Over this series of posts, we have built up a pretty detailed picture of what the Big Four mean when they promote the “independence” of their assurance services. The standards and regulatory mechanisms of independence are geared to the audit of financial statements. The professionalism with which independence is entangled expresses a tension, as just characterised, between a bureaucratic rationality and a legal rationality.
Can this concept of independence cope with the assurance of CR reports? It looks on the face of it unlikely. In the late 1990s the Big Four’s involvement in independent social audit came under an intense scrutiny which effectively moved them out of the market. A 2002 report by the New Economics Foundation charged the Big Five (since become the Big Four) with “Concealment” and “Spin” in their social accounting work. Its authors commented, “In the long run, it is in the interest of the Big Five to see such [CR] regulation, as it provides a huge business opportunity, a fact recognised by some industry players. However, whether or not this means these companies are best placed to fulfil this role is seriously in question. The five brothers will still have to prove their independence and competence to comment on social and environmental issues.”[3] Assurance is somewhat different from social audit, inasmuch as the Big Four try to avoid presenting it as a certification standard, and tying it too closely to workplace inspections. It is nonetheless precariously close to certification, and the Big Four’s reputation as assurors could be lost in a few high-profile scandals, just as their reputation as certifiers of the SA8000 was lost. As Simon Zadek of AccountAbility sharply puts it, “They are not credible. And that is simply true.”
Examining in-depth the pressures which independence comes under, in the CR assurance context, tends to corroborate this view. We can see these pressures first in relation to independence’s orientation to financial audit. At a very high level, we should be apprehensive that the assurance of CR reports is not the first priority of the ever-evolving standards and organisations which by default pertain to it. Here is a list of terms, loosely synonymous with independence but with an implication of political mediation, which do not appear in the IESBA Code: neutral, impartial, disinterested, evenhanded, nonaligned, nonpartisan, nonprejudiced, unbiased. The only term which could carry this implication is fair, which the document closely links with a sense of honesty. The term bias appears, but only as one part of a noun phrase containing conflicts of interest, undue influence or both those terms. Its alignment with these respectively economic and legal terms attenuates its political implications.
Moreover, the ISAE3000 and the Code are pieces of a larger regulatory apparatus which only partially accompanies them into the CR context.
The POB provides independent oversight of the regulation of the auditing profession by the recognised supervisory and qualifying bodies, and monitors the quality of the auditing function in relation to economically significant entities. There is no comparable oversight of assurance. Second, the professional basis of independence is placed under strain, by the necessity of dealing with the stakeholder concept. The bureaucratic-rational aspect of professional independence is thereby put under pressure, since methodologies for the identification and prioritisation of stakeholders and their needs, when compared with those for the audit of financial statements, are ambiguous, volatile and controversial. The legal-rational aspect of professional independence is also put under pressure, since the assuror is required to act as a moderator among a plurality of often contradictory demands.
Broadly speaking, the independence which migrates with the Big Four into the CR reporting context is being required to conform to a liberal ideal of neutrality. Rather unsurprisingly, it is failing to achieve this. How is it failing? Is there any hope, dear readers, of a remedy?
Let's talk about stakeholders. The term stakeholders gained currency in the 1980s. It is now deeply entrenched in CR discourse. But it is a notoriously contested term: “In the hands of advocates and critics alike, stakeholder theory can be used as a basis for nearly any position that one wishes to defend or attack” (Phillips 2003:6).[4]
Let's not forget that the concept of stakeholders is not the sole property of CR discourse either. A division of stakeholder theory inherits the traditional commitments of shareholder theory to long-term competitiveness, but considers the good management of stakeholder relationships to be an important intermediary to this goal. This position is not necessarily amoral; it is typically associated with the conviction that the public interest is best served if organisations act in their self-interest within an appropriate legislative framework. The awful Milton Friedman (1970) offers an elegant and honest exposition of this view, replete with its characteristic exaggeration of the capacity and inclination of the state to administer such a framework. Various neo-marxist and neo-pluralist theories of the state can give more nuanced account of the likelihood that governments can or will maintain a regulatory regime that can justify the competitiveness-orientation.
The upshot of CR discourse and competitiveness-oriented management studies sharing custody of the stakeholder concept is that corporations and their fiercest critics are usually quite happy to include the concept in their frameworks. But there is the risk that those interested in CR will consider priority stakeholders to be the most immiserated or disempowered of the corporation’s constituency, whereas those interested in competitiveness will consider priority stakeholders to be those who are most powerful – especially customers, suppliers and regulators.
