WSJ reported last week on the weak oversight of firms that issue audit opinions. The article focuses on the differences between public and private companies. Public company audits are policed by the government and are focused on protecting investors; private company audits are policed by their peers. The peer review audits do not have to be published and rarely result in a failing grade; the article says that, of the firms that disclose their results, “…only 4% (receive) the worst ‘fail’ score on the three-grade scale.” It’s not surprising that a peer review can lack substance or rigor, as these firms “self-police” each other and follow similar audit procedures, which can lead to inherent problems akin to groupthink.
Private markets need better audit processes. WSJ points out that routinely auditors and audit processes fail to identify fraud. Auditing firms often accept management’s word as a given and rarely validate the data to be used in the audit. This demands for better data validation to assist accounting firms with its audit processes and to provide indicators of potential fraud. We must have provenance of data, and be able to identify the Golden Copy of data that is relied upon, or will be relied upon…this is part of Data 3.0 for Web 3.0