Facing Increased Risk: Top Considerations for Audit Committees
Boards and audit committees are facing growing pressures as technology continues to evolve at an unprecedented speed and transform the increasingly global, data-driven corporate world. Historically, the audit committee of a company’s board of directors has focused its oversight on financial reporting and audit quality. Today, more than ever, boards and their directors must keep up with the regulatory developments and the associated risks of new technologies.
Advanced technologies, such as data analytics, artificial intelligence, automation and blockchain, are putting new demands on the finance function. Technology will continue to transform business operations, presenting new opportunities for finance teams to adapt and add greater value in this technology and data-driven environment.
KPMG’s 2019 Audit Committee Pulse Survey, which surveyed 200 audit committee members, found that business complexity, digital disruption and technological innovation are putting pressure on audit committees as never before and requiring them to intensify their focus on risk management and monitoring of the internal control environment.
Many audit committees report that they still are carrying heavy risk agendas: information technology, legal/regulatory compliance, financial risk, third-party and especially cyber security risk. Some audit committee members say that these new considerations can feel overwhelming at times — but there is consensus as to their importance.
The KPMG survey identified five key takeaways that may prove useful as CPAs prepare for upcoming meetings with audit committees facing these increased challenges:
- Prepare for disruptive risks. Audit committee members’ perspectives vary considerably as to whether the enterprise risk management programs at the companies they oversee are truly prepared for “disruptive risks.” In fact, one quarter of respondents reported that their company’s ERM processes are in the developmental stages or require significant work.
- Focus on cybersecurity. Outside of traditional financial reporting issues, cybersecurity continues to be a top concern for audit committees for a range of reasons. Keeping systems up to date, vulnerabilities due to third-party and supply chain risks and the increasing difficulty of identifying top cyber talent all are critical business issues keeping leaders up at night.
- Be flexible. Internal audit teams must remain flexible and willing to adjust the audit plan as needed. The survey found that focusing the audit plan on key areas of risk beyond financial reporting such as information technology, cybersecurity and other operational risks — and maintaining flexibility to adjust the audit plan in response to changing business and risk conditions — ranked as the most important ways to maximize internal audit’s value. Culture has increasingly become an important consideration for internal auditors as well.
- Change how earning guidance is provided. The majority of audit committee members surveyed do not think companies should continue to provide quarterly earnings guidance. Specifically, 34 percent of respondents said the practice of providing earnings guidance should be phased out, and 20 percent said guidance should be provided only annually.
- Evolve skills and adopt technologies. Audit committees report that talent management and ensuring that finance leaders have the right skills remain top concerns. Almost three-quarters of respondents report that their committees are evaluating how finance organization leadership, talent and skills must evolve to maintain quality financial reporting. Transformative technologies such as artificial intelligence and data analytics are also top of mind for audit committee members as companies look for ways to garner more accurate predictive insights.
In conclusion, audit committees continue to play a critical role in effective board governance, even as their purview continues to evolve.
Corey R. Temple
Corey R. Temple, CPA, is KPMG’s Short Hills office managing partner and the New York Metro Life Sciences audit leader. He is a member of the NJCPA.
More content by Corey R. Temple:
This article appeared in the November/December 2019 issue of New Jersey CPA magazine. Read the full issue.