Just as the concept of stakeholders is sutured together from two basic orientations, so is the concept of credibility. In the search of economic competitiveness, credibility is important inasmuch as consumer habits have begun to reflect ethical concerns. But in business ethics, credibility is important to guide the development of governance resources in touch with the needs of the disempowered. One small example of the anxiety which this twin character can generate exists in quotation from the Deloitte web site, “As the importance in and reliance of [sic] these [CR] report increases” (q.v.). The mistaken syntax suggests that the terms “importance” and “reliance” have been switched during an edit, a subtle shift in the priority given to the credibility-associated term reliance relative to the more generalised normative term importance.
In a worst case scenario, an organisation could make only strategic concessions to empowered stakeholders (especially customers and suppliers), could conduct only superficial, reputation-oriented “dialogue” with disempowered stakeholders, and could authenticate misleading CR disclosure by partnerships with NGOs and CSOs and by commercially available social and environmental audits and assurance services from “business-friendly” firms. The state, private sector, and third sector could collude in continuing to exclude disempowered people who are affected by an organisation from that organisation’s decision-making processes. Drawing once more on Habermasian terminology, we can say that the credibility generated in such a scenario is pathological, that is, derived in very exclusive and highly unequal discursive settings. The consensus which is present is only consensus in appearance, and the power which is present is coercive and illegitimate, not based in discursively-accessible reason.
So how much flexibility do the Big Four have when it comes to saying who or what is or is not a stakeholder? It is the reporting entity’s responsibility to identify stakeholders; it is the assuror’s responsibility to verify those identifications. Under the ISAE3000 alone, the extent of this verification is agreed between client and assuror, at their mutual discretion. This represents the greatest degree of latitude. The threat that the credibility accrued will be pathological is significant.
Where assurance is conducted in accordance with the ISAE3000 and the G3, the assuror still has considerable room to manoeuvre. The G3 requires the assuror to assess “the extent to which the report preparer has applied the GRI Reporting Framework (including the Reporting Principles) in the course of reaching its conclusions” (GRI 2006:39).[5] The G3 Principle of “Materiality” makes several references to stakeholders, but there are no requirements as to identification and mapping (ibid. 8). The Principle of “Stakeholder Inclusivity” emphasises engagement, not identification or mapping. “For a report to be assurable, the process of stakeholder engagement should be documented” (ibid. 10). Of the four tests of the Principle, only the first relates to identification, and it only requires that the organisation “describe the stakeholders to whom it considers itself accountable” (ibid. 11). The other tests concern the relationship between report content and engagement activities carried out on the basis of whom the organisation “considers itself accountable.” The Standard Disclosures 4.16 and 4.17 (ibid. 25) reiterate this concern. The Standard Disclosures 4.14 and 4.15 require that the reporting entity identifies its stakeholders, and discloses its process for so doing and for “determining the groups with which to engage and not to engage” (ibid.). The client should therefore be able to acquire assurance in compliance with ISAE3000 and the G3, on the basis of a well-defined and documented stakeholder engagement process, whose outcomes are explicitly linked to other areas of the report. Its assuror need not consider the process qualitatively. It need not consider, for example, whether the process contributed to any long term goals supported by their client, such as those embodied in the UN Declaration of Human Rights or the Millennium Development Goals. See IAASB 2006:14[6] for a consultation on the relationship of the ISAE3000 and the G3 in the context of stakeholders.
The AA1000AS (2008) reins in the assuror somewhat. To comply, the assuror must assess the responsible entity’s compliance with the AA1000APS (2008), including the principle of inclusivity (AccountAbility 2008:11).
KPMG describe their use of the AA1000APS (2003) as a two phase process. Phase 2 considers whether the individual claims are accurate and complete. Phase 2 is a lengthy process of identifying and taxonomising material assertions. “This results in a detailed assurance plan (including a list of people to be interviewed and a list of the required documentary evidence) at corporate, business/regional and site level (if relevant), together with the selection of sites to be visited. The type and amount of evidence required varies depending on the type of assertion and the level of assurance being sought” (AccountAbility 2007:10).
Phase 1 considers whether the scope and materiality of the report is appropriate. During Phase 1, KPMG run their own analysis of scope and materiality. This consists of establishing five input channels: stakeholder engagement; media search; sector knowledge (e.g. peer CR reports, industry body guidelines); client knowledge; and prior year CR commitments.
