Every new year brings with it new challenges for U.S. corporations, and 2017 is no different. For audit committees, and the audit committee chairman in particular, anticipating which issues are most in need of attention, along with those that will prove to be the most pressing down the line, requires a combination of planning and foresight. It’s up to the audit committee chair to set the stage for the company’s financial success, and the best way to do this is to implement a customised strategy for the months ahead.
While this strategy may differ from one chairman to the next, depending on each committee’s priorities, current external trends make all of these issues a worthy addition to this year’s agenda.
1. The Evolving Economic Environment
The beginning of 2017 has been fraught with change, and as we explored in our white paper on board decision-making in a turbulent political climate, the effects of this trend on business strategies and macroeconomics are ongoing. With economic uncertainty comes risk, and when an audit committee has been tasked with risk oversight responsibilities, assessing the current business environment and its potential impact on the enterprise and its corporate strategy becomes paramount.
For Corporate Compliance Insights, a forum devoted to corporate governance and related topics, the evolving business environment and the ways in which it stands to alter financial reporting tops the list of major considerations for this year. “New technologies (think ‘digital revolution’), global competition, volatile markets, mergers and acquisitions, regulatory developments and the threat of emerging and disruptive risks are altering risk profiles and adding uncertainty about how to confidently face the future,” wrote Jim DeLoach, managing director with global consulting firm Protiviti.
DeLoach stressed that audit committee members must understand all relevant changes and the degree to which their company is prepared to manage them — a point that’s particularly germane to the audit committee chair, as market-related issues can influence accounting estimates, asset valuations and more. “Ideally, the audit committee should take a look at the company’s risk profile at least annually to provide a business context for discharging its specific responsibilities,” DeLoach said.
2. Emerging Technology and Cybersecurity
In terms of priorities, the digital revolution cited by DeLoach is in a class by itself. As the technologies businesses and consumers rely on become more complex and connected, audit committee chairmen must ask themselves how their companies will fare. Is wearable technology an opportunity, or a risk? Does the Internet of Things (IoT) have the potential to expand a business’s market share, or make the enterprise more vulnerable to a cyberattack?
AT&T’s recent Cybersecurity Insights Report revealed that it’s in every company’s best interest to be prepared. Its research concluded that:
- While 85 percent of companies are considering or implementing IoT technology, only 14 percent have a formal audit process in place to keep tabs on device volume and security.
- Just 17 percent of companies collaborate with their board of directors when addressing IoT security, but 96 of those that do “felt confident in the security of their connected devices.”
What’s more, cybersecurity research company and publisher Cybersecurity Ventures reported that cybercrime is expected to cost global companies upwards of $6 trillion annually by the year 2021. “In the past two years, we have seen a massive upswing in hackers breaking into some of the most highly secure corporations and stealing financial data, intellectual property, and very sensitive personal information — and it seems to be growing exponentially,” Tyler Cohen Wood, a cybersecurity expert with AT&T, said. “We are at a critical point in cyber warfare.”
Keeping abreast of digital transformation, and its rapidly diversifying collection of threats, may require a lot of energy, but emerging technology also brings with it a wealth of new business possibilities. In fact, global management consulting firm McKinsey & Company’s research into potential IoT applications estimates that by the year 2025, the Internet of Things will have a potential economic impact of more than $11.1 trillion per year.
Where does the audit committee fit into this opportunity? “An internal audit function can advise management on the importance, benefits, and competitive edge that the IoT can bring to the enterprise,” Jose Tabuena, a compliance officer and author with corporate governance resource Compliance Week, wrote. “…With the risk management function they can assist in facilitating risk assessment sessions with management and perform research to understand how the IoT can be used within the organization’s specific operating environment.”
3. New Accounting Standards
We’re just months away from the amended revenue recognition standard from the International Accounting Standards Board (IASB) and the Financial Accounting Standards Board (FASB). This new accounting standard will influence revenue reporting related to contracts from customers and vendors and will take effect in early 2018, putting this issue top of mind for audit committee chairs.
As global business advisory firm KPMG‘s Audit Committee Institute pointed out in a paper titled On the 2017 Audit Committee Agenda, “The new standard will require companies to apply new judgments and estimates, so audit committees will want to inquire about the judgment and estimates process and how judgments and estimates are reached.” Just how recognising and reporting business results in accordance with recent amendments impacts companies will vary, potentially influencing everything from internal controls to business processes, financial statements, and the way in which investors evaluate a company’s performance and value. Still, audit committees are well-advised to prepare for the transition early on.
