SarbOx Doesn't Go Far Enough

Further rules are needed to counter auditors' natural bias in favor of their clients

By Don A. Moore

Whatever the verdict in the current trial of Enron Corp.'s two former top executives, key failures that cost investors and employees tens of billions of dollars are all but sure to happen again. The calamitous scandals at Enron and many other companies were possible only because of breaches in a bulwark of our free-market system: auditor independence. Unfortunately, the Sarbanes-Oxley Act, Congress' response to the scandals, largely overlooks the conflicts of interest that represent the greatest threat to auditor objectivity. Only a radical reorganization of the current system will eliminate this risk.

As Philip Tetlock, Lloyd Tanlu, Max Bazerman, and I point out in a recent article in the Academy of Management Review, Sarbanes-Oxley, for all its reputation as a hard-hitting law, fails to correct a crucial accounting system weakness: the potential for what we call "moral seduction" of outside auditors.

This corruption remains likely for several reasons. Executives still have too much control over hiring and firing auditors, which discourages accountants from filing critical reports. SarbOx puts only minimal restrictions on auditors' taking jobs with their clients, a prospect that inclines accountants to curry favor with potential employers. And the law still lets auditors provide some types of nonaudit services, including SarbOx compliance work, despite longtime Securities & Exchange Commission concerns that such services increase auditors' likelihood of yielding to client pressures on auditing issues.

The principal reason SarbOx leaves the door open to moral seduction is that it assumes the most common threat to auditor independence is intentionally corrupt behavior. But psychological research on conflicts of interest demonstrates that the real threat to impartiality is unconscious bias, not unlike attachments and loyalties pervasive in life. In one experiment, auditors were asked to evaluate a fictional company's accounting practices, and those who were told that they had been hired for the task by the company itself were far more lenient than auditors who were told they had been retained by a firm doing business with that company.

To see the real-world consequences here, just look at Enron. Its auditor, Arthur Andersen, came to identify so strongly with the client that its judgment was compromised, and the demise of one led to the demise of the other.

SarbOx was supposed to change all that. Yet the law leaves in place strong incentives for auditors to please clients even as it mandates complex new rules that are supposed to make corporate books more credible. The one that has received the most attention makes a company's chief executive and chief financial officers personally liable for inaccuracies in financial reporting. But while fear of lawsuits and prosecution may avert some intentional fraud at the top, it won't prevent unconscious bias -- or the skewed financial reports that result from it. That's why we need to change the system, not simply search for smoking guns and lock up guilty individuals.

Either of two alternatives would be superior to the present system. One would be a stiffer regulatory approach whereby the government requires that auditing firms perform audit services solely; be retained for a fixed period without the chance of being rehired; prohibit employees from taking jobs with clients; make independent assessments instead of just ratifying clients' accounting; and be hired by boards rather than company executives.

The second solution, relying on market principles, would require companies to buy financial-statement insurance, meaning their underwriters would hire auditors and be on the hook for any blowups. Premiums that insurers charged would publicly signal their confidence in the accuracy of the financial reports, just as higher interest rates on a company's bonds signal fears about its risk of default. This approach isn't too different from laws that force drivers to have auto insurance coverage that protects everyone else.

Despite objections that such reforms would be too costly, it is unlikely that either approach would greatly increase the tab for the average audit. But the larger point is this: Without independence, the outside auditor is redundant with a company's own internal accounting staff, and the benefit of having an auditor is of questionable value to begin with. Indeed, if it's not worth some cost to create independence, we need to question why we even have an auditing profession.

Views expressed in Outside Shot are solely those of contributors.

Don A. Moore is an associate professor at the Tepper School of Business at Carnegie Mellon University

    Before it's here, it's on the Bloomberg Terminal.