[HN Gopher] EY gets banned from new audit business in Germany ___________________________________________________________________ EY gets banned from new audit business in Germany Author : mfiguiere Score : 332 points Date : 2023-04-09 12:04 UTC (10 hours ago) (HTM) web link (www.economist.com) (TXT) w3m dump (www.economist.com) | lakomen wrote: | [flagged] | _the_inflator wrote: | Honorable mention here for Arthur Andersen and their role in the | Enron audit: https://en.wikipedia.org/wiki/Arthur_Andersen | helsinkiandrew wrote: | https://archive.is/RiaMV | docheinestages wrote: | [flagged] | jacquesm wrote: | If you don't have a reason to link a thread to ChatGPT maybe | don't make them up? | SilverBirch wrote: | I don't know if I have just enough knowledge to be dangerous, but | it seems to me that auditors don't really do what people think | they do. Auditors seem mainly to just double check the numbers | they're handed. This serves a purpose, it provides some level of | guarantee that companies that are acting in good faith are | generally reporting correct numbers. Auditors don't do what | people seem to think they should do - investigate and uncover | fraud. If a company wants to commit fraud, the auditors simply | aren't resourced in a way that would allow them to uncover it | because there's not really that much incentive to uncover the | fraud, the fraudster is extremely motivated, and if you wanted | that level of hostile investigative work it would be much more | expensive for every company. | | Also, from a dynamics perspective, this is a lot like the | insurance industry. In the insurance industry you can | underestimate risk during the good times, take profits, and then | go bankrupt in the bad times. In auditing you can spend a lot of | money being extremely thorough - you'll lose all your customers | because you're expensive and painful. So instead you lower your | standards, you're cheap, you're easy to work with, and it's easy | for a fraudster to slip through, in the 1 in a 1000 chance that | happens the regulator comes down on you like a tonne of bricks. | Well ok, but was EY less competent than McKinsey or did they just | get unlucky that they're the poor bastards who stepped on the | landmine? | | Well, maybe in this case we should learn from the insurance | industry and institute some sort of fund that all auditors pay | into that pays out in the case that fraud is discovered. | AniseAbyss wrote: | [dead] | hef19898 wrote: | The auditing arm of EY is in a completely different _industry_ | than McK and similar firms. | | That EY's auditing track record is, well, checkered is a | different problem. By throwing those two into the same bucket, | so, shows some lack of understanding of auditing, accounting | and consulting. EY also does, sometimes legally required | "consulting" work for in the accounting space. That work is | completely different from stragoc management consulting ala McK | and BCG. And it also a different beast than the lower level | outsourcing consulting ala Accenture. | lordnacho wrote: | What never made any sense to me was the incentives. Is the | company supposed to hire people to write a public report saying | the company committed fraud? It doesn't really seem like it | makes sense for anyone. If anything, you'd just do some minimal | performative work to say you had a good look in the company, | and then you pick up more work next year. If you write a | critical report, how many companies will want to hire you? I'll | pick the easy going auditor who doesn't give me a hard time, | thanks. | | Contrast that with say an HMRC tax audit. They're not there to | be your friend and it actually makes sense for them to | investigate certain firms. | | It would be interesting to read a history of the industry to | see how we ended up here. | jsmith99 wrote: | The auditors are appointed by the audit committee which | consists of board members who are non executive directors | i.e. they are not involved in the day to day running of the | company and so theoretically should be independent and | interested in uncovering any wrongdoing by management. | krn wrote: | > Well ok, but was EY less competent than McKinsey or did they | just get unlucky that they're the poor bastards who stepped on | the landmine? | | I have asked myself the same question, before I noticed that EY | is basically the Credit Suisse and the SoftBank of the audit | world[1]: | | > EY has been involved in many accounting scandals: Bank of | Credit and Commerce International (1991), Informix Corporation | (1996), Sybase (1997), Cendant (1998), One.Tel (2001), AOL | (2002), HealthSouth Corporation (2003), Chiquita Brands | International (2004), Lehman Brothers (2010), Sino-Forest | Corporation (2011), Olympus Corporation (2011), Stagecoach | Group (2017), Wirecard (2020), Luckin Coffee (2020) and NMC | Health (2020). | | In fact, Wirecard managed to partner with EY, Credit Suisse, | and SoftBank simultaneously just before going bankrupt. | | Maybe because no reputable companies wanted to touch it? | | [1] | https://en.wikipedia.org/wiki/Ernst_%26_Young#Accounting_sca... | hef19898 wrote: | Well, EY started as part of Andressen (?) and was as such | part of the Enron scandal. We shouldn't ignore the scandal of | the century. EY so is a very reputable accounting firm. | Unreputable would be the Metaverse headquartered shop FTX | used. | tim-- wrote: | You might be thinking of Accenture, which was founded from | the ashes of Andersen Consulting. | | Andressen is one half of Andreessen Horowitz (a16z) which | (I think?) doesn't have any connection to Enron. | Zafira wrote: | Accenture is Andersen Consulting. It left and changed its | name to Accenture because of internal infighting and | politics prior to the Enron scandal that took down | Andersen entirely. | er4hn wrote: | The OP is thinking of "Arthur Andersen", the accounting | firm that serviced both Enron and Worldcom. The first | paragraph of Wikipedia cites the scandals as factors in | enacting SOX (src: | https://en.wikipedia.org/wiki/Arthur_Andersen) | [deleted] | andrewjl wrote: | > The auditor has a responsibility to plan and perform the | audit to obtain reasonable assurance about whether the | financial statements are free of material misstatement, whether | caused by error or fraud.1 Because of the nature of audit | evidence and the characteristics of fraud, the auditor is able | to obtain reasonable, but not absolute, assurance that material | misstatements are detected.2 | | https://pcaobus.org/oversight/standards/auditing-standards/d... | [deleted] | jll29 wrote: | If a CEO mismanages and goes bankrupt, they cannot start another | company for 5 years; a two-year ban seems mild, but better than | nothing, as the reputational damage is substantial (why would any | non-criminal pick EY afterwards in good faith if there are | others?). | helsinkiandrew wrote: | As well as a EUR500K fine, five employees were also fined | between EUR23,000 and EUR300,000. And seven others escaped | punishment by handing back their auditor's licences. | | I'm not sure many reputable public companies will be queuing up | to use their services in 2 years time | hef19898 wrote: | If a certified and liscenced auditor in Germany returns his | liscence, well, that person just ended their professional | career. So the alternativr seems to have been considerable | worse. Rightly so, Wirecard was a fuck up of epic | proportions. | shortrounddev wrote: | Really? 5 years? That seems really harsh. Is it all business | failures or does it have to be due to mismanagement? I've heard | the climate is very hostile to businesses in Germany; my sister | in law was trying to sell art on etsy and apparently she had to | get a business license to do so in Germany. She's now back in | the USA where she can just sell stuff online and the only thing | she needs to do is file her taxes correctly | avianlyric wrote: | > Really? 5 years? That seems really harsh. Is it all | business failures or does it have to be due to mismanagement? | | There's a big difference between bankruptcy and business | failure. Plenty of businesses fail without entering | bankruptcy, they're wound down responsibly and their | creditors are repaid in full. | | If a company fails due to bankruptcy, then it means that | people who lent money to that business are out of pocket, and | end up paying for the failure. | | The whole point of "limited liability" companies is that the | owners and management are shielded from creditors in the | event of bankruptcy (hence the " _limited_ liability"). So a | five year ban (which is true in most countries) from | directing another limited liability company is reasonable, it | don't prevent your from running a business, only from running | a _limited liability_ business, because there's now evidence | that in the event of failure you'll leave your creditors high | and dry. | | Ultimately the privilege of running a _limited liability_ | company, where the state promises to protect you from your | creditors if things go wrong, is just that, a privilege. If | you prove yourself unable use that privilege responsibly, | then that privilege is temporary taken away. To be clear, the | privilege removed is _protection from creditors by the state, | if your business fails_. You can absolutely start another | business, it's just that the state won't protect you if you | fail. | adrr wrote: | You can also screw over your creditors without declaring | bankruptcy. Just stop paying your bills. Elon is famous for | not paying creditors at twitter. Bankruptcy is just a way | to get relief from creditors and prevent them from suing | you. | AbrahamParangi wrote: | The counterpoint is what's the point of reducing losses on | bankruptcy if it makes the entire business climate worse? | By trying to protect creditors you just make everyone | poorer. | avianlyric wrote: | Does it? For most companies their creditors are other | businesses that they're sourcing supplies from. What | makes you think those businesses can afford to take the | hit? | | Ultimately most of the real creditors to small and medium | businesses are other small and medium businesses. So if | you offer no protection to them at all, you either get | extremely risk adverse companies that refuse to offer any | sort of credit (such as 30 day invoices), or a single | business failure ends up causing a cascade of failures | all of their suppliers take the hit, and also go out of | business. | | Ultimately increasing the trust between businesses, so | they're able to extend thing like 30 day invoices as | standard, substantially improves the business climate. It | reduces the barrier and risk of everyday business | transactions, makes it easier for businesses to manage | their cashflow, and ultimately allows businesses to grow | faster and in more robust manner. | | None of this is about protecting lenders like banks, or | investors. Most of the time they screwed anyway, it's | about protecting other businesses who's primary function | isn't financial risk management. | bcrosby95 wrote: | Who says it makes it worse? Limited liability is a | privilege not a right, as such it can be taken away from | you if you can't act responsibly. | AuthorizedCust wrote: | Just because the government claims something to be a mere | privilege does not justify bad policy. | avianlyric wrote: | We could go back to bad old days, where business owners | were directly exposed to their creditors. Business fails, | say goodbye to home, car, personal savings. If that's not | enough, off to the debtors prison with you, you can work | till you've repaid your business debts. | KyeRussell wrote: | This is an ideological take, and an American one at that. | Not necessarily a fact. | AuthorizedCust wrote: | It reflects