Auditors liability conundrum
The need for auditor liability limitation in the UK.
The position for auditors on limitation of liability used to be very simple: UK company law did not allow it. The principle behind this prohibition was, presumably, that as in other walks of life, auditors should be held liable for the consequences of their own actions. A perfectly laudable principle and one which the Institute subscribes to. Unfortunately, a combination of factors meant that in the audit market, this is not what was actually happening. First, a tendency to sue based on perceived ability to pay rather than degree of fault, has spread across the Atlantic. Second, auditors are required to have professional indemnity insurance when others involved in the financial reporting process are not. Third, the principle of joint and several liability entrenched in UK law allows someone who is only partly responsible for a loss to be pursued for the whole loss if other parties cannot pay.
Consider a possible scenario: there has been a fraud, lots of people have been sued and the case has gone to court. The court has found: an employee say 80% responsible, on the sensible grounds that he actually perpetrated the fraud; a software company 10% responsible because a control supposedly in place did not work; and the auditors 10% responsible for failing to spot the fraud after the event. Quite probably the employee has few assets and the software company has gone out of business, so the auditors are presented with the bill for 100% of the damages. The auditors have been held liable not only for the consequences of their own actions, but those of everyone else too.
Leaving aside the fairness or otherwise of this, there are practical consequences: everyone ends up paying for the actions of a few, through insurance premiums and audit fees; and, particularly at the larger end of the market, it has become impossible to get enough insurance to cover the size of claims flying around. There is the real possibility of a joint-and-several claim taking auditors out of the market completely, making the existing lack of choice in some areas even more of an issue and deterring others from entering that market.
For these reasons, the Institute has long held reasonable liability limitation to be in the best interests of efficient markets, shareholders and companies, as well as auditors
Change in the law to permit LLAs
The Institute has been advocating proportional liability limitation (where the parties, including the auditors, are held liable for their own contribution to the damages, but not for that of other people, if those people cannot pay). The then Department of Trade and Industry (DTI) published a consultation on the Company Law Review in 2005, which gave an undertaking to take proportionality by contract forward. The Institute’s June 2005 response encouraged this while raising a number of specific implementation issues. These were followed up by a series of submissions to and meetings with, DTI staff since then.
As a result, the Companies Act 2006 introduced provisions (Sections 532 to 538: available on the Office of Public Sector Information website) permitting limitation of auditor liability by contract. These Limited Liability Agreements, or LLAs, are concluded between the auditor and the company and are permitted from 6 April 2008.
What is now allowed
Unlike the position in, say, Germany, liability limitation is not being imposed by-law: merely permitted. The default position is that liability is unlimited unless a valid LLA is included in the terms of engagement.
Any terms in an LLA are subject to:
a) shareholder approval annually; and
b) the courts considering that the terms are ‘fair and reasonable in all the circumstances of the case’.
These are sensible safeguards as no-one is trying to remove liability completely. However they inevitably lead to complications.
First, the shareholder approval requirement has raised concerns in some quarters as to what rationale directors can use to allow them to recommend LLAs to their shareholders for approval.
Additionally, as so often with legislation, the 'fair and reasonable' requirement is rather less straightforward than it might have been. Although we had campaigned for proportionality and the government had made statements saying that this was what they envisaged, the legislation is drafted to allow any means of limitation to be included in an LLA, examples being proportionality, a fixed monetary cap, or a cap linked to, say, a multiple of audit fees. However, any LLA is subject to challenge in the courts and if the courts consider the terms not to be ‘fair and reasonable in all the circumstances of the case’, they can substitute alternative terms.
So, the solution has generated as many questions as it answered.
Guidance on implementing LLAs (or, ‘the solution to the solution’)
The answers can be found in two documents. The first is a something which we and others asked the Financial Reporting Council to produce, unimaginatively but efficiently called Guidance on Auditor Liability Limitation Agreements. This is aimed at company directors and is available from the FRC's website. It seeks to address a number of issues by:
- summarising what the law now permits and requires in respect of LLAs;
- explaining what matters an LLA should cover;
- providing specimen clauses for various types of LLA (including, inter alia, proportionality and a monetary cap);
- noting the views of a number of institutional shareholders, who have indicated that they would be likely to oppose types of LLA other than proportionality (see separate section);
- explaining the process to be followed for obtaining shareholder approval, including specimen wording for resolutions and the notice of the general meeting; and
- setting out some of the factors that will be relevant when assessing the case for an LLA.
As regards the last point above, a number of comments are spread around the guidance:
- a reference in the Introduction to the impact on audit market concentration;
- comment in Section 1 on the problems caused by joint and several liability and why the government’s Company Law Reform project supported removal of the prohibition; and
- in Section 3, examples of reasons why companies might conclude it appropriate to enter into an LLA .
The second helpful document is a legal opinion obtained by the Institute. This principally addresses a concern that directors recommending LLAs to shareholders might face increased liability themselves as they could be in breach of their fiduciary duty to act in the interests of the shareholders. The opinion, available from the Institute’s website (under Technical, Audit) confirms that this is not an issue, provided the directors lay before the members the information they need to make an informed decision. The fact that an LLA works in favour of the auditor does not mean that concluding an LLA works against directors’ duties: it is commonplace for companies to accept contractual terms of this kind as part of doing business.
