Too Big to Fail: Moral Hazard in Auditing and the Need to Restructure the Industry Before it Unravels
Lawrence A. Cunningham
George Washington University
Columbia Law Review, Vol. 106, 2006
Boston College Law School Research Paper No. 108
Large audit firms may believe that they are too big to fail. Arthur Andersen's 2002 criminal indictment reduced their number from five to four, and the government decided in 2005 to avoid indicting KPMG for crimes it admitted committing. If audit firms interpret the government's reluctance to indict as signaling aversion to tough action against them, moral hazard arises. This offsets auditing improvements mandated by the Sarbanes-Oxley Act of 2002 that are designed to strengthen auditors' reputations with managers for thoroughness and improve financial statement reliability. Neutralizing this moral hazard requires a credible alternative industry structure so that when a large audit firm faces failure from criminal or other malfeasance, it can be allowed to exit the industry without upsetting the financial system that auditing supports.
An alternative industry structure must make auditing at least as effective as it is under the current system and should provide enhancements wherever possible. Examples of enhancements include bolstering auditors' reputations for toughness with client managers and delivering more transparent information to external users of financial information. One way to restructure the industry along these lines is through mandatory financial statement insurance. Such insurance would make it clear that no audit firm is too big to fail, promote strategic detection and deterrence in auditing, produce publicly disclosed indices of financial statement reliability, and reduce barriers to entry that potential competitors to the four large firms currently face.
Number of Pages in PDF File: 68
Keywords: too big to fail, moral hazard, right-tail risk, auditing, insurance, industry unraveling, barriers to entry, industry concentration, catastrophic risk, complexity theory, audit risk model, reputation, internal control, gatekeeper, worst case scenario analysis, audit reports, liability insurance, fin
Date posted: September 6, 2006