a system where that shields creditors from | fewer risks. Nothing wrong with that per se. | Kamq wrote: | I mean, fair, but when even the Americans are saying to | let the investors lose their shirts, you might want to at | least think about it. | mpweiher wrote: | This isn't about investors, it's about creditors. | DANmode wrote: | Investors and/or startup loans, depending on structure, | are generally right at the top of the list of creditors. | anonymouskimmer wrote: | https://www.investopedia.com/ask/answers/09/corporate- | liquid... | | > Shareholders are often last in line to receive proceeds | with preferred stock shareholders getting better | treatment than common stock shareholders. | | Loans aren't shares; not even early loans. Else they'd | get much better returns from the successful businesses. | Kamq wrote: | Also fair, I used the wrong word there. | | Though, I don't think the distinction really matters | within the context of my point. Both investors and | creditors are exchanging money for a bet on future profit | derived from the company being solvent in the future and | having extra money to either pay back debts or pay out | dividends. | | My point is that America tends to get a lot of flak for | rigging the system in favor of those with excess money | (some of it is even fair). My point is that if you want | to structure your system past what we're willing to do, | you may want to stop and think for a second about if | that's what you really want. | | Now, if you want to protect the money of people with | extra money to lend out, that's absolutely fine. It's a | completely internally consistent position. But my | understanding is that it's not that popular of a | position, so I'm surprised the system is set up this way. | mpweiher wrote: | > Both investors and creditors are exchanging money for a | bet on future profit derived from the company being | solvent | | Nope, that's still just investors. | | Creditors are not people who made bets on the company's | future profits. Creditors are people who the company made | legally binding contracts with to pay them. For example | people who provided products and services who are getting | stiffed. Also: taxes due. | | Even a bank loan is not a bet on the company's future | profits. A bank loan is a contract that says you _will_ | repay the money lent, with interest. Irrespective of | profitability. | | Which is why a limited liability company usually can't | get credit unless it is also guaranteed by someone else. | Because with no outside guarantees, it _would_ be a bet. | (Yes, convertible bonds exist, but different topic). | Kamq wrote: | I think you misinterpreted my statement here. The future | profit I'm talking about is the profit of the creditor | (or investor). | | That being said, I completely disagree with this part: | | > Creditors are not people who made bets on the company's | future profits. | | Nope, that's not how reality works. If the company | doesn't have the money (including their assets), you | aren't getting paid. | | Extending credit is fundamentally a risk. That's one of | the reasons credit card companies charge interest. | anonymouskimmer wrote: | Screwing over the bond market by screwing over owners of | your company's bonds make the entire investing and | general retirement and pension climates worse. | Retirements and pensions are often guaranteed _in part_ | by the government, with tax funds. Tax increases and | retirement deficits directly hit consumers in their | ability to consume, and at least a few years back | consumers were responsible for about 2 /3rds of GDP (in | the US, at least), so a bit more important than the | business climate itself. | | And that's without even factoring in the effect of | bankruptcy on consumers employed by the bankrupt company. | Employees of a bankrupt company are considered the | highest level of unsecured creditors, but they still come | behind secured creditors. So bankruptcy can not only | result in an employee (who is also a consumer in the more | general economy) losing their job, but losing their last | paycheck and benefits coverage. Which has a consequent | effect not only on consumption, but on utilization of | public, tax- or fee-supported services. | | --- | | If a person bankrupts a company, they could probably use | 5 years to let all of the lessons that they should have | learned sink in. If you fail out of school you have to | retake your classes in order to graduate. | wongarsu wrote: | Does it? You could equally well argue that punishing CEOs | for bankruptcy makes banks more willing to lend money, | improving the business climate. | | And of course for startups in the early years it's not | that relevant anyways, since nobody will lend you | anything until you have revenue. VCs invest instead of | lending and aren't owed anything if you shut the company | down. | mlyle wrote: | > You could equally well argue that punishing CEOs for | bankruptcy makes banks more willing to lend money, | improving the business climate. | | Banks can take into account the borrowing history of the | executive teams already. | | > And of course for startups in the early years it's not | that relevant anyways, since nobody will lend you | anything until you have revenue. | | Being unable to make payments on leases, etc, is pretty | likely for startups that fail. | AbrahamParangi wrote: | Well, you're basically taking something (cost of capital) | that could be priced (via interest rates and collateral | requirements) and turning it into a regulatory barrier. | Personally I doubt that that is better, and I think the | general consensus is that it is quite a bit harder to do | business in those places with these regulations. | qwytw wrote: | So just bring in another CEO just for the bankruptcy. | Currently that's not an uncommon practice in the US. Of | course this new CEO would have to be a one-use fall guy | with somebody else actually doing the job... | | > If you prove yourself unable use that privilege | responsibly | | Good luck determining whose actually to blame and who is | innocent... at the end of the days only unlucky small to | medium business owners who can't afford expensive lawyers | or consultants will suffer from such a policy. | auggierose wrote: | Germany is not small to medium business friendly. No need | to argue about that. | kazen44 wrote: | do you have any sources for that? Considering that in | germany, the "Mittelstand" is the major economic engine | powering the economy compared to major corporations. | galleywest200 wrote: | Is it possible to have declared bankruptcy with no | creditors? Can you just spend all of your own money down to | zero? Would you still be banned due to losing only your own | money? | toast0 wrote: | Bankruptcy is something you get into when you can't pay | debts to your creditors. | | If you have no debts, and thus, no creditors, you can't | go bankrupt by definition. Of course, if there are | government fees or taxes to pay, the collector of those | becomes a creditor. You would want to formally close the | business so that it doesn't accrue annual fees and force | you to do more paperwork. | avianlyric wrote: | I think it would be very difficult to achieve, you would | somehow need to convince a bankruptcy court to accept | your bankruptcy, despite having no creditors. | | If you spend all your money down to zero, then the normal | thing is to just have your company dissolved and struck | of the companies register. For which there is no | consequences, you just tell the state your business is no | longer operating, they make a note of that, and that's | it. Business dissolved, you get on with your day. | ChuckNorris89 wrote: | _> she had to get a business license to do so in Germany. | She's now back in the USA where she can just sell stuff | online_ | | If you want to sell in the Germany, get a business license | from Estonia or Romania or some other low-cost low-bureocracy | EU country, and pay your taxes there. Germany is still living | in the business climate of the '60s. | tom-from-july wrote: | This is terrible advice and you or actually your Estonian | company will be fined for tax fraud. | | In Germany income is taxed where it is generated, which | includes the head of the person running the business. So if | you run your foreign company from Germany - which is expect | to be the case if you have no physical permanent office in | Estonia, where you also have to be regularly present - you | home is considered to be an business location and thus you | are taxed accordingly. | | Note that this only applies to limited liability companies. | | If you are a single person with no need for limited | liability, just register an individual business | (Einzelunternehmen) with your local authority (Gewerbeamt). | It's really easy, cheap and if you need support, tax | consulting for individual business is rather cheap as well | and worth it if your business generates regular income. | Otherwise you can just talk to the authorities, because | income from passion projects (i.e. non-regular, without the | goal of generating a substantial income amount) is not | taxed at all. | ChuckNorris89 wrote: | _> In Germany income is taxed where it is generated_ | | Only if you're a resident in Germany, But if I live | somewhere in the EU and sell something to someone living | in Germany I don't owe income tax to the German | government. | | I pay my income tax where I'm a fiscal resident (Estonia, | Romania, etc.) | tom-from-july wrote: | Lucky you in this case, not having to learn and deal with | all this then :) But the original comment was about | someone living in Germany (at least at the time) | martinald wrote: | Which single person doesn't need limited liability | though? In my experience small freelancers/businesses | need that protection much more than bigger organisations, | which can afford legal fees and court costs if things go | south. | | If you are a freelancer trading without a corporate | entity you can get screwed so hard. There are nasty | people out there that will take advantage of this and can | demand loads of free work or refunds, knowing that your | entire personal wealth is on the line. | bitL wrote: | That's why one should just move to Dubai and escape | Germany and its crazy taxes and health insurance costs. | robocat wrote: | Dubai? Extremely bad advice unless you deeply understand | the sometimes "crazy" implications of their Sharia based | laws e.g. debts: The UAE has no | bankruptcy laws, so there is no protection for those who | fail to meet their car repayments, pay off their credit | cards or default on their mortgage, even accidentally. | Anyone who fails to make their payments faces | imprisonment in the notoriously tough prisons of the | United Arab Emirates, and the Sharia-influenced debt | offences have even led Interpol to circulate red alerts | to capture indebted Europeans attempting to flee the UAE. | There have been previously recorded cases of foreign | workers being prevented from leaving the Emirates after | being blacklisted for simply missing one credit card | payment or bouncing a cheque. As a result, many expats | are forced to abandon their lives to avoid jail time, | often with their car keys still in the ignition. | | I would bet they fixed their information systems, and you | couldn't now leave if you happen to screw up. | | https://www.carkeys.co.uk/news/the-story-behind-dubais- | aband... | hef19898 wrote: | Taxes are due where the business is managed, where the | rwvenue is coming from and where tax authorities consider | you a company of being a resident. So in your example, the | Estonian company will still pay taxes as a German company. | Which is explicitly stated in the tax treaty between | Estonia and Germany. | charlieyu1 wrote: | You know, all regulations only hurt small sellers, people at | the "top" always get away from all the crap they are directly | responsible for, no matter they are hurting their own | business or the society as a whole | Timon3 wrote: | It's the wrong take-away to say all regulations only hurt | small sellers. Do you want to give up regulations on child | labor, or worker safety, or foods and drugs? If not, how | come, considering it all hurts only small sellers? | | The problem isn't the concept of regulation, but the | follow-through on loopholes. By doing away with regulations | you'll decrease quality of life for most people. Instead we | have to find ways to react to loopholes in a fair way. It's | not impossible, we've done it before, see the previously- | mentioned examples! | charlieyu1 wrote: | I don't think small sellers have anything to do with | child labour. And since you mentioned loopholes, it is | always the big players who get away with loopholes that | small business owners do not | Jochim wrote: | Business owners get away with breaking violating the law. | Small businesses are infamous for paying people under the | table, stealing wages, not giving appropriate breaks, | employing children etc.. The size of a business only | affects the kind of laws they're likely to get away with | breaking. | piaste wrote: | > I don't think small sellers have anything to do with | child labour. | | This is a remarkable claim. Why would you think that? | akiselev wrote: | Small sellers aren't worth even going after until they | reach a certain size for huge swaths of the regulatory | regime. | | See, for example, UL/CE and FCC regulations - unless they | burn something down or interfere with emergency services, | businesses can usually defer the regulatory cost till | they can afford it. Or the FAA, which gives out slaps on | the wrist like its going out of style, as long as the | offender is not an airline. | | Case in point: many countries allows underage family | members to work for family businesses and even the ones | that don't, barely enforce it. A factory hiring dozens of | kids? That's a lot less likely to go unnoticed. | KyeRussell wrote: | [flagged] | mlyle wrote: | Digging into his post history to avoid refuting his point | (which is overstated) is ... not appropriate? great? | | I can pretty easily agree with a weaker version of his | statement: regulations have a disproportionate impact on | small entities. They're expensive to comply with, and | small entities tend not to have access to the exotic | legal tricks and arms-length interaction with regulations | that can make them much less effective. | LadyCailin wrote: | For the first one, if we can agree the regulation is | good, then so be it. If your business can only thrive by | hurting other people, you don't get to be in business, | that isn't a more fundamental right than not being harmed | by businesses. For the second, the solution is to plug | loopholes that allow businesses of any size to bypass | regulations. In no case is it the correct solution to get | rid of good regulations. | mlyle wrote: | > For the first one, if we can agree the regulation is | good, then so be it. | | IMO: If we can agree that the regulation _has a net good | effect_ , considering externalities and adverse effects. | Having a "good regulation" that also increases | concentration of control in an industry can end up being | a net negative. | | > For the second, the solution is to plug loopholes that | allow businesses of any size to bypass regulations. | | This is a nice thing to strive for, but in practice | layers of indirection and ample legal counsel | accomplishes a lot even in well-run democracies (even | leaving aside how large organizations often influence how | they are regulated in both direct and indirect ways). | charlieyu1 wrote: | Don't want to sway away from the discussion, but it's | probably the first time for ages I'm called a | libertarian. | simplotek wrote: | > Really? 5 years? That seems really harsh. | | Bankruptcy is not a mild consequence. People can and often | are ruined by a bankruptcy, not to mention the harsh impact | that it has on employees who are suddenly forced out of a | job. Declaring bankruptcy should not be considered as | something mundane or yet another run-of-the-mill managerial | decision. | | Also, not being able to found a company is not what I would | call "harsh". Even in a purely capitalist view of society, a | entrepreneur needs to focus on ventures to ensure they are | successful, and "failing fast" does not mean it's ok to file | for bankruptcies. | martinald wrote: | But a lot of businesses fail for reasons other than the | directors "mistakes". The general macro trend has a lot to | do with it. Should the owners of a cafe or bar that went | under owing suppliers some money during covid be banned | from starting a new business? Or someone who buys a failing | business trying to turn it around and failing also be | barred for 5 years? | | At the end of the day, creditors must (and generally do) | realise when supplying a limited liability company there is | a risk that the company goes under you won't get paid. | That's why credit insurance and credit control departments | exist. | | If the directors were committing fraud by misrepresenting | the state of the business and it fails, that is a | completely different thing and directors should be barred | from trading. But businesses fail all the time and we must | accept that. Barring people from trying again for 5 years | isn't a great solution imo. | simplotek wrote: | > But a lot of businesses fail for reasons other than the | directors "mistakes". | | All the more reason why entrepreneurs should not take | lightly the prospect of filing for bankruptcy, and should | focus their energy on ventures where they can minimize | the chance of burning through cash right into bankruptcy. | Otherwise it starts to sound like these serial | entrepreneurs are just flinging crap at a wall to see | which one will stick with little to no effort. This is a | massive disservice to investors and employees alike, if | not outright fraud. | detuur wrote: | The 5-year ban is not an automatic outcome, I believe. | Afaik it's imposed specifically in cases of gross | mismanagement/fraud. | mantas wrote: | Can't speak about Germany for sure, but usual euro way is you | don't need to do taxes at all if you do not run a business. | Employer fills it for you. And getting a doing-business-as- | individual is as simple as filling a form at revenue service | website telling you're starting a business. Then you get a | tax ID to put on your invoices next day. | | If you sell as an individual, it's just you selling random | stuff that you don't need to pay taxes for. Once you do this | as a business, you declare it as such and notify the state | about it. | belter wrote: | Many other countries have similar laws. Normally get's solved | by buying an existing business... | brookst wrote: | So as a super talented CEO, would you take any jobs trying to | save a failing company? | ck45 wrote: | It would be an interesting idea to make auditors fully | accountable like bankruptcy advisors. I know, this is never | going to happen. | angus-prune wrote: | The current problem is that the insentives are all wrong. | | It is the company being audited that gives the auditers the | business. Its not in the interests of a dodgy company to | appoint a good auditor, and its not actually in the auditors | (short term) interest to uncover wrongdoing as it just means | they'd lose a client. | | My proposal is that you _require_ every company to have | insurance to cover the risks, making the insurers fully | liable for fraud (and any other business risk that audits | protect against). | | Companies then don't appoint their own auditors, but the | insurers do. Its in the insurers interest to make sure that | any audit is effective as they're on the hook for any | liability the audit misses. | | This way the insentives for the auditors are aligned with the | interests of the people relying on the audit (shareholders, | customers, suppliers). | bradleyjg wrote: | There was something like this with bonds pre 2008 but it | didn't work out like you suggest. | | Rating agencies were, and are, paid by bond issuers are | rated a bunch of synthetic real estate backed bonds as very | safe. But then on top of that, certain of these bonds were | insured---notably by AIG. However, AIG just rubber stamped | the ratings and ended up going bankrupt when the crisis | hit. | | The real mismatch of incentives is one layer deeper than | your comment suggests. An insurance company CEO can do very | well for himself underpricing insurance. The business grows | as premiums roll in and he collects a bunch of bonuses. | When the SHTF he could just resign and collect his golden | parachute. | bostik wrote: | The Maltese gambling regulator did something like this back | in 2016. While the idea is good (and I support the practice | _in principle_ ), it was a dismal failure in aggregate. | Devil's in the details. | | The regulator pre-negotiated approved rates and vetted a | bunch of companies, all of which had to had presence in | Malta. The audit reports have to be turned by mid-June, | IIRC, and they can't really start until the accounts for | the previous year have been finalised. So in practice the | audits _must_ take place between late February and mid-May. | At the time the entire nation of Malta had about 450k | people in total, and each audit blocks two accredited | people for approximately three weeks. | | Turns out there are a _lot_ of gambling companies | registered in Malta, and each pair of auditors could only | process 5-6 companies within the allotted time. The country | would have run out of auditors ... so they licensed a whole | lot of local smaller shops as accredited gambling auditors | to make up the numbers. Many of whom did not have the | technical knowledge to actually even _assess_ , let alone | _understand_ the businesses they were assigned to. | | And I can say this from painful experience: there is real | value having the same team of auditors for 2-3 years | running. They will get to know how your company operates, | and any good ones will figure out entirely new questions to | ask you from year to year. By all means, be an adversarial | assessor, but at least please be clued in. | | Disclosure: on the receiving end as a key person in | technical audits since 2015. | [deleted] | [deleted] | EarthIsHome wrote: | This is still fallout from the wirecard debacle. | ck45 wrote: | The wirecard scandal on Wikipedia: | https://en.wikipedia.org/wiki/Wirecard_scandal | wjnc wrote: | Look, these sentences are probably more than just and even on the | light sight. Handing in your auditing license is a pretty severe | punishment, at least career changing. But will the risk and audit | professionals at BaFin face the same penalties? | lima wrote: | The head of BaFin and their deputy were forced out over it and | the agency is undergoing significant restructuring[1], and a | new agency was formed specifically for investigating financial | crimes[2]. | | In terms of actual liability - no, at least not yet. A number | of lawsuits by individual investors were thrown out[3] but it's | possible there will be public prosecution: | | > _Criminal prosecutors in Frankfurt are assessing whether | BaFin employees obstructed justice by not properly | investigating fraud warnings._ | | In the end, it's a regulator, they have to rely on auditors to | some point. If Wirecard lies and EY doesn't catch it, that's on | the criminal and the auditor. Still, it's hard to understate | just how badly the agency fucked this one up... Hopefully, | it'll serve as a true wake-up call. | | Certainly