northern Rock 2007 interim results.  Back

185   Bank of England Financial Stability Report, page 58, June 2009. Back

186   Q 266. Back

187   QQ 267-268. Back

188   ADT 36. Back

189   ADT 35. Back

190   ADT 33. Back

191   Q 256. Back

192   Mr John Griffith-Jones's letter to the Chancellor of 11 November 2008 - available at Back

193   Q 263. Back

194   Lord Myners's reply of 17 December 2008 - available at  

195   ADT 33 (Deloitte). Back

196   Q 473. Back

197   Q 466. Back

198   Q 467. Back

199   Q 478. Back

200   For example, see Lord Myners's oral evidence to a previous inquiry-Economic Affairs Committee, 2nd Report (2008-09): Banking Supervision and Regulation (HL Paper 101-II) QQ 562-63. Back

201   The Sunday Times, 'Brown calls in UK's top bank bosses' by Iain Dey and David Smith, 11 January 2009. Back

202   ADT 33 (Deloitte). Back

203   Q 256. Back

204   Nigel Lawson (1993), The View from Number 11. Back

205   Report of the Committee set up to consider the system of banking supervision, June 1985. Back

206   Nigel Lawson (1993), The View from Number 11. Back

207   Nigel Lawson (1993), The View from Number 11; Banking Act (1987) Section 47. Back

208   ADT 28. Back

209   ADT 75. Back

210   Q 529. Back

211   Q 436. Back

previous page contents next page

© Parliamentary copyright 2011