Auditors are increasingly involved, in various ways, in the running of companies. Four types of activities can be distinguished: (i) general statutory duties entrusted to auditors by law (e.g. the duty to audit corporate financial statements and issue an opinion on the fairness and accuracy of these statement); (ii) specific statutory duties; (iii) contractual duties (assumed through agreements with clients); and (iv) judicial assignments (e.g. when the auditor serves as a court-appointed expert or manager of a distressed company). This article describes some current trends in the area of auditors' liability which we have observed in our practice.
Auditors can undoubtedly be viewed as fulfilling a public service mission, as a broader community of people and institutions rely on their work. Indeed, the European Commission has pointed out the auditor's importance in financial and business circles. In this context, auditors are obviously keen to limit their liability.
Under Belgian law, auditors' civil liability for the fulfilment of their statutory duties is limited (except in the case of fraud or wilful misconduct) to EUR 3 million for unlisted companies and EUR 12 million for listed companies. Such duties include the general duty to audit the financial statements of companies as well as specific statutory duties such as a duty to draft specific reports in the event of a merger, voluntary winding-up, dividend distribution, etc. For these duties, the abovementioned limit applies to any contractual or extra-contractual liability, both to the company and to third parties.
According to the literature, when it comes to statutory duties, auditors' liability is a matter of public policy. In other words, it is not possible to derogate from these rules. While it seems that scholars agree on the fact that the abovementioned limit applies for each specific duty/assignment provided for by law, there is some debate as to how to apply this limit when an auditor is appointed for a three-year term to audit a company's financial statements. In this case, it is not clear if the limit applies for the entire three-year period or if it should be re-applied each year. In any case, however, it seems that the limit applies to each type of duty or assignment and not, for instance, to each breach or injury. Auditors' liability for their general duties is time-barred after 5 years but, once again, it is not clear whether this five-year period, rather than the general ten-year statute of limitations (see below), also applies to the specific duties with which auditors are entrusted.
For contractual assignments (such as due diligence or advice on a business plan, etc.), auditors' liability is not limited by law. Auditors tend to believe that the statutory limitations on liability also apply to their contractual assignments, but this is not the case. For these types of assignments, auditors must limit their liability in an engagement letter, expressly stating, for instance, a limitation on liability or providing that the client will indemnify the auditor in the event of third-party claims, etc. In this way, the auditor is covered against claims by the client (the contracting party) but not against claims by third parties under the general liability rules (Article 1382 Belgian Civil Code). In the latter case, the statute of limitations is 10 years.
Auditors are increasingly involved as experts in legal proceedings or appointed by the courts to carry out certain assignments in distressed companies (e.g. bankrupt companies or those in the process of restructuring), such as serving as a trustee in bankruptcy, deputy judge, temporary administrator , etc. For these types of assignments, the possibility to limit the auditor's liability is extremely limited, as the auditor is appointed by the court and the applicable statutory provisions (e.g. on court-appointed experts, reorganisation proceedings, and bankruptcy) tend to be complex and at times unclear and difficult for laypeople to understand. However, it is precisely in such cases that the risk of liability is the greatest, given the wide variety of stakeholders involved (creditors, employees, shareholders, directors, etc.).
When assessing an auditor's liability to a third party, the courts tend to take into account not only the statutory provisions applicable to auditors and the ethics rules of the profession issued by the Institut des Réviseurs d'entreprises/Bedrijfsrevisors Instituut but also the public's expectations. In the event of ethical misconduct (i.e. a breach of the ethics rules), the courts usually hold the auditor liable if the third party in question was damaged or harmed by the breach. This is but one example of the heightened risk of auditors' liability.