The opinion also highlights that there is no problem with ‘going first’ and goes on to discuss in a little more detail some of the points set out in section 3 of the FRC guidance: matters the directors would be expected to consider. These include the fairness of the LLA, the availability of other terms elsewhere, and the undesirability of changing auditors too often.
Since they are voluntary under UK law, LLAs will stand or fall on shareholders’ willingness to approval them. The big question is: will they do so?
The Institutional Shareholders’ Committee (ISC), which comprises the UK’s most powerful investor groups, issued a statement on auditor LLAs on June 30 – the same day that the FRC issued its guidance.
“This statement gives a very strong steer that the only basis of liability limitation which is acceptable to institutional shareholders is the proportionate approach,” says Michael McKersie, assistant director, capital markets at the Association of British Insurers (ABI), an ISC member. “In particular, the statement makes it clear that the idea of a monetary cap on liability is not acceptable.”
ISC members are also keen to emphasize that it is up to company directors to reach their own conclusions as to whether an LLA is appropriate for their particular company. “Our position is that a proportionate approach to liability limitation should be given a fair wind by shareholders if directors feel that it is the right thing to do,” McKersie says.
David Paterson, head of corporate governance at the National Association of Pension Funds (NAPF), another ISC member, adds that shareholders will also be looking for comfort that any LLA preserves and enhances audit quality. “I would encourage companies to speak to shareholders as early as possible,” he adds. “After all, this is new territory for all of us.”
What happens next?
Because the main problem is seen as being caused by the size of potential claims from large multi-national, it is generally thought that LLAs will start with listed company audit engagements. However there is no reason why they should do. The core issues of reducing audit competition are the same throughout the audit market: the rise in audit thresholds is leading to a steady decline in the number of registered auditors, which in some areas will end up being spread far apart. Accordingly LLAs are likely to become standards terms of engagement for all company audits in due course.
So, if you are an auditor, you need to read the guidance, read the legal opinion and start talking to your clients about why there should be an LLA in place. If you are an auditee, expect your auditor to talk to you, so read the guidance and the opinion in preparation.
Implemented fairly and transparently, LLAs should lead in the long term to more audit competition and less use of auditors and their fees as a money bucket of first resort. This has to be in the best interests of everyone, except possibly lawyers on percentage fees.
Auditor criminal offences
In tandem with liability reform, the Act also introduces a new criminal offence of ‘knowingly or recklessly’ giving a misleading audit opinion (Sections 507 to 509: also available on the Office of Public Sector Information website). Again, the Institute made a number of representations on this matter (including in the June 2005 response referred to above), in particular expressing concern that in attempting to catch those actions or omissions that the law is properly intended to penalise, others of more innocent or unwitting intent will also be swept up, or at least auditors will perceive that they may be. The government has made a number of helpful ministerial statements in this respect and has agreed to prepare guidance to prosecutors clarifying that this is not the intent. We have had further meetings with the government on this and are awaiting the finalisation of this guidance.
Again, the new offences (section 507) applies from 6 April 2008. The Department for Business, Enterprise and Regulatory Reform ‘frequently asked questions’ clarify that this means that it “applies to audit reports on accounts for financial years starting on or after 6 April.”
The European Commission issued, on 6 April 2008, a Recommendation encouraging member states to limit auditor liability in order to encourage competition in the market for listed entity audits. It does not specify how this should be done, though a liability cap, proportional liability and contractual limitation are mentioned. It does suggest three principles should be followed:
- limitation should not apply in cases of intentional misconduct by the auditor
- limitation should extend to third parties; and
- there should be a right to fair compensation.
The Institute welcomed the Commission’s initiative as we have long argued that while it is fair and reasonable for auditors to be held liable for their own actions, they should not be liable for the consequences of other people’s actions. The Commission’s Recommendation recognises the different legal regimes in Europe can not result in a ‘one size fits all’ approach. However, it extends only to listed entity audits however, whereas we believe that, as it does in the UK, the principle should apply to all audits.
The Recommendation is available from the EU website.
The current position in Europe varies. In Germany, for example, there is a statutory caps of a fixed monetary amount, though these caps do not apply for deliberate breaches of duty. In France, by contrast, the auditor's duty arises in tort and cannot be limited by contract or otherwise.
Australia has also been reforming its rules about the liability of auditors (and other professionals). The first reform was the 2004 introduction of proportionate liability for all claims for economic loss. This removed joint and several liability. Individual states are also introducing schemes that cap auditors' and other professionals' liability. These schemes will operate in addition to the proportionate liability regime and in conjunction with For example, New South Wales has introduced a scheme for auditors that caps their liability at 10 times the audit fee for substantial audits, subject to a maximum of A$20m (£8m).
In the US, auditors cannot limit liability for their own negligence and, in the wake of corporate collapses and the introduction of the Sarbanes-Oxley Act, reform of auditors' liability was not on the agenda for some time. However, a US Treasury Committee has looked at the issue (without coming to any real conclusion) but discussions are taking place between UK authorities and the SEC about the latter accepting UK LLAs.
Revised and extended version of an article in Accountancy, August 2008.