seems like it - they have been more aggressive | recently with other problem companies like N26, Solaris Bank, | Coinbase, Deutsche and others. | | [1]: | https://www.ft.com/content/4f948457-678e-485c-92f7-2837064a5... | | [2]: | https://www.ft.com/content/587b6c52-c93e-4b2c-949a-53f6a1667... | | [3]: | https://www.ft.com/content/9fab6842-4ee6-4114-a35c-09bf9c62a... | stametseater wrote: | > _The head of BaFin and their deputy were forced out over | it_ | | They tried to get innocent people put in prison. They belong | in prison themselves. If all that happened to them was losing | their careers, then they haven't been brought to justice. | lima wrote: | Who is "they"? The head of the agency? Their advisors? | Individual employees? Politicians? Failure of this | magnitude is almost always a systemic failure. | | Actually figuring out who, if anyone, committed a crime | (through gross negligience, willful obstruction, or | similar) will take years. | wjnc wrote: | To reply to just one sentence: From my experience the | relationship between auditors and financial (prudential) | regulators is only lightly one of relying upon. On the one | hand of course having trouble getting your financial report | signed is a key risk indicator for the regulator, on the | other hand the regulator in my sector (insurance) goes | markedly deeper in their thematic and on-site reviews than | the auditors do. Even though the auditors sign off on things | like capital requirements, the regulators understand models | way better. Those building proper models usually don't work | for the big-4 that do auditing, but work for more niche firms | and the insurers themselves. | | I've worked for a regulator in a sector with more lenient | oversight (health) and there the accountant was one of the | pillars of our understanding. We just didn't have the mandate | or capabilities to understand the finance of the thousands of | providers. In that way regulating finance is easy. Banks and | insurers are relatively low-N activities. In case of BaFin I | find it hard to imagine that they couldn't, so they probably | wouldn't. | | Food for another thread is how to match the European | perspective above to, say, the SVB case in the US. How on | earth the regulator didn't track the interest rate risk is | beyond me. (I believe the legal explanation is that they fell | in a D-F regime with less regulatory burden.) | fauigerzigerk wrote: | BaFin's role in this is indeed pretty astonishing: | | _" The German financial watchdog has filed a criminal | complaint against two Financial Times journalists and several | short sellers, accusing them of potential market manipulation | over reports about suspected accounting irregularities at | payments processor Wirecard."_ | | https://www.ft.com/content/8e1948be-6060-11e9-b285-3acd5d435... | FabHK wrote: | Indeed, they failed big time. Apparently some BaFin employees | were also trading the shares of Wirecard (and presumably | other companies they were supposed to oversee). | | There's a pretty good book on the whole sad story: _Money | Men: A Hot Startup, A Billion Dollar Fraud, A Fight for the | Truth_ by the FT journalist that did most of the digging. | | If journalists and short sellers hadn't kept pushing (against | Wirecard, auditors, and BaFin), Wirecard might have survived | a bit longer, managed to acquire Deutsche Bank, and then | (with the merged balance sheet) gotten away with it. Mind | boggling. | | However, I must say, after reading that book and several | articles about the whole thing, I am still not quite sure how | they could keep up the fraud for so long, what exactly | happened there, and who benefited. | | (I suspect that crypto firms have taken over a lot of | Wirecard's "business"...) | everybodyknows wrote: | If they do, they'll be tempted to rat out the political | overlords who dictated the "see no evil, hear no evil" policy. | BonoboIO wrote: | [flagged] | dang wrote: | Could you please stop posting unsubstantive comments and | flamebait? You've unfortunately been doing it repeatedly. | It's not what this site is for, and destroys what it is for. | | If you wouldn't mind reviewing | https://news.ycombinator.com/newsguidelines.html and taking | the intended spirit of the site more to heart, we'd be | grateful. | rvba wrote: | Audits in general are such a joke. Rubber stamping and checks | done by students or graduates who barely understand what they are | doing. And even if they detect something, it is considered as not | material and ignored. | | From business perspective the auditors are clueless. | | I dont claim that audits are bad, they are very needed. But the | execution in many ways is so poor. | oblio wrote: | > From business perspective the auditors are clueless. | | Hey! I used to be a young IT grad helping with financial | audits. | | If it helps, I was young and clueless and frequently I still | figured out more about the business processes I was auditing | than the client employees taking care of them every day :-p | ocimbote wrote: | From my experience, you're the exception, not the norm. | | Many audits and compliance frameworks have so many loopholes | and DIY rulings that basically anything is possible and | acceptable as long as whatever you're doing is written | beforehand. | oblio wrote: | Well, I'm not talking about everything, or the high level | picture. | | But I was checking what were called "IT controls" for their | systems and a lot of that stuff was straight forward and | yes, it did involve some rubber stamping, but a lot of it | made sense: "Do you have a written approval process for | adding users to this sensitive system?". "Can you show us | how you mitigate not having a written process?". | | And it wasn't super rare that besides the fact they didn't | have the thing I asked for, but sometimes I couldn't even | get them to understand why it would be a good idea. | | A lot of companies are the Wild West :-) | nimbix wrote: | I worked at a company that had to deal with EY as a part of a | tech certification. Tha auditors barely knew why they were | being sent over. Out managers and techs had to explain the | process to them and assure them the numbers in the report were | correct. The auditors happily accepted that, and then charged | around 100k. Top job. | rvba wrote: | That is a standard audit of any BIG4 company. | fnordpiglet wrote: | All audits should be disclosed in giant black letter on the | front "PAID FOR BY THE AUDITED COMPANY" | | The conflict of interest in external audit is absurd. It's | similar to securities rated rating agencies paid to rate the | instruments by the issuing company. | b0afc375b5 wrote: | As a former CPA/External Auditor this fact confused me the | most. No amount of disclosure will avoid the reality that the | food on my table (audit fee) depends on the clients I am | supposed to be impartial to. This system seems blatantly | idiotic to me. | cjbgkagh wrote: | The audited company often buys consulting services from the | auditors which in effect is an extra incentive on top of the | moneys paid for the auditing service. The mechanism that | allows this is the 'Chinese wall' but that is a total joke. | What really need to happen is to separate out consulting from | auditing. That's not going to happen though as there is just | so much money is consulting. | fnordpiglet wrote: | What should happen is audit becomes a public trust financed | by a tax on all public companies. | heisenbit wrote: | Which in turn creates the issue of how to keep this trust | truly independent. There have been successful long term | campaigns to wrest control of supposedly independent | bodies and align them with special interest groups. | fnordpiglet wrote: | Today they're explicitly not independent, that seems | specifically worse. There are also examples of highly | effective regulators. Financial services is actually | replete with them. | cjbgkagh wrote: | Audits can be very expensive and finding the optimal | depth of auditing is difficult and unlikely that a public | trust would be anywhere close to optimum amount. | Financially savvy people should already know that the | audit process is flawed and should not simply be accepted | on face value. How flawed is usually stated in the audit, | checks are split into controls testing and substantive | testing. Usually the cheaper the audit the less | substantive testing that is done. People need to trust | audits less not more. If an organization is unable to | pass an audit then it's a really bad sign, if they have | to hire EY to pass an audit then that is also a bad sign. | | Also have you ever tried to stop something that makes a | ton of money? It is damn near impossible. If governments | had that much power the people who would lose their money | have a very strong incentive to invest a large portion of | that money into regulatory capture. So any solution that | uses government must be predicated on a non-corruptable | government which do not exist, at least not for very | long. A variation of auditor's prudence. A lot of our | traditions and institutions that are resistant to | corruption were designed and maintained that way to | support wealth extraction via expansive empires, as you | can't export wealth if it all disappears into corruption. | And empires must export wealth from colonies in order to | compete with other burgeoning empires. Without such an | empire to support the resistance to corruption erodes as | the mechanism to reward those who eschew corruption | disappears. It becomes increasingly difficult to acquire | power without first being corrupt. | fnordpiglet wrote: | Here's a counter example: going public. The SEC does a | deep probe, one that has material teeth, and "yes" isn't | a conclusion. Surely the SEC is subject to these forces? | Another example is merger approval, along antitrust and | other regulations. This is a very deep process, clearly | with a lot of extremely powerful money on the line. Or | another, tax collection. Fact is there's actually a lot | of examples of effective controls on business, | _especially_ when financial crimes or malfeasance are the | target. The laws are particularly sharp in the finance | world compared to say, food safety or other regulatory | areas that are clearly captured. | cjbgkagh wrote: | The laws are only sharp in the finance world because it | is more profitable for it to be that way which I think | prevents it from being a counter example. Take for | example the Positive Accounting Theory of Watts and | Zimmerman which seeks to explain actual accounting | practices as opposed to academic accounting practices. | One of their findings was that due to the costly | signaling nature of audits some companies will do more | extensive audits than would otherwise be standard or even | optimal. There is value in trust and that value can be | captured in the form of decreased cost of debt from | lenders and an increase in stock price. Without trust the | whole financial industry implodes and that would be bad | for just about everyone in finance and especially bad for | those making the most money from it. | throwaway18875 wrote: | I once worked at a small pen-testing firm that also conducted | PCI DSS compliance tests, and I can confirm that this is an | accurate depiction of the industry. A majority of the staff | were recent grads, and it was disheartening to see that most | clients were primarily interested in obtaining the compliance | certification rather than genuinely improving their product | security. This, in turn, creates a perverse incentive for | auditors to grant compliance, as clients who don't get the | desired outcome may simply switch to a different auditor. In | such a setup, it's difficult to ensure that security standards | are genuinely upheld. On