The external audit is that annual ritual where corporations pretend to be held accountable, regulators pretend to enforce the rules, and auditors pretend to check the numbers. A sacred tradition, really. If capitalism had a great performance art award, this would sweep the category every year.

But let’s not kid ourselves. This is not about catching fraud. It never was. It’s about maintaining the illusion that someone, somewhere, is actually checking under the hood. And while this issue is universal, nowhere does it descend into farce quite like Southeast Asia, where hierarchy, politics, and a deep cultural aversion to rocking the boat ensure that audits are little more than bureaucratic rubber-stamping ceremonies.

I mean, why disrupt a mutually beneficial arrangement?

1. The company gets a clean audit report,

2. The audit firm gets paid (and hopefully lands a lucrative consulting gig on the side),

3. Junior auditors get valuable experience in staring at spreadsheets for 14 hours without asking questions.

Everyone wins... except, of course, for investors, creditors, and the general public.

The Audit is NOT Supposed to Find Fraud (So Stop Acting Surprised)

The great misconception is that auditors are out there, sleeves rolled up, diligently uncovering corporate deception, bravely exposing billion-dollar frauds, and heroically holding executives accountable. That’s not what an audit is designed to do.

You see, an audit’s primary function is to assess whether the financial statements are “reasonable.” And what exactly constitutes “reasonable”? Well, that’s a highly flexible concept when your client is paying you millions and might hire you for a consulting gig next year.

But let’s talk methodology. How do these professionals ensure that financial statements reflect reality?

• They ask management if the numbers are correct. And because corporations are famously honest, that’s usually good enough.

• They check a tiny sample of transactions. A bit like checking one ice cube in a drink to confirm there’s no poison. If the sample looks good, the whole thing must be fine, right?

• They assume the client isn’t lying. Because as we all know, companies never cook the books, and executives never mislead auditors. Ever.

It’s no wonder massive, gaping frauds routinely slip through the cracks. Take Wirecard, for example. Wirecard was Germany’s golden fintech star, which turned out to be a multi-billion-dollar illusion. EY, the auditor, somehow missed the fact that $2 billion was just… missing. They didn’t check the bank accounts, didn’t follow the money, and didn’t ask too many inconvenient questions.

The problem here isn’t auditor incompetence. It’s that the system is designed to function this way. The goal is to rubber-stamp financials, not to dig too deep (that's forensic accounting). If they actually started looking for fraud, who would hire them?

The Business Model: Auditors Are Paid by the People They’re Supposed to Police

If you design a system to fail, don’t be surprised when it collapses under the weight of its own absurdity.

Imagine if criminal investigations worked like audits. A suspect is accused of fraud, so the police arrive... except the suspect gets to choose which detective investigates them, decides how much to pay them, and then politely hands over a pre-written report claiming everything is fine. The detective nods, stamps “Case Closed,” and moves on.

No CEO hires an auditor to find problems. They hire them to confirm that there are no problems. A Big 4 partner isn’t going to jeopardize a multimillion-dollar contract by asking pesky questions. That would be like a restaurant critic giving a bad review to a chef who pays their salary. Not exactly a sustainable career move.

So, what do auditors do instead? They give their clients exactly what they want: a “clean” audit opinion that reassures investors, regulators, and the general public that absolutely nothing is on fire.

🔴 Example: Lehman Brothers (USA, 2008) – EY knew the bank was burying billions in debt off the balance sheet, but did they raise alarm bells? Nope. They signed off on it, took their fee, and let the financial crisis unfold like a beautifully predictable disaster movie.

And it gets even better!

The Big 4 make more money from consulting than from auditing. And who do they sell their consulting services to? Oh, just the same companies they’re supposed to be auditing!

🔴 Example: Enron (USA, 2001) – Arthur Andersen cashed in on both sides of the deal by auditing Enron’s books while also consulting them on how to creatively “manage” their numbers. When Enron collapsed, Arthur Andersen went down with them. The only Big 4 firm to ever actually die from its own negligence.

If we really wanted independent audits, regulators would appoint the firms, not the companies being audited. But that would make way too much sense. So instead, we have a system where financial truth is optional, provided you can afford the right audit firm.

Southeast Asia: Where Auditors Know Their Place

If the global audit system is broken, then Southeast Asia is where it stopped pretending to work altogether.

