Audit Committees: Fad
or effective tool of management?
It
appears that most annual reports published in Sri Lanka show the
existence of an Audit Committee, a report of the Committee and even
a Governance Report issued by them. Despite these many company accounts
show glaring inadequacies with compliance, good governance and even
violation of the rights of minority shareholders, glaring conflicts
of interests and violation of accounting standards and of course
misrepresentation of vital shareholder information. Who is to judge
the effectiveness of the functioning of the committee – Shareholders,
Media, Analysts or Creditors? The expected best practice is for
the Audit Committee itself and the Board to be the judge.
Audit Committees should:
*Challenge management plans, processes and capabilities
to ensure that management’s stewardship of the business incorporates
an appropriate balance of control and risk;
*Assist in the identification of key business
risks;
*monitor management's commitment to the maintenance
of a system of internal control to effectively address business
risk;
*Support the role of both internal and external
auditors by encouraging them to discuss their findings and views
freely, and;
*Act independently and objectively in helping
to resolve differences of view between auditors and management.
*Monitor and ensure that business dealings comply
with set Standards of Business Conduct and are aligned to accepted
business principles.
Audit Committees can only be as effective as the
Board, and more particularly the Chairman and Chief Executive, allow
them to be. Active support and encouragement by the Board is an
essential pre-requisite of an effective Audit Committee.
At the same time, Audit Committees are only as
good as their members. One of the most important attributes is a
willingness to question accepted and standard practice, and not
to necessarily accept the first response given. Audit Committees
will help to enhance standards of corporate governance only if the
committees include truly independent members with the experience,
skill, commitment and understanding of the business.
The essential attributes for an effective Audit
Committee include:
*Composition
Audit Committees should have at least two truly independent members,
plus one individual with in-depth knowledge of the business. One
of the three members should have a strong financial background.
*Authority and status
The Audit Committee should have sufficient authority to act with
independence and integrity..
*Terms of Reference
The Terms of Reference should detail clearly the authority and responsibilities
of the Committee, and should also emphasise the Committee's right
of access to all information and to request any person to attend
and answer questions. The Committee should also be able to initiate
special investigations.
*Size
The size of the Committee should be sufficient to provide the appropriate
mix of skills, independence and experience to provide an appropriate
variety of opinions which engender participative debate.
* Members
The members should also have a sceptical approach to their role
and be able to ask searching questions, without necessarily accepting
the first answer. A varied and successful business background is
often a precursor to an effective member.
*Chairman
The Chairman should be independent of, and have the confidence to
challenge, the Chief Executive of the company. A recent independent
survey of the FTSE 100 Companies put "a good Chairman"
as being the single most significant factor in ensuring the effectiveness
of an Audit Committee. He should periodically meet the relevant
internal audit manager to discuss internal control issues affecting
the company.
*Time
The members should have sufficient time to properly carry out their
duties. This means more than merely attending the meetings, but
the time to understand a company's business.
*Remuneration
The remuneration of members can prove useful in emphasising their
accountability, whilst also recognising the considerable time required
to be an effective member.
*Terms of office
Membership of the Committee should change on a periodic basis so
as to encourage new and fresh insight into the role.
*Agenda
One of the keys to a successful audit committee is a thought through
agenda which seeks to challenge the control environment. It should
reflect the concerns of the membership and not be driven by the
auditors. The agenda for the meeting should be prepared well in
advance and be owned by the Chairman of the Committee. Furthermore,
the relevant papers for the meeting should be distributed a sufficient
time before the meeting to allow full understanding of the issues
involved.
*Attendance
Attendance by the CEO, finance director, internal and external audit
is expected to be the norm at all audit committee meetings. A positive
and encouraging trend is the invitation to attend to those who have
a specific responsibility for an area under review.
*Private discussions
Private audiences between the audit committee (without executive
management) and the external auditors and, separately, the internal
auditors at least annually, but ideally at each meeting, are now
expected as a routine. This privacy can help ensure complete frankness
of expression and communication.
*Frequency
There should be at least 2 meetings a year to allow for timely coverage
of key events such as the review of the annual accounts and the
review of internal and external audit plans.
*Reporting
The reporting responsibilities of the Committee should be clearly
laid out, again to emphasise the accountability of the members.
*Minutes
The minutes of the meeting should be circulated to the Board and
should include a report highlighting those significant issues which
were raised at the previous meeting. They should also include details
of action points arising with assigned responsibility for their
resolution.
*Escalation procedures
In the unlikely event whereby the Committee is faced with circumstances
which it feels it cannot resolve without assistance it must be to
keep the Board.
The Committee's key focus:
"to assist the Board in the management of business risks and
internal controls" with evidence of a high quality debate on
the business risks facing the company, and the adequacy of the measures
in place to address them. Time to look in the mirror and for the
physician to heal thyself first! (Comments on this article could
be sent to -- wo_owl@yahoo.co.uk).
|