Part 2 of my conversation with Francine McKenna. Part 1 focused on independence issues at accounting firms.
The world has done over a million ERP, CRM, other enterprise software projects. With cloud implementations, it's like a second wave of projects. It still seems like there's very little automation of projects. You have many consultants who come on site, who fly a lot. It's not just the labor intensiveness, the travel expenses,the staff turnover when you have so many people, and the related quality issues haven't gone away. You'd think, as an industry, we'd be much smarter because we had such major overruns and failures around the '90s and early 2000s with ERP projects.
How automated is the audit side of the profession? Can the consulting side learn from it?
The audit side of the business has become much more automated. There's an enormous amount of effort being brought to applying technology, applying data analytics, applying all kinds of automation and, of course, the outsourcing trend has been going on for more than 20 years now in terms of looking at leveraging lower-cost locations to do work that's not necessary to be done on location at the audit.
They've been doing that for a long time. The reason is because an audit is almost always considered a commodity service, a necessary evil. Despite the firms trying to say, "How can we add value to the audit? How can we be more of a consultative presence when we're doing these audits?" in general, companies don't buy it.
They want to get the audit done. They want to get a good audit. They want to get the audit firm out of there as soon as possible and they want to keep pressuring the firms to, if not lower fees by finding efficiencies, at least not increase fees over a certain cost of living, inflation indexed annual increase. These are typically very strict contracts; multi-year contracts; very, very low, low, low tolerances for cost increases even when the scope of the audit has to increase.
On the other hand, companies still view consulting projects as these things that are special and unique. All of the firms that implement various kinds of systems implementation and integration projects are very good at selling that concept. Nothing can ever be plain vanilla. There's always a twist and the Big 4 can always find something additional and unique. “For you, company A, we need certain types of expertise or specialization because you are special. We need something special that we can only find in one of our practices in the firm that we have to fly in"
The large, global, public accounting firms are still organized very regionally, very locally. The reward structures for revenue and profitability and the accountability, are very individualistic, very local, and very practice-focused. Each individual partner, each individual practice is very focused on maximizing the opportunity of any particular project that they might bid or propose at a particular client. That's exacerbated in consulting. It's a very different business model than the partners who propose audits who follow very strict contract and pricing formulas.
I remember at PwC, when I was there in 2005 and 2006, and internal audit co-sourcing and outsourcing was newly viewed as a consulting project. Again, it was positioned that way for a while because of the new prohibitions against doing internal audit co-sourcing and outsourcing at audit clients. We had a lot of audit partners that didn't know how to develop a pricing estimate because they had never really been required to looked at a variable estimate of level of effort and what are costs of the right resources on a unique project and how do I calculate that in terms of what is the cost of my resources. They didn't know anything about that because audit projects were very formulaic in terms of, hey, this what we always do because it is required, this is what the client will pay; this is what we're going to charge them, profitable or not.
Audit is very commoditized. They did not know how to create and price out projects on a consulting basis. That is the significant difference, and the opportunity, for consulting practices —to create those sorts of unique situations and add-ons and those expansions of scope and also sometimes budget overruns on a fixed price project because of delays, other issues with the software, changes, or client issues.
From an individual client perspective, they do ERP projects only every 20 years, right? That is unique. But as an analyst, I know these firms do them over and over again because they do a few thousand a year. My question is, given the repeatability that they have within the firms, why the resistance to automate? You would think it would make it more predictable, more manageable, the quality would be better, and so on.
Well, I think that as long as they can charge the clients and they can get their margin, there's very little motivation to try to make the projects more efficient or lower costs. Again, that takes a special kind of person within the firms, within the consulting practices who know the business of consulting versus just the technology, who understands the client and contracting issues such as fixed versus variable contracts versus just having the technical software knowledge.
Trying to make the consulting projects profitable and make them the most efficient given the resources and the cost base within the firm is a unique skill set that I'm sure all the firms have but the Big Four firms are, again, still rebuilding even now since, 2007 or so when the non-competes with the firms to whom they sold all that expertise —to Capgemini and IBM and spun off to BearingPoint —got dispersed and then came back again.
I would say probably Deloitte has that expertise because they've had it the longest and been able to build it, but the other Big 4 firms, people come and go. They just don't have that expertise in all practices and locations at all times to do those things and they're not motivated if the clients are a captive audience willing to pay whatever they tell them it's going to cost.
