The global oligopolies in financial services market
The global market in financial market services is characterized by implicit collusive oligopolies. Consider management consultancy, auditing and assurance, credit rating, and credit/debit card payment processing. There are 3-4 firms that dominate the global market in each of these. In fact, many core financial services - M&A advisory, underwriting, asset management, etc - are also oligopolies. The problems with these gatekeepers are not just about monopoly, but also about systemic risk creation.
In 2020, the big four accounting firms - EY, Deloitte, KPMG, and PwC - made up 74% of the market share, and audited the vast majority of the biggest firms. The three big rating agencies - Moody's, S&P's, and Fitch Ratings - control 95% of the global rating market, with the first two alone controlling 80%. In 2021, Visa, Mastercard, and Amex made up 97.8% of the US credit card payment processor market, with the first two alone making up 87.3%. Globally, Visa, Union Pay, and Mastercard made up 96%, with Union Pay being the Chinese equivalent. These are all staggering numbers and point to a vice-like grip on these markets. The situation is not much better in financial services like M&A advisory and debt issuance underwriting, especially with large and cross-border transactions.
What makes the aforesaid markets distinctive and therefore a matter of serious concern is that they are almost essential services in their respective markets. Consultants and auditors are either a necessity or a statutory requirement for businesses. Credit ratings are an essential signature to operate in the financial markets. And payment processors are the gatekeepers to the primary retail transactions platforms. And, all these are all global services with global networks and economies of scale, thereby further increasing the entry barriers.
These markets are all oligopolies. Oligopolistic markets are characterised by a small number of firms that have similar business models and pricing structures, and who therefore present a similar supply side to an effectively captive market. Besides, their implicit collusion forms insurmountable entry barriers and makes them price givers. Finally, these firms also pose concentration risks, which in turn create perverse incentives.
FT recently pointed to the common factor behind the three recently failed US regional banks - Silicon Valley Bank, First Republic, and Signature. KPMG was the auditor in all three cases. The FT writes,
In all three cases, KPMG gave the banks’ financial statements a clean bill of health as recently as the end of February... Scrutiny of KPMG’s work was likely to fall on whether its staff were sufficiently independent from the banks they audited, whether they paid proper attention to red flags, and whether they had the right skills to judge the quality of financial statements in an environment that had changed significantly because of rising interest rates, accounting experts said.
If this were a competitive market, three high-profile failures in just over a month, with clearly documented internal audit failures, would have been enough to tarnish the reputation of the auditor. But unfortunately, in all these markets, egregious omissions and commissions with disastrous consequences for their clients have been common. But the service providers have faced little by way of financial or reputational losses and appear Teflon coated.
I have blogged about the problems posed by auditors (here and here), consultants (here, here, here, here, and here), and credit rating agencies (here, here, here, and here). The role of egregious auditing omissions by EY in the collapse of payments firm Wirecard is now well documented. Despite numerous high-profile failings with serious adverse impacts, they have continued to offer their services as though nothing has happened.
In fact, the markets for gatekeeping services of modern capitalism offer good examples of the failure of market discipline. These recurrent revelations are also an indictment of the audit regulator in the US, the Public Company Accounting Oversight Board (PCAOB). This is all the more inexcusable given PCAOB's own assessment showing deficiencies in more than a fifth of audits by the Big Four and in nearly 60% among KPMG's non-US affiliates.
The biggest irony about risk mitigation is that the market which provides assurance and internal controls assessment services itself suffers from an unhealthy level of risk concentration.
There could also be questions about KPMG’s broad role in the financial system. The firm holds a singular role as auditor of more US banks than any of the other Big Four, and it audits a larger proportion of the country’s banking system by assets than any other firm, according to data from Audit Analytics. As well as being auditor to Wells Fargo, Citigroup, Bank of New York Mellon and three dozen other listed banks, it also audits the Federal Reserve... Publicly listed banks paid the firm more than $325mn in fees in 2021, the last year for which full data is available, with the sector accounting for about 14 per cent of KPMG’s fees from public clients. That compared to 8 per cent at PwC, 3 per cent at EY and 2 per cent at Deloitte.
This market concentration poses several concerns. It ensures monoculture and a lack of internal diversity in auditing practices. There emerge collective blindspots, often conveniently deliberate oversights, within the industry. Apart from firms being left with limited choices, safeguards like auditor rotation become virtually meaningless exercises.
While revolving doors and conflicts of interest in the consulting industry and policy-making are now widely documented, the extent of perversion in this instance is shocking.
KPMG alumni have also gone on to play significant roles in the banking sector, including at former clients. The chief executives of Signature and First Republic were both former KPMG partners. Accounting professors said regulators were likely to pay close attention to Signature’s appointment of Keisha Hutchinson, who was the lead partner on the KPMG audit team at the bank, to be its chief risk officer in 2021, less than two months after she signed the 2020 audit report. Securities and Exchange Commission rules require a 12-month cooling off period before an audit partner is hired by a company into a role that oversees financial reporting, although that is usually interpreted to mean chief financial officer or financial controller roles.
Such conflicts of interest arising from revolving doors and cosy personal ties are a much bigger problem with the big management consultants and Wall Street banks. In fact, in recent years, this has been a concern in central banks too.