The auditors’ regulator must be held to account
It might surprise South Africans that there is a statutory regulator that almost certainly could have put a stop to the rampant corruption in South Africa. The regulator oversees the last line of defence against corporate malfeasance – the auditors.
The regulator is the Independent Regulatory Board for Auditors (IRBA), the statutory body reporting to Treasury, established in terms of the Auditing Profession Act, Act 26 of 2005.
South Africans might be forgiven for scoffing at the role the IRBA explains on its website: “The function of the IRBA is to help create an ethical, value-driven financial sector that encourages investment, creates confidence in the financial markets and promotes sound practices.”
Audit failures in South Africa have come at great public cost. And the cost is climbing, from losses in jobs to pension funds. Deloitte’s conduct at Steinhoff and Tongaat Hulett are recent examples, but who can forget auditors’ involvement in Eskom, VBS and African Bank. Perhaps the costliest audit failures were KMPG SARS’ Rogue Unit report, which some argue brought SARS to its knees, and PwC, auditor for the Eskom Pension and Provident Fund.
Despite all these spectacular failures, not not one of these audit firms has been held to account for negligence or possible complicity.
The SA Institute of Chartered Accountants (Saica) patted itself on the back for withdrawing former Eskom CFO Anoj Singh’s membership despite him having withdrawn his membership in 2018 – then launched a public relations blitz in an apparent bid to plaster over the industry’s reputation.
Open Secrets, which exposes and builds accountability for private-sector economic crimes, has asked regulators and policymakers to hold these bean counters to account. Yet only a small handful of industry professionals have faced sanction.
Deloitte is fighting IRBA to have 10 charges quashed against its audit partner and now Deputy CEO for Africa Mgcinisihlalo Jordan for signing off financials before the demise of African Bank, which IRBA contends breached intentional auditing standards.
Those auditors who signed off on audit reports in companies like VBS or Steinhoff remain almost as anonymous as the IRBA, judging by its light caseload.
Corruption and company failures – a national sport in South Africa – would be hard to get away with if auditors did their jobs or weren’t in some way wilfully complicit.
In the Three Lines of Defence risk governance framework, auditing and independent assurance are the final line of defence. In the private sector auditors must ensure a company is not overstating assets and revenue and hiding losses. In the public sector the primary role is ensuring compliance with the Public Finance and Management Act, ensuring procedures and governance structures are working and procurement deals are above board.
Three critical question come to mind: If auditors are executing their functions, why is corruption so pervasive in South Africa across every community, income group and race?
Why are judicial commissions of inquiry and criminal investigations stopping short of publicly investigating and punishing auditors and why are they only seeming to act in high profile cases?
What is the role of the IRBA and how is the industry audited?
IRBA must be probed as to how it conducts quality assurance and chooses which companies to audit and for what. DM168