AccountAbility’s Stakeholder Engagement Manual (2005) and AA1000SES (2005) provide detailed guidance on identifying and engaging with stakeholders. It would be natural for assurors to rely on these documents in interpreting the principle of inclusivity. The AA1000SES (2010) Exposure Draft has also very recently become available as a wiki.[7]
Could the bureaucratic-rational aspect of independence improve stakeholder identification and prioritisation? That is, could the Big Four act as servile functionaries of collective goals, which are first generated in communicative action, in the thorough and comprehensive consultation and research processes which inform the AA1000 series, and whose prerequisites are laid out step-by-step in its provisions? The idea would be attractive, were it not for the extreme flexibility that is built into the AA1000 series. The AccountAbility Stakeholder Engagement Manual (AccountAbility 2005b), which is the most detailed in its stipulations and thus the most useful to a bureaucratic rationality, is a good source to interpret in this regard.
AccountAbility (2005b:27) cites Freeman’s (1984) wide definition of stakeholder, as anyone who could affect or be affected by an organisation’s activities. The guidelines then suggest five “dimensions” to consider when identifying stakeholders: (1) legal, financial and operational responsibility; (2) influence (“people who are, or in future may be, able to influence the ability of your organisation to meet its goals”); (3) proximity (“the people that your organisation interacts with most”); (4) dependency (“the people that are most dependent on your organization”); and (5) representation (“the people that are through regulatory structures or culture / tradition entrusted to represent other individuals; e.g. heads of a local community, trade union representatives, councillors, representatives of membership based organisations, etc.”).
These five dimensions are juxtaposed with a list, which is flagged as non-comprehensive, of suggested stakeholders. Stakeholders might include investors, shareholders, members, customers, potential customers, suppliers, business partners, employees, government, regulators, the media, trade unions, NGOs, pressure groups, etc.
The tone here is pragmatic and inclusive. It invites corporate policymakers to rack their brains both deductively within categories, and inductively from examples, to “identify” as many stakeholders as possible. The implication is that it hardly matters, at this early stage, if a few ineligible entities are identified; it is better to leave a margin of error and leave no-one out. Interlopers will surely be uncovered in the long journey that lies ahead: categorizing stakeholders, assessing their salience, and designing and implementing engagement programmes.
But that’s not what’s really happening. The construction of an architecture of engagement has already tacitly begun. Compared with stakeholders identifiable under the wide definition, a great number of concrete individuals have already been declared ineligible. The examples of those who are likely to be “most dependent” are “employees and their families, customers who are dependent on your products for their safety, livelihood, health or welfare or suppliers for whom you are a dominant customer” (ibid.).
Moreover, the preferences of some concrete individuals have been multiplied throughout a variety of institutions. If I am an employee, a customer, and a member of an NGO, my voice has a threefold sonority.
The constriction and stratification of stakeholders is not procedurally mandated. But it is all the more pernicious for that. Any user of the guidelines who was to rigorously populate the genus “individuals or groups who affect, or are affected by an organisation and its activities” would feel gently rebuked by the guidelines’ abundant list of institutions. The user is communicated the threshold above which being affected by an organisation confers the status of stakeholder, not as a methodological point susceptible to critique, but as a prerequisite for even making sense of the guidelines. This insidiously communicated threshold is a qualitative one: the stakeholder is one in whom the effect of an organisation’s activities is discernible in a sufficiently coherent institutional form.
The next page suggests convening a cross-functional group to brainstorm a list of “stakeholder categories” (ibid.), now using a Venn diagram of three sets (again referred to as “dimensions”): “people you have legal, financial or operational responsibilities to”; “stakeholders who are affected by your organisation’s operations”; “people who are likely to influence your organisation’s performance (those with influence and decision makers)”.
Again it seems that those “who are affected by your organisation’s operations” is not intended quite literally, that it incorporates a certain unstated threshold. The authors have preferred the recursive “stakeholders who are affected by your organisation’s operations” (i.e., to identify those stakeholders, we must already know that they are stakeholders) over the consistent ‘people who are affected by your organisation’s operations’. Although it is possible to think of entities who would not be significantly affected by an organization, despite its legal, financial or operational responsibilities to them, or despite their likelihood of influencing its performance, they are exotic counterexamples.
The switch to three dimensions, from five, seems to have been influenced by Mitchell et al.’s (1997) Venn classification based on urgency, power and legitimacy respectively (although they are not cited). “Urgency” in Mitchell et al.’s usage conveys both a temporal dimension and intensity of privation. The correlation of “urgency” with “stakeholders who are affected by your organisation’s operations” tends to support the idea that the wide definition of stakeholders is treated as a locus of overarching ethical motivation.