Audits in this part of the world are less about financial scrutiny and more about ensuring no one loses face. The end goal isn’t truth or transparency, but rather ensuring that powerful companies and government-linked entities remain comfortably unchallenged. Nothing ruins an auditor’s day like accidentally uncovering fraud in a country where whistleblowers have an unfortunate habit of disappearing.

And who does the actual work? A bunch of 24-year-old associates who haven’t slept properly in months.

Yes, junior auditors do 95% of the heavy lifting, while senior partners spend their time ensuring client relationships remain lucrative and uncontroversial. These young auditors, fresh out of university and drowning in Excel spreadsheets, quickly learn the unspoken rules of the industry:

• Don’t challenge senior management.

• Don’t dig too deep.

• Don’t forget that the client is paying us.

Now, imagine you're one of these junior auditors. You’re earning just enough to cover a Grab ride home, and you’ve been assigned to audit a massive, politically connected conglomerate. You find something suspicious. Maybe some unusual revenue recognition, a conveniently timed asset revaluation, or a few hundred million that doesn’t quite add up.

Now, you have a choice:

• Option A: Flag the issue, escalate it to your manager, and risk making very powerful people very unhappy.

• Option B: Keep your head down, finish your work, and get home before sunrise.

🔴 Example: 1MDB (Malaysia) – KPMG and Deloitte signed off on billions of stolen money because calling out the biggest financial scandal in Malaysian history would’ve been… inconvenient.

🔴 Example: Garuda Indonesia – BDO somehow missed the airline’s fake revenue numbers, even though anyone with a calculator and common sense could see something was off.

And why does this keep happening? Because Southeast Asian corporate culture is built on deference, hierarchy, and not upsetting the wrong people.

1. A junior auditor is not going to challenge a CEO.

2. A mid-level manager is not going to question an audit partner’s decision.

3. An audit partner is definitely not going to risk losing a high-paying client over “some irregularities.”

And when that client is also paying millions for consulting services, well… the result is exactly what you’d expect. A clean audit opinion, a happy client, and a system that keeps turning a blind eye.

The Big 4 Will Keep "Missing" Fraud, and Nothing Will Change

You’d think that after decades of corporate collapses, billion-dollar frauds, and multiple economic disasters directly linked to audit failures, governments, regulators, or society at large, would have done something about it by now.

Hahaha.

No.

Because here’s the thing: nothing will change. Not today, not tomorrow, and certainly not while the Big 4 firms are still too big, too powerful, and too politically connected to ever face real consequences.

For all the noise regulators make about “holding auditors accountable”, the reality is that when these firms do get caught with their hands in the cookie jar, the punishment is so laughably insignificant that it barely qualifies as an inconvenience. A fine? A sternly worded letter? Maybe, if things get really bad, a temporary ban from taking on new clients for a year.

🔴 Example: KPMG (South Africa) – Got caught enabling state-level corruption. Their punishment? A fine so small that their partners probably wrote it off as a business expense.

🔴 Example: EY (Wirecard, Germany) – Somehow didn’t notice that $2 billion was missing. Their official response? “Oops.”

And here’s why this will keep happening: auditing is no longer about ensuring financial integrity. It’s about selling credibility.

See, audit firms don’t actually care about whether financial statements are accurate. That’s not the product they’re offering. What they’re really selling is a little rubber stamp that makes investors, regulators, and the general public feel like everything is fine.

Whether it actually is fine? Well, that’s not their problem. By the time the fraud is exposed and the company collapses, the auditors have already moved on to their next client, and the game resets for another round.

So, the next time a multi-billion-dollar fraud explodes onto the news, and everyone acts shocked, do yourself a favor; skip the outrage, ignore the think pieces, and don’t bother asking “How did the auditors miss this?”

Instead, ask the real question: “Why do we keep pretending audits are meant to catch fraud in the first place?”

We all know the answer. The entire system is built not to detect fraud, but to give the illusion that someone is watching. In reality, everyone involved understands the game. The goal is not accuracy or integrity, but compliance theater, where financial statements get their rubber stamp, and everyone moves along as if everything is just fine.

And when the inevitable collapse happens? The cycle resets. The audit firm will express “deep concern”, issue a “lessons learned” statement, and regulators will promise reform. Meanwhile, the next corporate fraud is already brewing.

So, let’s make this fun. Which Big 4 firm will be next? Which billion-dollar fraud will they “fail to notice” next time?

Place your bets. 🎲