The audit committee is both a hard act to establish and follow. Imagine having to go over every procedure, process and system in minute detail, looking for irregularities; reviewing findings of investigations into failures of internal controls; and constantly trying to ensure everything is operating as it should be. Whatever the audit committee undertakes, and how it operates, will impact the organisation; audit committee and firm performance are inextricably linked. It is to the advantage of the firm, therefore, to ensure that the audit committee is empowered to carry out its tasks – and this starts at Board level.
Policy, skills, and training
Boards may have the numbers for committee membership, but members may not have the correct skill sets for the respective committees. The audit committee’s job is to monitor the internal control processes by which the organisation functions and ensure that they are adequate, in compliance with regulatory requirements and fit for purpose. This includes the organisation’s risk management processes and procedures as well. Training may be necessary to bring members up to speed; facilitation skills are a prerequisite, as are communication abilities. There should also be clear policy that dictates the extent of its authority, from the outset.
Being empowered by the Board, audit committees may request any information required from any department or employee at any level. Management and employees are expected to comply with all audit committee requests, and implement or carry out its directives. Auditing is work that requires knowing how to go beyond just ticking boxes. In the course of its work, the audit committee will inevitably need to assess, monitor or manage risk. Its members will require the necessary skills for this. Committee members therefore need to have an understanding of the key risk areas of the organisation, in addition to professional scepticism and intellectual curiosity.
Objectivity, professionalism, accountability
They also need to be good listeners and be able to make balanced decisions while maintaining objectivity and professionalism. Being able to ask the right questions is important; for this, a thorough understanding of the business as well as the organisation’s culture, is necessary. An empowered audit committee which is working as intended, enables the Board to function at optimum levels and be fully accountable. Investors and shareholders inevitably look for accountability; they consider management to be accountable to the Board, and the Board to be accountable to them. The Board, in turn, is fully accountable and needs to exercise appropriate oversight over the organisation.
This can only be done when all audit committee roles are appropriately undertaken, and the organisation’s corporate governance system is in place. Good corporate governance starts with the audit committee; it sets the standards that the organisation should follow. As it works towards improving accountability and performance, the audit committee may find itself dealing with growing oversight of the organisation’s key risks such as large-scale IT projects or cybersecurity perhaps, where its expertise is limited. In situations like these, the audit committee should consult with external experts with more knowledge of the matter.
Ethics, integrity, balance
Having an “outside eye” helps when greater care needs to be taken, as committee members who are too close to the subject may not be aware that something has slipped through the cracks. The mandate of the Board should empower the audit committee to do this. In the course of their evaluation of practices, processes and procedures, audit committee members may also become involved in whistle- blowing cases. Part of their role involves ensuring that the whistle-blowing process is ethical, and all parties involved are given fair, balanced treatment. Corporate whistle-blowing is part of corporate transparency, and good corporate governance.
An empowered audit committee will not shy away from challenging existing practices, processes and procedures if, after performance evaluation, any of these are realised to be hindrances rather than a help to the organisation. The process of data gathering cannot be underestimated in the course of establishing an empowered audit committee. But while asking the right questions may elicit responses, they also need the ability to discern the integrity of the data and robustness of the information they receive. Sometimes they have to listen to the things that are unsaid, rather than the obvious. A good working relationship with management at all levels is always a plus.
Personal traits matter
Members of the audit committee will have an advantage if they are perceived as approachable and willing to listen. One particularly thorny area may be the organisation’s internal audit function itself, which may not have the right personnel or staff with the right skill sets to perform effectively. The audit committee and internal audit may find themselves in a very awkward position. The audit committee should be a platform for open discussion so that a culture of learning from experience, rather than one of blame, can be developed. Involving senior management in such discussions could help create a more transparent environment, and improve engagement with the firm’s stakeholders.
Most members already have prior commitments when they are appointed to the audit committee; they may not be able to spare as much time as required by audit matters. Planning ahead of committee meetings is always helpful; being prepared with up-to-date reports and details of essential matters for discussion greatly expedites the work of the committee, and assists its decision-making. It may not be obvious from the outset, but the efforts that an organisation makes in establishing an empowered audit committee may result in governance that is more transparent and robust – and not just for the sake of compliance.