a positive note, these compliance | tests do help in making sure that card data isn't stored in | plaintext, but beyond that, the overall impact on security | seems rather limited. | Jcampuzano2 wrote: | Not financial sector, but in my own experience working in | tech consulting partnering with large management consulting | firms in the past, security was the last thing to get checked | and the first thing to be neglected. | | Sure there were some "bare minimum" things that was expected | to be upheld like passwords not being in plain text, but come | time for a security audit it was exactly as you say. Not done | out of genuine interest in security but as a rubber stamp of | items to be able to show the client "look we did this" | | Not even joking when I say that the development plan for most | of these projects basically just tacked on a few days in the | last week for "security improvements" alongside things like | "tech debt" rather than it being a top of mind thing for the | entire development process. | Giorgi wrote: | No worries, ChatGPT will eleminate ALL audit business in year or | two anyways. | hestefisk wrote: | Will be interesting to see if Everest moves ahead after this. | TheRealPomax wrote: | "The accounting-and-consulting giant is being sued for $2.7bn by | the administrators of NMC, a London-listed hospital operator it | had audited and which went into administration after understating | debts by $4bn." would be cool if the article could say why. I | hear that's something good journalists do. | sega_sai wrote: | And then there is also this | https://www.ft.com/content/5e6f15ce-9eda-4b04-883d-686617020... | -- cheating on ethics exams by EY. It's all very funny that the | whole system is built on assumption where the supposedly | knowledgeable, ethical experts audit companies, but in reality, | it nowhere close to that. | catchnear4321 wrote: | if only this were limited to ethics and compliance. | | expertise is a virtue in modern society. signaling it well is | often easier and more successful than developing and | maintaining it. | | damn lucrative, too. | | this is why we can't have nice things. | pts_ wrote: | It starts with interviews which select you based on how well | you speak instead of what you speak. | oezi wrote: | They interview you on whether you were interviewed before. | version_five wrote: | "Cheating on ethics exam" sounds bad but it amounts to not | taking some boring corporate CYA compliance training seriously, | it's not actually unethical in my opinion. If anything it | speaks to how bad corporate training is generally, not the | ethics of the people "cheating". | appleiigs wrote: | Probably similar to you, I couldn't read the FT article | because it's behind a paywall; however, I'm familiar with the | general story. It's not some corporate training. They, plus | many other accounting firms, cheated on professional | licensing exams. Egregious because the accounting firms are | doing the opposite of their sole purpose - add trust to the | financial system. | koops wrote: | They cheated on the ethics exam, THEN they lied about their | cheating. | crazygringo wrote: | > _Auditors insist that their services cannot be treated as a | guarantee that accounts are truthful, and note that sophisticated | frauds are by their nature difficult to spot._ | | As someone who knows nothing about this area, I don't understand | why audits won't always detect fraud. | | I would naively assume that auditors have access to all financial | accounts and records of cash flows and they make sure they all | add up and are categorized correctly. And that if fraud is | happening, there will necessarily be numbers that don't add up. | | So what am I missing? Do they not have access to all accounts and | statements? Is it just a top-level glance at the numbers because | there isn't enough time/money to scrutinize everything? Or can | the numbers all add up but there's still fraud? | | Is there anyone here who can give an example of something | fraudulent that is hard to catch? | niklasrde wrote: | Plenty of things aren't necessarily evidences. Just because you | have access to account statements telling you you got a bunch | of money coming in from person X for provision of service Y and | a matching contract doesn't mean that the contract has been | fulfilled or that the service was worth the money. | | Same with picking a supplier - there are processes in place | that try to assess quality, speed, price, effort, etc, but in | the end it's humans making decisions, humans with bias and the | ability to lie and make untrue statements as to how they made | their decision. | | Then there are the usual money laundering techniques, eg art | dealing. You could easily spend a few million $$ on art for, | say, a big office. And the VP's niece might be an artist that | can demand that on the open market. | ozim wrote: | There are different types of audit. | | I expect that EY does not have access to numbers and any | account information. You give away as least information as you | can because you cannot just trust auditing team from some 3rd | party not to use that data in collusion with your competitors. | | What I expect they do have access to is documentation for | procedures and processes. They audit for example if all | procedures are written down and check proofs for procedures | that were done by employees. | | So it is like you have to clean the toilet and you have | procedure that whoever cleans the toilet signs list. Every end | of the shift manager checks the list and checks toilet if it is | clean. | | Fun part is having signed list for a day does not tell you that | for half of the shift employee was only signing the list but | did not do any cleaning and you might have dozens of customers | seeing how terrible dirty toilet was. | appleiigs wrote: | > Every end of the shift manager checks the list and checks | toilet if it is clean | | I think it's even worse: the shift manager checks list to see | if the toilet is clean, but they don't actually look at the | toilet. | hef19898 wrote: | Quite the opposite, EY as an aidotor has, and is supposed to | het, access to any financially relevant data, documents and | transactions they need to their job. That includes, among | other things, invoices to customers, suppliers, inventory | data and transactions, bank statements, credit card data, | contracts with clients and suppliers and so on and so forth. | That is actually part of a financial auditors job and | responsibility. Yryong to minimize data access is exactly | what Wirecard did, and EY accepted for some reason. Which | absolutely not normal, it is in fact a major red flag. | hahla wrote: | It's hard to grasp how complex accounting can be for companies. | EY is not auditing small businesses, these are large | multinational companies and per audit guidelines they likely | just audit random samples of accounts. It's not as simple as | let's pull a listing of all bank accounts and make sure | everything ties. The actual effectiveness of audits is a | different conversation. | mostlystatic wrote: | Don't know much either, but I found this Money Stuff story | interesting: | https://www.bloomberg.com/opinion/articles/2023-01-04/privat... | | Someone was CFO at two companies and the auditors only checked | the year end balance against his falsified statements. So he | transferred money from the other company temporarily to make | them match. | | """To avoid detection, Morgenthau doctored African Gold's | monthly bank statements by, for example, deleting his | unauthorized transactions and overstating the available account | balance in any given month by as much as $1.19 million. [...] | | Morgenthau knew that African Gold's auditor would confirm | directly with the bank the actual account balance as of | December 31, 2021, as a part of its year-end audit. [...] | | Morgenthau deposited more than half a million dollars of | Strategic Metals' funds into African Gold's bank account on | December 31, 2021, because he knew that African Gold's auditor | would confirm the account balance as of that date, in | connection with African Gold's year-end audit. """ | | https://www.sec.gov/litigation/complaints/2023/comp-pr2023-1... | badpun wrote: | Interesting. I guess that is the inherent flaw of all audit | methods which predominantly check the paperwork, while rarely | venturing out into the real world. With sufficiently bad | actors, the whole paperwork can be doctored and completely | untethered from reality. Such bad actors need to only make a | plausible Potemkin village for the controllers in selected | spots where they are expected to verify if reality matches | presented paperwork. | belter wrote: | Enron was doing similar trick by selling buildings to another | business entity, and buying them back after the audit. I | might not have all the details correct but it was the same | type of shenanigans. :-) | electroly wrote: | > Or can the numbers all add up but there's still fraud? | | Yes, of course. Consider that you've set up a separate company | and you intend to steal money from your employer. You've got a | buddy in accounts payable that you're in cahoots with. You get | set up as a vendor, you send invoices to the company, they pay | them, and you never deliver anything. The company's numbers add | up. They pay vendors for services all the time. Whether the | vendors are real, the contracts are legitimate, and the | expected services were provided isn't on the account | statements. | someweirdperson wrote: | Wirecard was the other way around. Send invoices to companies | that don't exist, and transfer the earnings to a bank account | that does not exist either. Don't forget to pay taxes of | couse. Get bonus payments and earn nicely on rising stock | prices. | AndrewKemendo wrote: | >you never deliver anything | | A thorough audit would reveal this as well though, as it | would actually evaluate the entire supply chain is actually | working as intended. | electroly wrote: | Right--this is a demonstration of how an audit is more than | looking at double-entry accounting statements and "seeing | if the numbers add up." That's the point of my post. | toast0 wrote: | Version two of this fraud is you do supply something, but | it's either a) something the company doesn't actually use, | so you can provide a stand-in, knowing it will be stocked | and later destroyed, b) something worthwhile that you've | bought and marked up with help, etc. | noisy_boy wrote: | Just because you have access to the entire source code of Linux | kernel, doesn't mean you'll be able to find all the bugs in it. | Sometimes the numbers may add-up but it is the patterns which | may be suspicious. Automation like sanity checks/pattern | matching etc (+ ML now a days) would help a great deal but even | then it is not a guarantee. | puppymaster wrote: | Bad analogy. Auditors have conflict of interests and risk | losing clients if they keep asking too many 'wrong' | questions. Reputable ones will refuse to sign the final | audit. Less reputable ones will even help clients cook the | book. | | It's more akin to you being denied Linux maintainer privilege | if you keep finding bugs and annoy Linus in the forum. Which | is hardly the case (heh). | KyeRussell wrote: | OP asked how auditors couldn't pick up on everything. The | question assumed good intent. It's a fine analogy. | johnwalkr wrote: | "Exposure: Inside the Olympus scandal: How I Went from CEO to | Whistleblower" is a great book that is in part about fraud by | mergers and acquisitions. | ryzvonusef wrote: | > As someone who knows nothing about this area, I don't | understand why audits won't always detect fraud. | | as some one who studied accounting and auditing, here is a page | from my text: | | https://kfknowledgebank.kaplan.co.uk/audit-and-assurance/aud... | | but the tl;dr is that auditors don't provide "insurance", they | provide "assurance", specifically _reasonable_ assurance.... | that the accounts are "true and fair" | | or to be put it in even simpler terms, they can't guarantee | something fishy did or didn't happen, the transaction scope is | just too much, they will "try their best" and do enough of a | check to say if anything fishy pops put. > Is | it just a top-level glance at the numbers because there isn't | enough time/money to scrutinize everything? | | yes you hit the nail right on the head. Of course things have | changed, govt have put their own requirements in addition to | auditing standards, but still that's an adequate summary. | | the more through of a check, the more difficult, time consuming | and expensive it becomes, and at some point the fraud becomes | cheaper than the audit. | | but even more importantly is the mentality. There is a phrase | we were taught "Auditor is a watchdog and not a bloodhound" | that kind of explains what auditors are supposed to do. | | ---- | | i left the field but i'll try to answer to the best of my | ability | itissid wrote: | What Engineering tech/AI tech do you think could make the | process more thorough but not proportionally expensive? | ryzvonusef wrote: | how do you technologize intent-detection? maybe chatgpt-x | could do it, but that's the crux. | | i am NOT haying pattern recognition won't help, search for | audit software and you will see each of the big four has | specialized software. (here is EY's: | https://www.ey.com/en_gl/audit/technology) | | the problem is the issue of perverse incentives, IMHO. | Audit takes a butt load of time and money, and disrupt | business while they do their thing, and pays peanuts | frankly... and audit firms earn more from associated | services, contracts which they can earn if they don't | bother the management too much. | | yes, there are a dozen caveats and stuff, but frankly, the | issue comes down not to technology but to people. The same | network of people are in the few audit firms, and the spin | out to join companies sometime later, who hire the same few | audit firms, and so on. | FabHK wrote: | So, Wirecard claimed to make huge profits. Now, the auditors | would expect to see a pile of cash in the accounts. However, | Wirecard claimed to expand rapidly by purchasing other | companies in Asia. Those, then, booked most of the "profits" | and were the assets on the book. Wirecard produced bank | statements from the Philippines claiming that they had $2bn | cash sitting there. So, to the auditor, the numbers added up, | and the whole story was somewhat coherent. It's just that the | foreign businesses and that cash didn't actually exist. | stefan_ wrote: | Which, to be clear, is a failure of the auditor. We don't | need auditors to make sure the numbers add up; the whole | point of double-entry bookkeeping is "the numbers always add | up". | epups wrote: | Depends on the scope of the audit. In most cases that's | precisely what they do, make sure the numbers add up, and | we do need that. | ejb999 wrote: | >>Is there anyone here who can give an example of something | fraudulent that is hard to catch? | | Someone in control of the checkbook at a medical facility who | starts a shell company with some innocuous sounding name (i.e. | Smith's Medical Supply) and and regularly submits bills in low | enough amounts that they don't raise concerns - which of course | is relative to the size of the company - but say you run a | practice that has $50M in annual revenues, it would be quite | easy to send in bills for supplies that only amount to 1-2K per | invoice over a long period of time. | | This kind of thing happens a lot, and without actually | contacting every single vendor, verifying they are real, and | verifying every thing that was purchased, can be very difficult | to root out - especially with supplies that get used up, as | opposed to hard assets they are supposed to be around for a | while. | | When the numbers are small enough, nobody even bothers to | verify them - even though over years they can add up to a | significant amount of losses. | | I hear about stories like this all the time - it is pretty | common. | Aeolun wrote: | > Is it just a top-level glance at the numbers because there | isn't enough time/money to scrutinize everything? | | This seems to be the case for our EY IT audits anyway. Just | send them the right screenshots and all the boxes will be | ticked. | calderarrow wrote: | Auditors have access to all the financials, but they only audit | a statistically significant sample, because it would be | incredibly expensive to audit every transaction. | | Fraud can be easily detected if one employee is committing it. | Fraud is substantially harder to find if two employees are | involved, specifically 2 employees involved in internal | controls. | | For instance, if you have a policy that all checks paid over | $10k require 2 signatures from corporate officers, it's easy to | catch a check with one officer forging the name of a second in | order to siphon money to his 3rd party shell company. | | But if both officers make a shell company, they can post the | check as usual, and the check would pass auditor checks unless | they looked into the specific corporation being paid, which may | be out of scope if it's a relatively small transaction. | | Ultimately, you don't need assurance that the financials don't | have fraud, you want assurance that they're materially correct. | Whether the company lost 10k to fraud or waste or incompetence | is almost irrelevant for the investor, because the company has | 10k less money. Obviously they'd prefer it not be due to fraud, | but the impact on the financials is more or less the same. | | Source: am a CPA | hef19898 wrote: | As a subject of some of those audots, and as being | responsible for a subset of relevant processes, I can | confirm. I'd just add that, at least under SOX audits, also | the internal controls are audited. And if those controls are | laclong, that is a, potentially major, audit finding as well. | lumost wrote: | Curious, this seems like a good place to deploy AI tooling. | If I'm involved in internal controls, I'll know what the | auditors look for. | | If an AI can augment the auditors to find more suspicious | transactions such as to companies with no employees, or | conflicts of interest - I could probably find more fraud. | calderarrow wrote: | I'm very excited to see how technology impacts financial | reporting in the future. We're rapidly approaching a point | where every single transaction could be audited in real | time with software, and the details of each transaction | automatically scrutinized. | imagine99 wrote: | "Excited" is one way of putting it. If we had any chance | of this working or ending well, we wouldn't get daily or | weekly posts here on HN of people having their | Stripe/AWS/PayPal/Google accounts banned. Look forward to | "Your company has been locked, please contact your | auditor AI to get no help whatsoever"... | grogenaut wrote: | But that's the exact opposite to the economics of | consulting esp at these big companies. The goal is to get | as many low cost employees doing the most amount of high | bill work as possible to make the most profit. Automation | or ai would just lower what you can charge by removing 1000 | hours per year of a college grad making 50-90k while | charging at 500k a year for them. And you need these rates | to cover for the highly paid sales leads and project leads | as well as profits. You'd have no good way to pay your high | bill rate applied scientist. | | But why does cost not matter on the contract? A few | reasons, one being is these are hourly contracts and the | consultants know the customer has to finish the project. | there will be more money. Second the customers are picking | one of these companies on rep. If they fire the consultants | they just rotate through the rest of the big five. There's | no real incentive for the big five to change their model | with customers who are making decisions based on who | sponsors the golfer they like. Just like how every VC used | svb, go with who you know. | | This is why I left consulting. Every good shop gets wooed | by the siren song of butts in seats economics. After | consulting I've moved to where I sonetimes have to damage | control projects from the big 5 and other high end large | tech consultants on code. They're all doing the same thing | if they get that big. | | We had 2 recently with nationally renowned consultants | where the provided heads couldn't use basic shell scripts | or basic cloud cli, all at a senior DevOps bill rate. I | ended up interviewing several of them and the only one of | them id trust was their senior principal architect (5% | time) who I'd put as a Jr/sr sysde/sde at our co. We fired | the consultants. Luckily we only wasted money, our pm, and | a few hours of my time. | | Beware any company that competes with beer and insurance | companies for commercial slots. | Cazafr wrote: | Ex-IT Auditor and I agree. I was screaming for automation | in the audit process for years and nobody would listen. | Many of the employees are burnt-out and hate their jobs. My | prediction is that governments will decide to audit | companies using some kind of AI and report back any | findings to shareholders, while ensuring correct taxes are | paid. Big 4 has 5 years max to pivot their business or | they're going to die. | 7952 wrote: | I guess ERP companies are better placed to offer this | kind of thing than an accountancy? | appleiigs wrote: | Most of the others replying here are generally saying fraud is | missed because it's complicated; however, in my opinion, it's | because the auditors don't know anything else other than "do | the numbers add up". Once the numbers do add up, they stop | there. | | The vast majority of auditors are only 3 year or less years out | of school. They don't even know how a corporation is run at | that point, so how are they supposed to catch anything | suspicious. | vrglvrglvrgl wrote: | [dead] | mkl95 wrote: | I wonder how many bn the EU economy would save every year if Big | Four companies were banned everywhere. | odiroot wrote: | Now do McKinsey. Probably would work out even better. | 0xDEF wrote: | When GDPR was introduced I was hoping it was technical people who | would audit software for GDPR compliance. | | Instead it is lawyers and accountants working for these big | auditing companies. | | GDPR is good but the absolute insanity of how GDPR is being | applied cannot be understated. | Aeolun wrote: | TBH, I don't understand why anyone would be naive enough to hire | EY and then actually trust them. | qwytw wrote: | Well I bet wirecard did trust them to help them to commit | fraud. | smugma wrote: | As a publicly traded company, you have to hire auditors. If you | don't like EY you can go to PwC, KPMG or Deloitte, but what's | the difference? | Aperocky wrote: | the incentives are misaligned. | | Publicly traded company should pay a small fee to SEC each | year and they be responsible to hire auditors, for everyone. | Or even better, market bid for auditors with incentives for | finding irregularities. | | With the current line up of incentives, auditors merely | ensures any fraud are slightly better hidden. | hef19898 wrote: | SOX is such a well thought of law. It requires any public | company listed in thr US to have one auditing company and | one "consulting" company supporting the set up internal | controls and processes, prepare the books and so on. Those | comoanies have to br changed every couple of years (if | memory serves well every four years), and you cannot simply | switch roles and stay with