Setting the 2021 Audit Committee Agenda
With 2020 almost in the rearview mirror (thankfully!), the 2021 audit committee agenda is shaping up differently than in years past. The past 12 months presented an opportunity for audit committees to support the key players managing the financial reporting process. Going forward, that support could prove to be critically important as the business environment continues to present disruptive challenges. Board members should not be surprised by anything 2021 has to offer. The key is ensuring the companies they serve are resilient and agile enough to withstand whatever surprises the next 12 months may have in store.
Setting the 2021 Audit Committee Agenda
The 2021 Mandate for Audit Committees
Enterprise, Process and Technology Risk Issues
Have the implications of changes in the nature and severity of risks been considered by the committee in discharging its various responsibilities?
The COVID-19 pandemic is a reminder that the world in which we work and live is disruptive. Audit committees should be cognizant of emerging business risks and changes in the nature and severity of critical enterprise risks in discharging their responsibilities. These risks and changes include, but are not limited to:
- Shifting customer and consumer behaviors
- and preferences
- The evolving workplace
- The revisiting of supply chains
- Formidable economic headwinds
- Geopolitical tensions
- The increasing complexities of the digital economy and the emergence of “born digital” market entrants
- Challenges in attracting and retaining top talent
- Cybersecurity and privacy threats
- Regulatory uncertainty
How effective and efficient was the financial reporting process during and since the lockdown with people working from home? What did we learn? How has the function improved its resiliency going forward?
Finance organisations with advanced digital operating capabilities that enable a robust remote workplace are more likely to sustain their operations and the control environment during the next pandemic or a disruptive event of similar magnitude. The audit committee should ascertain the CFO organisation’s assessment of the work environment’s resiliency and the efficacy of investments to improve it in the event of future disruptions, and it should understand what changes, if any, are needed.
Is finance sufficiently resourced to focus on such matters as evolving cyber threats, more advanced data analytics, internal customer expectations, financial planning and analysis, regulatory challenges, and internal controls as a strategic partner with the rest of the organisation?
The audit committee should be cognizant of the organisation’s increasing demands and support finance leaders’ efforts to address and resource them. Protiviti’s latest Global Finance Trends Survey provides insights into the challenges, activities and funding decisions CFOs and finance leaders are prioritising for the coming year. This may be an appropriate discussion to have with the CFO in an executive session.
Is the CAE effective in achieving appropriate risk coverage, agile responses to new and emerging risks, and efficient delivery of value-added insights regarding risk culture, risk management capabilities and the internal control environment?
The opportunity before the audit committee is for internal audit to enhance its value proposition by becoming a problem-solver, rather than a mere problem-finder. Next-generation capabilities enable internal audit to keep pace with the company’s overall digital transformation and embrace change, improve continuously and maintain its relevance, paving the way to efficiency, adaptability, increased engagement and deeper, more valuable insights. It is a work in progress, and the committee should be privy to it.
Does the audit committee set the tone with expectations of the CAE to take the lead in getting the internal audit function’s transformation process on its agenda? Does the audit committee give the CAE sufficient time on its agenda to address these matters? These and other questions should be considered as the audit committee takes more interest in how internal audit is advancing its capabilities.
Financial Reporting Issues
Have discontinued operations and divestitures, termination benefits, and the impact of contract modifications been reported properly? If the company received government assistance, is it being accounted for appropriately?
Many companies have adjusted their operations in the face of the pandemic’s crushing effects. These adjustments have accounting and reporting implications. The audit committee should address such matters with management and the external auditor.
Are the pandemic’s effects on estimation processes underlying asset impairments, valuation, net realisable value, loss contingencies, and other accounting and disclosure matters understood and addressed?
In the financial reporting process, management often exercises significant judgment regarding various subjective estimates and valuations sensitive to changes in external and internal risk factors. The current unprecedented environment and the recession it has spawned have forced companies to take a closer look at impairment, valuation, net realisable value, loss contingency and exposure considerations. Audit committees should inquire of management and the external auditor regarding these significant accounting estimates and their implications to the financial statements.
How are recent and expected changes in the workplace and current plans for reopening physical locations affecting the company’s internal control over financial reporting, cyber-threat landscape, and exposure to compliance and fraud risk?
The audit committee is the board’s advocate for strong internal control over financial reporting. For many companies, it will be necessary to reimagine how employees should return to the office, whether workplace entry should be staggered, where people will work, and with whom workers will interact and how. Social distancing may require teams that previously worked in close proximity to one another to spread out over a larger footprint. That may require leasing more office space, organising work in shifts or designing a hybrid arrangement where some people return to the office while others continue to work remotely at home or in satellite offices. Flexible thinking, process improvements, continued technology enhancements and various health protocols are likely in many organisations to maximise health and safety.
In the event the external auditor reports critical audit matters, has the audit committee evaluated them in consultation with the auditor and management?
If one or more critical audit matters are identified, the audit committee should discuss them with the auditor and management. Once the underlying issues are understood, the committee should determine whether the disclosures are clear. If there are significant judgmental issues on which management and the auditor do not agree, or if management is applying aggressive accounting principles, there may be an opportunity for the committee to inquire of management as to whether the company’s accounting and reporting processes can be streamlined and improved.
This year we have not included new accounting standards and relevant regulatory releases on the suggested audit committee agenda given the lack of significant new developments. However, observable market forces continue to elevate the importance of ESG-related matters. It’s a matter of when, not if, the market can expect more rulemaking and standard-setting on ESG-related impacts.
Note that the SEC recently amended Regulation S-K to require a description of human capital measures or objectives used in managing the business, provided such disclosures are material to understanding the company’s business as a whole. The audit committee should review these new disclosures in light of developments occurring at the company.
Audit committees should assess their performance periodically. To help committees periodically assess their composition, charter and agenda focus in view of challenges the company is facing, see Protiviti’s self-assessment questionnaire.