I spent over a decade at PwC. This was in the '80s and '90s. We had a methodology group that focused on standards. Every type of project, they would have fairly elaborate, I mean eight, ten four-inch-wide binders on how to plan the data conversion or testing phase of the project. They had a group that would develop that, keep that updated.
It sounds like that discipline has disappeared in these firms because, logically, you would take a methodology and automate it a lot easier. Once you can distill from 100 projects, 500 projects some common processes, common techniques, you could start to automate that.
When I was at KPMG from '93 until 2001, KPMG to BearingPoint, we had that same thing. That was actually my area of focus because I was the accountant in the consulting practice whereas a lot of the people that were involved in the projects were more of the technology people. The project managers and the people who were managing the business of the projects, there were a lot of us around, mostly because you had brought people over originally from the audit firm and you brought the accountants over to start up those consulting practices.
When I got to PwC in 2005 and 2006, what had happened is, because they sold the whole consulting practice except for a few internal controls kind of people, some risk related, audit risk kind of people, they had sold everybody to IBM. None of those kinds of people were around anymore. Nobody who had done a consulting project for more than a year or more than $10 million had stayed at PwC. Maybe they had a few people doing some federal projects with the defense contractors but, in general, from a commercial perspective, they didn't exist anymore.
They've obviously, since, rebuilt those skill sets via hires and acquisitions, by acquiring the remnants of BearingPoint, by starting to do these things and rebuilding the partnerships with the software firms. But when the focus is on selling to a captive audience at audit clients, and the focus is on implementing from a technical perspective, there's no impetus to manage the business side.
I think that, between turnover and the fact that the Big 4 have so many people in consulting who don't have the audit firm and accounting perspective, coming in from other software and systems integrators, there are too many not thinking about the primary business model of the audit firm. They don't have an experience on the audit side, and they're just not focused on that.
I think the Big 4 firms see the money rolling in and clients doing those projects every 20 years. It's a big deal for the clients and they trust the Big 4 firms, in particular, if they're also their auditor, and they pay what it costs. When things go wrong, they complain but they don't complain too much. Many, many failed projects, ERP projects, and they keep their auditor on anyway and they rehire them for something else. They feel like they have no choice.
That's a great perspective. Any final thoughts?
I think, again, the growth of the firms and the fact that there is so much more movement of people between other companies, between the firms and the software vendors – I mean when you and I were coming up, if you joined one of the Big Four, Big Six, Big Eight firms, you mostly stayed there your whole career. Now, people move constantly. They move between vendors and the firms, and so you have this sort of dilution of the culture. I think that that just consistently invites problems and concerns, in particular, compliance, the special kind of compliance issues that a public accounting firm has.
That means there has to be good leadership to be on their toes because the fundamental is that they're supposed to be auditors first and maintaining the integrity of the audit process and the integrity of financial information going out to the public. If they let that get diluted in the efforts of selling any work to anybody at any time and forgetting their DNA as an audit firm, you're going to see, basically, a deterioration of the integrity and the quality of financial information going out to the public, including the information that's coming out of these financial systems.
Yeah, one thing I would try to emphasize is, I might be a journalist now but, remember, I was doing this work. I was on the consulting side of the firms that I was at and so I have this view coming from the inside.
Unfortunately, what I don't like is what the firms have become. We're missing that quality that you and I used to see at the beginning of the financial systems revolution
On the other hand, projects have become more complex, beyond just financials. They need to bring in different architects and different skill sets. Just the industry perspectives, the software vendors, I constantly tell them, "You need to verticalize. You need to verticalize," and they pay lip service, but the industries have become so complex now and you've got to factor all that.
Auditor Independence and ERP/CRM projects - a conversation with Francine McKenna
Francine McKenna is a prolific commentator on the accounting, audit, and corporate governance issues affecting public and pre-IPO private companies. Since 2006, McKenna has been an investigative reporter and feature writer for publications including Dow Jones MarketWatch, Forbes, American Banker, Financial Times, Chicago Booth Review, Accounting Today, and Boston Review. At MarketWatch she monitored and reported on public company accounting, fraud and financial investigations, and the often questionable financial reporting practices of pre-IPO companies. McKenna spent more than 20 years in public accounting and consulting, including for KPMG/BearingPoint in the U.S. and Latin America, and at PwC. She is also an adjunct professor of international business in the MBA program at American University’s Kogod School of Business. She speaks often at universities, conferences and other forums. You may also know her from her blog, reTheAuditors.com. She also writes an online newsletter, The Dig.