The experience of CR reporting in the 1970s, in which disclosures (e.g., on philanthropic activities) frequently failed to address critics’ concerns (e.g., supply chain ethics), damaged the legitimacy of corporate control of reporting agendas. Consequently the AA1000AS (2008) and the G3 guidelines require that the assuror provide a critical view of the scope and materiality of a CR report, which has as its basis the informational needs of the responsible entity’s stakeholders. Market forces recapitulate this stakeholder-centrism. What organisations want from assurance, as Big Four marketing language unequivocally demonstrates, is credibility in the eyes of stakeholders.
Is clarity and consistency important here, or is it a secondary matter compared with choosing and interpreting criteria of stakeholder identification and prioritisation? With regard to the role of the independent assuror, clarity is indispensable, since it performs the basic competence of recognising the constituents among whom it is supposed to be neutral. This competence should be seen as conceptually prior to any actual project of neutrality.
The terms stakeholders, and stakeholder groups, report users, identification, salience, priority, mapping, and engagement, are all invested with a confusion that does not really conform to any one linguistic template. It's just all over the show. Nevertheless there is a sort of pattern to this confusion, of which AccountAbility (2005b) is exemplary. Its most consistent feature is a neglect of basic ontology of stakeholders. The wide variety of approaches to stakeholder identification and prioritisation has given rise to a substantial second-order literature, which classifies and compares different approaches and their rationales. See for example Steurer (2006). Rather surprisingly, what this literature tends not to address is the tendency to underspecify, within an individual approach, whether the stakeholders identified under its criteria are persons, groups, categories (e.g. “suppliers”), representative institutions, hybrids of these possibilities, or something else; as the analysis of AccountAbility (2007b) indicates, there can be opportunistic shifting among these possibilities.
Could the legal-rational aspect of professional independence improve stakeholder identification and prioritisation? Palazzo and Scherer (2006)[8] argue that the basis for corporate legitimacy must shift from legal compliance and stable social expectations to public discursive networks. This certainly seems to be part of the Big Four’s self-perception. At an assurance discussion session organized by KPMG in Amsterdam, 4 October 2006, Simon Zadek spoke in favour of the use of stakeholder panels to monitor CR reports, instead of assurance by the Big Four. Part of Zadek’s argument was the Big Four’s “difficulty with grappling with the question of ‘what should count?’, rather than ‘are the numbers right?’”. The response of Wim Bartels, head of KPMG Sustainability, was to advocate a collaborative approach. “We talk to stakeholders, and we know what’s going on in the world. At the same time I can say I agree, because we are not the ones who decide on what’s material or not, what’s important or not, what should go in or not. That’s not our thing.”[9]
The International Accounting Standards Board (“IASB”) defines materiality, in the audit context, as follows: “Information is material if its omission or misstatement could influence the economic decision of users taken on the basis of the financial statements. Materiality depends on the size of the item or error judged in the particular circumstances of its omission or misstatement. Thus, materiality provides a threshold or cut-off point rather than being a primary qualitative characteristic which information must have if it is to be useful.”[10]
In this definition, judgements about materiality are to be founded on the rationality characteristic of the economic sphere. One might anticipate that for assurance of CR report, judgements about materiality should be steered by consideration of rational decisions characteristic of the spheres of social and environmental governance.
Indeed, the G3 defines the Reporting Principle of materiality as follows: “The information in a report should cover topics and Indicators that reflect the organization’s significant economic, environmental, and social impacts, or that would substantively influence the assessments and decisions of stakeholders” (GRI 2006:8). The G3 definition contains both elements – the triple bottom line, and the appeal to the decisions of users – but it stops short of combining them.
This is unsurprising, since it is difficult to imagine models of “socially rational” or “environmentally rational” decision-makers which would not be torn apart by the plurality of norms, dispositions and interests constitutive of the former, and by the ideological conflict for the custody of the latter.[11] Economic rationality, by contrast, can suppose a comparatively harmonious orientation towards the highest profits at the lowest risks. Even those who do not share this orientation will promptly recognize it as the basis on which they are addressed as economic agents.
The AA1000AS (2008) approach to materiality is entirely stakeholder-centric. But the legal rationality which characterises the Big Four’s professional independence is ill-equipped to deal with stakeholder conflicts. The lifeworld competencies upon which it draw concern the neutralisation of conflicts of interest, by appropriate escalation into a regulatory architecture, which with due consideration of liability may put in place safeguards or give the practitioner permission to break off the engagement. But the CR context requires that different interests be synthesised deliberatively, and resolved in favour of the public interest, not segregated from one another or backed away from under the imperative of undue liability.
The reluctance to recognise that there can even in principle exist necessary trade-offs between stakeholder interests, or between stakeholder interests and long-term economic competitiveness, is visible in the Big Four’s codes of conduct.
