The New Republic

Given the by now well-publicized lapses of its most notorious
client, it came as something of a surprise this month when Enron's
auditor, Arthur Andersen, passed its triennial peer review "without
qualification." A release on the company's website does note three
mysterious "issues" raised by the reviewing firm, fellow accounting
giant Deloitte %amp% Touche, but adds that they were "not deemed
significant enough to affect the opinion." The implication, as a
Washington Post article on the matter concluded, is that "the
investing public can have confidence in audits performed by
[Andersen]."A more precise parsing of Deloitte %amp% Touche's findings, however,
would be that investors can have confidence in Andersen's
audits--as long as they don't have the misfortune to have invested
in Enron, or any other company whose audits by Andersen proved
controversial. The reason is that when accounting firms review each
other's work, they generally exclude any audits where litigation
may be pending. (Such litigation is not uncommon: Over the last
five years Andersen alone has been sued for its handling of
inflated earnings at Waste Management, Inc. and Sunbeam Corp.) It's
as if a college student's grade point average were determined only
after excluding all the classes in which he'd done poorly.

Of course, any review of Andersen that excludes Enron--the largest
corporate meltdown in history--is for all intents and purposes
useless. So, days after the results were publicized, Charles
Bowsher, head of the Public Oversight Board, the organization
responsible for overseeing the accounting industry's peer-review
process, ordered that the issues highlighted by Enron's case be
examined retrospectively. But Bowsher's decision ultimately misses
the point. The real scandal of Andersen's peer review isn't that
Enron wasn't examined; it's that even if it had been, Andersen
would still have earned a passing grade.

When Congress passed the Securities Act of 1933 it decided--under
pressure from the major accounting firms--to forego active
regulation of the industry. Instead, it merely drew broad
guidelines and relied largely on the industry to apply them. But
the attempts at self-regulation produced one weak regime after
another: the American Institute of Certified Public Accountants'
(AICPA) Committee on Accounting Procedure in 1939; AICPAs
Accounting Principles Board in 1959; the Financial Accounting
Standards Board in 1973. None reduced accounting fraud to an
acceptable level.

So in the late 1970s the major accounting firms made a final effort
to stave off real government oversight, proposing a system of peer
review in which each firm would have its audits scrutinized by
another firm once every three years. The process is supposed to
ensure that a given accounting firm has appropriate quality-control
procedures in place--everything from how it selects employees for a
given assignment to how it attracts and retains clients--and that
it adheres to those procedures when conducting its audits. For
instance, "they might try to find examples where one of the
managers on the audit had a disagreement with management, brought
it to a partner, and see how it was handled," explains University
of Chicago accounting professor Roman Weil.

Overall, the triennial review must examine enough cases to cover
between 3 percent and 6 percent of a Big Five firm's total audit
hours over the previous year. (Amazingly, the two years prior are
off-limits.) And though within that range the peer reviewer has
broad discretion over which audits to examine, there are certain
categories of audits that must be included: an audit that involved
several of a firm's different offices; an audit of a public entity
like a municipal government; an audit of a company's
employee-benefits plan.

What the peer review doesn't include is anything that might
ordinarily be thought of as a reasonable fail-safe: say, picking an
audit at random, reworking the numbers from scratch, and seeing if
those numbers jibe with the original audit. "They're not tracing
transactions," Weil concedes. On the rare occasion that a
peer-review auditor actually does examine another auditor's
paperwork, the point is not to do a so-called reaudit, but simply to
make sure that the numbers documented by the original auditor look
plausible. The problem with this is that accounting is notoriously
dependent on judgment calls--what future economic benefits are
likely to be derived from a given asset, whether losses can be
characterized as one-time or recurring, etc. Since the logic behind
these judgment calls never actually makes it into the final
documentation, there's no way for a reviewer to gauge their
soundness. "All that they're looking at is whatever the people that
did the audit happened to record," explains Douglas Carmichael, a
former vice president of AICPA (the industry's standard-setting
body) and an accounting professor at Baruch College. Worse,
Carmichael points out, even when a reviewer has reason to suspect
that the original auditor failed to scrutinize something, the
original auditor can always claim that he or she applied the
necessary scrutiny and plead guilty to the relatively minor offense
of "failing to document."

In fact, these are exactly the sort of problems that arose prior to
Arthur Andersen's last peer review. In 1997 Andersen had discerned
that Enron's stated earnings of $105 million actually looked more
like $54 million when accounted for properly. But when it pointed
this out to Enron's financial officers, they protested that the
error was less than 8 percent of normalized income--that is, income
averaged over several preceding years--and was therefore acceptable
under a widely invoked "materiality" provision. (The idea is that
auditors are not responsible for errors so small they might
plausibly fall below their radar screen.) Andersen relented and
signed off on the original $105 million figure. When Deloitte %amp%
Touche completed its peer review the following year, it would have
had no way of exposing this bit of sophistry, assuming it even
examined the Enron audit. Without being privy to the logic behind
the decision, "the peer reviewer [would not have been] in a
position to challenge the judgment the auditor applied," complains
one former Securities Exchange Commission (SEC) official. Not
surprisingly, Deloitte %amp% Touche obliged with a passing grade.

