Audit committees act as gatekeepers over the accounting and financial reporting processes, including the effectiveness of the company’s control environment. However, as the regulatory landscape becomes increasingly complex and organizations face evolving risks, the scope of audit committee concerns and responsibilities may extend beyond traditional financial reporting.
Top-of-mind list
In March 2024, a survey entitled “Audit Committee Practices Report: Common Threads Across Audit Committees” was published by Deloitte and the Center for Audit Quality, an affiliate of the American Institute of Certified Public Accountants. The survey analyzed 266 responses, including many from people who served on audit committees of public companies. While the survey base was for public companies, the survey is relevant to the audit committees, finance committees, and governing boards of not-for-profit and governmental entities.
Respondents identified the following five audit committee concerns over the next 12 months:
- Cybersecurity. This was listed as a top-three concern by a majority (69%) of audit committee members surveyed. The focus on cybersecurity is, in part, caused by a new regulation from the U.S. Securities and Exchange Commission. It requires public companies to 1) report material cybersecurity incidents, 2) disclose cybersecurity risk management and strategy, and 3) explain their board and management oversight processes. Only 24% of respondents said their audit committees had sufficient levels of expertise in this area. So additional resources may be needed to hire external cybersecurity advisors or invest in educational programs to bridge the knowledge gap.
- Enterprise risk management (ERM). Nearly half (48%) of respondents listed ERM as a top-three concern. This refers to the processes an organization uses to identify, monitor and assess enterprise-wide risks. Audit committees have been tasked with ERM for many years, but extra attention may be warranted as new threats emerge. Examples include pandemics, large natural and climate-related disasters, and global conflicts. It’s important for audit committees (or governing boards) to evaluate whether their organizations’ ERM processes can handle new threats efficiently and effectively.
- Finance and internal audit talent. More than one-third (37%) of respondents put this concern on their top-three list. Audit committees frequently work closely with in-house finance and internal audit teams. While most respondents (89%) agree or strongly agree that their internal auditors possess high-level understandings of the companies’ operations, there may be opportunities to upskill in-house staff and use artificial intelligence (AI) to streamline routine tasks, eliminate redundancies and identify opportunities to operate more efficiently. Audit committees should oversee succession planning for finance and internal audit teams, particularly if their companies’ CFOs are planning to soon retire.
- Compliance with laws and regulations. More than one-third (36%) of respondents are focused on the heightened complexity of the regulatory environment. Compliance issues are especially prevalent in heavily regulated industries, such as healthcare and entities that received state and federal funding.
- Finance transformation. Listed as a top-three concern by 33% of respondents, finance transformation refers to revamping the finance department to better align with the company’s overall strategy. It may entail changes to the department’s operating model, staffing, processes and accounting systems. The goals are to simplify, streamline and optimize the organization’s finance function. Audit committees can help finance teams implement transformation initiatives by understanding the human and technological resources needed. Many are considering possible AI solutions, for example, to expedite closing the books at the end of the reporting period, improve financial planning and detect impending risks.
Collaborative approach
External auditors communicate frequently with committees and governing boards about top audit committee concerns, emerging risks, impending regulations and other matters, so they can help each other in performing their respective roles. Contact us. We design audit procedures, draft financial statement disclosures and provide guidance to help address the challenges audit committees face today.