Audit Committee Fundamentals Guide

The Audit Committee Fundamentals Guide was created for Corporate Board Member Network with content provided by PwC’s Governance Insights Center. The variety of topic areas, high volume of information, and ever-changing regulatory environment can make it challenging for audit committee members to stay abreast of the numerous topics which they may be called on to offer oversight.

PwC’s Governance Insights Center strives to educate on timely topics relating to audit committee purpose, responsibilities, and associated subject matter. Whether it relates to the charter of the audit committee, oversight of financial reporting, monitoring compliance and accounting policies, dealing with investigations, or topics relating to overseeing internal and external auditors, this content provides guidance and insights on audit committee essentials.

GUIDE NAVIGATION

Audit Committee Responsibilities and Requirements

The primary role of the audit committee is to ensure the integrity of the company’s financial reporting, audit process, and system of internal controls, disclosures, and compliance with laws and regulations.

The rise of the audit committee in scope and responsibility began occurring immediately after the passage of Sarbanes-Oxley in 2002, when all eyes were focused on the ways in which boards provide checks and balances on financial reporting and risk oversight. Today, audit committees play a vital role in the capital markets’ investor protection framework through their oversight of the internal audit function, external audit engagement and the company’s financial reporting process, as well as increasingly being tasked with enterprise-wide risk management.

The primary role of the audit committee is to ensure the integrity of the company’s financial reporting, audit process, and system of internal controls, disclosures, and compliance with laws and regulations. Both NYSE and NASDAQ listing requirements require that audit committees be composed of no less than three independent members. The exchanges require members to be financially literate but their definitions and specific requirements differ slightly.

Audit Committee Effectiveness

Regulatory mandates, investor expectations, and workloads continue to expand. How will your audit committee meet the demands?

Today’s boards are increasingly being asked to up their game—by regulators, investors, and proxy advisors. Audit committee workloads are growing and often include overseeing complex areas such as cybersecurity and elements of ESG. The entire board relies on the hard work of the audit committee to meet its overall objectives. But many audit committees are asking whether they have the right approach to meet these demands.

Audit committees need to find ways to meet the heavy burden of regulatory mandates, keep up with increasing stakeholder expectations, and find time for unforeseen issues. Here are some ideas for the audit committee chair to build the right audit committee and keep members performing at a high level.

Board of directors

Oversight of Financial Reporting

One of the audit committee’s most critical functions is the oversight and review of financial reporting which requires the critical review of voluminous documents filled with complex accounting and reporting matters.

Complex accounting and reporting matters

One of the audit committee’s most critical functions is the oversight and review of financial reporting which requires the critical review of voluminous documents filled with complex accounting and reporting matters. Whether or not you’re a financial expert, you should understand the basic components of the company’s financial close process and the key financial reporting matters and related judgments. For public companies, that includes the quarterly Form 10-Q and annual Form 10-K filed with the SEC and also the earnings release, which may not be filed concurrently with the 10-Q and 10-K.

Non-GAAP measures

More than 20 years after the dot-com boom sparked a proliferation of non-GAAP financial measures, they continue to expand and remain an important part of the financial reporting process. The measures can play an important role in showing a view of the company’s financial or operational results to supplement what is captured in the financial statements. Non-GAAP measures adjust a company’s operating performance, financial position, or cash flows by excluding or including amounts from the most directly comparable GAAP measure. They can help management tell the company’s story to users of the financial statements that gives a view into the company “through the eyes of management.”

Overseeing Taxes

Complexity and change continue to make corporate taxes a top agenda item for business leaders and boards. Is your board ready for the challenge?

Global tax is an area of fast-paced change, uncertain outcomes, and complex judgments. It’s a challenging area for audit committees to oversee. But understanding the company’s position, risk profile, and risk management approach in the evolving global tax landscape is critical to your oversight role as a director.

Oversight of Internal Audit

The audit committee is a key player in ensuring the internal audit function is high-performing, effective, and viewed as an important part of the organization. 

As audit committees face a wider range of business risks and increased expectations from stakeholders, many audit committees are turning to a particular resource—the internal audit function. Internal audit (IA) can be viewed by committee members as an objective insider— one that can serve as their eyes and ears.

Maximizing the value proposition of the internal audit group is an effective way to help audit committees address their risk oversight responsibilities. But getting internal audit’s full value requires focus and attention. It requires the audit committee to reflect on what it needs and to be direct with internal audit. Here, we outline how audit committees can get the most out of internal audit and give insight into areas where committees might need to increase their expectations about what they can get from the function.

Oversight of the External Auditor

External auditors play a key role in helping audit committees address this responsibility. Audit committees will want to ensure they have a robust oversight process in place to get the most value from the external auditors.

