Let's pretend you're an alien who just landed on Earth and for some odd reason you decided accountants are the supreme beings of this planet, therefore you want to read all about them and clicked on over to Going Concern. "Audits?" you ask yourself. "What are those?"
Currently, audits are designed to provide reasonable assurance, which — for your alien brain — can be best explained as an awesome CYA (Cover Your Ass) which insulates the auditors from accusations of laziness while simultaneously offering confidence that the financial statements were, in fact, thoroughly audited and therefore can be relied upon.
Earthlings who do audits for a living know all of this is kind of a joke, as do those beings who make it their life's work to pick apart the audit industry and point and laugh when inevitable restatements occur.
Well, James P. Liddy, who is KPMG LLP U.S. Vice Chair, Audit and Regional Head of Audit, Americas (man, that's a mouthful) thinks auditors can do better:
Advances in technology and the massive proliferation of available information have created a new landscape for financial reporting. With investors now having access to a seemingly unlimited breadth and depth of information, the need has never been greater for the audit process to evolve by providing deeper and more relevant insights about an organization’s financial condition and performance –while maintaining and continually improving audit quality.
Does this mean that core elements of the audit such as the current “pass/fail opinion” that external auditors are mandated to provide – and that has served investors well for years, need to expand? Absolutely.
What are we talking about here, a terrorism threat level scale for audits? Clients pay a lot of money for that pass/fail, they aren't paying for a critique of their financial statements.
Today, in many cases we perform procedures over a relatively small sample of transactions – as few as 30 or 40 – and extrapolate conclusions across a much broader set of data. In the future, using high powered analytics, auditors will have the capacity to examine 100 percent of a client’s transactions. We will be able to sort, filter and analyze tens of thousands or millions of transactions to identify anomalies, making it easier to focus in on areas of potential concern and drill down on those items that may have the highest risks.
This will enable us more than ever before to help assess risks and identify trends through the audit process. With smart data, each year’s audit will also “learn” from prior years, exposing areas of possible risk and building a self-enriching knowledge base to better inform companies and their investors.
Considering the NSA can find out what I had for lunch yesterday, there's really no reason 100% testing can't be that far off. In fact, an astute GC commenter said as much the other day:
I think the day when we test 100% of transactions is not far off. It will be driven by the technology industry more than the accounting industry. When the time and cost of analyzing a terabyte of data drop to the optimal level, it will happen.
That comment was left on a post about audit partner naming, which leads us to wonder: who takes the blame if the audit goes wrong? Will the PCAOB require coders who write the software to test 100% of transactions to sign off on audits?
Back to Liddy's piece, which goes off the rails after the 100% testing suggestion. In the future, auditors might not only test 100% of transactions but factor in things like the weather and shitty traffic:
Future audits will also use advanced data and analytics capabilities to look beyond an organization’s walls and understand the impact of broader forces in ways we never could before.
For example, how do weather, traffic patterns, economic conditions, unemployment in select demographics, or other business elements affect the financial performance of a retail operation? Advances in data science allow us to integrate “unstructured” data from a wide variety of sources – from weather reports to unemployment filings to commodity prices – to gauge potential impacts on a company’s performance and its risk profile. And the ability to mine this data and incorporate it into the audit will provide for enhanced audit quality.
So wait a second… future audits will include forecasting now? I'm sure clients will loooove that information being slapped all over their SEC filings.
He wraps with a reminder that all that ticking and tying serves a greater purpose than simply providing your client with the legally required assurance they need from outside auditors to continue doing business:
It is clear that auditors must embrace this evolved approach to understanding an organization’s most critical information to ensure that all stakeholders in the capital market system continue to be well served by the audit profession. We must collectively strive to ensure that the audit remains an unambiguous pillar of confidence, and at the same time, provides greater value, relevance and utility around financial reporting analysis than has been seen before.
Good luck with that, guy.