These documents tend to repeat themselves, and to make use of overlapping categories and multiple, superimposed categorisation-schemes. They like to draw attention to affirmative relationships between various values, principles or goals, but they avoid explicit hierarchies, and the discrimination of ends and means. Various ethical virtues are presented as mutually supportive, and supportive of employee happiness, firm reputation, demand for the firm's services. The codes tend to assume that ethical courses of action will never come into conflict, and will seldom conflict with business interests narrowly defined, either of the firm or its clients. They thematize competitiveness as a manageable threat to ethics, but also as ethical in itself. They have a mixed emphasis on ethical disposition as a property of individuals and as a property of procedures.
When making a decision or following a directive, the employee should ask questions such as “Does my action comply with the spirit and letter of the law?”; “Would I feel confident that I could explain my decision if it were made public?”; “Does my decision reflect the right thing to do?” etc. (Other firms include similar lists. Cf. Deloitte[12] pg. 8, which includes “Would I be unwilling or embarrassed to tell my family, friends, or co-workers?”, and E&Y, which includes “Am I treating others the way I expect others to treat me?”).
Viewed sympathetically, the variety and vagueness of such questions may reflect KPMG's recognition that its employees' ethics must involve more than purposive-instrumental rationality oriented to compliance. KPMG rather relies on legal rationality, which includes normative faculties which employees bring with them from a variety of sociocultural backgrounds. With its sequence of suggestive, overlapping questions, the code seeks to activate and legitimate these faculties.
Viewed unsympathetically, such questions are on the one hand, formulated with such generality that they make an impractical basis for action, and on the other endorse an overly-narrow idea of ethics. Specifically, the only critical dimension endorsed is self-criticism. This dovetails elegantly with the approach to independence which requires the escalation of individual doubts to a regulatory architecture capable of making an assessment based around liability and installing safeguards or disengaging. One directive even requires consistency with “ethical or professional standards” (my emphasis). The connotation is not, as a very literal reader could think, that either professional or ethical standards will do, even if professional standards are unethical. But it does demonstrate the ease with which the code's authors move between “professional conduct” and “the right thing to do”. The expectation that these concepts approximate each other means that the ethical employee is one who rigorously self-checks against prevailing norms, not one who is critical of those norms themselves.
The reluctance to acknowledge the possibility of necessary trade-offs is not confined to the Big Four. It is a pervasive attitude in business, and even in government. The DEFRA web site comments, “Good environmental performance makes good business sense. Environmental risks and uncertainties impact to some extent on all companies, and affect investment decisions, consumer behavior and Government policy.”[13]
Drawing on our earlier analysis of legal rationality, and the ambiguity of the stakeholder concept just investigated, we can describe more precisely why the discursive integration of a plurality of interests is very likely beyond the legal rationality of the Big Four.
Following Habermas, we can say that legitimacy is only be generated through communicative action. Legitimacy contains an intentional quality, in the sense coined by Brentano (Brentano, 1874/1973:130-132), and just as there can be no administrative manufacture of meaning, there can be no administrative manufacture of legitimacy. Legitimacy can thus be considered as a limit condition of credibility. All legitimacy is also credibility, but most credibility is not legitimacy. Credibility is pathological legitimacy, pathological in proportion to the divergence of its discursive origins from Habermas’s ideal speech situation.
“The ideal speech situation [...] represents a communication situation in which potential conflicts of interest (and knowledge-claims) ought to be rationally evaluated by the participants through a mode of interaction which is free of manipulation and in which only the force of the better argument prevails. The participants are guaranteed the reciprocal and symmetric opportunity to apply all types of speech acts during interaction. It thus stipulates certain ethical ideals upon which knowledge ought to be constructed during interaction between the corporation and its stakeholders. Only when the force of the better argument, rather than various types of systematic distortion in the form of discursive closures, governs the interactions between the corporation and its stakeholders does the corporation facilitate genuine stakeholder representation within its internal knowledge-generating processes” (Jeffcut 2004:213).[14]
Assurance, by contrast, is supposed to address a shortfall in credibility. Hence the assuror must constitutionally validate a socially-integrated sphere of action. This sphere of action is to pool the lifeworld resources internal to the organisation with those of the organisation’s stakeholders. The assuror is supposed to anchor the systemically-integrated action of the reporting organisation in this new, socially-integrated multi-stakeholder sub-system.
