In the wake of the Enron and WorldCom scandals that exposed mass failures by the firms’ accountants, Congress passed a 2002 law forcing auditors to call out significant flaws in their clients’ internal controls.

Seventeen years late, auditors find themselves punished for following that law—not by the authorities, but by the market, according to a study of 13 years’ worth of data from 358 US audit firms. On average, auditors saw a 2.2% drop in their client growth for each flaw they highlighted, while their revenue grew 8% less than competitors who didn’t flag those flaws, according to the paper by University of Arkansas academics Elizabeth Cowle and Stephen Rowe.

As such, auditors are incentivized not to declare clients’ internal weaknesses, since businesses “appear to avoid association with auditors that have a history of being critical of their other clients,” the authors write. Almost half the companies analyzed were part of the “Big 4” accounting giants (KPMG, Ernst & Young, Deloitte and PricewaterhouseCoopers, or PwC).

Ignoring internal controls—which are designed to prevent fraud and ensure financial data is correct—can seriously damage society. Britain felt the sting last year, when massive government contractor Carillion fell apart. The construction firm, which held billions of pounds’ worth of government contracts, collapsed partly thanks to an allegedly “parasitical” relationship with accounting firm KPMG, which prominent MPs said was “complicit” in “signing off on increasingly fantastical figures.”

The firm’s bankruptcy meant tens of thousands of people lost their jobs, and the government had to pay new partners to take on hundreds of empty contracts for crucial infrastructure work. KPMG is reportedly under two investigations by UK financial authorities over its work for Carillion.

Rowe says informal conversations with auditors backed up their paper’s findings. Concern over market retaliation “is already part of the day-to-day calculus of many in the audit profession,” he told CFO Dive.