The fundamental responsibility of the audit committee is to oversee the integrity of the company’s financial reporting. External auditors play a key role in helping the audit committee discharge this responsibility.

SEC rules require the audit committee to be directly responsible for appointing, compensating, retaining, and overseeing the work of the external auditors. This makes the relationship between the audit committee and the external auditors important.

Oversight of Risk

The board’s risk oversight role is a critical one. It can bring tangible value to a company and its shareholders both in times of crisis and when things are just business as usual. It starts with understanding the strategic direction of the company and considering the broader stakeholder perspectives and competitive landscape. 

We’re living in an era of unforeseen events that give rise to risks, including geographic conflicts and a “black swan” event—something so unpredictable that it’s not on anyone’s radar—a global pandemic with far-reaching economic and social consequences. While a company can’t always anticipate what might be around the corner, strong risk oversight by the board can help the company respond with more rigor and agility. The number and types of risks the board oversees continue to grow, even as their nature changes. Some become more likely as businesses are more interconnected. Some are likely to impact just a certain area of the business. Others could severely impact the entire brand.

Oversight of Cyber Risk

Cyber risk management is no longer just about preventing breaches. A good program can also help companies get back on their feet and mitigate financial and reputational damage when a breach occurs. How do you know whether your company is doing all it should?
Addressing cyber risk is a challenge for nearly any company and its board. Cyber is a complex, technical area with emerging threats occurring almost weekly. Most board members are not cyber experts, yet boards have an obligation to understand and oversee this significant risk. They need active engagement with leadership, access to expertise, and robust information and reporting from management.

Oversight of ESG

Because ESG encompasses strategy, risk, and opportunity, the board plays a vital role. But ESG is a broad topic, and the board should consider assigning various aspects of oversight to specific committees.

In recent discussions about environmental, social, and governance (ESG) issues, large institutional investors have been the loudest in the push for greater corporate transparency. Investors want to know how companies are addressing ESG risks and opportunities because of their potential impact on shareholder value. They are using the ESG information offered by companies in their investment process and decision-making. Environmental issues such as climate change and social issues such as racial injustice and inequality can affect a company’s cost of capital, long-term growth prospects, and ultimately, its viability. 

Response Readiness

The reality is that most companies experience a crisis at some point every few years. And being prepared for a potential crisis can be challenging. The stakes are high and the number of potential scenarios seemingly endless. However, having a structured process that is tested regularly can provide confidence to those tasked with crisis management response oversight.

Overseeing internal investigations

Whistleblower tips to the SEC continue to rise. They typically lead to some level of investigation. Investigations can be lengthy, stressful, and costly. Audit committees often play a critical role overseeing investigations from start to finish. Are you prepared?

Being prepared for a crisis

Companies are being battered by all types of crises, and they have to be ready for when the next one comes along. Directors can help by digging into the crisis preparedness plan and pushing for improvements.

Boards will want to ensure that management is ready to handle a crisis—before, during, and after it occurs—whatever the crisis event might be. Here, we’ll cover the key areas that should be addressed when considering your company’s preparedness.

Conclusion

The audit committee has many important responsibilities within the board—not least among those being financial reporting and risk oversight. These two alone can include complex topics that require focused preparation and deep discussions.

The last few years have seen several accounting standard changes and significant tax reform, undoubtedly leading to more discussions within the audit committee. The focus on the audit committee’s risk oversight role continues to increase—institutional investors want to know more about what the audit committee is doing. Including how prepared they are for a potential crisis.

On top of these “core” responsibilities, some audit committees are being tasked with oversight of new and emerging areas. Given everything the audit committee is tasked with overseeing, how members organize committee agendas, meetings and executive sessions are key to maximizing their time together.

ABOUT US

Corporate Board Member, a division of Chief Executive Group, has been the market leader in board education for 20 years. The quarterly publication provides public company board members, CEOs, general counsel and corporate secretaries decision-making tools to address the wide range of corporate governance, risk oversight and shareholder engagement issues facing their boards. Corporate Board Member further extends its thought leadership through online resources, webinars, timely research, conferences and peer-driven roundtables. The company maintains the most comprehensive database of directors and officers of publicly traded companies listed with NYSE, NYSE Amex and Nasdaq. Learn more at boardmember.com.

Chief Executive Group exists to improve the performance of U.S. CEOs, senior executives and public-company directors, helping you grow your companies, build your communities and strengthen society. Learn more at chiefexecutivegroup.com.

pwc

PwC's Governance Insights Center

PwC’s Governance Insights Center supports you with the governance knowledge to answer tough questions and tackle complex challenges. We engage with boards of directors, investors, and executives, offer forums on critical current issues, share leading practices and insights, help directors comply with evolving expectations and regulations, and strengthen the bridges between investors, corporate directors, and management.

Learn more at: pwc.com/us/GovernanceInsightsCenter