I had a chance to talk to her a bit about the history of auditor independence issues and some of the risks of using accounting firms as implementation partners on ERP and other enterprise software projects. In part 2 tomorrow we will talk about differences in automation in the audit and consulting practices of such firms.
Francine, I read your story about the SEC’s recent auditor independence enforcement against PwC and thought, "What are some of the risks that companies that use accounting firms may be exposing themselves to on their consulting projects?" Talk in terms of something around an ordinary business executive, not necessarily a CPA would be able to relate to.
The rise in ERPs and the large software vendors like SAP and Oracle mirrors the rise of the Big Four public accounting firms involvement in consulting, especially systems implementation, design and implementation consulting. When you think about when Enron happened and when Arthur Andersen collapsed, if you go back to the late nineties, you had the emergence of ERP software. They started to work with systems implementers like the Big Five auditors including Arthur Andersen and other systems integrators.
Then, unfortunately, you had Enron's bankruptcy and the collapse of Arthur Andersen. There was a push already to look at how the rest of the Big Four public accounting firms were addressing or working with issues around doing both audit and consulting, in particular systems design and implementation consulting, for the same client. The firms were already under pressure.
A lot of people think that three of the four Big Four firms sold off their consulting arms because of Enron but, actually, the pressure was on them before that. They were already being criticized for potentially compromising the integrity, objectivity of audit work because of their disproportionate focus on consulting and consulting revenues from the same clients.
When Enron occurred, there were already, I think, at least two of the four had already sold their consulting arms. EY sold to Capgemini, KPMG spun off BearingPoint, and PwC eventually sold their consulting arm to IBM. Deloitte, uniquely, never sold. It's not that they weren't planning on doing it but they actually just never got to it. I think I've written more than once that they never ended up doing it because, once the other three sold their consulting arms and Deloitte saw that even though they hadn't, no one was coming after them. There was no significant enforcement of new auditor independence rules enacted as part of the Sarbanes-Oxley Act of 2002. There were no new enforcement actions at least in terms of significant scrutiny over whether they were doing consulting, systems integration, and design implementation work in their audit clients. The actions the SEC did take related to actions prior to 2002 that were egregious violations of exiting rules.
The SEC and the new audit regulator, the PCAOB, never really aggressively implemented or enforced the new rules that were put in place to try to prevent that kind of combo audit and consulting work that was blamed for Arthur Andersen’s mistakes with Enron.
Deloitte, I think, just decided, "Hey, let's hold onto it and keep going." They ended up being able to build on that base and now pretty much dominate the consulting business in the Big Four, although PwC is a pretty close second.
When I think about the conflicts of interest inherent in being a public accounting firm, Accenture got out of that issue a long time ago. When the consulting arm of Arthur Andersen split off and became Accenture, they eliminated that worry. Accenture can do any projects for anybody they want. Certainly, Accenture can have conflicts of interest like any other professional service firm, but they eliminated the inherent conflict of interest that a public accounting firm has when you're an auditor for a large public company. In that case you're restricted, in particular now, post the Sarbanes-Oxley Act of 2002, from doing audits and financial reporting-related systems design and implementation at an audit client. Sarbanes-Oxley is the law that came into effect in reaction to the conflicting priorities issues that people thought had occurred at Enron, WorldCom, HealthSouth, and some of the other corporate frauds that occurred during that period.
The SOX auditor independence rules prohibit an auditor from doing systems design and implementation work at an audit client. It's strictly prohibited. What's happened is that those services, that software, that activity, which are the kinds of things companies want from big consulting firms has grown, changed, and developed. Now we have lots of different modules for all of the different large ERP systems and many of them can arguably not be tied directly to financial reporting, the direct financial reporting and financial statement preparation, which is where the prohibition comes into play. In other words, the auditors are not supposed to be designing and implementing software, implementing the controls, the internal controls and the configuration, developing the training and the user instruction associated with how you use those systems if they're going to go back, turn around, and go back and supposedly independently audit the company's use of those systems.
What happened after the financial meltdown? Did that have any effect on the accounting firms? Was there any scrutiny after that?
