What is the Value of a Good Name?

Quick, what is the first thing you think of when you hear the name "Arthur Andersen?" I am not going to get into the details of the Enron scandal, but if you are like me, you associate Arthur Andersen and the firm's demise with Enron.

Having a Good Name

I looked Arthur Andersen up on Wikipedia, and learned a little about who the founder of this CPA firm was. According to Wikipedia: "Andersen, who headed the firm until his death in 1947, was a zealous supporter of high standards in the accounting industry. A stickler for honesty, he argued that accountants' responsibility was to investors, not their clients' management. During the early years, it is reputed that Andersen was approached by an executive from a local rail utility to sign off on accounts containing flawed accounting, or else face the loss of a major client. Andersen refused in no uncertain terms, replying that there was "not enough money in the city of Chicago" to make him do it. Leonard Spacek, who succeeded Andersen at the founder's death, continued this emphasis on honesty. For many years, Andersen's motto was "Think straight, talk straight."

So how did such an honest man's name get tarnished to the extent that his legacy, a Big 5 CPA firm, had to go out of business a few decades after his death? All it took was the association of his name with dishonest people. 9.3 billion dollars per year was the value of having a good name to the formerly respectable CPA firm Arthur Andersen. Based on this example and others that history has given us, it is safe to conclude that having a good name is equal to the value of an auditor's very existence in the industry...or is it? What happens when honesty, integrity, and reputation is not valued in the market?

Relying on a Good Name

Yesterday, I found myself explaining why a prospect should choose one CPA firm over another for their SOC engagement. When I explained to them that the value of one CPA firm over another boils down to the reliability of the name on the report, they asked me if anyone really cares about that. I replied that if that if no one cares, then it almost makes sense to go with the absolute lowest price that you can obtain the SOC report for. The only problem is that the auditor I select to provide assurance about me is a reflection of my own integrity. Please let me explain.

A couple of months ago, Ernst & Young was selected to be Facebook's auditor. Why would Facebook select Ernst & Young over some small, unknown, boutique CPA firm that specializes in auditing financial statements of social media companies? Well, it is obvious at that level. Facebook's IPO could be worth 100 billion dollars, and they want to inspire the most confidence that their accounting is accurate. How does that translate down to the level of this prospect though? Even if they could afford the audit fees, Ernst & Young would probably not even accept this prospect as a client for being too small.

This is where strong, reputable, regional CPA firms come in. For example, in Texas, one of the CPA firms I work with is Whitley Penn who has been listed on the “Best of the Best” list of INSIDE Public Accounting's rankings of the top 100 accounting firms in the U.S., for ten of the last eleven years. They have offices in Dallas, Fort Worth and Houston, 36 partners, 280 employees, and a worldwide network affiliation via Nexia International. Most of the CPA firms I work with are on the Top 100 list.

Contrast the recognized reputation of Whitley Penn with several boutique CPA firms that I know of, who stopped using the previous names of their firms when the SAS 70 standard was replaced by SOC reports last year. Their previous name being no longer relevant, they started or resumed doing business under different names, and yet they still appear next to credible CPA firms in RFP distribution lists?!

I recently heard from a Top 10 CPA firm that they lost a SOC engagement opportunity to one of these boutique CPA firms. When Top 10 CPA firms lose audit engagements to small boutique CPA firms that specialize in providing SOC reports, there is a major problem in the market.  If I selected a boutique CPA firm over a Top 10 CPA firm, I would not blame anyone for considering me the anti-Facebook in terms of caring what people think about my auditor. If I did this, it would demonstrate to others that I place no value whatsoever in a good name, and perhaps it is a reflection my integrity.

In selecting a service auditor, or a service provider for that matter, I would ask myself one simple question; "What does the firm stand to lose if my data is compromised, and their firm's reputation is called into question along with mine?" Do you want a firm that has little to lose, or one who has much to lose. I guarantee you that the firm with the most to lose will be the most thorough in their examination of your internal controls. Perhaps that is where the issue is though. Much like the railroad utility executive's attitude toward the young Arthur Andersen, maybe companies want their auditors to look the other way.

It's time we take a stand against cheap risk assurance, and start relying on CPA firms with good names again in the risk assurance industry.


  1. Thanks for insightful article! Data security plays really important role today. As for me this is caused by many factors, one of them I think is that many businesses use Ideals virtual data rooms - online trusted repositories for processing and storing information.