Soziale Systeme 3 (1997), H.1, S. 3-21

From Risk Society to Audit Society
Michael Power

Zusammenfassung: Der Essay beschäftigt sich mit den Implikationen der zu beobachtenden Zunahme des Auditing in Großbritannien für Ulrich Becks Konzept der 'Reflexiven Modernisierung'. Allgemein wird angenommen, daß die neue Form der Qualitätsprüfung Prozesse reflexiven Lernens in Organisationen ermöglicht, so daß eine Kompatibilität zwischen ökonomischen Kriterien und Regulierungszielen herstellbar ist. In der praktischen Umsetzung funktioniert Auditing als Teil einer Struktur der 'Kontrolle der Kontrolle', deren Möglichkeiten ambivalenter sind, als das Modell suggeriert. Trotzdem wird Auditing aufgrund ökonomischer Motive und Gründen der Informationsverarbeitung zu einem dominierenden Regulierungsstil. Die diskutierten Beispiele des Auditing im Gesundheitssystem, des Umwelt-Audits und des Derivatenmanagements legen nahe, daß Auditing sich stärker auf Prozesse des Managementsystems als auf das substantielle Operieren einer Organisation konzentriert. Diese Erkenntnis widerspricht der allgemeinen Erwartung an die Form der Selbstregulierung und hat unabsehbare Nebeneffekt. Die allgemein herausgestellten reflexiven Potentiale des Auditing sind zumindest noch nicht sichtbar, so daß das Aufkommen der Auditing-Gesellschaft eher mit Becks Konzept der 'organisierten Unverantwortlichkeit' beschreibbar ist.

I

There is a growing intellectual recognition of the need to design governance mechanisms which, in various ways, enlist the resources of the regulatee. There has been much talk of 'governmentality' (Rose/Miller 1992), 'mutual regulation' (Simmons/Wynne 1994), 'self-organization' (Luhmann 1988; Luhmann 1991; Teubner/Farmer/Murphy 1994) and 'responsive regulation' (Ayres/Braithwaite 1992). It is as if a certain kind of socio-legal scepticism about the implementation 'deficit' of classical regulatory goals is giving way to more upbeat assessments about the internalization of compliance cultures within organizations. Concepts of local empowerment have become fashionable and 'regulatory networks' which draw from the cognitive and financial resources of the regulatee have become an object of interest in many different domains. Overall, the softer language of 'compliance readiness' is replacing that of command and control. These shifts in theoretical attention also reflect institutional change: methods of governance in a wide variety of areas are turning to voluntaristic and market based forms of control. Capitalism has become 'disorganized' and 'out of control' as reflexive and locally flexible control and information structures have developed (Lash/Urry 1994, chapter 4; Kelly 1994).

It is clearly an overstatement to imply that modern states have always, until recently, attempted to control 'from above': informal methods of indirect influencing and state involvement in markets (Kettl 1993) have always existed. But there seems to be such a conspicuous and systematic change of regulatory mood in recent years that it no longer makes sense to juxtapose regulation by self and regulation by others. This is not just a tired theoretical opposition; regulatory authorities with forms of stability and control as politically necessary objectives are recognising their limited economic and cognitive resources. Mechanisms are being explored by which desired behaviours can be stimulated, largely by attempting to internalise imperatives which were previously externally imposed. For example, there is an emergent interest in 'reflexive' forms of law predicated on the need to understand how decisions are made (Teubner 1993; Farmer/Teubner 1994; Orts 1995). This transformation in control philosophy has created a demand for ways of making organizational fields internally and externally visible for decision making purposes. More precisely, new information structures are required in order to challenge and shift the boundaries between insiders and outsiders and to reconnect decision makers with their remote publics. This connection is effected via systems of layered influences, chains of control practices in which each 'link' controls the next. In short, an explicit regulatory style is emerging which can be characterised by the idea of 'control of control'.

