Annual reports are fast becoming the dustbin for every imaginable corporate risk. This presents a number of headaches for audit committee chairs as they seek to produce accounts that are true and fair, while still meeting expectations on compliance, bribery, culture and business model disruption.
Given the scope of what needs to be covered, keeping a sense of direction and purpose can be tough. Scott Knight, Head of Audit and Assurance at BDO, comments: “The audit committee must not simply respond to management and the auditors, or just edit the debate in some way. They need to control the agenda, even if some of it is merely putting a marker in the sand and saying: ‘Right, this issue is important but we will come back to it in a year’s time.’”
John Allkins, who is Chairman of the audit and risk committee at Punch Taverns, and Non-executive Director at Renold, Fairpoint and the Sweden-based Nobina, says: “The audit committee chair needs to be able to run a process that enables everybody to have their say, even if they are not the ‘financial experts’…. Provided each person can contribute, the committee will arrive at the best answers.
“That committee as a whole should talk to management, advisors, internal and external audit – and actuaries, if pensions are a big issue for a business.”
On the table
The pressure is mounting on audit committees to show a greater degree of scrutiny, notably in light of substantial EU audit reforms. Tom Beedham, Director of Programme Management at Criticaleye, comments: “When a public interest entity runs aground, accusations will inevitably be levelled at the non-executives about how they allowed a crisis to occur.
“Such criticism is justified if NEDs categorically fail to ask pertinent questions to both the CEO and finance director, not to mention each other.”
It means holding a wide range of conversations. John says: “I like to communicate beyond the normal committee members, including the CEO and CFO. I will talk to the head of internal audit, the financial controller, and the company secretary, who will be involved with issues like whistleblowing and bribery. That way, you tend to get a total view of the business.”
The axis between finance director, auditor and audit committee chair is vital. Theresa Wallis, Non-executive Chairman at medical devices company LiDCO, says: “In a small company, the auditors will speak with and see the finance director and finance department on a fairly regular basis. Given this, it is important for the chairman of the audit committee to also make time to establish a relationship with the audit partner.”
Andrew Walker, Chairman of the audit committee at Plastics Capital, says that it requires “people who are numerate and fully understand the class of business they operate in – things become unzipped when there is a lack of understanding of the real financial risks”.
If you are questioning these matters, such as capitalisation of development costs, you should expect pushback. “You need to be quite sure of your ground in order to be resolute; these are the crunch times when the audit committee earns its crust,” adds Andrew.
Seeing the wood for the trees
Aside from regulatory change and an expanding risk register, the biggest shift for audit committees relates to data and analytics. Scott from BDO says: “We have probably seen more innovation in audit in the past three years than over the last 20. It is changing the way audits are done, such as removing sampling so you can look at entire populations.”
At present, some committees lack expertise about how to use this information while also maintaining a healthy degree of scepticism. Scott warns: “There is a risk that audit committees can take false assurance. While an auditor might be able to scan ten thousand invoices a minute, this technology won’t be able to tell whether it’s a fake invoice or the real thing.
“Equally, the audit firms have very sophisticated tools looking for outlier type journals but if the general IT controls are weak, say around password security, then it is impossible to tell who is really posting those journals.”
It is essential for committees to be comprised of individuals who understand the different pressure points within an organisation. Theresa states that “you need people who are independently minded and are prepared to think carefully about the judgements that need to be made, who proactively ask good questions and don’t just accept the recommended approach”.
According to Tom at Criticaleye: “It is the responsibility of the chairman of the audit committee to ensure everyone understands their responsibilities and feels able to raise issues they believe are important.
“Without the right degree of openness, an audit committee can quickly become blinkered to the financial, operational and strategic risks within a business.”
In the current environment, no company can afford to have its board of directors behave like nodding dogs.
These views were shared during Criticaleye’s Global Conference Call, How To Create an Effective Audit Committee.
Don’t miss next week’s Community Update, which provides an outlook on the retail sector.