I blogged previously about a W$J article on auditors including so-called liability caps in their client engagement letters (see here). My view was that it really wasnâ€™t newsworthy because â€œliability limitation provisions are standard in contracts among sophisticated parties, so its not surprising that auditors include them in engagement letters.â€? Additionally, the provisions cited in the article were not true liability caps. Hence, I concluded by saying that â€œif auditors were getting true liability caps, that would be a story, but they aren’t.â€? Geoff then posted the following comment:
Why would it be a story at all, even if the caps were “real?” As Kate [Litvak] points out, they’re just a form of ex ante risk allocation by contract. Pretty standard stuff. Assuming no third party effects (and you indicated these caps were only between the contract parties), would effective caps be any more newsworthy (other than as a reaffirmation of the value of free contracting?)
I responded as follows:
Real liability caps . . . would be newsworthy in my opinion because of the SECâ€™s position that certain contractual risk shifting provisions, i.e., indemnification, are void as against public policy and may implicate auditor independence requirements. Hence, risk shifting through real liability caps would raise the issue of whether the SEC will or should intervene given its position on indemnification.
Well, the issue is now becoming newsworthy because, as this post at the AAO blog details, the Public Company Accounting Oversight Board (PCAOB) and others are looking at whether various clauses designed to manage auditor risk (indemnification, limitation of liability, etc.) impair auditor independence. PCAOB was created by SOX to regulate accounting firms that perform audits of public companies. Among other things, PCAOB establishes auditing, ethical and independence standards for these firms. Independence is a big deal because federal securities laws require that annual financial statements of public companies be certified by independent public accountants.
But what exactly does auditor independence mean? PCAOB has adopted the AICPA rule on independence. The rule defines independence in the negative, i.e., it describes various actions that are considered to impair independence. This article indicates that the concept of auditor independence has varied over time. According to the article, at one time it meant â€œobjectivity and neutrality in the reporting of financial position and results of operationsâ€? but may not mean this today.
Putting the definitional issue aside, the key inquiry in my mind is whether these risk allocation provisions result in less stringent audits. With the exception of indemnification, I think the answer is no. This is because in the public company context the primary litigation risk, and hence a primary motivation for performing a stringent audit, comes not from the risk of clients suing auditors for malpractice but from the risk of class action plaintiffs suing auditors for securities laws violations. Risk allocation provisions, with the exception of indemnification, have no bearing on the latter. Iâ€™ll leave my thoughts on indemnification provisions for another day but note that under existing SEC regulations auditor independence is impaired if a client agrees to indemnify the auditor for the auditorâ€™s own negligence.
This is a topic that I have blogging about quite a bit on TheCorporateCounsel.net. From a market standpoint, indemnification for auditors is not good because it facilitates more risk-taking (and sloppier work) by auditors and we get back to pre-Enron accounting practices. From a corporate perspective, the oligopoly in the auditing profession means that this is not really a situation of “contracting between sophisticated parties.” The auditor just says “sign here.” This arguably is against the SEC’s policy against indemnification and a PCAOB advisory group is discussing this very real topic this Thursday to come up with possible solutions.
Thanks, Broc Romanek