This image is the first one that popped up when searching “advice” on the stock photo site we use. Let’s just roll with it.
In the wake of Colorado firm and former Trump Media auditor BF Borgers being charged with “massive fraud” by the SEC in May, law firm Armstrong Teasdale has helpfully crafted some thought leadership aimed at those seeking audit services. The TLDR is don’t trust them, bro. The actual text can be found a few paragraphs down but first let’s catch you up on the story if you don’t know it.
Former Borgers clients were unceremoniously launched into the auditorless abyss by the quick shuttering of Borgers’ “sham audit mill” and there were so many of them that the SEC put out a notice aimed directly at these clients to remind them of all the stuff they are required to do upon finding out their auditor is trash. Losing your auditor at a time even larger audit firms are exiting the public company audit space completely is not a good time. Luckily for capital markets, most Borgers clients were small fry so their inconvenience didn’t exactly send 2008-level shockwaves through the economy.
But we aren’t talking small violations at Borgers here. It takes a lot to get “permanently closed” by regulators. Just look at Big 4 firms still happily chugging along despite racking up record fines over the years.
The lesson: Do your due diligence before choosing your audit firm, clients. Borgers’ reputation for shoddy drive-thru audits was known long before the SEC started typing out an order. Then again, maybe that’s why some clients chose them (not accusing anyone, just sayin’). Anyone seeking rubber stamp audits I guess can just ignore this advice and look for a firm that gets really pissed off at you if you start asking questions.
These are just a few basic questions Armstrong Teasdale encourages clients to ask potential auditors. Yes, it’s tedious. Yes, it’s a lot. Yes, they could still bullshit you.
- Basic Firm Information: What is the name and address of the firm, how long have they been in business, and how long have they been registered with the PCAOB? Are onsite client visits available? Does the firm have any references from its existing clients? Has the firm been involved in previous litigation brought by a client, and if so, how was it resolved?
- Organizational Information: What is the corporate structure of the firm? Are decisions made by a board of directors, officers or a management committee? Who conducts supervision over an audit engagement, and how is that review documented?
- Ownership and Leadership: Who are the individual owners, executives or managers of the audit firm? Do publicly available records reflect any risk concerns with respect to those individuals?
- Regulatory Oversight: Does the PCAOB have any records that reflect concerns with the firm? The PCAOB oversees audits of publicly traded companies and broker-dealers. The PCAOB inspects registered accounting firms, and portions of the inspection reports are publicly available. The registration application, annual reports and any disciplinary proceeding information are also available on PCAOB’s website. PCAOB status is also relevant to investment advisers in their SEC Rule 206(4)-2 obligations.
- Business Risks: Does the audit firm maintain written policies requiring it to comply with the PCAOB requirements? How often are those policies updated? Does it maintain audit documentation as required by PCAOB standards? Does it maintain an internal Code of Ethics, a business continuity plan or controls to maintain the privacy of client information?
- Audit Firm Engagement: Is the audit firm willing to respond to a due diligence questionnaire? Does the engagement letter with the auditor contain a limitation of liability in favor of the audit firm? Alternatively, does it provide that the audit firm will defend or indemnify the client against any losses caused by the audit firm’s services?
In recent years the PCAOB (that’s the Public Company Accounting Oversight Board for the plebs) has made it super easy to search inspection reports to dig up dirt on audit firms. It can be a little tough for people unfamiliar with the language of PCAOB inspection reports to parse what’s genuinely bad and what’s just PCAOB nitpicking but they do you a solid and put the deficiency rate for a particular year in the search results. Part I.A. Deficiencies are the bad ones on the PCAOB scale, “deficiencies that were of such significance that [the PCAOB believes] the firm, at the time it issued its audit report(s), had not obtained sufficient appropriate audit evidence to support its opinion(s) on the issuer’s financial statements and/or ICFR. 100% Part I.A. Deficiency Rate = couldn’t audit their way out of a paper bag. See:
A reasonable person could argue here (and probably will in the comments) that PCAOB deficiencies are often meaningless paper-pushing unless restatements and/or lawsuits get involved but let’s not confuse the clients OK?
For more tips on picking an auditor, see “Hiring a quality auditor: Your guide to the selection process” [PDF] from the AICPA.
“Just look at Big 4 firms still happily chugging along despite racking up record fines over the years.”
Apples and oranges. If my regional firm got caught gaming our peer review the way KPMG gamed their PCAOB inspection, we’d have been forced out of business in a week.
“Borgers’ reputation for shoddy drive-thru audits was known long before the SEC started typing out an order. Then again, maybe that’s why some clients chose them (not accusing anyone, just sayin’).”
If the author won’t say it, I will. Borgers’ reputation was the reason that ALL of their clients chose them. It is the reason that Trump’s company chose them. Borgers got complacent and cocky. They didn’t think they would ever get busted. If they had been more cautious, they wouldn’t have accepted Trump as a client. Having Trump as a client brings a lot of attention to yourself. If Trump weren’t a client, I think there’s a good chance Borgers would still be in business to this day. No one really cares about shoddy audit quality, as long as it doesn’t make it onto the CNN home page.