The board's role
Businesses have entered a new era in terms of how they need to think about strategy as it aligns with the company’s risk profile; the responsibility for challenging whether strategic direction has been appropriately vetted and optimized lies squarely with directors.
Additional Audit Committee Resources
As an audit committee’s responsibilities evolve, it is important for audit committee members to remain up-to-date on the current regulatory and accounting environment and be aware of changes to their responsibilities. Additional resources are provided below to help fulfill those responsibilities.
Audit Committee Resource Guide
Deloitte’s Audit Committee Resource Guide helps audit committee members and management better understand the requirements, roles, and responsibilities of the audit committee. Supporting tools, including a sample charter, a planning tool for an audit committee’s calendar of activities, and a summary of certain leading practices and trends, are also included.
Antifraud Programs and Controls
The audit committee should determine that the company has programs and policies in place to prevent and identify fraud. It should work with management to oversee the establishment of appropriate controls and antifraud programs and to take the necessary steps when fraud is detected. The audit committee should also be satisfied that the organization has implemented an appropriate ethics and compliance program and established a complaint hotline.
Board Evaluations, Education, and Development
There are various approaches to evaluating the board and committee, and each board should use a process that best meets its needs. Beyond the traditional use of questionnaires (self- and peer-rating techniques), organizations may develop metrics for performance or commission an independent review that includes detailed interviews of directors and senior management.
In addition to assessing the effectiveness of the full board and its committees, as required by the NYSE, it may be useful to evaluate the performance of individual members, and to consider whether they continue to have the skills and expertise appropriate to the organization. The results of the evaluation should be one of a number of factors considered when developing the board’s continuing education agenda.
Ethics and Compliance
A factor often cited in governance failures is a poor “tone at the top.” Beyond overseeing and asking the right questions of management regarding an organization’s ethics and compliance efforts, what is the role of the board in building an ethical culture? The federal sentencing guidelines provide a foundation for establishing an effective compliance program, including the role of the board in overseeing and supporting a strong corporate culture.
- Department Of Justice Official Provides Fresh Guidance on What Constitutes an Effective Corporate Compliance Program Copyright © 2014 Morrison & Foerster
- Boardroom Perspectives: Three Practical Steps to Managing FCPA & Anti-Corruption Risks
- Building World-Class Ethics and Compliance Programs
- In Focus Compliance Trends Survey 2014
- How Boards Can Raise the Bar on Ethics and Compliance
- Enterprise Compliance: The Risk Intelligent Approach
Internal Control over Financial Reporting
The audit committee can help in overseeing the prevention and detection of financial statement fraud by monitoring management’s assessment of internal control over financial reporting (ICFR). To oversee ICFR successfully, the audit committee must be familiar with the processes and controls management has put in place and understand whether they were designed effectively. The audit committee should work with management, the internal auditors, and the independent auditor to gain the knowledge needed to provide appropriate oversight.
- Impact of the 2013 COSO Framework © Financial Executives Research Foundation, Inc. (FERF) www.ferf.org
- Heads Up, September 5, 2014: Challenges and Leading Practices Related to Implementing COSO's Internal Control - Integrated Framework
- Audit Committee Brief: The 2013 COSO Framework and the Audit Committee
The NYSE listing standards require audit committees to perform an annual performance evaluation, and this responsibility must be set forth in the audit committee’s charter. The Sarbanes-Oxley Act does not require audit committees to assess their performance, but the legislation itself may be the strongest argument for a robust evaluation process.
Risk oversight has taken on increased importance not only for audit committees, but for full boards. Many boards are reconsidering the risk governance structure and which committees have the expertise to oversee particular risks.
The SEC requires disclosure regarding the board’s role in risk oversight. Examples include whether the entire board is involved or whether risk oversight is executed by a particular committee, and whether the employees responsible for risk management report directly to the board. The SEC considers risk oversight a key responsibility of the board, and this disclosure will improve investors’ and shareholders’ understanding of this role.
- Reputation Risk: As a Board Concern
- Creating Value from Risk
- For Audit Committees, a Growing Role in Cybersecurity
- As Risks Rise, Boards Respond: A Global Vew of Risk Committees
- Stronger: OCC's Heightened Expectations: Enhancing Risk Management and Driving Growth
- Risk Intelligent Governance: Lessons from State-of-the-Art Board Practices
- Risk Intelligent Proxy Disclosures - 2013
- Risk Transformation in Financial Institutions: Aligning Risk and the Pursuit of Shareholder Value
- Exploring Strategic Risk: 300 Executives Around the World Say Their View of Strategic Risk is Changing
- Cultivating a Risk Intelligent Culture: Understand, Measure, Strengthen, and Report
Life at Deloitte
People make Deloitte one of the best places to work. What’s great about the people? That’s an easy answer. They are exceptional. Each person is unique and valued for that, among the best and brightest in the business, and takes pride in his or her achievements and the success of others.