Legitimacy is a limit condition of credibility. Legitimacy is generated in socially integrated spheres of action. It relies on appeals, which can be tacit or thematised in what Habermas calls “discourse,” to generaliseable interests. Credibility is legitimacy which is pathological to an unspecified degree. Based in the necessity of making a CR report credible in the eyes of all stakeholders, however, we can assume that it is pathological in an extremely high degree. The assuror is caught in the equivocation between stakeholders as affected persons and stakeholders as representative institutions, which may be systemically-integrated to some degree.
The representative institutions which are inalienable to the stakeholder concept make it fundamentally incompatible with the discursive generation of legitimacy. This is shown most dramatically by consideration of the stakeholders, “future generations.” In order to strictly meet its brief, the assuror must validate the constitution of unforced communication with the not-yet-born.
So! We have analysed in depth the kind of independence which the Big Four bring to the CR reporting context, characterised the demands which are placed upon it, and given an account of its characteristic failures. To conclude, let's just WHIZZ through some of the more normative implications of this analysis.
The essential condition of critical independence is that the assuror acknowledge the partiality of its perspective. Rather than remaining outside a reporting entity’s nexus of stakeholders, attempting to impose upon them unrealistically egalitarian constitutions, which fail to acknowledge the representative institutions which they inalienably embody, the assuror should enter it as a situated participant, with the full privileges and limitations of its distinctive perspective.
Critical independence requires the Big Four to replace the orientation towards the audit of financial statements with an orientation to substantive, long-term global outcomes. The foundations of this orientation has already been laid in the Big Four’s codes of conduct, which for example state a commitment to the UN Declaration on Human Rights and Millennium Development Goals. At present, the Big Four include orientation towards such goals in their recognition that “subject matter experts” are necessary components of an assurance team. But it is not considered a question of independence
Critical independence also requires a revision of the professionalism with which independence is entangled. As we’ve seen, this has aspects of both a bureaucratic rationality and a legal rationality. The reliance on bureaucratic rationality must be reduced. There are plenty of ways of motivating this imperative. I want only to highlight the comparatively conservative motivations which have already been expressed throughout these posts. The achievement a sustainable and just global system, in any plausible formulation, demands action from a huge number and variety of actors. The institutional conditions of possibility are not in place for the systemic integration of such action. Whether it is considered a necessary instrument to transition to such a global system, or a permanent feature of it, socially-integrated action is central to new paradigms of governance. The standards developed by AccountAbility and the GRI are too volatile and ambiguous to be considered functional instruments of systemic integration. They were not designed to carry out such integration. Their stakeholder-centrism admits as much, and corroborates their incompatibility with bureaucratic rationality. Thus to be critically independent, the Big Four must stop presenting themselves as neutral administrators of systems with sufficient steering capacity, and acknowledge the frail and provisional character of these systems, and their facility for polemical deployment.
As regards legal rationality, critical independence means rethinking the structure of responsibility with which the Big Four relate to the state, to the market, and to society. A genuine orientation to substantive, long-term global outcomes should override the imperative to minimise liability. The Big Four should actively seek structures of liability which reflect disparities in their views and other actors committed to similar outcomes.
First, the state. The KPMG Code of Conduct states, “We aspire to act in a manner that minimises the detrimental environmental impacts of our business operations.”[15] Tacitly, the business operations still have priority over the environment. It is unfairly polemical to regard such statements as indicative of anomalism or ethical egoism. Rather, they reflect an assumption about the frontiers of private and public responsibility.
CR concerns with business choices among options which are economically competitive, but to which are attached varying degrees of responsibility taken. Options which are responsible but are uncompetitive are ruled out in advance. These, it is assumed, must be legislatively mandated. I won’t argue that the Big Four, and businesses in general, make a mistake by drawing this line. We can accept that activity which is against the self-interest of private individuals or organisations, but in the collective interest, is the natural province of government (whilst also acknowledging that “self-interest” is complex and contested). I want to make a less contentious observation. That is, the fitness or even necessity that an area of governance have a legislative incarnation does not remove from the private sector its obligation to overcome the CR challenges which result if government does not properly enact or enforce such legislation. Government action is not only a normative issue, it is also an empirical one. Clearly, government lobbying and consultation would be among the private sector’s instruments in meeting these challenges. But where the Big Four dogmatically restrict themselves to these instruments, they show orientation towards minimising liability, not towards realising the public good.
In this connection, the Big Four would be able to draw upon their experience in consultancy and corporate finance. The Big Four have well-developed methodologies for quantifying uncertainty, and for developing strategies which incorporate base case scenarios, upside scenarios and sensitised scenarios.
