What happened at SVB?

Ground zero for the collapse of Silicon Valley Bank may have been in California, but the ripples have been felt worldwide, including the New York-New Jersey region, where Signature Bank also fell. But right before they toppled, both banks received clean certified audit opinions from Big Four CPA firm KPMG. Does this say anything about the auditors, or the entire accounting profession?

Citing client confidentiality, a KPMG spokesman declined to comment on the specifics of the case, but did tell NJBIZ that, “We conduct our audits in accordance with professional standards. It’s important to recognize that audit opinions, which only address the financial statements and internal controls of the business, are based on audit evidence available up to and at the date of the opinion. Any unanticipated events or actions taken by management after the date of an opinion could not be contemplated as part of the audit.”

Other professionals agreed with that general assessment, though some were not so quick to let KPMG off the hook.

Silicon Valley Bank “appears to have put a lot of money into bonds at the low end of the yield curve, but as rates went up and a confluence of events – including companies who weren’t able to IPO and therefore used cash quicker than expected, deposits leaving for higher yield and other VC related factors – SVB was faced with selling a significant portion of their bond portfolio at a sizeable loss given the increase in interest rates,” explained Jerome Fusco, managing director at Sax LLP and the leader of the firm’s investment banking arm, Sax Capital Advisors. “That kind of risk was laid out in an earlier investor presentations and in the Company’s 10-K, so there was some forewarning—but risk factors are often overlooked when things are going well. In theory, the bank could have executed interest rate swaps or another financial instrument to protect itself, but that can be very expensive and can lead to other concerns. It’s a very big balancing act.”

The thing is, he added, “When CPAs conduct a certified financial audit, they are generally not taking on the role of a regulator. They’re certifying that that financial statements are accurate, and they flag numerous potential risks but will not go as far to … ascertain that rapidly changing interest rates will deter the capital adequacy of this business. An auditor is attesting to the accuracy of the financial statements, basically the numbers on the books, but they are not making investment recommendations.”

In the wake of SVB’s collapse, Fusco said he thinks that “some changes may be made to audit disclosures, but I really don’t see this as an accounting issue. It’s not like Enron, where there was massive fraud and serious data validity questions.“

Phil Goldstein, CEO of Goldstein Lieberman & Co. LLC, noted that a certified audit, with a “clean” or “unqualified” opinion basically states that the independent auditor has seen enough information to conclude that the company’s financial condition, position and operations are “fairly presented” in the financial statements according to Generally Accepted Accounting Principles for the stated time frame.

In a certified audit, he added, “the auditor should also form an opinion on the effectiveness of the company’s internal control over financial reporting. He or she will generally do this by evaluating evidence obtained from all sources, including testing the company’s controls, and considering misstatements detected during the financial statement audit, and any identified control deficiencies.”

But, he cautioned, “An audit is generally not designed to detect fraud if it occurs; and an audit is not designed to consider ‘what-if’ scenarios, like ‘what if there’s a $42 billion run on the bank’s deposits,’ which is enough to topple many banks anyway. However there are specific audits to detect fraud and they are called Fraud Audits.”

Should the auditors have flagged the squeeze between the bank’s low-yield Treasury investments and the higher yields that depositors are demanding, given recent interest-rate hikes? “Silicon Valley Bank itself revealed that in a shareholder presentation,” said Goldstein. “Our firm was not connected with the SVB audit, so I can’t pass judgment on the audit. But I imagine there will be investigations and, probably some lawsuits. At the very minimum there should have been a footnote, based on the concentration of those investments, for the investors to review.”

Indeed, the finger-pointing has already started. On March 28, Federal Deposit Insurance Corp. Chairman Martin Gruenberg told a Senate banking committee that, “The FDIC has authority to investigate and hold accountable the directors, officers, professional service providers and other institution-affiliated parties of the banks for the losses they caused to the banks and for their misconduct in the management of the banks.”

Depending on what’s revealed, some changes could be coming for CPA firms and certified audits, Goldstein added. “After Enron collapsed, Congress passed the Sarbanes–Oxley Act of 2002, which established the Public Company Accounting Oversight Board to oversee the audits of public companies and other issuers,” he said. “So we could, theoretically, be in store for something similar.”

Goldstein sees a bit of a historic twist in the whole situation. “Almost 190 other banks could be vulnerable to the same type of risk that collapsed SVB,” he said. “Ironically even Arthur Anderson, which is now defunct but was one of largest and most respected of the ‘Big 8’ CPA firms in history, thought that certain bank audits were very risky. They got out of that business due to the nature of those bank audits, only to be toppled years later by the infamous Enron audit.”

Bharat Sarath, a professor with the Accounting & Information Systems Department at Rutgers Business School, thinks some people set too high of a bar for certified audits.

“This is a question that creates so much confusion in non-auditors that the audit profession has given it a name – ‘The Expectations Gap,’” he explained. “The typical audit report on a client-firm’s financial statement states that the auditor has checked the information provided by the client using procedures that are known as Generally Accepted Audit Standards and have found that the presentation corresponds with the format that is known as Generally Accepted Accounting Practices. The difference in expectations is that non-specialists believe that an audited report is an outcome where the financial statement has no errors, whereas auditors view it as a document that has been examined using a process.”

Fine. But should the auditors have flagged the mismatch between the banks’ assets, long-term low-interest Treasurys, and the on-demand nature of customer deposits, which were at risk of a run?

“Every bank accepts deposits that may be withdrawn at any time and lends them out with structured loans, like mortgages, which are repaid over long periods according to a contractual schedule,” said Sarath. “Instead of lending to home owners or businesses, banks can also lend to the government, that is, buy long-term bonds. The duration mismatch is endemic to banking. At this juncture, every bank is carrying hold to maturity bonds that can only be sold temporarily at a loss.”