The Effects of Auditor-level Cybersecurity Breaches on Auditor-Client Relationships
研究2005至2019年间四大审计师遭遇的15起数据泄露事件,发现客户更可能更换受影响的审计师,且审计质量下降、审计费用上升,表明网络安全漏洞损害审计师声誉并带来显著成本。
Between 2005 and 2019, Big4 auditors experienced fifteen data breaches. In this paper, we examine how client firms respond to an auditor-level data breach and whether auditors adjust their behavior in response. Using auditor-client pair observations, we find a higher likelihood of auditor turnover among clients of breach-affected auditors compared to those of non-breach auditors. When switching auditors, clients are more likely to choose an auditor who has not experienced a data breach in recent years (typically within the past 3–5 years). We also find that a data breach is negatively associated with audit quality – breach-affected auditors become less conservative and allow greater discretion in financial reporting during the breach year. Furthermore, auditors increase audit fees following exposure to a data breach. Overall, our findings suggest that auditor-level cybersecurity breaches impair auditors’ reputations and impose significant costs.