In the spring of 2022, the Wall Street Journal reported that both Ernst & Young (EY) and Deloitte have considered spinning off their respective consulting arms The result, according to the Wall Street Journal, would be four smaller firms, two focused on non-audit consulting services and two more narrowly focused auditing firms. Details have begun to emerge about a potential EY split, while Deloitte has denied any plans for a split. For their part, KPMG and PricewaterhouseCoopers (PWC) have both told the Wall Street Journal that they have no plans to shift from their current models.
Why is this happening now? The Wall Street Journal reports that “regulators world-wide have been increasingly concerned about conflicts of interest—whether auditors, which are supposed to scrutinize a company’s books, will go easy on clients that buy lucrative consulting services from them.” This includes U.S. Securities and Exchange Commission (SEC) investigations of potential breaches of independence rules.
Sidebar: Sarbanes-Oxley
While Sarbanes-Oxley (SOX) has been in place for 20 years, regulators have recently become more interested in real or perceived conflicts of interest. SOX created new and expanded requirements for all U.S. public company boards, management, and public accounting firms as well as some provisions applying to private companies. A key takeaway from SOX, as it relates to the use of actuarial experts, is to avoid real or perceived conflict of interest. Specifically, SOX Section 201 states that is it unlawful for a public accounting firm to provide audit services contemporaneously with non-audit services including but not limited to actuarial services. For a more complete discussion on SOX and why independence matters in actuarial services, see this article from Milliman colleagues Richard Frese and Tony Bloemer.
How often do audit firms provide actuarial services to their clients?
We sought to gather data on how prevalent this is for U.S. property and casualty (P&C) insurance companies. Using data from S&P Global Market Intelligence (S&P), we reviewed every company that filed a year-end 2021 Annual Statement with the National Association of Insurance Commissioners (NAIC). This list comprised 2,650 companies, of which about 2,400 reported the data needed to assess this question. The data in question are taken from the Annual Statements, in which each company reports the name of its audit firm as well as the actuary providing a statement of actuarial opinion.
We discovered that only about 6% of NAIC companies reported using the same audit firm as the actuarial firm. Each of these occurrences was one of the Big 4 accounting firms handling both the audit and actuarial work, as shown in Figure 1. To be clear, it is possible that audit firms may provide actuarial services outside the scope of the statement of actuarial opinion. That data is unavailable and is not considered in this analysis.
We also looked historically to determine whether this figure has grown or shrunk over time. S&P had data dating back to 2010. In total, the number of companies to which the Big 4 provides both audit and actuarial services has decreased by a third since 2010.
Figure 1: Number of companies reporting using same firm for auditor and actuary
What types of companies still have this potential conflict of interest?
Although the number of these relationships has dwindled over time, 155 companies in the United States still report using the same firm for their auditor and actuary. As many familiar with the insurance industry know, a single enterprise (parent company) may be comprised of dozens of companies falling under the umbrella of a single parent company.
When aggregating the 155 companies to their ultimate parents (as defined by S&P), we find 43 parent companies hold this common auditor/actuary relationship. For reference, according to S&P, 1,137 parent companies exist in the data set. This means that under 4% of parent companies have one or more of their member companies or subsidiaries in this common auditor/actuary relationship. What does the publicly available data tell us about the types of companies that maintain this relationship?
Figure 2: Number of parent companies by area of focus
Figure 2 tells us that a majority of the 43 parent companies that report using the same firm for their auditor and actuary are focused on commercial lines with only 10 focused on personal lines. A commercial property focus tops the list, while only one medical professional liability-focused insurer maintains this type of relationship.
Figure 3: Parent company size, based on year-end 2021 surplus ($ millions)
Figure 3 shows that the parent companies maintaining these relationships tend to be larger than the average insurer. While 69% of the insurance industry has surplus levels under $100 million, only 14% of these parent companies have that level of surplus. Additionally, we find that 18 of the 43 parent companies are publicly traded.
It may follow that larger and more complex insurers may require audit and actuarial firms that are larger and more sophisticated as well. That would certainly explain some of the shift in distribution that exists in Figure 3. However, it would also follow that those same insurers should have the most sophisticated enterprise risk management (ERM) practices and policies—which raises the question, is this type of relationship a risk or not?
Independence isn’t just for audit firms
Although the publicly available information used in this article doesn’t capture other relationships, it’s worth noting that insurers, self-insurers, and captive insurers need a variety of experts to create a cohesive process. The broker/actuary relationship is another that has been perceived to have conflicts of interest. Although the data is not available to measure the prevalence of this relationship in the market, anecdotally we have seen companies distance themselves from this perceived conflict of interest. This is perhaps especially true for more sophisticated insurers and risk management teams.
Independence is also stressed within the actuarial profession. Precept 7 of the Code of Professional Conduct states that actuaries should not knowingly perform services involving an actual or perceived conflict of interest, subject to certain qualifiers.
Conclusion
Recent Wall Street Journal reporting suggests that the Big 4 may have some headwinds facing them from global regulatory bodies in the context of auditor independence. There is at least a 10-year history already showing signs of erosion in the U.S. In today’s legal and business environment, the mere appearance of a conflict of interest may be damaging and difficult to repair. The question for a risk manager, management team, or board member is: from an ERM perspective, doesn’t it make sense to ensure independence rather than risk the possibility of a fine or lawsuit?