In the Firing Line

Auditors and their clients are locked in a debate over how best to ensure proper audits are carried out without the threat of litigation hanging over service providers. The basis of the debate is a recent ruling in the US, which found the American arm of BDO Stoy Hayward partly liable for major fraud at the Portuguese financial services firm Banco Espirito Santo. Lawyers for the bank will argue later this year that BDO Seidman should be held liable for $521m in losses.

Should the US courts rule that the auditors failed in their duty to spot and report the fraud, it could open the floodgates for a rash of similar lawsuits. It might also force audit firms to re-examine their practice of building networks. The bank's lawyers are gunning for BDO International, believing they're more likely to get their money if the lead firm in the network is targeted. And of course, in business and in life, what happens in the US can often end up happening in Europe somewhere down the line.

It's this fear that has led some Europe national regulators to argue for a liability cap. In the UK, 2008 will see firms being given the option of signing an audit liability agreement before the audit takes place. The drive behind that is to avoid proscriptive mandating of liability caps or set amounts. This consent-based method sits comfortably with the European approach to these matters: use principles and allow businesses to follow them, rather than simply writing more rules or allowing an entirely laissez-faire system, as in the US.

Liability limitation

The UK's new rules on liability limitation, which came into effect in April 2008 as part of the Companies Act, offer auditors the opportunity to limit their liability on whatever basis is set out in the agreement – this can include proportionate liability but it can also include any other basis, such as a fixed cap, provided that it is reasonable. But the key to whether this option becomes widely used will be the stance of shareholders, especially institutional shareholders. Because every limitation agreement will require the assent of shareholders, they will effectively have a veto on this matter whether the auditors like it or not.

The genesis of this goes back to Houston in 2001. It's only six years ago that Andersen, one of the then 'big five' audit firms, collapsed on the back of the Enron implosion. That has led to the decreased 'big four' and worries among regulators and clients that competition is being hampered by a concentration of work among PwC, Deloitte, E&Y and KPMG. Those with even decent short-term memories will recall the chaos the collapse caused in audit circles and should be keen to avoid a repeat.

Across Europe, however, national regulators are seeking different solutions. Germany, for example, has set up a system that allows for an absolute cap of €1m for a private company, €4m for a quoted. However this doesn't cover deliberate breaches of duty. Meanwhile in Austria, Belgium, Greece and Slovenia a statutory cap is in place, while France exercises no limit on liability.

So what will all this mean for auditors and their clients? To some, unlimited liability along US lines is the worst-case scenario. The fear is that should auditors be completely exposed to unlimited action if it is found that fraud was perpetrated, then the use of boilerplate will increase, and value-added audit – where companies and shareholders get significant disclosure and insight into a company's operations – will become a thing of the past.

For Jeremy Newman, formerly managing partner at BDO Stoy Hayward and now head of its international network firms, the issue of liability needs to be put into context.

"Lots of people cite the Enron-Andersen scandal as the starting point for this issue but it's been around for a long time," he says. "But what Andersen did do was focus the profession on the fact that auditors can go out of business on the back of something like this. And it also shows that auditors carry a much greater burden in this area and may need to be protected."

Who should be responsible?

At the heart of this issue is the question of just how much responsibility lies with auditors to uncover and report fraud. While no-one wants audit to become a police investigation, it's fair to say that paying the rising fees does lead many to believe that the auditors have a duty of care to ensure that company accounts are properly examined and full disclosure of any liabilities and risks achieved.

But members of the audit profession, mindful of the damage enormous lawsuits can do to their reputation and by extension their bottom line, argue that unlimited liability will inevitably lead to at least one major firm going under and a further reduction in competition. And given that the so-called big four currently audit 85% of European listed companies, it's not a stretch to conclude that losing another would seriously damage the competitive balance across the continent.

So far, the mood in the US has been unforgiving on this issue. To many regulators and industry observers, protecting auditors from paying for their mistakes is anti-competitive and simply un-American. A paper published in 2007 by a leading law firm looked at the issue and concluded that capping liability would not protect against malpractice but increase the likelihood of fraud and mis-statements.

Glen De Valerio, the lawyer who drafted the paper, says that protection already exists in this area and that further safeguards are unnecessary. He argues that because audit firms are subject to numerous sources of litigation, from securities suits to criminal conviction, liability caps would offer little meaningful protection. The paper states that "imposing a cap on auditor liability simply will not protect audit firms from catastrophic liability. A cap may protect against one-time large damage awards, but will not protect against criminal prosecution, administrative civil penalties, or multiple damage awards or settlements obtained through multiple suits."