the same two. Hence a market | demand for the big four: A prepares the books, B audits | them. Then C replaces A and D replaces B. | | Read up on regulations, it helps! | allendoerfer wrote: | The others might be bad, but they are not Enron (EY Germany = | former Arthur Andersen Germany) and Wirecard bad. | wouldbecouldbe wrote: | EY, Mckinsey, Accenture, BCG all of them should be banned. | | They were the big proponent of the the just in time management | principles in the hospitals in the Netherlands. | | Then when covid came they were the first the market on twitter & | linkedin for advice how to improve your health inventory & deal | with covid challenges. | | Serious impact with zero skin in the game. These consultants are | parasites. | | They are mainly used as proxies to make decisions managers dont | want to be responsible for. | baxtr wrote: | [flagged] | wouldbecouldbe wrote: | It's not hate, it's accountablity. They are very powerful and | rich institutions in the Western world that are able to make | billions, of which a large part tax payers money and have in | many cases a negative impact. | baxtr wrote: | [flagged] | DANmode wrote: | I'm reading a displeased comment because of a possible | connection to one of the listed firms, or a similar one. | | Maybe unintended. But that's what I read into it. | appleiigs wrote: | I think your comment is worse in nature than OP. Are you | adding any counter-ideas to the conversation or just | complaining? And now I'm complaining about your | complaining. | baxtr wrote: | Actually, I have to admit that you're right! | | The comment's missing nuance triggered me. Also the word | parasite. I should haven't replied. | detuur wrote: | Seems to me the comment is a concise, if clearly one-sided, | narrative of misaligned incentives of the consulting industry | and its particular role in the difficulties that the Dutch | healthcare providers experienced during the pandemic. | | Hardly an appeal to hate. | looping__lui wrote: | No. The article this hate comment responded to talked about | auditing. | | McK and BCG do consultancy and don't do auditing. | | The one certifies your car is safe on the street and is | held liable if they didn't inspect properly. | | The other is a car tuning operation that doesnt certify | anything but gives you an edge on the racetrack. Or you | hope it does. | hef19898 wrote: | Well, EY didn't get banned from consulting, but rather | accounting work. And the latter is crucial, and even legally | required for all and every public company. The reasons are, | among others, Enron and , yes, Wirecard. And the fact that EY | screwed up Wirecard is the reason they got banned. | | By the way, it was KPMG that caught the Wirecard fraud. And | KPMG is in the same league and business as EY. | | One of the reasons, IMHO, that Wirecard managed to get away | with it for so long is, that as a German company, they didn't | have to switch Accountants and have another accounting firm | helping them in preparing the books. That would be a SOX set- | up, and it makes perfect sense. It helps to prevent fraud and | it protects retail investors, both of which are good things in | my book. | | Strategy consulting, the stuff BCG and McK does, is different. | As is the outsourcing and consulting Accebture does, which is | also different from what McK does. The topic so, is EY and | accounting. | looping__lui wrote: | McKinsey and BCG do not audit companies. They are consultancies | and do not certify accounts to be "correct and legit". Think of | auditing companies a little bit like of vehicle inspection | shops certifying your car is safe for the road. | | Consultancies are not doing that. | | I'm not sure why certain businesses should be "banned" because | YOU believe they do not add value. Do you pay them? No. | | It's not correct that they are proxies for decision making that | mangers don't want to be responsible for. Neither McK nor BCG | could run at the scale they do for five decades if that was the | case. | | But I suppose that was just your happy Sunday rant of the day | to let off some steam. | 331c8c71 wrote: | > I'm not sure why certain businesses should be "banned" | because YOU believe they do not add value. Do you pay them? | No. | | Yes, whenever they are hired by the public sector. | http://recreation.gov is one example in the US I know about. | eastbayjake wrote: | That was Booz Allen Hamilton, they are a government | subcontractor that largely provides long-term staff | augmentation... totally different type of professional | services than strategy consultants or even system | integrator (SI) shops like Accenture and Deloitte. | looping__lui wrote: | So the public sector should not hire private contractors in | general. State it like that then. | | How is a mismanagement of consultants by public sector | entities a justification to "ban" an entire sector? | qwytw wrote: | Well the least they can do is force band auditing | companies from offering consulting services because that | is a clear conflict of interest.. | looping__lui wrote: | That I do agree with. | | BCG and McK don't offer auditing. | 331c8c71 wrote: | I was objecting to "you don't pay them" specifically. | looping__lui wrote: | With governments having like 30-50% GDP share of the | economy (e.g., tax versus GDP) - we are gonna have a hard | time banning literally everything based on that... | wouldbecouldbe wrote: | We should probably ban the "no skin in the game part" | instead of just the sector. Even though there have been a | few court cases, the effect was tiny and they are still | considered reputable. In some cases probably more | personal lawsuits should be done more often (also for | politicians and civil servants) | epups wrote: | I don't get it. Do you think auditors and consultants | that screw up on their job should be prosecuted? | TulliusCicero wrote: | Depends on the nature of the screw up and on how high up | the hierarchy they are. | | At a sufficient level of negligence and authority -- yes. | moremetadata wrote: | [dead] | _fat_santa wrote: | They are "professional scapegoats" IMO, companies pay them to | take the blame and their business model seems to be: collect | fees, do an "audit", pay the fine, keep the spread. | zzzzsleep662 wrote: | Audit results are taken very seriously by companies operating | in heavily regulated industries that intend to stay in | business, so healthcare, finance, insurance etc. | | If you are a team lead doing programming for one of these | sorts of companies and the auditors come round with some | findings, I promise you that you need to take it deadly | seriously. I've seen engineers fired for cause by the board | of directors of a fortune 500 for failing to do so. Word gets | around and nobody will touch them after that. Its literally | career ending to poo poo audits. | | Tech companies are the odd man out when it comes to audits, | which is why its possible for so many in a thread like this | to have opinions that are so wildly inconsistent with | reality. Who knows how much longer that will last, | particularly with advances in AI. | DANmode wrote: | What does "failing to do so" look like most times, if you | don't mind me asking? | zzzzsleep662 wrote: | No I don't mind. | | It means delaying or coming up with excuses for why you | can't have security concerns remediated within the agreed | upon time frame. Regardless of the technical challenges | involved. | | Audit remediations are not the kind of projects where | delays are acceptable. You absolutely must drop | everything else you've got going on in those situations | if you even remotely get a hint that the project might be | behind. | | The reason here is that your boss and your bosses' boss | can't save you. If bad audit results come back you can | bet the C suite had an emergency meeting discussing how | to explain them to the board and the timeframe for | getting them fixed. And you can bet they made some sort | of commitment. | | There are hundreds of millions to billions of dollars on | the line in insurance premiums and future legal process | in some cases. Oftentimes cyber insurance will mandate | some kind of timeframe for remediation upon notification | of a security issue. So you'll get hit with penalties | well before the next audit if you delay. You don't want | to be the programmer(s) that missed a deadline there. | looping__lui wrote: | No. This is nonsense. | | You audit accounts that are falsified and give thumbs up: you | close shop, are held liable for damages and could go to | prison. | | Auditing companies are crucially important for a working | economy. Bank loans, bonds, equity markets would all be chaos | and fraud mayhem without them. | phatfish wrote: | The trouble is, in no way do they act like they are | "crucially important for a working economy" (which i agree | with). They abuse their position at every opportunity. | | We might as well turn "audits" over to the short sellers | like Hindenburg Research, at least they make money by | exposing rotten accounts rather than hiding them. | | The fact that being an activist short seller has become a | business model in the last ~8 years tell you how bad the | likes of EY are. | selimthegrim wrote: | Exactly what good did Moody's do with 2008 and SVB? | looping__lui wrote: | Moody, Standard & Poors and Fitch are RATING agencies. | | RATING agencies are different from AUDITING companies | different from CONSULTANCIES. | | Rating agencies were somewhat restructured after 2008 | (but are still kind of edgy) - because they did literally | write AAA on a piece of paper for money. But there | ratings were opinions and had no real legal meaning. | uni_rule wrote: | I was about to say aren't there only 4 auditing agencies | in the entire US after the fifth fucking imploded after | the Enron scandal due to their reputation being | tarnished? | looping__lui wrote: | No, there are more. But auditing an S&P500 corporation is | pretty complex. I am not in the auditing S&P 500 | corporation business and it looks like there may be six - | but the Big4 literally seem to do 491/497 companies. I'm | not sure I am too concerned about the auditing quality of | the Big4 tbh though... | | Enron's problem was the "consulting AND auditing" mess | with conflict of interest if I am not mistaken. | amrb wrote: | The big four prop up the business world, status quo. | | Say your a large company listed on the stock market, so pick | from the four big companies because serious companies use them, | who's the CFO an ex-account from the big four who knows their | orderand process. | | Now if no other companies can enter that bubble, are we really | surprised at the outcome!? | Cantinflas wrote: | Agree about the proxy part for the consultancy business, it | should be common knowledge and those manager should be fired | ksec wrote: | >They are mainly used as proxies to make decisions managers | dont want to be responsible for. | | Interesting I just watched a video [1] on consulting yday. It | is on something similar happening in the UK. And another video | ( couldn't find it ) that suggest unless there are some other | interest for these consultant, ( like outsourcing certain | function to certain clients ) all they do is to make a case for | what the management _wanted_ to do anyway, and rubber stamp on | it. And mostly because management wanted something on their CV | / resume, so they could move on to another job and repeat the | same process again. | | [1] https://www.youtube.com/watch?v=Aj2od-Jpanw | epups wrote: | What is "skin in the game" in this context? | version_five wrote: | This article is about auditing, your comments appear to be | about consulting / advisory businesses. | | Otherwise, I mostly agree, though I don't support a ban. It's a | complex topic - companies are free to waste money how they | want, and even governments do need real advice. It's just too | bad they pick such shitty advisors to support decisions they've | already made instead of actually seeking good advice. | oxfordmale wrote: | Yes, companies should be free to waste their money as they | want. However, auditors serve a purpose and that is to | identify any fraudulent activities. In the case of Wirecard, | EY failed at this. | theK wrote: | Correct and that is why they should be made accountable for | this. I'm with gp that this particular ban is a bit harsh | but nonetheless it is the state determining | accountabilities and it seems to have been a thorough | investigation. | | OTOH, the monetary penalties where a bit on the light side | so maybe that also balances out the rather harsh ban. | vajrabum wrote: | Advice for money at least at the top level is in the long run | always going to end up bad advice. The incentives are pretty | much all about lining up more work for the firm. | euix wrote: | My partner works at one of these big four companies and the way | she puts it - they essentially function as outsourced expertise | for governments the world over - essentially expert functions | have been hollowed out of state governments and into the | private sector and thus there is really no expertise within the | national government level to handle complex tax and accounting | situations and they are instead all outsourced to these firms. | | We should really consider the present western world as some | sort of marriage of corporatism and government - they are | really hand in hand as two sides of the same coin. | jkukul wrote: | > there is really no expertise within the national government | level handle complex tax and accounting situations and they | are instead all outsourced to these firms. | | worth mentioning that the complex tax situations are the | effect of lobbying of the big four firms in the first place. | dragonwriter wrote: | > We should really consider the present western world as some | sort of marriage of corporatism and government | | "Corporatism" is a model of society in which government, | private industry, union, and other power centers are | integrated, mutually cooperating, and centrally coordinated. | A "marriage of corporatism and government" is just | "corporatism". | | (Corporatism is an element of, but not coextensive with, | fascism.) | 55555 wrote: | Yeah but then the experts at the big 4 are 23 year old grads | with no experience. I don't get it. | theK wrote: | Not if you look at Audit (which is what the EY story is | about). In Audit you have legislature requiring | accountability structures and typically there will be one | or more persons in an audit that are personally accountable | about the attestation. These people in big fours typically | are some certified auditors in their 30s and also a partner | at the firm (40s and up) | dhruval wrote: | Partners and managers review and sign off, but the people | designing and doing the actual audit procedures are | mostly in their 20s. | theK wrote: | That is not correct. Audit is very regulated inside big | auditing companies and the processes and evidence | requirements are almost always part of an internal | auditing framework that is designed by very senior staff. | | Shure a lot of the leg work is being delegated off to | juniors but that is not of substance here. | | What you talk about might be happening in smaller shops | but not on tier 1 audits inside the big four, there just | is too much at stake. | wil421 wrote: | I know a few people who went into Audit after Masters in | Accounting degrees. It was basically a 2 year post grad | program to excel their careers. None of them wanted to go | for partner it was just a 2-3 year box to check. | | I know much more people on the IT Consulting side who are | in it for the long haul to partner or whatever. The job | was also much better than the Audit scene, 80+ hour days | in a sweaty conference room and next to no days off. | | They both had he same MO, send in the 30s\40s flashy | employees who then delegate all the work to 23 year olds. | Once the project is in full force they tend to leave and | another crew comes in who interfaces with the low cost | offshore teams or 23 year olds. | theK wrote: | You do have to delegate work in audit as well as in the | other professional services disciplines. Nobody will | contest that. What makes audit stand out though is that | legislators require and enforce accountabilities (as the | wirecard story clearly shows). | whimsicalism wrote: | I worked in government and they were still obviously | smarter than the gov workers. Experience is not everything | and I think that should actually be a major lesson from | government employment practices. | ZoomerCretin wrote: | No lesson will be learned as government employment is | purposefully handicapped. | portpecos wrote: | How can a 23-year-old with four years of college | experience and one year of corporate experience possess | more expertise than a government employee who has | dedicated a decade to working within their specific | domain? | free652 wrote: | The latter just collects the paycheck and could care less | about anything else, they won't get fired. | DANmode wrote: | Lends even more plausible deniability when processes aren't | followed, or a "mistake" is made (possibly at the behest of | the client). | Traubenfuchs wrote: | Because approaching 30 and being in the senior consultant, | (junior) manager and director positions ones primary job at | Deloitte becomes selling / pitching work that those below | you will do. | | I was a Deloitte manager. | 23B1 wrote: | I worked at Accenture as an MD for several years, primarily on | innovation and transformation programs. I have plenty to say | about them, but I think the key driving factor for all of the | grift and awful performance has a lot to do with how they | operate, which is to sell in a big program, then pull a | switcheroo and try and pack a project with as many low-paid MBAs | as possible - kids straight out of college tasked with a (thin | slice) of a major strategic program, or find some sub to farm it | out to at a really low price. | | Since going out on my own as a consultant - focused on the same | sort of growth programs, as opposed to audit - I generally find | that I can achieve the same outcomes for a client with a handful | of people on a a reasonable budget. | | I left primarily because it's just bonkers how much pork these | big consultancies manage to get away with packing on, to the | point where it was a major reputation risk to me. | | I'd encourage any CXOs out there seeking to outsource major | strategic initiatives to consider hiring individuals or smaller | entrepreneurs with experience inside the bigs, but without the | downward pressure to get as many butts in seats as possible. | chinabot wrote: | Lets face it, the answer from chatGPT would be almost identical | to what these consultants say, however the main reason for | consultants is to CYA so if the decision is bad, you can blame | someone else. | 23B1 wrote: | I won't deny that I've been using it as a research assistant | to investigate a lot market forces and conditions, but as | always I have to support it with quality data and citations | if it's gonna play in the board room and with savvy | institutional investors. | sizzle wrote: | Their consultants are probably utilizing ChatGPT now to 10x | their buzzword bingo outputs | number6 wrote: | ChatGPT is not that old. So someone had to do the writing | unixhero wrote: | Ex accenture here, left and started my own. M u c h better and | my clients love that I am not from a big shop. Money is good | and life is smiling. | 23B1 wrote: | Congrats man feel free to reach out if you ever want to | collaborate. 05-trivet.turner@icloud.com | | I'm pure strategy, most of my clients are 'intraprenurial' | CIOs, CSOs, CFOs. | benatkin wrote: | Part of the grift is that roughly one of ten of these unproven | low-paid MBAs will be exceptional. So when one does a good job | they'll use it as an example of typical performance. I see this | happen with dev talent agencies and unproven software | engineers. Only the great projects go in their portfolio and | the satisfied clients are happy to appear on their website | because they don't realize they just got lucky. | | With software engineers some of the remaining 90% really are | talented but spend most of the project learning on the job, | fixing an issue in a few hours that a senior engineer in their | stack could fix in 30 minutes with their arcane knowledge. | Meanwhile the senior engineer goes to the scrums (they love to | hide behind agile). It's a solid grift. | 23B1 wrote: | Yeah I mean I don't blame people for celebrating their | successes and sexiest projects - I certainly don't include | all my fails in my portfolio, heh. | | What's interesting about this article (and the general state | of management consulting) is that the cracks are beginning to | show in these big firms that used to have a "nobody got fired | for hiring EY" reputation. | Jolter wrote: | Interesting, but how does your experience relate to the linked | story? Is EY somehow related to Accenture? Are Accenture also | doing auditing? | 23B1 wrote: | They're both global professional advisories with a ton of | similar services and competing for similar clients. They | ought to be thought of as basically body shops for management | consulting. | andrewmutz wrote: | Does outsourcing major strategic initiatives even work? Seems | like the definition of the sort of things you shouldn't | outsource | [deleted] | benatkin wrote: | I think the answer is "it depends". | 23B1 wrote: | Well for my clients they're often up against maxed-out | resources or employees who are just mired in their day-to-day | and need a sort of entrepreneur-in-residence. For me, I'm | given one or several major strategic initiatives and then my | job is to build a 'demonstrator' that hits all of those | without needing to fully build them out. | | My client (typically an executive) can then take the | presentation to his or her leadership team or board to unlock | the funding required to stand up the 'execution' phase of | that initiative internally through hiring. | | So I guess you could say I build MVPs or proofs-of-concept | that, if they work and are desirable to the company, get spun | out into new lines of business. | californical wrote: | This sounds like amazing work, the best part of software | engineering is coming up with a prototype and | experimenting. Most of my personal projects are basically | "I wonder if X is easy or hard, and if I can make it work" | | Do you stick to a particular business domain? Eg finance, | transportation, e-commerce? I'd think it would help you to | build MVPs if you stayed in a specific domain, but it could | be fun to move around a bit too :) | | Also: how do you find clients? I feel like again this would | come from having connections in a specific business domain? | It feels like it should be hard to sell yourself as the | "prototype person", but how do you convince someone to let | you prototype for them for a while? | throwayyy479087 wrote: | [dead] | Havoc wrote: | Headline seems a little overdramatic. | | >listed | | >new | | >in Germany | | >two years | | ...that's gonna be like one or two clients max. Very bad PR but | complete non-issue from a biz pov | [deleted] | expertentipp wrote: | Still beter than one-off few million EUR fine... billion worth of | fraud here, billion worth of fraud there, and pretty soon we'll | be talking about real consequences. | morsch wrote: | (for two years) ___________________________________________________________________ (page generated 2023-04-09 23:00 UTC)