The damage to the reputation of Germany as a financial center caused by the Wirecard scandal is enormous. In addition to the Financial Supervisory Authority, the German Financial Reporting Enforcement Panel (Deutsche Prüfstelle für Rechnungslegung, DPR) and the responsible auditing company, also the German stock exchange (Deutsche Börse) and the Supervisory Board of Wirecard are standing in the pillory. The case coincides in time not only with the Brexit, in course of which the financial center London is making itself independent of the EU. In addition, on 1 July this year, Germany assumed the European Council Presidency and thus a special responsibility, not least for market regulation. This is precisely why Wirecard has happened at the right time.
Financial market regulation is not seldomly pushed by scandals and crises, as shown not only recently by legislative reactions to the financial crisis, to Enron or Worldcom (Zingales, 2009). The US Securities Act of 1933 and the Securities Exchange Act of 1934 were also designed to restore the scandal-shaken confidence of the US public in the financial markets.
Supervision must consider the excessive risk appetite in manager markets
Wirecard as a push for a fundamental rethinking of existing regulation raises the question of where precisely this case as pars pro toto stands for widespread, "generalizable" deficits. Regulation must, for example, consider that overconfidence, and thus often an excessive risk appetite, is a characteristic rewarded in the manager market, that willingness to cheat can often be traced back to misunderstood loyalty to the own company ("optimism commitment") or that group thinking and a toxic corporate culture hinder the detection of fraud. Besides companies, institutions as lawyers, auditors, and state supervisory authorities also have to deal with one or the other variant of this kind of behavior patterns.
Institutions, to which the legislator attributes a controlling or at least moderating role can be divided into private, public, and hybrid institutions. As illustrated by Wirecard, the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin) and, subordinate to it, the Auditor Oversight Body (Abschlussprüferaufsichtsstelle, APAS) are among the public institutions. Supervisory Board members and shareholders can be classified as private corporate governance stakeholders. Auditors who are privately organized but whose audit opinion is addressed to the public, have a hybrid status. The situation is similar to the privately organized DPR, whose public orientation is expressed by its involvement in the two-stage examination procedure under the German Commercial Code (Handelsgesetzbuch).
Independence of private, public, and hybrid testing institutions
Many of the "generalizable" deficits have to do with the specific characteristics of each individual institution. From a bird's eye view, however, it is possible to identify elements whose significance extends beyond the specifics of private, public, and hybrid structures. These elements include independence, expertise, liability, and effective law enforcement. The cross-institutional significance can be exemplified by features of independent and expert-driven decision-making. Independence in the private appearance was demonstrated, for example, in the shape of the financial expert as defined in the German Stock Corporation Act for capital market-oriented and certain regulated companies, which, however, the legislator deleted a few years after its introduction. Whether the reference to the special features of the dualistic German system is sufficient here, may be doubted.
For the public stakeholder, independence has to do with integration into the ministerial apparatus, namely the Ministry of Finance for BaFin and the Ministry of Economics for APAS. This is where proposals for the development of a European securities supervision modeled on the US SEC (Krahnen/Langenbucher, 2020) come into play. The position of SEC commissioners is deliberately independent and non-partisan. A European authority would have to be guided by this to overcome national culture.
As far as auditors are involved, independence takes on a different form. Their hybrid structure leads to a "capture" problem already known from rating agencies. The company pays for the audit, not the public sector. In the competition for a mandate like this, therefore, irrelevant considerations may be taken into account. The same may apply if management consultancy is sold in addition to auditing services. Cause for thought may bring firstly the discussion with regard to rating agencies on whether issuers or investors should pay for the preparation of the rating. For example, the selection of auditors by the authorities and a system of apportionment of the fees paid to them could be considered. A proven antidote could also be joint audits, i.e. jointly conducted audits by two or more legal entities. Even if the liability responsibility should not be divided among several auditors, a joint audit to a limited extent would be conceivable without further ado. This could, for example, concerning the review of the accounting and valuation principles applied.
Besides independence across private, public, and hybrid institutions expertise is a necessary prerequisite for good decision-making. It too has specific characteristics depending on the institution but is open to cautious generalization.
Within private institutions, certain specialist expertise is required, for example in decision-making because of the requirements for financial experts and audit committees. The unloved diversity in the composition of the boards is also one of them as it can counteract group thinking.
As a public counterpart, a substantial staff increase, particularly at BaFin, is rightly being considered at present, including a specially trained "rapid reaction unit". External unit members hold the potential of expertise as well as independence and diversity. Whether elements of a revolving-door policy, as in the US and France, could be worth considering in Germany. In the implementation of the EU whistleblower directive, the question of whether public authorities should promote whistleblowing through appropriate financial incentives, following the SEC model, deserves attention.
For hybrid institutions, the requirements for expertise are not only related to the question of remuneration. There are complaints for a long time about an expectation gap between the demands for independent audits and what changing audit teams can achieve facing the high criminal energy of accounting fraudsters. In the first place, the industry itself must, of course, show ways to reduce this discrepancy and demand adjustments to the remuneration by making targeted proposals. An indispensable element not only for this but for all three institutions is likely to be investment in big data and artificial intelligence.
Katja Langenbucher is a Fellow at the Leibniz Institute for Financial Research SAFE, Professor of Civil Law, Business Law and Banking Law at Goethe University Frankfurt, and a Member of the Board of Directors of BaFin.
This article was first published in an abridged version in the European Journal of Business Law (Europäische Zeitschrift für Wirtschaftsrecht).
Blog entries represent the personal views of the authors and not necessarily those of SAFE or its staff.
J.P. Krahnen und K. Langenbucher (2020): “The Wirecard lessons: A reform proposal for the supervision of securities markets in Europe”, SAFE Policy Letter No. 88.
K. Langenbucher (2019): “Interdisziplinäre Forschung im Unternehmensrecht – auf dem Weg zu einer cognitive corporate governance?“, Zeitschrift für Unternehmens- und Gesellschaftsrecht 48 (5), 717-759.
D.C. Langevoort (1996): “Selling Hope, Selling Risk: Some Lessons for Law from Behavioral Economics about Stockbrokers and Sophisticated Customers”, California Law Review 84 (3), 627-701.
L. Zingales (2009): “The Future of Securities Regulation”, Journal of Accounting Research 47 (2), 391-425.