MAX PLANCK INSTITUTE FOR COMPARATIVE AND PRIVATE INTERNATIONAL LAW DIRECTORS: PROF. DR. DR. H.C. J. BASEDOW. PROF. DR. DR. DR. H.C. MULT. K.J. HOPT PROF. DR. DR. H.C. MULT. R. ZIMMERMANN FBA FRSE MAX PLANCK INSTITUTE WORKING GROUP * AUDITOR S LIABILITY AND ITS IMPACT ON THE EUROPEAN FINANCIAL MARKETS Comments on the European Commission Staff Working Paper: Auditor s Liability and its Impact on the European Financial Markets The Group proposes: Group Proposal (Option 4.2) 1. The company and its auditor may limit the amount of liability of the auditor in respect of any negligence occurring in the course of the audit provided the agreement is approved by the general meeting of the audited company. Liability can only be limited to a fair and reasonable amount. A European framework should provide a set of basic criteria as to define what is fair and reasonable including the sum of fees paid to the auditor or the size of the company. 2. The court which decides on a damage claim against the auditor declares the agreement void if the amount of liability significantly deviates from what would be fair and reasonable. In the assessment of the validity of the agreement, the court shall take into account the European framework basic criteria to be considered by the parties and additional factors such as auditor independence and the applicability of institutional and individual insurance deductibles. We believe that option 4.2 modified according to our proposal is superior to options 3, 2, 1 and 4.1, in this order. A limitation of liability according to option 3 would need to be based on all fees paid to the auditor by the audited company including consultancy fees. * Walter Doralt, Alexander Hellgardt, Klaus J. Hopt, Patrick C. Leyens, Markus Roth and Reinhard Zimmermann. Max Planck Institute for Comparative and Private International Law. Mittelweg 187. 20148 Hamburg. Germany Tel. +49-(0)40-41 900-0. Internet: www.mpipriv.de
General remarks Statutory auditors, as gatekeepers, are key players for European financial markets. The collapse of Arthur Anderson in the aftermath of the scandal involving U.S. energy provider Enron led to a highly concentrated market for corporate auditing. It is taken for granted that only the big four and a small number of the second tier sized auditing firms have the ability to audit heavily capitalised stock corporations. As pointed out by the U.S.-American Interim Report of the Committee on Capital Markets Regulation, a collapse of another big auditing firm could lead to a severe lack in the availability of auditing services in the market. The U.S.-report recommends protecting auditing firms from catastrophic losses. Regulatory options could be a safeguard for certain defined auditing practices as well as a cap on auditor liability in specified circumstances. Financial scandals such as Enron s globally have lead to higher corporate governance and auditing standards. The far reaching documentation duties under the U.S. Sarbanes-Oxley Act, however, are widely regarded as a cost-intensive and inefficient measure for restoring confidence in financial markets. According to the Study on the Economic Impact of Auditors Liability Regimes by London Economics and according to the Interim Report of the Committee on Capital Markets Regulation, important reasons for relaxing auditor liability are the rising costs of audits due to liability risks as well as the dangers of defensive auditing for the explanatory power of the audit report. From the perspective of general liability laws a protection of auditors from catastrophic losses is an unequal treatment of auditors compared to other professions. Therefore not every form of liability limitation will be justifiable. It is clear, that a liability limitation can only apply to negligence and not to intent. However, it is not clear whether a liability cap is meant to apply only for claims of the audited company or also for direct claims of shareholders or creditors of the company. The possible basis for damage claims by the company can be identified relatively clearly. Losses can, for example, result from disproportionate dividends to shareholders, increased credit costs, higher tax charges, unjustified bonuses for employees, or disproportionate dividends to shareholders. Particularly intentional misstatements by the management over a considerably long period can lead to incalculably high damage claims. From a wider perspective the impact of limited auditor liability on the European capital markets will only be fully comprehensible if the extent of third party liability, i.e. direct damage claims of shareholders is taken into account. Where national law provides for direct actions of third parties catastrophic losses can occur even without such intentional misconduct by management. This is true for the losses incurred by a very high number of existing or former shareholders as a consequence of an overoptimistic share price and also for those losses incurred by creditors in a situation where the auditor did not detect an insolvency risk of the company. The laws of the Member States differ strongly on the point of direct actions by shareholders or other interested parties and also on the effectiveness of contractual liability caps for such claims. From our perspective it is important that the Commission includes these issues in its considerations. Due attention must be paid to the effects of limiting liability claims both of the company and of third parties. For future developments in Europe the Commission might want to consider whether a minimum harmonisation of auditor liability, including third party liability, would be a useful tool for the furtherance of the integrated internal market. 2