Many companies aren’t there yet. The results of a 2015 survey conducted by PricewaterhouseCoopers (PwC) found that, “Many companies do not yet have a clear understanding of how the new standard will impact their organization.” At the time of the survey, only 48 percent had started — but not completed — an impact assessment.
About half of the survey’s respondents said that they didn’t expect the new standard to “have a material impact on their companies’ income and/or balance sheet,” and only 9 percent were planning to adopt the standards prior to 2018. This attitude, along with a failure to explore the new standards in-depth, led PwC to speculate that companies were underestimating its significance.
“It is risky to assume that the new standard will not have an impact on financial statements,” the company said. Thus, audit committee chairs should refocus their energies and make the new revenue recognition standard a top priority. When it comes to the potential ramifications of the new standard, accounting is “just the tip of the iceberg,” noted PwC.
4. Fraud Risk Factors
No one likes to consider the possibility of fraudulent financial reporting, but the fact remains that financial statement fraud requires constant vigilance. It’s up to the audit committee chair to look for warning signs, as well as to implement effective strategies to dissuade premature or overstated revenue, understated operating expenses and the like.
Not only should fraud risk assessments be conducted on a regular basis, but the audit committee chair should ensure that anti-fraud controls are operational, and collaborate with executive management when cases of fraud are suspected or identified.
This is no small feat, but given its pervasiveness, this subject requires careful scrutiny. There have been countless cases over the years in which audit committees failed to prevent accounting fraud. In its 2016 Global Fraud Survey, business management consultancy Ernst & Young found that 42 percent of survey respondents believed they could justify unethical behavior if it meant meeting financial targets.
Ernst & Young recommends that audit committees refer to the “fraud triangle,” described as the three factors that usually accompany fraud: incentives or pressures, opportunities and attitudes. To minimize these factors, audit committee chairs should prioritize understanding all fraud risks and discussing these with other committee members; keeping an open line of communication with management; and creating a corporate culture that radiates honesty. Whether they’re accidental or malicious, fraud and corruption pose a real threat to company profitability.
5. Shareholder Engagement
The Center for Audit Quality (CAQ)’s 2016 Audit Committee Transparency Barometer revealed a noteworthy trend: since 2014, public company audit committees have been increasingly disclosing key information ranging from external auditor appointment to tenure of audit firm engagement, how engagement partners are selected, and the criteria for evaluating the external audit firm.
Based on 2016 data, the CAQ reported that it believes “audit committees are responding to increased interest by investors, regulators, and other stakeholders in their roles and responsibilities by providing the marketplace with more meaningful information about the audit committee’s role in external auditor oversight.” And while this may be happening in part because of pressures tied to shareholder activism, such enhanced disclosures go a long way toward building shareholder trust.
Understandably, shareholders look to companies to provide them with the information they need in order to make a calculated investment. They expect a certain level of transparency. While an audit committee may currently be fulfilling its responsibilities, it behooves it to appraise existing disclosure practices and identify areas that could benefit from improvement. Doing so can positively impact shareholders’ engagement by demonstrating their commitment to adhering to corporate governance best practices.
Setting and maintaining an agenda throughout 2017 could go a long way toward helping audit committees meet responsibilities related to financial reporting and disclosure and internal control, while also maximising and managing opportunities for positive reform. In the months to come, they’re sure to prove vital to the ongoing evolution of financial reporting and auditing.
December 28, 2020
What Role Does the Board Play in Business Continuity Planning?
Continuing in the face of adversity has been the dominant theme of the past year. When the scale of disruption caused by COVID-19 became clear, businesses worldwide were forced to adapt rapidly to the restrictions that came into force overnight. While many organisations have business continuity plans designed to keep…
December 21, 2020
Business Continuity Plan Maintenance: A Step-by-Step Guide
A business continuity plan (BCP) is a living, evolving document. Designed to be activated when unplanned disruption strikes, it must be flexible enough to guide actions regardless of the specifics of the situation. In a fast-changing environment, business continuity plan maintenance is an essential part of the business continuity programme…
December 8, 2020
Board Meeting Minutes Best Practices and Guidelines
Guidelines for Board Meeting Minute Taking In order to keep the courtroom from invading the boardroom, the most basic rule is, “saying less is often better,” warns the London-based law firm Bricker & Eckler in a recent note. “Today’s business climate places heightened…