Yeah, absolutely. Actually, the financial crisis was a boon for them. Let's go back a little bit. One of the big reasons why Deloitte and PwC dominate in this arena as opposed to KPMG and Ernst & Young is that BearingPoint, the KPMG consulting firm that spun off and went public, ended up going bankrupt in February 2009. PwC and Deloitte split that carcass. Deloitte bought the federal services portion, so all of the big public sector clients of KPMG consulting, which became BearingPoint, and PwC took all the commercial clients. Those two firms got a really big head start in the midst of the crisis, which was approximately right after PwC’s non-compete clause with IBM expired.
The crisis deepened. The crisis root cause analysis really didn't focus on the accounting firms. The perception was the financial crisis was about this cataclysmic economic event that no one could control, it wasn't perceived initially as a sort of broad kind of a corporate fraud-related crisis. It wasn't the auditor's fault, in other words, at least at first.
Later, when it became apparent that there had been a lot of fraud related to subprime mortgage origination and securitization, mortgage and foreclosure processing, mortgage servicing, how people who went through or were threatened with foreclosure and were charged multiple fees, in error in many cases, then that sparked or was a catalyst for a whole new area of consulting called GRC, Governance Risk & Compliance. Many of the biggest banks and many other financial firms ended up on the wrong side of regulators in terms of how they had addressed those issues. In order to get out of civil and criminal liability for those issues, they signed settlements and consent decrees that said they were going to go back and fix those problems. They were going to calculate what the damage was to consumers and find a way to repay consumers for that damage.
This Big Four firms stepped into that arena in a huge way, in particular in a process called the foreclosure reviews that were ordered by the Fed and the Office of the Controller of the Currency. Three of the Big Four firms participated in the process in addition to Promontory, which was an independent consulting firm and now is part of IBM, and a couple of other smaller firms.
They did these humongous projects at the banks, which were essentially sort of hybrid audits. They went in looked at systems, looked at compliance with agreements and they tried to develop and extrapolate calculations of damages to consumers from having been inappropriately foreclosed on or inappropriately charged fees or other kinds of penalties related to mortgage servicing and processing.
Deloitte made out big, but PwC was the biggest winner in that arena. For everybody that PwC or Deloitte or EY didn't audit, they could do that foreclosure review. Deloitte, however, did a big project at JP Morgan that focused on mortgages at Bear Stearns and Washington Mutual that JP Morgan bought in a forced acquisition, essentially a bailout of those firms. Deloitte had been the auditor of Bear Stearns and Washington Mutual. PwC and Promontory did almost everyone else. Ernst & Young did a few small ones.
The only one who didn't really do much on that was KPMG. That created an enormous opportunity to do that kind of work in many other realms later. Any time a company is charged with some kind of a regulatory issue, whether it's anti-money laundering or something, like in the banks, related to their processing of some kind of consumer loans or something like the subprime loans, you have an opportunity for someone to be appointed as a monitor or as some kind of a consultant after the fact to help that organization correct the issues, often systems related issues. The Big 4 consultant or monitor then also does the work to calculate the number used to repay customers for the damages that occurred from the violation.
The firms have cleaned up on GRC. And it’s a whole new area of software that Oracle and SAP have incorporated into the ERP systems that’s required by regulators. The Big 4, especially Deloitte and PwC, now partner with Oracle and SAP to implement the software on behalf of clients.
What I'm seeing is that a lot hasn't changed since the time when I actually was last working in a Big 4 firm. The last firm I worked for was PwC in 2005 and 2006. At that point, I was part of an internal team looking at how well PwC was responding to the new rules under Sarbanes-Oxley, things like auditor independence and making sure that they were prepared to respond to inspections of audits under the new independent regulator the PCAOB, established by Sarbanes-Oxley.
There were things that I was concerned about then, things I looked at and said, "Hmm. You know, I don't think that some of the people in the firm understand that they can't do these things anymore." The ability of the large global public accounting firms to control partners, to monitor partners' activities, and to actually have good governance to make sure that there's a structure that identifies and addresses when somebody wants to go rogue or do something that is against the rules is always, always a challenge. The bigger they grow, the harder it is, especially because they're global firms.
Tell us your opinion about the recent SEC enforcement action against PwC
I looked at the recent SEC enforcement action against PwC that covered almost a five-year period from 2013 to 2016 and it said there was one person responsible for implementing governance risk and compliance systems from Oracle in multiple audit clients. PwC, as a firm was charged with violating the auditor independence rules in 15 different clients 19 different times during that short period and seemingly attributable to one partner. The SEC said one partner was the cause of these violations.
That one partner was a hybrid IT audit partner, who participated in the audits with as a specialist, with expertise around IT general controls and other IT controls. He was also a partner who was responsible for identifying opportunities for advisory or consulting projects related to Oracle ERP products.
