Dealing with Overlaps in Board Audit and Board Risk Committees
In the course of their work all board committees will inevitably reach points where they find their work intersecting with the work of other board committees. All of them – including the audit, risk, compensation, nomination and governance – have interlocking goals which are aimed at achieving the ultimate objectives of their organisation. Sometimes, however, clarity may be needed about who should be undertaking what, but there should be clearly defined roles for the respective committees and their members to help them fulfill their responsibilities to the organisation as a whole.
In today’s environment, this means not just the organisation’s shareholders, but alsoits stakeholder groups – management, employees, regulators and the community at large – as well. What is needed for the effective engagement and performance of Board Audit Committees (BACs) and Board Risk Committees (BRCs) is the clear delineation of their roles and responsibilities. This will allow the proper discernment of overlaps or duplications, and the process of addressing these can be better managed.It is important to ensure that everyone is on the same page about this; clear, concise communication is essential.
Traditionally, the BAC looks into financial and non-financial matters within the parameters of internal controls, processes and systems of the firm, to provide reasonable assurance that controls, processes and systems that have been put in place are functioning as required, and comply with the applicable codes of business conduct and current regulatory requirements. The BAC almost always has a lot on its plate but in recent years this has increased due to business and market dynamics. This has made it necessary for the BAC to be as constantly risk-awareas the BRC.
The BRC, on the other hand, focuses primarily on risk as it must deal with this at strategic, operational and management levels in its efforts to support the achievement of the organisation’s goals. Where its role may intersect with the BAC’s is its constant quest for up-to-date, reliable data which is integral to decision-making. It derives this through the careful monitoring of risk and identifying significant incidents and trends which may indicate areas that need attention. Another area of shared focus is the organisation’s corporate governance although again, their respective approaches may vary depending on what their board-mandated roles require.
While the BAC almost always audits the organisation’s corporate governance process as part of its regulatory compliance work, the BRC needs to be satisfied that the corporate governance mechanism is functioning properly, in order to balance out risk and opportunity for the firm. But BAC and BRC roles overlap when it comes to the data required to make these assessments; data which is provided by management. Members of both committees therefore need to be sure that their data is reliable, aligned and up-to-date as it must support the board’s decision-making. Ideally, both committees should operate independently of each other but in reality, this does not always happen.
There may not be enough members on the board to provide the necessary number of committee members for optimum effectiveness, for example, or the members available may not have the necessary skills. It cannot be denied that a diverse range of professional expertise, experience and competency is required to function effectively, in addition to in-depth knowledge of the respective industries, to provide the prerequisite oversight. Overlaps in areas of expertise may occur when the BAC and BRC have to deal with internal or external issues relating to risk management policy.
But overlapping responsibilities don’t always result in negative outcomes, nor do they decrease the efficiency and effectiveness of the committees. What is important is that committee members understand their roles and responsibilities, are suitably equipped for them, and are appropriately focused on deriving maximum benefit for the organisation.