Complexity and risk are typical audit committee fare. A changing business and risk environment, constantly being reshaped by technology and digitization, globalization, increased regulation and enforcement, and expectation for greater transparency, continues to raise the bar on audit committee oversight and board governance.
To hone in on these pressing challenges facing audit committees, KPMG’s Global Audit Committee Survey[1] captured the views of some 1,800 audit committee members around the world – on issues ranging from financial reporting and disclosures, audit quality, and oversight of internal and external auditors, to risk management and crisis readiness, emerging technologies, and audit committee effectiveness.
Despite the economic uncertainty and volatility of the past year, the majority of respondents expressed confidence in their oversight of the company’s financial reporting, and in the accuracy, independence, and objectivity of the external audit, or “audit quality”.
Nearly one-third of Canadian audit committee respondents said their understanding of the key assumptions underlying management’s material accounting judgments and estimates could be deeper; we see audit committees sharpening their focus on pressures that may pose risks to financial statement integrity, ensuring the quality and consistency of non-audited financial information and seeking greater value and insight from internal and external auditors. However, overall the Canadian picture, based on the survey, is a positive one when it comes to the audit committee’s core responsibility – ensuring the integrity of the company’s financial reporting.
Risk and compliance
Canadian respondents were, however, markedly less confident in their oversight of risk. For example:
- While 28% said their company’s risk management program is “robust and mature”, 50% said the program requires “substantial work”;
- Only 17% said the company’s risk management process “extends far enough into the horizon”;
- The quality of risk-related information continues to be an area of concern – particularly regarding cyber risk, global systemic risk, and the pace of technology change – as well as dissenting views from middle management and others about critical risks facing the company;
- One in three respondents said they are not satisfied with the company’s crisis readiness and response plan; and
- Half are only “somewhat satisfied” that the company’s governance activities are focused on the greatest risks to the brand.
While these risk-related challenges are not new, four game-changers continue to raise the bar – and the stakes – on effective risk oversight. Digitization, globalization, increased government regulation, and stepped-up global enforcement are reshaping the business and risk landscape – with significant implications for the audit committee’s agenda and, potentially, its effectiveness. For example:
- In addition to their core responsibilities, many audit committees have oversight responsibility for the enterprise risk management process as well as other major risks facing the company – including financial, operational, cyber security and IT, and legal/regulatory compliance risks;
- Survey respondents generally gave low ratings to their audit committee with respect to “understanding the committee’s risk oversight responsibilities”;
- Many point to the need for “additional expertise” (e.g. IT, M&A and risk) on the committee as key to improving effectiveness; and
- One in four said the audit committee’s self-evaluation is not as robust as it should be.
Financial information
While audit committee members generally express confidence in their oversight of financial reporting, a significant number said their understanding of assumptions underlying management’s material accounting judgments and estimates could be deeper. Many Canadian respondents point to ongoing pressures that pose a significant risk to financial statements integrity – including meeting unrealistic budget targets or analysts’ earnings estimates/forecasts –and less than half are satisfied that the audit committee devotes sufficient agenda time to discussing the quality and consistency of non audited financial information.
While 78% of Canadian respondents said they are confident that future annual and quarterly financial reports will present a fair and accurate picture of the company’s position, they are less confident those reports will present an “understandable” picture – particularly in light of ongoing uncertainly and volatility.
External auditors
The majority of respondents said they are satisfied that the external audit is “accurate, independent, objective, and adequately addresses the company’s key financial reporting risks”. They also said they do not view mandatory audit firm rotation or mandatory re-tendering of the audit work as a way to improve audit quality.
At the same time, external auditors could improve their performance by offering more insights/benchmarking on industry specific issues, sharing their views on the quality of the financial management team and helping the audit committee “stay up to speed” on accounting and auditing developments.
Conclusion
As directors help guide their companies forward, KPMG’s survey findings can serve as an important reference – for benchmarking current practices, identifying gaps and emerging risks, and sparking fresh conversations about how audit committees and boards are strengthening their oversight and keeping pace in an increasingly complex and rapidly changing world. For a complete summary of the survey results, please read KPMG’s Global Audit Committee Survey.
Dave Warren, CA is a Senior Manager, and Rob Brouwer, FCA is Canadian Managing Partner, Clients and Markets, for KPMG LLP in Canada.