Against the background of these broad regulatory developments, this essay explores explore the recent growth of auditing as a form of 'control of control' (Power 1994a) and analyses it in relation to a number of the issues raised by Beck (1992b). Ulrich Beck's concept of 'reflexive modernization', and his suggestion that 'classical instruments of political direction' (Beck 1992a, 107) are being displaced by systems of knowledge which are open and self-monitoring, are consistent with the emerging regulatory style described above. This theme of self-monitoring is common to many writers and in practice audit represents a distinctive style of risk management which is growing in many different areas. Even forms of incentive based controls through legal liability and insurance mechanisms employ audit processes; in this way audit has become fundamental to a new regulatory mood which delegates and supervises. Auditing is not a glamorous subject, either for its practitioners or indeed for its theorists. However, it is because of this lowly and merely technical self-image that it has, almost unnoticed, come to be such a key regulatory resource and has extended its reach into many different areas of social life. Audit practices also seem to offer a potential for anchoring Beck's concept of 'reflexive modernization'. For example, the concept of 'reflexivity' could be defined in terms of 'self-audit' i.e. as a practice of second-order observation of organizational operations. However, this essay argues that the programme of effective 'control of control', in which internal systems can be linked to distant regulators via auditing, is more ambivalent than the hopes that have been invested in it. The reflexive potential of a risk society in Beck's sense may be delayed by, and decay into, an 'audit society' (Power 1994b) and varieties of 'organized irresponsibility' (Beck 1992a, 103).

II

According to Beck, a paradigm shift in the understanding of risk is needed: a shift from the problem of knowing risk to the problem of the risks inherent in ways of knowing. This is his most striking theme: risks originate in the social organization of knowledge and norms rather than in nature itself. There is of course widespread recognition that many risks are the product of industrial modernization and he is not alone or recent in making this claim. But Beck also argues that this has reached a point where the economy is becoming increasingly 'self-reflective' in its operation and new strategies of risk definition have emerged in new locations: "This means that the calculation of risk as it has been established so far by science and legal institutions collapses" (Beck 1992b, 22) Calculative practices which used to be oriented towards external, environmental 'dangers', such as shipping insurance, are now reorienting reflexively around the self-production of risk.

Luhmann seems to make a similar point when he argues that risk, as opposed to danger, implies a form of management oriented towards decision making potential: "More and more states - whether existing or aspired to - are seen as being consequent to decisions i.e are attributed to decisions" (1991, 46) rather than to nature. Or, as Beck puts it, latent side effects which have been experienced as natural fate are being newly attributed and where this occurs a sense of the need to manage risk arises.

Elements of Beck's diagnosis might culminate in a rather gloomy assessment of the prospects for change. However, he is guardedly optimistic about the immanent and 'reflexive potential' which is (will be?) realised in the recognition of self-produced risk. For example, the cultural authority of scientific experts is being undermined since their expert knowledge is implicated in the production of risk in the first place: "There is no expert on risk" and the concept of 'acceptability' is no longer the province solely of experts; risk analysis is a "polygamous marriage with business, politics and ethics (...)" (Beck 1992b, 29).

Drawing from the fragility of scientific authority made evident in science policy studies, Beck argues that an essential tension, an adversarial dialectic of expertise and counter expertise, is constitutive of an emergent politics of risk definition. This politics is intensified by a confidence in abandoning scientific arguments about causality ('much will not be able to be corroborated'). A new spectrum of liable parties, in which responsibility no longer follows causality, has been made possible. Previously, the law was such that no-one could be blamed and no-one was therefore responsible (Beck 1995). According to Beck, the monopoly of rationality enjoyed by scientific hazard definition, and the division of the world into experts and non-experts has been shattered and contested. However, the abandonment of causal authority also provides opportunities for competing definitions of what it is to manage risk.

As Beck notes, fighting self-produced risks has become a flourishing industry itself and new instruments of definitional risk-management are being developed. This has given rise to antagonisms between risk-definers and consumers, definitional struggles which oscillate between revealing and concealing risk. These are struggles not just about methods but also about who is affected and a complex victimology is emerging from these debates. Beck also points to new markets, driven by demands for the avoidance of risk, in which risk production may be normalised (e.g. by tradeable pollution permits). This is what he describes as a 'cosmetics of risk', a symbolic industry of risk management. For example, the notion of an 'acceptable level' of pollution fulfils only the function of a symbolic detoxification; in the process society has become a laboratory. And Beck alludes to a certain 'remanagerialization of risk' which embodies a distinctive logic: the "institutionalized non-management of problems" (Beck 1992a, 105) in which "security strategies are a side show" (Luhmann 1991, 29).