That sort of hybridization of partners, with a dual incentive structure, is inevitably going to lead to potential conflicts and will present a constant challenge to try to interpret the rules, and for somebody to actually be willing to say, "No, you can't do that." When you say, "No, you can't do that," you're forcing the partner to turn down revenue. I saw that that was going to be a challenge for some partners to comply back in 2006, and it seems like PwC has not implemented any better rules or governance structures in all this time. PwC had one partner running around doing this over and over and over again and obviously without any real, effective constraints.
Given that, now talk about two audiences - the clients and the software vendors. When a company is implementing packaged software, it could be ERP, CRM, whatever. They look at consulting firms and they end up hiring a Deloitte or a PwC, an accounting firm. Are they exposing themselves to some risks?
They're exposing themselves to multiple risks, and not just the risk that a regulator is going to decide to crack down on this and they're going to be left without a consultant or having to change consultants suddenly, mid-project. When the rules were implemented in 2002, we saw companies come down into two different camps, and they're kind of distinct. One is the company that loves, loves, loves their auditor, that's been with them for 99 years and has built their whole professional services relationship around that firm. Usually, it's obviously one of the Big Four and if it's one of the Big Two, PwC or Deloitte, it’s a special problem because of their ubiquity in consulting.
Companies still get full service from that firm. They look for every opportunity to use that firm whenever possible. They know that there are some things that are prohibited. But if the firm and someone else within the company, in their board of directors audit committee, can find a rationalization or can find a way to interpret the rules such that that audit firm can do the work, that company will always choose the audit firm to do the work.
On the other hand, you have companies that only tolerate low risk. They're very much oriented around following the rules and not buying anything beyond the audit. It's so obvious, it's so stark, the comparison between the two kinds of public companies.
These companies have very, very, very strict rules that the audit firm can do nothing but the plain vanilla audit. But then those companies are faced with, whenever they want to do something else, any kind of systems implementation, any kind of upgrade to an existing system, any kind of evaluation of internal controls, any kind of enhancement of any kind of operational system, they put out a tender, entertaining bids and reviewing RFP responses, doing the whole vendor demo thing, and being forced to select from another firm. Then obviously, they have to work with another large firm on something financial or accounting related, negotiate another big professional services contract and vendor relationship and manage all the complexity that entails.
They've signed up for the fact that they're going to have to manage multiple, significant professional services vendor relationships and they do that because they want to keep everything nice and clean and legal. They don't want any trouble with the SEC, and maybe they don't want to let any one vendor get too much power over them. There are advantages and disadvantages to both approaches.
In the Big 4 firms, obviously, individual partners are rewarded for getting what we used to say way back in the '90s at KPMG, “A bigger portion of the client wallet.” That's not changed. Even though it might be frowned upon for the audit partner or anybody else to get a bigger piece of the client wallet for the firm by selling more consulting or tax work, in the end, the Big 4 firms have become these very large organizations with gray lines between the various practices.
From a customer's perspective, though, there's no legal risk. The risk is what?
There is somewhat of a legal risk. For example, if the audit committee and the company executives are not aware of the auditor independence rules, do not fully evaluate those rules when contemplating opportunities for the vendor to do certain kinds of work, and they choose the auditor despite the fact that that work will violate the auditor independence rules, the SEC can sanction the company or sanction its officers or its audit committee. That happens rarely – rarely, rarely.
In the case that I wrote about with PwC, what happened was it all came down on PwC and on that partner in particular. They didn't even name the names of the companies that were subject to these 15 engagements and 19 different instances. They don't want to embarrass the companies because they want to make the assumption that it's the auditor's responsibility to fully inform the client and, in particular, as cited in the PwC case, if the auditor or the audit partner fudge the information in the scope of services, in the engagement letters in order to kind of get in under the wire or fool somebody, then the SEC really holds the auditor and the audit firm responsible.
What happens then? You have to look at the company, you have to look at its audit committee, and you have to look at sort of the company executive who is the purchasing executive or the one that's responsible for hiring, evaluating the vendor, and say, "How could they not know? They know what they want to have done and they are allowing for a contract or scope of services to not accurately state the work that's going to be done." What's going to happen then if there's a dispute?
In order to get in under the wire and be able to use the auditor as a vendor, the SEC enforcement action against PwC implied that there were executives at some of these companies that knew very well that they were fudging the information in the contracts, scope of services, and invoicing. That presents a very significant risk to the company if they do that and then there's a dispute.
