Transparently collaborated with guest writers Bob Conway and Joe Howie in a series of op-eds on audit quality and regulatory capture. Following Bob Conway’s examination of external factors from a regulatory perspective, ex-Big Four partner Joe Howie offers his opinion that audit failure is not a technical problem but a cultural one.
Drawing on experience across the corporate and audit sectors, as well as widely reported industry events, he examines how cultures that over prioritise commercial incentives while avoiding leadership accountability can erode the fundamental responsibilities investors rely on auditors to uphold.
Neither author was paid to write for us and their views are their own.
In our series:
- SEC Focus on capital formation comes at the expense of investor protection
- SEC, PCAOB fall victim to regulatory capture: Lessons learned
- Can audit committees be counted on to protect investors?
Joe Howie, United States — Enron. Boeing. Wirecard. Evergrande. Wells Fargo. McKinsey's opioid work. The facts differ, but the post-mortem reads the same: warnings existed, incentives discouraged action, and institutions gradually trained themselves to treat the unacceptable as normal — until the consequences became undeniable.
Auditing is no exception. What rarely follows any of these failures is an honest opinion from inside the industry examining why they happen. This piece offers one.
Accepting the unacceptable
When an audit fails, particularly when fraud goes undetected, the profession reaches for familiar rationalizations: the scheme was “elaborate”, management “colluded”, auditors were “misled”, audit procedures have “inherent limitations”. Regulators too often and too easily accept this script because it is technically plausible and conveniently contained.
Yet a basic autopsy of failed audits reveals recurring causes: compromised skepticism, ignored warnings, softened risk assessments, curtailed procedures where risk was highest, and firm-wide monitoring was weak.
Then comes the liturgy - new policies, refreshed training, and renewed rhetoric about “tone at the top”, and technology is cited as the solution to what were fundamentally pressures not being abated. The cycle repeats. The causes don't change.
Audit success or failure is largely a function of culture - specifically whether leadership incentives align with the profession’s public-interest mandate.
Audit success or failure is largely a function of culture - specifically whether leadership incentives align with the profession’s public-interest mandate.
High-profile audit failures are not random events. They are the predictable endpoint of cultures that gradually trade moral standards for commercial rewards — not in a single decision, but across a series.
Power unrestrained
The Big Four are partnerships, not listed companies. They lack public shareholders demanding transparency, board turnover, or activist scrutiny. This structure is not inherently unethical but it can enable ethical decay.
In the absence of the structural guardrails traditional corporate governance offers, a culture of silence finds a home in the construct of an LLP. This isn’t just a legal designation, it is a mechanism that, without the proper governance, quietly indemnifies unethical leadership, shielding it from accountability. For each of the scandals we remember, how did the audit firms of those failures respond? Did their leaders absorb the consequences or “transition” to new roles or retirement with economics largely intact?
You need only watch what happens when leaders fail, across the list of scandals, lawsuits, and regulatory settlements. Who is held accountable beyond the engagement team? In several high-profile cases, leaders associated with regulatory failures are rumored to have departed after receiving very substantial financial settlements. It’s said their partners were not informed and it’s likely the regulator wasn’t either.
Whether the rumours are reality matters less than when there is an observable pattern across events. Do those responsible for costly failures frequently suffer far less, if at all, when compared to those who bear the cost of firm penalties and reputational damage and those who attempt to raise concerns?
Few cultural attributes could be more detrimental to investors than this: cultures where power is unrestrained send a clear signal that those who protect the firm’s revenue model and its secrets also will be protected, those who don’t, won’t.
Cultures where power is unrestrained send a clear signal that those who protect the firm’s revenue model and its secrets also will be protected, those who don’t, won’t.
Integrity before intelligence
Warren Buffett’s hiring rule also doubles as a leadership test: “Integrity, intelligence, and energy. If they don’t have the first, the other two will kill you.”
Culture is less about what management says than about the worst kinds of behaviour it is willing to tolerate. Firms often speak about “tone at the top”. But tone without consequence is mere theatre. We’ve seen this play out across various scandals - exam cheating, missed accounting fraud, independence breached - where the plot and the actors may differ but a recurring theme remains: when the firm’s commercial interests collide with its professional obligations, its culture is revealed by observing which side wins.
When leaders promote in their own image, they don’t build resilient teams, they build echo chambers, resistant to change and challenge. Some firm leaders have even warned that rigorous auditing could make the firm less attractive to clients. The remarks didn't need interpretation. Rigorous auditing, in this framing, was bad for business. It’s patently difficult to reconcile that view with any serious understanding of what auditors are for.