Although Beck anticipates some of the dangers of the 'remanagerialization' of risk, these concerns are balanced by his 'immanentist' optimism about a new democratic potential: 'poverty is hierarchic but smog is democratic'. In other words, distinctive potentialities inhere in the eventual identity of perpetrators and victims and Beck (1995) argues that big industry is its own best opponent. These claims, with their typical aphoristic density, have an ontological flavour: risks are the 'stowaways of normal consumption'. For Beck, such objective commonalities have not yet been fully politically activated and, a little like Habermas perhaps, he posits the ideal of an emergent political subject. Hence, the concept of 'reflexive modernization' is intended to express trends in which existing monopolies of knowledge and politics are breaking down and being replayed into themselves. In the 'demonopolization' of science, science actually becomes more necessary even though it is also less self-sufficient for socially binding definitions of truth: wider publics may be active co-producers of truth about risk. In this way the internal culture of scepticism (conjecture and refutation) of science, which was paradoxically coupled to claims to certainty in external markets, is being turned inside out. According to Beck, public uncertainty will turn afresh to reflexive science.

Another dimension of the 'reflexive modernisation' concept is that the distinction between the calculable and the incalculable also changes. Beck seems to be pushing for a concept of practical solvability which is not compromised by expert prevarication about the immeasurability of side effects. The abandonment of strict causality corresponds to a repositioning of expert authority: risk calculation emerges not as controllability but as estimateability in such a way that secondary effects are robbed of their latency. Reflexive modernization means the recognition of the self-origination of threats such that side effects can be reconnected to their contexts of production. Beck recognises that the collective learning which such a process of reconnection represents is threatened by a 'secondary industrialization of consequences and symptoms which tends to expand markets.' In other words, the sources of danger are not ignorance (of nature) but structures of institutionalized knowledge. In short, ways of knowing are ways of being ignorant.

Emergent forms of environmental accounting provide a good illustration of both this potential and danger. Where 'green disclosures' are appended to traditional representations of corporate performance in annual reports, the self-production of risk remains publicly invisible. Only where external effects can be reinternalized can the 'invisible be made culturally discernable' (Beck 1992a, 118) and new forms of responsibility can crystallise around new accountings for side effects (Power 1994c). Although calculability and the attribution of side effects has always posed problems for credible environmental accounting, Beck seems to be suggesting that the principle of reinternalization is more significant than causal accuracy. Exact calculation may be less important than shifting the institutionalized boundaries of the reporting entity and thereby shifting the onus of proof and responsibility.

According to Beck, the seeds for reflexive modernization are to be found in an emergent sub-politics of, for example, flexible specialization where new information networks for organizations are replacing the fictional model of central steering. These transformations in organizational life embody the essential potential for activating responsibility for self-produced side effects, ideas which connect Beck's claims to the wider concerns with rethinking regulation mentioned above. Reflexive modernization implies that effective regulation demands a certain kind of self-regulation which internalizes responsibility for externalized side effects.

Having taken some of Beck's ideas as a point of departure, they are not without problems. In addition to his methodological elusiveness (Nowotny 1992), his 'high hopes may look more like deep illusions' (Bauman 1992) and he is ultimately exposed to the charge of too idealistic a belief in the potential for a new political subject. This weakness corresponds to an underestimation of the power of corporate capital. As one commentator has remarked, 'Most of the institutional changes which Beck describes...may..be effects of the pervasive intervention of markets into hitherto unpenetrated or resistant spheres.' (Rustin 1994, 11). Furthermore, it is far from clear that flexibilization and other such developments are leading to a de-monopolization of forms of knowledge, rather than a reinforcing of particular interests. His argument is perhaps overdetermined by the experience and hopes of the German greens (Rustin 1994, 10) and, rather like Habermas, Beck overattends to science and fails to recognise the manner in which other disciplines, such as accounting, have begun to replace the cultural authority of science (Power 1994d). For example, Beck's (1992a, 119) democratic enthusiasm for the interdisciplinarity of experts and dissenting voices underestimates the role of controlling disciplines in managing interdisciplinarity (Power forthcoming). In this way 'risk prevention is forged into the tired (and now suspect) crisis management and problem solving..' (Bauman 1992). Ultimately Beck poses the issues of reflexive modernization at the level of changed individual identities; where his thesis might have made a significant contribution to the idea of changed collective subjects, the preconditions of a 'new' corporate subject (Teubner 1994), he is frustratingly silent.

Beck poses, in popular form, questions which Luhmann has formalized in terms of the self-referentiality of social systems and their second order self-observations. Reflexive observation takes as its object the risks which lie within the very structures of observation which determine the sensitivity of social systems to their latent effects. In very different ways both Beck and Luhmann are concerned with the risks immanent in knowledge structures: Luhmann's imperative of maximising 'systems resonance' can be made to look like a project of making knowledge reflexive. But perhaps both Luhmann and Beck systematically understate the tendencies by which such new forms of knowledge become institutionalized and new categories of expert emerge. The question of 'systems resonance' towards ecological risk in Luhmann's sense is a function of expert knowledge whose institutional embodiment determines the extent to which it is fully reflexive in Beck's sense.

