Whenever there’s a sudden and high-profile corporate failure — and there’s been a lot of them lately — the focus turns almost immediately to how on earth the auditors failed to spot the problem sooner. The collapse of German electronic-payments provider Wirecard AG is following that customary post-scandal script with depressing precision.

The reaction of regulators and Wirecard’s bean counters, Ernst & Young, has at times been an alarming exercise in blame-shifting. It’s doubtful whether Germany’s proposed remedy — placing oversight of financial reporting under the auspices of BaFin, the hapless German markets supervisor that has its own questions to answer over the Wirecard saga — will prevent something similar happening again.

If the audit profession is ever to be reformed properly, it’s vital that everyone agrees on what auditors should be providing. They certainly aren’t giving investors what they need, in terms of assurances that fraud isn’t being committed. Indeed, any wise shareholder will play their own part in policing the companies they own, rather than just relying on auditors to bring problems to their attention.

As often happens when corporate malfeasance is exposed, EY has been swift to cast itself as a victim. It has complained of “an elaborate and sophisticated fraud” in which 1.9 billion euros ($2.1 billion) of cash was probably fabricated. “Even the most robust and extended audit procedures may not uncover a collusive fraud,” EY said.

This is a version of an accounting industry mantra that, while auditors provide “reasonable assurance” that accounts are free from misstatement, they can’t guarantee they’ll always spot fraud or error. In other words, they are watchdogs, not bloodhounds (to paraphrase a decades old legal judgment), and it’s the company directors who are legally responsible for the accuracy of accounts.

It was EY’s refusal to sign off on Wirecard’s 2019 accounts that ultimately precipitated its collapse, but investors rightly wonder why the accounting giant didn’t realize something was amiss earlier. Indeed, if auditors are unable or unwilling to detect possible fraud, one might reasonably ask what’s the point of hiring them at all?

During the three years before that rejection of the 2019 accounts, EY didn’t directly confirm with Wirecard’s Singapore bank that money held in so-called escrow accounts actually existed, according to the Financial Times. If that’s correct, it would constitute a pretty basic failure of oversight and one that would bolster the case of Wirecard investors who are seeking financial redress from the accounting firm. EY declined to comment. 

This isn’t the first time the quality of EY’s audits has been questioned recently. NMC Health Plc, a FTSE-100 hospital company and EY client was placed into administration in April after a short-selling attack by Muddy Waters Capital LLC, which helped expose billions of dollars of hidden debts. In China, another EY client, Luckin Coffee Inc., was shown to have inflated its sales figures.

While security guards that fail to prevent break-ins are routinely replaced, being bad at audits seemingly isn’t a barrier to getting more work. The exception was Arthur Andersen, whose business was sunk once it lost its U.S. accounting license after the Enron scandal.

Today PWC, EY, Deloitte and KPMG have a lock on large company audits, in part because only big accounting firms can spare enough staff and resources. Their operations in individual countries are kept as legally separate entities, which shields the parent group from blame when substandard audits are exposed.

Britain alone has held half a dozen inquiries into the audit profession’s deficiencies in recent years. The U.K. has already taken the path now being proposed by Germany, by replacing a meek accounting regulator, the Financial Reporting Council, with a more muscular body. It is remarkable that only the last of the country’s investigations, the Brydon Report, fully explored the vital question of what an audit is actually for.

The investigation’s findings make uncomfortable reading for accounting firms looking to avoid responsibility for spotting wrongdoing. An audit should help investors and other stakeholders have confidence in a company, its directors and the financial statements, the report said. To do that, auditors are obliged “to endeavor to detect material fraud in all reasonable ways,” and they should strengthen their forensic accounting and fraud awareness skills. The big four can hardly object: They already have these skills in-house as KPMG demonstrated when its special audit of Wirecard highlighted numerous red flags.

Brydon also urged auditors to consider external signals that might suggest a company is cooking the books, such as whether hedge funds are heavily shorting the stock. As I’ve written, journalists and short sellers were convinced Wirecard was a fraud long before EY, sell-side analysts and institutional investors cottoned on. 

Importantly, the U.K. report didn’t let ordinary shareholders off the hook. A healthy company requires investors to be engaged. Had Wirecard’s shareholders paid more attention, they might have asked more questions about its reliance on opaque third-party partners for so much of its revenue.

If investors can’t trust the audit process, then all companies will be subject to suspicion, pushing up their cost of capital. Perhaps the only good thing to come from Wirecard’s collapse is the realization that having a capable auditor matters.

This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

Chris Bryant is a Bloomberg Opinion columnist covering industrial companies. He previously worked for the Financial Times.

For more articles like this, please visit us at bloomberg.com/opinion

©2020 Bloomberg L.P.