I have been reading recently about the Enron debacle. It reminds me in a way of the Salad Oil Scandal, perhaps only because they were both so fascinating.
With the Salad Oil someone submitted phony “warehouse receipts” for salad oil as collateral for a loan of millions of dollars. The problem was that although the receipts named the tanks holding the oil, the tanks were empty. Some sort of audit had been done before hand, I forget by whom, but the auditors didn’t want to climb up to the top of the tanks to peer in. They didn’t look in any of them. It seems clear that auditors can’t afford to peer into every tank, but treated as a game between two dishonest players, there are clear mixed strategies from game theory that tell exactly how often the tanks need be inspected. I have heard it said that auditors are not meant to catch dishonest accountants, merely careless ones. Can this be?
Regarding Enron, there seem to have been contracts in effect between Enron and “partnerships” that obligated Enron to pay the partnership under contingencies that were likely to correlated with each other, from partnership to partnership. These contracts were off the “books” whatever that means. I think that it means that the accountants were not obligated (by whom?) to consider the nature of these contracts. (I think that there were bogus arrangements to make it appear that Enron was only a minor partner with limited risk, and thus that someone else was at more risk and was thus likely to have vetted the contract.)
I have a suggestion. Whenever an institution (think partnership) depends on some signed contract, an encrypted, digitally signed version of that contract must be on deposit with some stable agency (perhaps government) and publicly available. An unenciphered machine readable record of the maximum penalties would be included. The encryption key is known to both parties. These deposits are publicly indexed by the parties to the contract. New law: A “breach of contract” suit fails if the plaintiff is unable to retrieve the contract from the public registry and decrypt it. Upon audit, the auditors would receive from the company the keys with which to decrypt the contracts. The auditors would then not have to understand every contract that was deposited. A random sampling could support the game theory solution alluded to above.
Another suggestion is that if people sold (loudly) stock in companies audited by auditors who had failed so spectacularly as they have recently, the auditing profession would likely come up with meaningful reforms real fast!! Rules by the SEC would become much less important. It seems to me that the incentive structures are already in place and well aligned.