Certainly, if the SEC wanted to come back to the company or come back to the audit committee, they could if they thought that there was some kind of collusion in order to create an opportunity, let's say, for a particular official to get some kind of kickback or if there was some other kind of illegality involved. You could have a situation where an official of a company or of a board of directors allowed for this kind of a situation to occur in return for some kind of an illegal payment.
How about software vendors? Do they have any liability given these situations? You look at Salesforce or Infor or whoever has these as partners. Do they have any risks?
As you know, most often when these types of big projects occur, the Big Four firm, the consulting firm, whether it's Accenture or whether it's one of the public accounting firms, they take the lead as the prime contractor. They might have subcontractors and the software vendor is the subcontractor. To that extent, they may be sort of "see no evil; hear no evil" in that situation. It may be that, as a subcontractor, they're doing their part and they're not responsible for the other piece.
What was stated in this SEC enforcement action against PwC is that there was an ongoing relationship between this PwC partner and the Oracle rep. There was probably an ongoing multiple engagement relationship and the vendor provides all kinds of other monetary and nonmonetary benefits to PwC as a strategic partner, an implementation partner, and also to this specific partner potentially on a personal and a professional level. In the end, the SEC said the partner actually provided nonpublic material, nonpublic information to the software vendor about at least one client.
That's public knowledge?
Yes, that's in the SEC enforcement action. I'm assuming that if this partner felt compelled to provide nonpublic material, nonpublic financial information to the software vendor, it was probably so that that software vendor could evaluate pricing or creditworthiness of particular clients. That to me is not very kosher.
What other risks does a software vendor have when they evaluate an accounting firm as a partner?
Well, certainly, if the accounting firm is fudging the information in the scope of services or in the contract in order to get it under the auditor independence wire and they're a subcontractor, if for some reason someone in the company or someone at a regulator determines that that's not allowed, prohibited, and tells them they have to stop the project, well, the software vendor is going to have a break in the project. They're going to have a delay. They might have the contract canceled and have to start all over again with a different integrator or, potentially, have some kind of a breach of contract with regard to the software licensing because the whole contract is canceled if the system integrator has breached some kind of terms.
That's hypothetical, right?
Right.
You don't know of any that have gone to that extent.
Well, in the case of one of the clients cited in the SEC enforcement action, PwC bid on two different projects at one client. I identified that client as Logitech. In that case, PwC had to resign as the auditor because of these independence issues.
Now, in some sense, that might actually be a blessing in disguise because, once you resign as auditor, then you're free to do the consulting work. But the question is, did that cause a stoppage of the project or were the projects delayed because these issues are being fleshed through and potentially there's a lot of back and forth and issues around whether or not the contract is going to go forward or whether or not the contract is going to be completed.
What else should buyers of consulting projects, implementation projects be aware of when they look at accounting firms?
Well, I think the biggest lesson from the PwC enforcement action was that audit committees either are still not aware of these prohibitions against the auditors doing certain kinds of work or they're willfully kind of trying to deflect the understanding or appreciation for those rules to other people. In other words, executives and board members, including audit committee members, claim plausible deniability or delegate the responsibility for evaluating auditor independence. Sometimes they delegate it to the auditor itself.
When you ask the audit firm itself to evaluate whether it's independent in providing services, you're basically giving the fox access to the henhouse. The vendor is not the one who is supposed to be evaluating whether or not providing those services presents an auditor independence risk to the company.
I would say the biggest lesson was that audit committees, in particular, and executives who are hiring the firms for these types of projects really need to get better acquainted and take more seriously these prohibitions. They are on the books. Whether or not the SEC or the audit regulator, the PCAOB enforce them at any point in time doesn't mean that they can't come back later and doesn't mean that a sudden spike in enforcement action or scrutiny is not going to disrupt the project for the company as a whole and cause a lot of money and a lot of delays on perhaps a mission-critical project.
I'm sure some people will say, “She is a little too alarmist.” I think it's healthy – it's important to look at a segment of the market from different eyes.
Tomorrow, we will talk about how the audit and consulting arms of the accounting firms have evolved differently when it comes to automation.
January 21, 2020 in Enterprise Software (IBM, Microsoft, Oracle, SAP), Industry Commentary, Outsourcing (IBM, Accenture, EDS) | Permalink | Comments (0)