Watching the Watcher
One of the primary reasons for auditors’ existence is to identify financial mismanagement and fraud. Auditors who fail in their duties of diligence and objectivity can become enablers of the very individuals and institutions they are meant to investigate. In response to the financial crisis a decade ago, the Securities and Exchange Commission (SEC) enacted regulatory reforms, including creating new regulations on auditors and broker-dealers; however, questions remain about the efficacy and impact of these new rules. Research by Dr. Nate Cannon, associate professor of accounting and recipient of a 2020 Research Enhancement Program grant, is helping the SEC and other agencies refine their approach to prevent another financial industry crisis.
Cannon worked for KPMG as a Certified Public Accountant (CPA), auditing banks and other businesses, until he began his Ph.D. in 2009. That same year, the world’s most infamous broker-dealer, Bernie Madoff, pleaded guilty to 11 federal felonies for committing one of the most massive financial frauds in United States history. Prosecutors valued the fraud of Madoff’s Ponzi scheme at $64.8 billion. Cannon explains that Madoff was running “one of the largest broker-dealers in the world and it turns out that it was audited by a one-man CPA firm operating out of a strip mall in upstate New York. You don’t need to be an expert in this area to know that’s not right. He was rubber-stamping the audit and collecting the money.” Madoff and his CPA got away with it for decades because broker-dealer auditors, at that time, had relatively little regulatory supervision. This “horrifying lack of oversight” motivated Cannon’s interest in auditing auditors.
As a result of the Madoff scheme, and other financial industry calamities around that time, Congress passed major federal legislation (including the Dodd-Frank Act) that significantly changed the way U.S. financial markets are regulated. In the wake of those reforms, from Cannon’s perspective, “The natural question was ‘Did it work?’” That question is salient in part due to repeated and ongoing efforts to roll back the legislation. Cannon says, “Some of the value of our research is to say which pieces are working, because if we can put a stake in the ground and say we’ve looked at this robustly, and we can show that it’s working,” it will be easier for policymakers to prevent overbroad repeal. Conversely, excessive and ineffective regulations are burdensome for small businesses; Cannon notes that within one year of the new rules requiring federal registration and additional monitoring of auditors, the number of broker-dealer auditing firms dropped by almost half, from more than 1,600 to less than 900. Cannon’s goal, therefore, is to conduct research that informs which regulations are working and which aren’t.
In the last few years, Cannon has published papers in several top journals, including The Accounting Review, Contemporary Accounting Research and Accounting Horizons. Additionally, Cannon and his coauthors have had the opportunity to travel to D.C. to meet and share their results with the SEC and PCAOB (the Public Company Accounting Oversight Board, which Cannon refers to as “the auditors’ auditor”). The PCAOB has cited Cannon’s research to support important regulatory reforms in recent years.
The interest in Cannon’s research, by both journals and policymakers, results in part from his innovative research strategy, which has produced unexpected results. His extremely labor-intensive methodology — which for one project took eight years and over 20 graduate assistants to complete — involved hand-coding individual audit reports published publicly by the SEC against records from the FINRA (Financial Industry Regulatory Authority) database of malfeasance by broker-dealer firms. If FINRA documents a finding of wrongdoing by a company, but an audit of that company in the previous two years failed to identify a problem, that indicates low audit quality.
The results of Cannon’s research justify his methodology. One unexpected finding is that in the wake of regulations, audit quality for larger auditing firms improved, while smaller auditors got worse, presumably due to their limited resources and lack of experience in dealing with the additional regulatory compliance. This complements similar results from the PCAOB’s own auditor inspections. In reviewing the PCAOB’s interim inspections of audit reports dating back to 2011, Cannon noted that the results were “atrocious.” Specifically, “In the first two or three years, literally 100% of the audits were deficient.” He adds, with a wry laugh, “They’ve since improved. Now they’re in the low 90% to high 80% range.”
Rather than prescribing any particular solution, Cannon’s goal is to dig deep into the data and “paint the picture, to get information into the hands of people making decisions so they can be more informed in their decision-making and standards-setting in legislation.” The financial industry is uniquely difficult to regulate because it is so complex and adaptive, but Cannon’s research is an important tool in the toolbox of regulators aiming to prevent the next major financial fraud.