If the paradigm shift to a form of rationality with responsibility for self-produced risk at its centre is really to occur, accounting and audit practices, as primary mechanisms by which corporate activities are presently made officially visible, will also need to change. It is well known that accounting is a filter for variable forms of uncertainty in the environment of organizational decision making. Accounting as a technology for managing uncertainty translates the spontaneous disturbances of daily transactions into manageable data for decision making purposes. But in the mode of second-order observation of accounting operations, it has also been recognised that, prior to the use of accounting for decision making purposes, there are 'callibrational' decisions about the distinctions or categories with which accounting is to function (Hines 1988). It is at this level that the risk of knowledge, rather than knowledge of risk, resides. And it is also here that, audit as a practice which monitors and reports on accounts is a test case for the reflexive potential that Beck and others describe.

III

At first glance, audit practice seems to coincide broadly with theoretical ideals of reflexive self-observation. Audits make practices transparent to insiders, enable third party scrutiny and thereby enhance internal and external accountability. Audit facilitates a legitimate 'right to know' (Gunningham/Prest 1993, 523) and challenges the 'natural' authority of the practices by demanding new accounts of performance.(2) At the same time audits are conceived as 'light' regulatory devices which monitor individuals and organizations but which also leave them alone and which presuppose the autonomy of the auditee. The basic idea and hope is that the auditee, subject to the gaze of the regulatory body, is stimulated to engage in further processes of self-audit through which practices and procedures are constantly improved relative to benchmark standards of performance. In this manner external audit arrangements demand an internal reflexive self-auditing process, a certain kind of critical self-observation which forces standards of behaviour from below (Simmons/Wynne 1994).

This blueprint for audit practice coincides with ideals of sub-contracted regulation: it provides distant regulators with a mechanism of control which engages with and shapes decision processes inside the regulatee. The audit communicates to the regulator in various ways, the simplest being a form of certification of compliance. In this way auditors are a form of 'entrepreneurial gatekeeper' (Kraakman 1986), to whom rights of inspection have been delegated and for which they provide some form of attestation or certification of the regulated entity. The regulator's dream is fulfilled: audit maintains the residues of central oversight while functioning as the basis for auditee self-reflection and improvement. Moreover audits are cheap since the auditee pays; audits are located at the bottom of an 'enforcement pyramid' which can escalate upwards into more punitive forms of regulation (Gunningham/Prest 1993, 522).(3) In short, auditing reconciles compliance needs and organizational learning.

This ideal image of what auditing can achieve has fuelled an 'audit explosion' (Power 1994a; Power 1997) in many different fields. Audits have become central to the legitimation of a wide range of entities and groups. From the governance structures of private sector corporations to charities to psychotherapeutic practitioners, audit has become an important symbol of acceptability, indicative of ideals of transparency, accountability and managerial willingness to learn. To be audited or to say one is doing an audit is to claim institutional credibility for what one does. However, for all the ideological momentum that auditing has acquired, it remains an ambivalent practice and it is unclear what it produces. Indeed, the success story of auditing has much to do with this ambivalence and its ability to produce symbols of comfort for anxious rulers (Pentland 1993). At the extreme, instead of facilitating reflexivity and learning, audit is a form of elaborate organizational self-presentation, rich in the images of risk management and assurance which are demanded by a 'politics of fear' (Bauman 1992). The central question is whether it is a substantive or merely formal control practice.

The 'audit explosion' represents a distinctive shift in regulatory style which reformulates, rather than abandons, an older style of hierarchical control. Auditing can be characterized as a form of 'control of control' operating at the interface between regulatory and management systems of control. The idea is that control is now exercised in chains (or layers, depending on the guiding metaphor) with each link (layer) in the chain primarily controlling its neighbour by stimulating forms of self organization and control (See figure 1).
 
Figure 1. Control of Control
 

It is through this chain that the regulator, ultimately the state, and the regulated are linked in a form of 'mutual' regulation. The former enlists the competence of the latter by delegating control along the chain and, in return, is provided with appropriate signals of regulatory compliance. The latter derives legitimacy and market power from state endorsement of competence and is disturbed by audit processes into developing systems of control which, through both internal and external audit processes, can be self-observing. Auditing provides the crucial link in this chain of control, mediating both state and organizational objectives; it faces both ways at once.