Question 1: Do you agree with the analysis of the option of fixing a single monetary cap at EU level? A single monetary cap at a European level is not appropriate. At least in Germany and in Austria, where such limits to liability exist, the caps have been subject to controversy. Largely, the cap is seen as being inconsistent with fundamental principles of civil liability. In Germany and Austria the existence of the cap can be explained with reference to a specific historic background that led to the introduction of mandatory statutory audits in the 1930s. The profession was entirely new and only few people had the necessary capacities for performing the new task. Caps were introduced at a low level to facilitate entry into the profession. In Germany the caps of 1 Mio (and 4 Mio for listed companies) can only be regarded as an excessive reduction of the liability risks. They are by far too low for the audits of heavily capitalised companies. This appears to be a reason why the German Federal Supreme Court in Civil Matters has not applied by analogy the statutory liability caps to cases of general civil liability for auditor negligence. In Austria the caps take into account the size of the audited company. But even these caps are by far too low for many auditing situations. One further complication is that at least in Austria the Supreme Court in Civil Matters has ruled that losses by third parties and creditors are in principle recoverable through a direct claim. Yet, it is unclear whether the liability cap applies separately to each claim, or once to the sum of all third party claims and once to the company s claims, or only once to all claims taken together. This question needs to be dealt with if a cap were to be introduced on a European level. Question 2: Would a cap based on the size of the listed company, as measured by its market capitalisation be appropriate? A cap based on the size of the listed company as measured by its market capitalisation is not appropriate. Taking into account the size of the audited company for the extent of liability clearly is preferable to a fixed one size fits all cap, as the size of the company can be seen as a proxy of the risks involved. Market capitalisation, however, is an unsuitable benchmark. First, it would lead to a split system between listed and non-listed companies. Second, market capitalisation can be highly volatile. Third, it appears too imprecise as a risk proxy. It ignores relevant factors such as the specific risks of the industry in which the company operates, the company s state of affairs (start up, growth company or a company facing insolvency), the duties taken on by the auditor and his degree of fault, and, not least, the risks for third parties when the audited company is close to insolvency and therefore has a low market capitalisation. The Austrian cap bases the amount of liability on the size of the company (defined by a combination of the balance sheet total, gross revenues and number of employees) and thus provides a more precise instrument than market capitalisation alone. However, an unresolved issue still is how third party claims should be dealt with if such a cap were to be introduced on a European level. 3
Question 3: Would a cap based on the audit fees charged to the company be appropriate? Basing liability on the auditor s fees is not appropriate. That instrument would help to establish a correlation between revenues and risks incurred by the auditor. From the perspective of the compensatory function of liability, the limit would have to be set at a sufficiently high level. Hence, a multiple of the auditor s revenues providing considerable liability sums would be necessary. However, current business practices exclude this option. Almost all auditors agree that the auditing fees are often kept artificially low as they are used as a door opener for the more attractive consulting business. In the light of this practice it is apparent that auditing fees alone do not provide a meaningful benchmark on which to base auditor liability. It has already been laid down in Article 25 (a) of the Directive 2006/43/EC that fees for statutory audits shall not be influenced or determined by the provision of additional services to the audited entity. If liability were to be limited by option 3, it would therefore need to be based on a multiple of all fees the auditor or his affiliates received from the client including consultancy fees. The multiple will have to be set at a level that has due regard to the risk exposure of the company and to the compensatory function of auditor liability. A multiple of 20 has been discussed amongst economists with regard to optimal deterrence levels. With a view to the compensatory function of liability a multiple of 20 appears to be a minimum level. Question 4: Do you agree with the analysis of the option of introduction of the principle of proportionate liability? What are your views on the two ways in which proportionate liability might be introduced? In our view the second option (below, 4.2.) allowing the company and the auditor to limit liability contractually is the most appropriate solution (see group proposal above). Modern rules on auditor liability must provide for a significant level of loss compensation and deterrence but should also preserve the incentives of the professionals to perform a meaningful and cost effective audit. As a core principle, the liability risks should be assessable in advance for the auditor. This is essential for cost efficient insurance and thus for keeping the additional costs imposed by liability risks low. 4.0: Proportionate liability Proportionate liability understood as a rule that limits the total amount of liability to the fraction of the loss that can be attributed to the auditor thus exempting him from joint and several liability for the total loss is not appropriate. To our knowledge under the laws of the Member States the auditor is only held liable for breaches of his duties. In essence, his duties are to audit the annual report and to detect possible misstatements, even intentional ones. The core function of the audit thus is to strengthen market confidence in the accurateness of the annual report. It would be incompatible with this function if the auditor could reduce his liability on the assertion of misconduct by others. 4