Next, the market. “Contentious content [...] KPMG believes that a good report is one that reflects the company’s overall strategy and objectives, covers issues and topics that are material to the company and its stakeholders, and provides details on performance that does not leave out the ‘tough’ topics” (2008:27). However, in other documents, dedication to client service emerges as a dominant theme, in a tone bordering on servile. Client service has a legal foundation in the fiduciary relationship. It also has support in the marketing strategies of the Big Four. Client relationships are understood to exceed the aggregation of contractual ties; winning work may ultimately hinge on being liked more than representatives of the other Big Four. The Big Four regularly organise social events with clients. Pitches by the Big Four may include endorsements to the effect that a team is “fun to work with.”
As work is project-based, working hours are variable. The Big Four worker goes home at the client’s discretion. Gulzar Gill describes the experience of working in the audit department of a Big Four firm. “January-April is known as ‘busy season’. During these months expect to work from between 9am-8pm as the minimum and the occasional weekend. Personally, the worst that I experienced was when I worked for 10 days in a row mostly from 8.30am – 11pm and clocking up 16 hours on the weekend. Other horror stories that I have heard included working 8am-2am for two weeks (although no-one worked the weekend). After April, though, most people will work 9am-6pm but this depends on your clients. If you are booked on continuous year end audits you can expect to work 9am-7 or 8pm every night. Each audit has a deadline and it is essential that it is kept to avoid fines and ensure good relations are kept. This means that they you will work whatever hours are needed to make the deadline.” [16]
The Big Four currently emphasise that their assurance solutions can be customised to meet client needs. Altering their obliging stance could significantly improve the quality and the comparability of their assurance engagements. Specialist assurance providers offer an alternative model, the “critical friend.” To be critically independent, the Big Four should abandon assurance engagements on the basis of ISAE3000 alone, and make compulsory the use of AA1000AS (2008), or more demanding standards if such emerge.
Assurance statements founded in an idea of critical independence would be understood from the outset to lay out a critical view of the reporting entity’s CR and CR reporting, according to a standard scope and basis which would not be adaptable to “client needs.” Power (1997:126) asks, “Do audit reports exist to produce certificates of comfort or are they essentially adversarial?” Critical independence would require the latter. There would be no “clean bills of health”. Instead, an adversarial would be laid out, together with detailed methodological documentation guiding readers on the level of trust to be invested in it. According to this model, assurors who can only think of something nice to say should say nothing at all. Adopting this approach may well make Big Four assurance less competitive on a strictly economic basis, so they should be prepared to sustain their market penetration by leveraging client access across various service lines.
In rethinking client relationships, the Big Four should also scrutinise the diversification of their services by industry. Benchmarking an organisation’s performance against industry rivals makes sense in the context of economic competitiveness. But it makes little sense in the context of CR. Here the Big Four should rely instead on their orientation to substantive long-term goals. “Progress” can be comparably pernicious. Current practice is to benchmark a reporting organisation’s CR performance against its historical CR performance, and its progress against that of its industry peers. There is a serious flaw in this approach. It does not set “progress” against the background of rising global inequality, and progressive environmental degradation. There are a set of more controversially theorised trends, such as deteriorating global security, which are also relevant. While an organisation may be becoming more responsible with respect to its past performance, thresholds above which its activity can be considered sustainable may increase at a faster pace.
Does all this seem feasible? Have I been too soft on them?
Finally, society. Under the AA1000AS (2008), issues which are “material” to the assuror must be those which are “material” to stakeholders. “Material” is here equivocal. The stakeholder is not obliged, as the assuror is, to subject the possible materiality of an item to a test of generalisabiliy. The stakeholder is not obliged, as the assuror is, to found upon the result of this test a technocratic judgement with a quantitative ingredient. For stakeholders, a material issue is simply one which “matters.”
Stakeholder-orientation can leads to neglect or misuse of expert knowledge. It can lead to overemphasis on credibility and underemphasis on accuracy. Goals which cannot be associated with specific stakeholders may be ignored.
Moreover, stakeholder engagement does not simply “read off” outputs from a rationalising lifeworld, but participates in its constitution and transformations. Stakeholder identification and engagement can involve the malign transformation of the lifeworld. For example, it can involve the foundation of “symbiotic” stakeholder constituencies, which legitimate corporate activities in return for minor concessions, marginalise other stakeholders. Traditional democratic resources could be eroded by the emergence of corporate stakeholder constituencies. Improvements in CR could damage the identities of critics of the reporting entity.
To be critically independent, the Big Four must not accept a given terrain of credulity, and a given set of representational institutions, as a structure in which to maximise their credibility and their clients’. Rather the Big Four must be able to occasionally propose unpopular views!