Applied to figure 1 the idea of control of control means that the state controls and certifies the external audit process while maintaining its own inspectorial capacity. External audit concerns itself primarily with organizational systems of control, particularly the internal audit function itself. In turn, the internal audit function, which is a 'higher' element of the management system, observes and reports primarily on the operation of that system rather than on the organization activities directly. Finally, the management system of control itself observes the first order activities of the organization itself, made visible to the control system by some form of accounting for performance. The idea of 'control of control' means that auditing processes are more indirect than is commonly imagined; they seek to observe and stimulate the development of control systems and they verify systems' structure and operations. This is effectively the 'observation of arrangements for self-observation' and the 'control of control' structure is implicit in regulatory initiatives in many different areas. The hope is that such an approach will stimulate responsible self-observation and learning by organizations. However, the control of control ideal is often problematic in practice.

First, the form of certification which flows from left to right in figure 1 is low in informational content and deliberately so. What tends to be important is that an audit is done, not what is done. This means that control of control does not necessarily correspond to the openness and transparency that is often claimed for it. Consequently, audits require that auditors are trusted: if audits are to make the practices of auditees acceptable and credible then the auditor must also be a legitimate actor. Hence, the audit explosion has been accompanied by a wave of state sponsored auditor-accreditation initiatives (Gunningham 1993). This has been most conspicuous in the environmental auditing realm, but is also evident elsewhere. The state delegates and certifies auditing competence.

Second, audits are not as neutral in their effects as the idea of observation suggests. Audits 'make things auditable' (Power 1996) because they require individuals and organizations to be made visible in a manner which conforms to the audit process. This means that auditing actively stimulates the development of systems and the related forms of accounting for performance which make the control of control possible. Audit is not just a link in the chain of control pictured above; it actually determines the form of those links. This suggests a close relation between organizational accounts and the forms of auditing which validate them; audit presupposes a domain of auditable facts. In the case of financial audit, these 'facts' have been around for many years and get revealed in the production of financial accounting statements. However, in the UK in the 1980s and 90s audits have functioned for the first time in many organizations where very few formally auditable facts existed. In these cases a control of control structure like that in figure 1 needed to be created and the auditable facts of performance had to be constructed by means of an accounting and control system. Once this structure is in place, audit can function as the control of control. For example, in the case of health care, a control of control structure based on figure 1 can be constructed (see figure 2).
 
Figure 2. The Structure of Medical Auditing
 
 

These different links are becoming explicit, formal and distinct. Historically, the self-observation of medical practitioners was a private, local and ad hoc affair. In recent years in the UK there has been considerable experimentation with forms of clinical accounting and management control systems which would reveal the 'facts' of practice and which would thereby also make medicine auditable. Most non-financial health practitioners understand the concept of medical audit and its variants as this process of accounting. In many instances it is like an internal data gathering exercise in which doctors ask themselves how they can improve clinical procedures. Much of the practitioner support for auditing of this kind is really the local enthusiasm of those who wish to improve practice and audit is the label they choose for this enthusiasm. It is a basis for explicating and improving local procedures, for building group trust and commitment and for providing newly visible facts as a basis for intervention and improvement. In its pure form it is reflexive in Beck's sense and there is a potential for the recognition of self-produced risk in the form of misdiagnosis and patient mismanagement.

Figure 2 suggests that these self-auditing practices make the practice 'auditable' in another important sense: clinical accounting makes the external evaluation of activities thinkable and possible. The structure in figure 2 is still evolving in the medical context and there is still very little systematic knowledge about the effects of external audit on the first order practice or about how local 'self-audits' to the left get coupled to broader programmes for control, supervision and evaluation on the right (Power 1997, chapter 5). In medicine service purchasers have begun to make self-auditing arrangements a contractual condition. Some contracts even require that these local self-audits get externally verified and certified by an auditor in a manner very similar to general quality assurance initiatives, such as ISO 9000. Although many medical practitioners are uneasy about these developments, the control of control structure in figure 2 is becoming institutionalized

The third issue is that, in mediating regulatory bodies, service purchasers and first order organizational activities (producers and service providers), auditing provides a problematic conjunction between different logics: service quality evaluation and cost-effectiveness. Although it is not easy to provide any a priori judgement about the effects of these disparate logics, two points are worth making. First, a logic of effectiveness based on need and one based on economy and efficiency may often point in different directions. In order for audits to manage this potential conflict there must be extensive investment in making these two logics compatible: a cost effective and efficient health service must also be an effective one; superior environmental performance must be made compatible with cost savings for organizations and so on. In short, audits must produce comfort and not conflict. They do this by tending to concentrate on systems values, the next link in the chain of control rather on than first order activities. In short quality is a function of systems rather than the activities which these systems control.