4.1: Liability based on the degree of fault The first option for proportionate liability based on the degree of fault is not appropriate. Under the laws of some member states the extent of liability is determined according to a distinction between cases of simple and gross negligence. Arguably, the evolution of ex post judicial decision making can lead to a sufficient degree of ex ante certainty in drawing the line between simple and gross negligence. For a European rule on auditor liability, however, the degree of fault alone proves insufficient because it does not allow an ex ante determination of the total amount of liability. 4.2: Liability levels subject to contractual agreement The second option leaves the liability levels to the agreement of the parties and is in our view superior to all other options proposed for discussion. The possibility of a contractual agreement to limit liability is a core aspect of party autonomy. It is duly recognized under the laws of the Member States. The solution is superior to a statutory liability cap because it allows the parties involved to set the level of liability according to the specific risk situation of the company. The auditor will pass on the costs for his professional insurance to his client and a higher limit of liability will translate into higher costs. The audited company will, in this case, not only decide on the limitation of liability but at the same time on the related costs. That is appropriate because from a liability law perspective the company serves as a proxy for the shareholders who are the ultimate risk bearers. We propose that an agreement between the company and the auditor capping liability is valid only if approved by the general meeting of the company. Shareholders are the ultimate risk bearers and therefore should decide on the liability level thus executing ex ante control on reasonability and fairness of the liability amounts. This has recently become the position under English law. Furthermore in a number of Member States the general meeting is already responsible for the appointment of the auditor. The decision on limiting auditor liability should be excluded from delegation to management because there is a grave danger of conflicts of interests for the management of the company and the auditor. A European regulatory instrument should provide a European framework of basic criteria for the company and its auditor to take into consideration when entering such a contractual limitation of liability. Possible criteria are the degree of fault of the auditor, the amount of his fees including consultancy fees, the company s size (measured by market capitalisation, revenues and number of its employees) and the status of the company as a public-interest entity in terms of Article 2 (13) of the Directive 2006/43/EC. The formulation of a more detailed catalogue should be left to professional practice and market competition. Party autonomy combined with professional standard setting will probably best serve the aim of cost efficient auditing as it allows for a liability level tailored for the individual company. Furthermore, competition between auditing firms is enhanced as high amounts of liability can be used as a sales argument. With a view to the reputation market, any agreement on liability caps should be publicly accessible. A regulatory option would be to require publication on the auditing firm s website and, with a view to shareholders and other interested parties, also on the company s website and in the annual report. 5
Furthermore the liability level needs to be subject to ex post judicial review. The financial statements of the company do not only serve the company and its existing shareholders. They also provide important information for future shareholders and support the general functioning of capital markets. Ex post judicial control should be executed by the court which decides on a damage claim against the auditor. The court s power to declare a liability limitation agreement void provides adequate incentives to the auditor and the board members (or the management) for the negotiation of a fair and reasonable liability level. In contrast, relying on an ex-post judicial adjustment of the liability level could possibly provide incentives to set the liability level below a reasonable and fair standard. The standard of judicial control, however, needs to be in line with the core principle of ex ante assessability of liability risks. There is a strong economic argument that imprecise standards of duty of care lead to over-optimal efforts and as a consequence to excessive auditing costs. We therefore propose limiting judicial review to cases where the amount of liability significantly deviates from what would be fair and reasonable. Specifically, a court should conclude a significant deviation if the agreement is not in line with the basic criteria set out by the European framework rules. A European instrument should further provide a list of additional factors to be taken into account for the judicial assessment. One important factor is the degree of independence of the auditor. Independence is, in particular, impaired where the auditor, the auditing firm or any of its affiliates provide any consulting services to the audited company. Further, the deterrent effect of auditor liability depends on whether insurance policy imposes a deductible on the firm and also on the individual professional. Institutional and individual insurance deductibles should be mandatory for auditors and they should also be taken into account for the assessment of the validity of a contractual liability cap. Hamburg, 15 March 2007 6