So where does all this leave us? The Big Four are auditors. The idea of independence which they bring to the CR context stems from their independent auditing of financial statements. The governance structures which they rely upon to protect this independence is oriented towards this activity.
However, to assure CR reports, a different type of independence is required. Unlike financial statements, CR reports try to address the needs of all stakeholders in a company. Instead of being limited to financially material information, CR reports should cover the social and environmental issues which are important to stakeholders.
The assurance of CR reports requires a type of independence resembling the idea of state neutrality. They are required to arbitrate among a plurality of often contradictory demands. With only the independence inherited from the financial audit context, the Big Four regularly fail in this role. As a result, many stakeholders remain incredulous towards CR reports, and corporations themselves are confused about the levels of transparency they are achieving.
The Big Four should rapidly shift to “critical independence,” abandoning many claims to disinterestedness, and acknowledging the specific place from which they speak. This could involve withdrawing from the challenge of adding credibility to CR reports, and focusing on traditional data-checking activities. Or it could involve emphasising the multidisciplinary and globally connected nature of the Big Four firms, organising these resources around substantive long-term goals, reducing reliance on bureaucratic rationality, and rethinking relationships with state, market and society.
In elaborating critical independence, I have had to restrict myself to only general considerations which follow directly from my analysis of independence. I have not considered the clearly complex implementation issues. However, there are some encouraging signs. The impression which I received of the Big Four was of a system in motion, simultaneously the subject of multiple internally- and externally-driven reform agendas, enclosed within a horizon of hypersensitivity to reputation management. There are potentially several loci from which a shift towards critical independence could originate. The ICAEW are in the process of building a network of academics who research assurance of non-financial information; AccountAbility’s exposure draft of the AA1000SES (2010) is currently online as a wiki for the purpose of public consultation.
Although I recommend a richer understanding of independence, I don’t suggest that it is a concept which could ever composite all the desirable features of assurance. In addition to independence, the Auditing Practices Board (APB) identifies integrity, competence, rigour, accountability, judgement, communication and value provision as prerequisites of successful assurance (APB 1994). The investigation conducted across these posts into 'independence' could be repeated for each of these terms.
The topic is bordered by some extremely contentious territories. Because the stakeholder concept is so deeply embedded in CR discourse, I stopped short of attacking the concept itself, preferring to demonstrate its deficiency in conjunction with the Big Four’s concept of independence. It is unclear however whether the concept is at all salvageable. The independence of the Big Four in the context to which it is oriented, the audit of financial statements, is also deeply questionable.
[1] http://www.icaew.com/index.cfm/route/140074/icaew_ga/pdf
[2] American Institute of Certified Public Accountants, Statement on Auditing Standards (SAS) No. 99, Consideration of Fraud in a Financial Statement Audit (codified in AICPA Professional Standards -- U.S. Auditing Standards -- AU 316), par. 13.
[3] NEF, p. 28.
[4] Stakeholder theory and organizational ethics By Robert Phillips, Berrett-Koehler Publishers, 2003
[5] http://www.globalreporting.org/NR/rdonlyres/ED9E9B36-AB54-4DE1-BFF2-5F735235CA44/0/G3_GuidelinesENU.pdf
[6] http://www.iasplus.com/ifac/0602g3assurance.pdf
[7] http://accountabilityaa1000wiki.net/wiki/about/
[8] Palazzo, Guido and Scherer, Andreas Georg, Corporate Legitimacy as Deliberation: A Communicative Framework, Journal Journal of Business Ethics, Issue Volume 66, Number 1 / June, 2006, Pages 71-88.
[9] http://www.companywebcast.nl/webcast/player/v1_1/player.asp?id=695
[10] “Framework for the Preparation and Presentation of Financial Statements”
[11] In financial audit, the users of financial statements are modelled on the basis of economic rationality. While actual users may want to do more, or other, than maximise profit and minimise risk, homo economicus is sufficiently straightforward that users can understand the capacity in which they are addressed. [...] There are no corresponding model of social and environmental rationality sufficiently widely recognised to form a stable background against which to enact a plurality of values.
[12] http://www.deloitte.com/assets/Dcom-UnitedStates/Local%20Assets/Documents/coeDeloitteLLP2008_08v2.pdf
[13] http://www.defra.gov.uk/environment/business/reporting/
[14] The foundations of management knowledge, Volume 23 of Routledge advances in management and business studies, Author Paul Jeffcutt, Publisher Routledge, 2004
[15] KPMG Code of Conduct - https://secure.ethicspoint.com/domain/media/en/gui/11093/KPMG_Code_of_Conduct_5_06.pdf
[16] http://www.thegatewayonline.com/article/137