Fourth, the right hand side of figure 1 suggests that state regulators and other bodies are delegating regulatory arrangements and using sub-contracted audit as a basis for maintaining oversight. This is only a slight exaggeration; the rise of audit as the control of control is a challenge to other inspection and assessment type practices which typically attempt direct observation of first order activities. Inspection is becoming more like audit and in many fields it is the arrangements for self-inspection which are being inspected. Forms of self-inspection or self-audit (internal audit) are becoming standardised around a management system which has two faces or surfaces. The inner face corresponds to local needs for systematic knowledge and control; the outer face makes evaluation and audit of the system possible. The outer face provides a basis for certification of internal control systems and is central to the structure of control of control. The management system also provides a 'buffer' between the external auditor and an evidential base grounded in the complex outputs of the audited activity. In this way, external audit which certifies the operation of the system is possible because it is not inspection, because it does not look closely at specific service outputs but only at the operations of the system. The certifying auditor does not, like an inspector, require expert knowledge of the auditee but only a more abstract and portable knowledge of systems (Power 1995).

If this is generally correct, many 'audits' cannot automatically be identified with surveillance and the 'audit society' is not simply a surveillance society (Dandeker 1990; Lyon 1994). Audits may provide images and signs of surveillance but they do not in substance do this; they are a control of control. They operate in the realm of feasible oversight, are cheaper than inspection and often generate symbols or badges of control which are in excess of what they actually do. This is what financial auditors call an 'expectations gap' between what the public and regulators demand (e.g. that auditors detect fraud) and what auditors can really do (review systems for weaknesses). Although financial auditors complain about this expectations gap, they cannot really do without it. Public misinterpretations of the symbols of comfort they provide in audit reports is essential to their market success. The lesson is that the control of control structure of regulation must remain poorly understood because if we cannot know the risks we face, we must nevertheless act as though we do (Douglas/Wildavsky 1982). A particular style of auditing has become institutionalised as a mechanism for acting as if we know the risks we face, for processing and controlling risk and for the production of signs of control. Audits supply images of rational control in a fragmented postmodern world which increasingly produces 'not material objects, but signs' (Lash/Urry 1994, 15) or badges.(4)

Two areas where this style of control of control is particularly evident are environmental auditing and the institutional responses to the risks generated by trading in financial derivatives.

Environmental auditing

In the case of environmental auditing, much regulatory and industry energy has been expended on trying to define what it is and who should do it. These debates reflect competition in the field (Power forthcoming). Whatever else can be said, environmental audit is not inspection and this is one reason why the US Environmental Protection Agency has been cautious in its endorsement of the practice (Bregman/Jacobson 1994, 221). It is not a critical appraisal and reinternalization of environmental impacts; it is conceived primarily as a 'management tool' capable of sending appropriate signals to distant authorities. Environmental audits are essentially a form of control of control in the sense described above. The two prominent schemes which have been developed in Europe are BS 7750 (incorporated into the ISO 14000 series) and the European Union Eco-Management and Audit Scheme (EMAS). Both are voluntary schemes. Although EMAS has more developed reporting implications, both schemes emphasise the importance of a management control system whose operations can be observed. The primary role of the external verifier (EMAS) and certifier (BS 7750) is to attest the proper functioning of the management system, an attention to procedure rather to than the output of the auditee (Simmons/Wynne 1992, 215). Figure 3 provides a schematic overview.
 
Figure 3. Environmental Control of Control
 

Both schemes can be regarded in part as variants of a general model of quality assurance in manufacturing systems. Quality, environmental or otherwise, is not so much incorporated directly into a product or service but into the process which produces them (Brüggemeier 1994, 90). This shift makes possible a style of external auditing as the certification of a quality assurance system rather than of the products and services themselves. The systems emphasis within environmental auditing has been criticised as misleading and bureaucratic, particular by those who favour direct inspection rather than chains of control of control.

