Despite heightened risk of conflicts of interest, agencies that are paid by the companies they rate actually predict fraud earlier and more accurately than other analysts.
Authored by Allen HUANG, WANG Shiheng
In December of 2003, one of the largest corporate scandals in European history broke: The Italian dairy and food corporation Parmalat admitted that it had concealed billions of euros in debt and falsified financial statements in an effort to hide its serious financial troubles. Financial analysts were shocked. In Q2 of 2003, the vast majority of analysts were still issuing “buy” or “hold” ratings for Parmalat. And yet, as early as November of 2002, two credit rating agencies (CRAs) were telling a different story: Both Standard & Poor’s (S&P) and Moody’s Investors Service had already begun downgrading Parmalat’s credit rating due to concerns about its financial health and transparency. Why were these CRAs able to see what so many analysts had missed?
Investors often rely on analyst reports to avoid investing in companies that are engaged in fraud, but Parmalat’s downfall demonstrates that reports from analysts with limited access to private information may not reflect a company’s true financial condition as accurately (or as far in advance) as CRAs that can incorporate more extensive private information into their ratings.
Interestingly, this flies in the face of many investors’ assumptions. After all, the reason CRAs like S&P have better access to private information is that they are paid by the companies they rate, suggesting that conflicts of interest might keep them from revealing their customers’ fraud. In contrast, other rating agencies, such as the Egan-Jones Rating Company (EJR), are paid by investors, eliminating this potential conflict of interest. However, Parmalat’s story and our recent research suggest that despite heightened risk of conflicts of interest, S&P’s access to private information means that their ratings signal fraud earlier and more reliably than those of analysts who must rely largely on public data.
S&P Ratings Predict Fraud Earlier and More Accurately
Specifically, we analysed 177 cases of accounting fraud identified through SEC Accounting and Auditing Enforcement Releases and settled securities class action lawsuits between 1999 and 2018, all of which were committed by companies that had been rated by both S&P and EJR. We started with a baseline fraud prediction model that incorporated commonly-used factors such as accrual-based F-scores (a standard financial metric), short interest, equity returns, analyst recommendations, and credit default swap spreads. Then, to quantify the value-add of CRA ratings, we incorporated ratings from both S&P and EJR into the model.
And what did we find? Adding S&P’s negative rating actions to the baseline fraud detection model improved performance significantly, while adding EJR’s ratings had minimal impact.
This is especially important because the baseline model was far from perfect: It correctly identified firms as fraudulent or non-fraudulent just 54% of the time, it had a false positive rate of 46% (that is, of the non-fraudulent firms, it incorrectly classified 46% as fraudulent), and it had a false negative rate of 38% (that is, of the fraudulent firms, it incorrectly classified 38% as non-fraudulent). Adding S&P’s negative rating actions increased correct classifications by 2.5% and reduced false positives and false negatives by 2.5% and 1.8% respectively, while incorporating EJR’s negative rating actions only increased correct classifications by 1.01% and reduced false positives by 1%, and it actually increased false negatives by 0.8%.
We also found that S&P began to downgrade fraudulent firms much earlier than EJR did. S&P downgrades occurred up to a year before the fraud was revealed, while EJR did not downgrade until two quarters beforehand, and on average, S&P’s earliest negative rating actions preceded those of EJR by 83–121 days.
Change in Fraud Detection Performance with S&P Versus EJR
Lastly, we also explored fraud prediction performance before and after the 2008 Financial Crisis, since the Dodd-Frank Act (passed in 2010 in response to the crisis) made it substantially easier both for the U.S. government to impose sanctions on CRAs and for investors to sue CRAs in response to misleading ratings, significantly increasing CRAs’ liability. Due to this increased scrutiny, S&P’s fraud detection effectiveness improved post-2008—but we saw no such improvement for EJR.
Taken together, our findings suggest that despite the potential for conflicts of interest, S&P’s ability to leverage private information enables it to detect fraud earlier and more accurately than credit rating analysts who must rely more heavily on public data.
Access to Private Data Boosts CRAs’ Fraud Detection Capabilities
Diving deeper, our quantitative research coupled with several in-depth interviews highlighted a few key reasons for the improved fraud detection performance of CRAs like S&P.
First, while the SEC’s Regulation Fair Disclosure rule prevents managers from selectively disclosing information to many intermediaries (such as financial analysts), CRAs are specifically exempt from this restriction. Next, CRAs that are paid by the firms they rate typically sign nondisclosure agreements with their customers, giving them access to important documents such as credit and acquisition agreements, private placement memoranda, budgets, forecasts, and detailed financial reports. These CRAs are also often privy to advance notice of significant events, and their analysts typically conduct in-depth site visits during initial ratings and annual reviews, in which they can observe company operations up close and meet face-to-face with top executives. Of course, fraudulent companies are unlikely to reveal evidence of their fraud directly, but these private meetings often allow analysts to pick up on vocal cues, facial expressions, and other forms of indirect communication that can facilitate fraud detection.
Insights to Mitigate Fraud Risk and Enhance Performance
As a result, CRAs like S&P can often offer valuable, otherwise hidden insight into potential fraud. So, what does this mean for investors, companies, and regulators? Below, we walk through key takeaways for each of these three groups, shedding light on how these stakeholders can leverage our findings to reduce the risk of fraud and boost performance.
Takeaways for Investors
1. Integrating Rating Changes into Investment Screening
First and foremost, our research demonstrates that S&P’s negative rating actions serve as early and reliable indicators of accounting fraud, making them a valuable tool for investors to identify high-risk firms before fraud is revealed publicly. As such, investors should integrate S&P rating changes into their investment screening and review processes (and, to ensure consistent implementation, they should provide training programs to educate their teams about the effectiveness of this approach).