Since then, we now know, Enron's accounting has gotten progressively
shadier. For example, the company created dozens of special
partnerships specifically to hide hundreds of millions of dollars
in debt from investors and credit- rating agencies. And Andersen's
auditing, it seems, has deteriorated as well. Last Thursday the
company admitted it had destroyed numerous documents relating to
Enron, some of which may well have disclosed this shell game.
Ironically, part of what a peer reviewer is supposed to do is
determine whether a firm's documentation policies make sense. But
since a peer reviewer only actually looks at existing documents
(rather than, say, generating his own documents for comparison),
beyond very obvious omissions it's difficult to determine what
kinds of documents a firm might have thrown away. Indeed, says the
former SEC official, there's little reason to expect that Deloitte
%amp% Touche would have suspected any improper document shredding
at Andersen--let alone looked into what the shredded documents
contained--even if it had examined the Enron audit. Thanks to
Enron's spectacular collapse, this task will now fall to Congress,
the Justice Department, and the SEC.

Enron is an egregious case, but it's less an anomaly than an extreme
example of the efforts at "earnings management" that have become
quite common in corporate America in recent years. During the 1990s
Wall Street grew so fixated on analysts' quarterly-earnings
expectations that failing to meet them by even a single penny per
share could send a company's stock price tumbling. So, rather than
disappoint the market, companies took to fudging their numbers.
Some tried Enron's materiality gambit, albeit in less brazen ways.
Others tried what's known as "revenue recognition," whereby a
company records sales in one quarter even though it won't actually
receive payment until the next. (The recently humbled Microstrategy
made this particular "microstrategy" famous.) But perhaps the most
widespread approach was what's known as "big bath accounting."
That's when a corporation inflates profits by writing off years of
future expenses as a one-time "restructuring cost."

Of course, once everyone realized that so many companies were
bending the rules to meet expectations, it became all the more
damning to fail to meet them. As one stockbroker told the Harvard
Business Review last year, "Things must be pretty bad if Cisco
can't manage to come up with one lousy penny." Companies that still
fell short of expectations were punished even more severely,
raising the stakes even higher and encouraging companies to bend
the rules still further. This vicious cycle had accelerated so much
that, according to a recent study by the Levy Institute Forecasting
Center, an economic research and consulting group, corporate
earnings for the S&P 500 may have been inflated by as much as 20
percent at the height of the boom.

For their part, the Big Five auditors were loath to blow the
whistle. After all, over the last two decades the big accounting
firms have taken to viewing their auditing services as "loss
leaders" that get them in the door, at which point they can sell
their clients far more lucrative consulting services. But with big
consulting contracts on the line, it isn't exactly in an auditor's
interest to begin questioning his client's math. That left peer
review as the only line of defense.

As the lax standards of the peer-review regime demonstrate, the
system wasn't designed to catch any of this. But even if it had
been--and there are reports that the SEC is negotiating with the
industry over a tough, new selfregulatory body--the Big Five
accounting firms would probably have been no more inclined to
expose one another than they were to expose companies like Enron.
Part of the reason, no doubt, is the sense that one hand washes the
other. If Deloitte %amp% Touche lets Andersen off easy, presumably
Andersen will be inclined to do the same when it comes time to
conduct its own review. But it goes deeper than that. Indeed, over
the years the Big Five firms--down from the Big Eight as recently
as 1989, and the Big Six as recently as 1997, as the result of
mergers--have often behaved less like competitors than corporate
partners. Among other things, they all belong to the same insurance
pool. That means any time one of them has to cough up a wad of cash
to settle a potential fraud case, it raises the insurance premiums
for the other four. With that kind of incentive why would any of
them ever rat on the other?

To make things even cozier, the Big Five firms have created a
network of extremely close relationships between their in-house
lawyers. According to an October 2000 BusinessWeek article, the
general counsels of the Big Five accounting firms meet in New York
once every six weeks to talk shop over lunch. Among the topics of
conversation? How best to avoid audits that might require one firm
to cast doubt on the work of another. This arrangement paid off for
Deloitte %amp% Touche in 1991. That year a little-known New Jersey
thrift named Fidelity Mutual Savings and Loan Association
discovered that one of its vice presidents had spent the previous
16 years defrauding it to the tune of $6 million. Confused at how
this minor detail escaped its auditor's attention, Fidelity hired
rival firm KPMG to investigate. Roger Ham, the lead investigator,
concluded that the scam was only possible because of numerous
failings on the part of Deloitte %amp% Touche. Indeed, his initial
report used some form of the word "failure" no fewer than ten
times. But rather than accept that judgment, Deloitte's general
counsel (again, according to BusinessWeek) simply picked up the
phone and called his counterpart at KPMG. The final "revised"
report contained not a single mention of "failure."

With this kind of chumminess, it's no mystery why no major
accounting firm has ever received a failing peer-review grade. And
even when a review, like Andersen's this year, contains
qualifications, they're usually quickly forgotten: As soon as the
next triennial review is completed, the previous one is removed
from public display. When I called AICPA to get a copy of
Andersen's 1998 peer review, a spokesman there told me, "We shred
'em, get rid of 'em" once the new one is done. Sounds like a pretty
good suggestion for the entire peer-review process.

share this article on facebook or twitter print this article