Environmental auditing developed in the USA from forms of private self-auditing with the aim of minimising potential liabilities. Now the practice has begun to embrace forms of public disclosure (Bregman/Jacobson 1994, 220) and the environmental audit 'quality' label is a form of certification intended to enhance trust and confidence in the product or service (Simmons/Wynne 1994). The control of control structure of environmental auditing reflects a chain of certification which does not directly and explicitly communicate information but signals it indirectly. Because of this environmental audits have a problematic relation to transparency. They produce a second-hand form of assurance that someone, the auditor, has looked at the service or activity. But this is not a kind of transparency which invites or could stimulate wider discussion; environmental audits are not, and are not intended to be, democratic practices; they may even make auditees less transparent and more obscure to stakeholders (Simmons/Wynne, 1994). At worst the control of control structure insulates the auditee from outside inquiry; it does not stimulate a "careful balancing of arguments" (Royal Society 1992, 166). From this point of view, the question is whether environmental audits are in reality tools of pacification rather than exemplars of 'reflexive modernization'. Much depends on the role of the control of control structure in fulfilling regulatory hopes by stimulating substantive organizational learning and improvements with unequivocal environmental benefits.

Like Beck in his more optimistic moods, Ladeur (1994, 322-3) describes environmental audits in terms of their potential to activate "new forms of self-observation" within a "more flexible 'proceduralized' firm. (...)The main principle of these environmental management systems should be the generation of more risk information." In other words, a procedural internal reorganization of the firm is a precondition of reflexive regulation. The danger is that the re-managerialization of risk through auditing schemes may drift towards values of certification to please regulators and purchasers rather than toward new opportunities for recognising and acting upon the self-production of risk. Such a development may not offer the prospect of a paradigm shift, a new consciousness of self imposed risk. Rather, there is a danger that organizations look increasingly inwards at their structures of risk management, and close off, often defensively, possibilities for greater 'environmental resonance'. This is the main problem with a regulatory style based on control of control.

Financial Derivatives and Risk Management

Risk is conventionally regarded as a measure of the dispersion or variation in the economic returns to be expected on stocks and shares. Diversification is a rational basis for managing and minimising this risk, and this has been formalised in terms of portfolio theory. This theory tells us that rational economic agents who diversify are left only with undiversifiable or 'systematic' risk. The latter is the risk of the market as such rather than the specific share. These market risks appear impersonal relative to individual decision makers; they can be regarded as the environment of their risk calculations. However, even these risks can be 'managed' by the use of derivative financial instruments, derivative because their value is linked to underlying market variables such as the price of a stock, a commodity, interest rates or even a market index. Derivatives have therefore become essential to sophisticated economic agents who wish to manage the risks they face. Financial instruments with contingent characteristics (options) can be used to offset these risks. These instruments can also be used to speculate or bet on changes in the market variables.

The diversification of risk via financial management provides a metaphor for the diversification of responsibility. Individual traders, with the possible exception of the misleadingly titled 'hedge' funds, do not connect what they do with such seemingly systematic phenomena as market volatility, which they experience as external to themselves. In financial markets it is as Beck (1992b) has put it: everyone is cause and effect and thus non-cause and therefore not responsible. However, financial regulatory authorities have a political responsibility for market stability regardless of their actual capability for control. In the 1990s, these authorities have been reacting to the implications of derivatives. In the wake of the recent demise of Metallgesellschaft, Orange County in the USA and Barings Bank there is a conspicuous popular demonology of derivatives: these instruments have been described as an economic 'contagion.'(5) Regulatory anxiety is highest in the case of what has come to be called 'systemic risk'. This is the risk that the whole financial system could be affected 'domino-style' by the failure of a single large counterparty. Individual traders in derivatives principally face two types of risk: market risk that the market variables which define the derivative instrument (e.g. exchange rates, interest rates) may move unfavourably and counterparty risk where, even where the market moves favourably for one party, it has moved sufficiently for the counterparty to be unable or unwilling to pay. The worst case scenario is a system meltdown triggered by counterparty failure and its knock-on effect to compensation and insurance mechanisms.

In the field of derivatives trading, an emerging pattern of control of control is clearly evident. Regulators are engaged in what Luhmann would describe as 'second order observation' i.e. the observation of the manner in which risk calculations are made, of the risk of the 'market risk' calculations by derivatives market traders. Regulatory response is still evolving but conspicuous among the array of tools is the demand for improved 'management systems' for derivatives trading which embody purpose built risk models.(6) A form of 'derivative risk' auditing has begun to emerge which reports on the effectiveness of the risk management system in alerting management to any potential risk rather than directly on the nature of the specific exposures a firm may face. Such a system is very similar in structure to the environmental management systems of BS 7750 and EMAS: there must be a policy, monitoring of compliance with the policy and independent review and audit (Touche Ross, 1994). Once again, figure 1 can be adapted to the case of derivatives management.