2. Flagging Downgraded Firms for Divestment
Particularly when rating changes are misaligned with market trends or economic conditions, investors can proactively flag downgraded firms for potential divestment or further due diligence. Divestment can take the form of selling equity or debt securities, shorting stocks, or purchasing credit default swaps to hedge against potential fraud- related declines in firm value, while enhanced due diligence may include reviewing SEC filings, engaging forensic accountants, or analysing management communications (e.g., earnings calls) for signs of deception.
3. Engaging CRAs for Rating Actions Insights
Our research also suggests that investors may benefit from engaging directly with CRAs to gain additional context on their rating actions, particularly for high-risk firms. While confidentiality requirements prohibit CRAs from explicitly sharing private information, analysts may highlight red flags or nuances based in public information that external investors might have overlooked, but whose importance the CRA has confirmed using private data.
Takeaways for Rated Companies
Of course, fraud isn’t just bad for investors—it’s also bad for the firms that get caught committing it. That means visibility into early warning signs of potential fraud can be highly valuable not only to investors, but also to the companies that CRAs rate.
1. Monitor Rating Actions and Rectify Potential Issues
Specifically, firms should monitor their own S&P rating actions in real time, and whenever a downgrade occurs, they should proactively conduct a thorough internal review to identify and rectify the accounting irregularities or operational issues that triggered it before the problem escalates further. Firms should also develop a communication strategy to address negative rating actions promptly, maintaining trust and minimizing adverse market reactions by transparently explaining the reasons behind the downgrade (and the steps being taken to address them) to lenders, investors, and other stakeholders.
2. Detecting Fraud Proactively to Avoid Downgrades At the same time, especially as more investors incorporate S&P rating changes into their analyses, it will become increasingly important for rated companies to take steps to avoid being downgraded. On the one hand, this means developing internal mechanisms to detect and prevent fraud before it triggers CRA rating changes. For instance, firms may consider investing in advanced data analytics and fraud detection tools to monitor their financial reporting for anomalies, implementing robust internal audits and engaging external auditors to regularly review financial statements, and establishing whistleblower programs and internal reporting channels to encourage early identification of potential fraud rather than waiting until it is detected externally by CRAs or regulators.
3. Engaging CRAs to Ensure Accurate Assessments
On the other hand, to ensure accurate assessments, firms should also be sure to maintain open and transparent communication with CRAs. They should engage proactively with S&P analysts during site visits and meetings; share accurate and comprehensive information about financial performance, forecasts, and strategic plans; and promptly address any concerns raised by S&P to prevent negative rating actions that may raise red flags among investors.
Takeaways for Regulators
Finally, our study offers important implications for capital market regulators tasked with detecting fraud, such as the SEC in the U.S. or the Securities and Futures Commissions (SFC) in Hong Kong.
1. Leveraging CRA’s Data for Fraud Detection
First, regulators should consider incorporating data from CRAs with access to private information into their fraud detection frameworks. Beyond simply viewing published ratings, regulators can collaborate with these agencies to glean nuanced insight into potential cases of fraud without compromising confidentiality. For example, governments can establish formal channels for CRAs to share anonymized or aggregated data on rating actions, whether through voluntary reporting mechanisms or as part of existing regulatory oversight frameworks. They can also encourage CRAs to disclose the methodologies they use to assess fraud-related risks, again without compromising specific firms’ proprietary information.
2. Leveling Informational Playing Field
In addition, while our study shows that CRAs that aren’t paid by the firms they rate are less able to detect fraud, they also have fewer conflicts of interest and are thus less likely to withhold information about accounting fraud when they do discover it. As such, regulators could explore ways to enhance these CRAs’ access to relevant information or incentivize their development of alternative fraud detection methodologies. Policies that level the informational playing field, such as requiring firms to disclose certain non-public information to all CRAs under controlled conditions, may help boost fraud detection, as can governmental investment into advancing the data analytics tools these agencies use to detect fraud.
Looking Ahead: The Future of Fraud Detection
Today, negative rating actions from CRAs with access to companies’ private information can provide valuable early insight into potential fraud—and going forward, new technologies and regulatory frameworks will likely further boost their detection capabilities. On the regulatory front, we’ve already seen that reforms passed in response to the 2008 Financial Crisis improved S&P’s fraud detection performance, and greater collaboration with and support of CRAs may strengthen their performance even more. And on the technical front, advances in data analytics and machine learning could further enhance predictive capabilities. For instance, integrating CRA data with AI-driven fraud detection models could enable a powerful hybrid approach, combining human insights with algorithmic precision.
At the end of the day, we’re unlikely to ever fully eliminate fraud. After all, as regulators, internal managers, and external analysts improve their detection techniques, so too will fraudsters inevitably come up with new ways to evade notice. But our research demonstrates that despite the potential for conflicts of interest, CRAs that are paid by the companies they rate actually detect fraud sooner and more accurately than other analysts, highlighting their potential to help investors, firms, and regulators alike more effectively identify and address fraud.
This article draws on the research paper “The Usefulness of Credit Ratings for Accounting Fraud Prediction,” authored by Allen Huang, Pepa KRAFT, and Wang Shiheng.
Allen Huang is a professor of accounting and the head of the accounting department at HKUST, focusing on issues related to natural language processing in financial text, earnings management, financial analysis, accounting fraud, and securities litigation. Wang Shiheng is an associate professor of accounting at HKUST, focusing on international accounting, financial reporting, contracting, and market efficiency.