Some firm leaders have even warned that rigorous auditing could make the firm less attractive to clients.
In such an environment, professional skepticism isn’t just discouraged, it is career-limiting. A culture that rewards the preservation of revenue over integrity poisons the whole operating system. Even a brilliant partner could end up making a disastrous ethical choice as they attempt to survive. Partners advance by becoming known for having great client relationship skills, yet these “skills” can mean nothing more than an outsized capacity for compromise. Others learn from this, mirror it, and the cycle continues.
Capability is not the constraint — incentives are
Large firms possess extraordinary expertise. They advise governments and multinationals on fraud, compliance, governance, and a host of other topics. So why do some audits miss what later appears obvious? Capability answers can we. Incentives answer will we. They are not the same question.
Capability answers can we. Incentives answer will we. They are not the same question.
When appointment depends heavily on relationships, compromised cultures treat management as the client and investors as abstractions. Skepticism erodes into confirmation bias; inquiry replaces rigorous testing even when addressing serious allegations or material topics.
Auditors are engaged precisely for their objectivity and independence. When they begin behaving like consultants — solving management's problems and then auditing their own solutions — they become invested in the narrative. They grow reluctant to revisit it when contrary evidence emerges, especially if doing so might call a prior opinion or a position on another engagement into question.
The anatomy of enabled failure
Courts and regulators have repeatedly rejected the industry’s favorite defense: that catastrophic audit failures were unforeseeable. A look at the anatomy of just a few examples of events shows that while lapses in team judgement may exist to varying degrees, none of the Big Four have been immune to impacts from cultural decay:
- PwC: A US judge ruled the firm failed to design its Colonial Bank audits to detect fraud and violated auditing standards resulting in a $335 million settlement. In 2024, securities regulators barred PWC for 6 months and fined it $62 million related to the Evergrande matter, saying it “...covered up and even condoned Evergrande’s financial fraud and fraudulent issuance of corporate bonds…” PWC removed the leader of the member firm and publicly expressed disappointment in the related audit.
- EY: The UK High Court found members of EY’s global leadership “lost their moral compass”, “twisted the truth”, were “uninterested in questions of professional ethics”, and that the firm breached its duty to protect whistleblowing partner Rihan who raised money laundering concerns, later connected to a criminal gang by the BBC. In 2022, EY paid $100 million to the US SEC related to an Ethics Exam cheating scandal. It was also accused of misleading the investigators. EY settled the NMC case in 2026, where it’s reported the regulator noted the firm demonstrated a complete lack of professional skepticism.
- KPMG: The firm was the main subject of a US 2025 Senate Permanent Subcommittee report on bank audit failures which carried a blunt title: “THIS INDUSTRY IS A JOKE.” The firm is also reported to have received almost half of the total Big 4 penalties in the UK since 2020, amounting to more than £60 million. They have also faced fines and sanctions in various countries, including the US, for conduct one regulator stated "undermined the integrity" of the very oversight process designed to protect the public.
- Deloitte: A US federal judge approved a $34 million settlement late in 2025 related to its SCANA audits and related fraud. It was reported the court previously found shareholders plausibly alleged DT helped conceal the fraud and did so in a manner that amounted to basically “no audit at all”.
This is all in addition to the various other ethics cheating scandals, AI cheating scandals, insider trading allegations, etc. across multiple countries. Although these involve different firms, different scandals, and different timing, the cultural diagnosis is the same - that failure was not inevitable, it was enabled.
The survival paradox
This all raises an uncomfortable question: how can a firm that has lost its own integrity be relied on to credibly judge the integrity of its clients?
How can a firm that has lost its own integrity be relied on to credibly judge the integrity of its clients?
In a profession where people are the product, a firm that fails its own people - tolerating sexual assault or harrassment, burnout, silencing dissent, or isolating and retaliating against those with the courage to speak truth to power while rewarding complicit "survivors"- is one that has already failed investors. It has created an environment where its people are not safe, even to pursue the profession’s mission.
Firms who have lost the fortitude to protect the colleague sitting in the next office will not find it for the anonymous shareholder. That is an integrity gap no methodology or empty speech can close.
In an upcoming article, we will continue the discussion of cultural impacts on audit effectiveness as we further explore implications of how the assurance business operates.
.jpg)