Figure 4. Control of control for derivatives trading

As in the cases of medical and environmental auditing, the structure of figure 4 is still developing, but its attraction as a regulatory approach in this context is clear. The intention is that financial organizations are made aware of the self-production of risk to themselves. Self-auditing through 'stress tests' and other forms of systematic knowledge of risk exposure simultaneously control the risk that would be exported to the system as a whole if the organization failed to fulfil its obligations as a counterparty. Auditing is particularly attractive in this context because regulators lack extensive inspection capacity both in terms of knowledge and financial resources. But, importantly, it also provides the system with images of self-control. Auditing makes regulation in this most difficult technical area look possible and, above all, manageable by providing the link between the aspirations of distant regulators and those of profit oriented traders. Financial organizations are coming to accept the merits of risk management systems and the need for structured and timely self-observation as a condition of their survival.

IV

Social theorists, like Ulrich Beck, have identified a number of tendencies within late twentieth century societies. While much has been written about the essential centrifugal and fragmenting forces which operate, relatively little has been written about the growth of compensating structures which seek, in some broad sense, to 'hold things together'. Auditing in North America and the UK fulfils a complex mixture of functions; it is simultaneously a form of a confessional, a method of policing, a stimulus to learning and a public relations exercise. It attempts to offset the decline of a central control capability by the internalization of compliance and control. In this broad sense, audit has become a substitute for law.

At the centre of the audit process is the management system which is conceived as an opportunity both for organizational learning and for compliance with desirable social ends. The idea and practice of a management system internalized by a regulatee is an important regulatory resource. Such a system makes audit feasible both economically and epistemically. In Beck's terms, the 'fissures and gaps' between social and scientific rationality are patched over in the management system and its 'promise of security'. Inspection of outputs might be too costly and may produce awkward conclusions; it also requires the inspector to know something about what is being inspected. The management system provides a surface which makes a certain kind of certification based audit possible; it is a buffer between the auditor and what the organization really does. And the auditor does not want to stray beyond her brief, beyond the comfortable world of the management system and the production of comfort. Audit is a style of regulatory response which restores the mission of regulation; it produces politically important signs of control and of compliance. As part of a chain of 'control of control' auditing provides comfort that the next link in this chain, a control system, is functioning according to its blueprint.

The cases of medical, environmental and derivatives auditing suggest how the internal creation of a management system has become a particular style of risk management. The ambivalence of what audits produce and their lower cost (relative to inspection) is their attraction both to regulators and to auditors since the chain of 'control of control' fragments responsibility. When things go wrong on the right of figure 1 above, such as a financial or environmental scandal, who can be blamed? The question is difficult to answer and financial auditors claim that they are often wrongly accused. The regulatory style which auditing represents cannot unproblematically be regarded as evidence of 'reflexive modernization' in which the self-production of risk is both internalized and opened out to dissenting groups. Audits are generally private affairs and local self-auditing rarely gives rise to greater transparency and participation. Furthermore, auditing is not merely a neutral monitoring device in a chain of control but acts on the next link in the chain to make itself possible. The effects of this kind of auditing remain poorly understood.

In the end environmental 'resonance' in Luhmann's terms may tell us less about the dangers we 'really' face and more about the 'risk experts' and their practices who become trusted (Douglas/Wildavsky 1982). This is long way from the provision of forms of information, either internally or externally, which could generate new conceptions of responsibility, a new self-observation of the self-production of risk. But is there nothing to be salvaged from auditing which suggests the emerging transformations described by Beck? Could auditing actually be a vehicle for a reflexive modernity? The question is whether, for all the problems described above, the control of control structure in all its different forms may nevertheless create the kinds of "social entanglements or commitments" and "regularized forms of openness" (Selznick 1994, 397) which make organizations more sensitive and porous to their environments. Much will depend on whether regulators can stimulate audits which really do mediate between general principles of control and accountability which have a populist basis, and internal procedures capable of uniting technical and moral competence. This is ultimately an empirical question and in this essay I have attempted to temper some of the unguarded optimism and enthusiasm which has accompanied the 'audit explosion.' It should also be remembered that Beck is correct to suggest that the 'institutionalized non-management of problems' is only one more disaster away from abandoning its commitment to the production of comfort