Assessing Audit Committee Effectiveness
By Alan Markowitz, Partner – Assurance Services
Audit committees play a crucial oversight role within any company. The audit committee can be a tremendous assistance to the board in establishing, implementing, monitoring and sustaining good corporate governance for the benefit of the Company and its stockholders. The responsibility for assessing the audit committee’s effectiveness is gaining greater importance. The assessment of the audit committee’s performance and effectiveness is best achieved through a self-assessment process, with the results being submitted to the full board for review and follow-up. This process should be performed at least on an annual basis. The Company’s board of directors should also share in the responsibility for this process. Its charter should indicate that all of the board’s committees should evaluate their effectiveness. Further, the approach should be agreed to by the board and committee. In assessing the committee’s performance, two fundamental questions should be answered;
- Is the committee satisfied that it has effectively fulfilled its responsibilities as set out in its charter?
- How can the committee improve its operating effectiveness and efficiency?
This process even in times of growth and stability is not a simple matter for an audit committee. Add in the global recession, uncertainty in the markets, sweeping regulatory reforms and expectations by investors and regulators for transparency and accountability it is becoming a daunting task. The 2010 Report of the Blue Ribbon Commission on the Audit Committee offers practical perspectives, suggestions and leading practices on what makes an audit committee effective. In this report, it offers ten principles to help guide audit committees in their oversight role which are;
- Be proactive in focusing the agenda on what’s important and make the most of audit committee meetings. The challenges of the recent economic times, whether being the access to capital, cash flow, impairments, etc have dominated audit committee agendas. With signs of recovery the committee should focus on key reporting risks. The committee should ensure that the agenda addresses issues that require the audit committee’s attention and keeps it focused on its primary oversight responsibility. To improve the efficiency of meetings, materials should be received in advance; less time should be devoted on low-value or checklist activities and engage in discussion rather than listening to presentations. Compliance activities should not dominate substantive discussions. This can be accomplished by separately identifying items which are applicable for a “consent agenda”, so they can be handled without discussion.
- Insist on transparency, both internal and external amongst the audit committee, management and internal and external auditors. Candor is tremendously important to the audit committee in its oversight role. That is why executive sessions are now standard procedure for committees. They provide a forum for open discussion without members of management present. In these sessions, committee members should pose questions to elicit concerns about management, auditor competency, resources, as well as general concerns about financial-reporting and control issues. It allows committee members an opportunity to discuss difficult issues.
- Focus closely on external financial communications. This process goes beyond the 10-K and 10-Q’s but to the earnings releases and analyst calls since they contain important business information. Engage early in reviewing the proxy disclosures, particularly the new disclosures regarding risk, compensation and corporate governance. Understand the Company’s policy regarding the use of the new social media of Twitter and other networks to reach investors and customers. The committee should assess how management is addressing SEC’s calls for transparency and improved disclosures about the on-going effect of the economic environment of the Company, in particular its impact on operations and business risks (e.g., restructuring activities, liquidity disclosures) and the need to consider foreshadowing disclosures (e.g. “early warning” about future impairments).
- Question the continuing validity of key assumptions that underlie critical accounting judgments and estimates and be current on key financial-reporting issues and developments affecting the company. These issues can include such areas as fair value, impairments, going concern considerations, tax valuation allowances and pension funding shortfalls. Also the committee should be aware of new financial reporting developments including IFRS or transfers of financial assets. At each meeting, the committee should dive into a specific financial reporting development impacting the company.
- Assess the audit committee’s role in the oversight of risk management with an eye to clarifying the scope. The tremendous focus on risk today and the SEC’s new rules requiring disclosures about the board’s role in risk oversight is an opportunity for the board to reassess the role of the audit committee (and the full board and other standing committees) in overseeing risk. A determination should be made whether the audit committee has the expertise and time to deal with strategic, operational and as well as other risks. Along these lines is the expertise of other board members being leveraged especially since audit committees tend to have their plates full with oversight of the financial reporting risk.
- Set and manage clear expectations for external and internal auditors. The committee should help to refine the internal audit’s role and focus internal audit’s activities on key areas of risk, as well as risk management. Internal audit should not be accountable or responsible for risk management but it should provide added assurance regarding the adequacy of the company’s risk management processes. Internal audit is most effective when it is focused on risk. Ensure that the internal audit plan is risk-based and focuses on the critical risks to the business and not just compliance and financial risks.
- Make sure the chief financial officer and the entire finance organization, as well as internal audit, have what they need to succeed and be sensitive to the strains on these organizations. Cost cutting has been a key response of most companies to the economic crisis. Every board and audit committee member should be asking whether the cost-reduced model can be maintained and what is its impact on the control environment?
- Assess the tone at the top and throughout the organization, including the effectiveness of compliance and anti-fraud programs. The economic crisis continues to put pressure on management to achieve operating results simultaneous with cutting costs and reducing the workforce. A comprehensive review of the company’s anti-fraud and compliance programs, including its Foreign Corrupt Practices Act compliance program may be in order. The right tone at the top and throughout the finance organization is critical.
- Help to link the change and risk management and monitor critical alignments. Change creates risk. During times of dramatic change, the risk of misalignment of the company’s strategy, goals, risk, controls and compliance increases substantially. Given the audit committee’s role in overseeing risk, internal controls, compliance and ultimately the impact of significant changes on the company’s financials, the committee is in a unique position to help to alleviate the risk of misalignment.
- Take a hard look at the audit committee’s effectiveness including its composition and leadership and find ways to continuously improve. The audit committee’s effectiveness and accountability hinges on meaningful self-assessments of the committee as a group as well as individual members. Take a hard look at the committee’s composition, independence and leadership. Audit committees must be accountable for their actions and should report regularly to the chairman of the board. They should continually assess their performance and improve their effectiveness.
In summary, an audit committee can be a critical oversight mechanism, but to be successful, each of its members must devote the necessary time, educate themselves, be demanding and diligent and insist on timely and appropriate information and responses from management, internal and external auditors.