Recognizing the sizeable challenges that audit committees and boards face in 2012, KPMG’s Audit Committee Institute has issued its annual message to directors. “Ten To-Do’s for Audit Committees in 2012” highlights key issues that should be top of mind as audit committees think through their agendas for the year ahead. We offer an abbreviated version here.
1. Stay focused on the audit committee’s top priority: financial reporting and related internal control risk. The challenges of ongoing economic uncertainty and volatility, coupled with the impact of cost-reductions, major public policy initiatives, and an uncertain yet clearly more complex regulatory environment, will require the attention of every audit committee. Meeting this workload challenge will require focused (yet flexible) agendas, with an eye on the company’s key financial reporting and related internal control risks.
2. Continue to monitor accounting judgments and estimates, and prepare for accounting changes. Monitor fair value estimates, impairments and management’s assumptions underlying critical accounting estimates. Recognize that the company’s greatest financial reporting risks are often in areas where there is a range of possible outcomes, and where management is called upon to make difficult judgments and estimates.
3. Consider whether the financial statements and disclosures tell the company’s story. Given the importance of transparency to the investor community, as well as the Securities and Exchange Commission’s ongoing focus on financial disclosures, consider how disclosures can be improved to better address expectations.
4. Focus on the company’s plans to grow and innovate. Growth, strategy and innovation will be front and center as companies search for top-line growth and look beyond the recessionary environment. A key challenge will be monitoring and calibrating growth plans to appropriately balance risk and reward. Given historically low valuations and high levels of corporate cash on hand, understand the company’s position in the M&A “ecosystem.”
5. Reassess the company’s vulnerability to business interruption and its crisis readiness. The global inter-connectivity of business, markets and risk poses challenges for virtually every company. Ensure that management is weighing a broad spectrum of “what-if” scenarios. Is the company’s crisis response plan robust and ready to go?
6. Understand how technology change and innovation are transforming the landscape—and impacting the company. IT risk discussions should be moving (rapidly) beyond “defensive” issues to address the critical challenge today: understanding the transformational implications of IT and emerging technologies—the cloud, social media, mobile technologies and data— and the strategic issues they present.
7. Focus on asymmetric information risk and seek out dissenting views. Is the audit committee hearing views from those below and beyond senior management – e.g., from middle management and business unit leaders, sell-side analysts and critics, and other third parties—about the risks and challenges facing the company? Recognize when asymmetric information risk—the over-reliance on senior management’s information and perspective—is too high.
8. Consider the impact of the regulatory environment on compliance programs and business plans. The increasing complexity of the global regulatory environment—including compliance challenges posed by the Foreign Corrupt Practices Act and the U.K. Bribery Act, the SEC’s whistleblower program, and Dodd-Frank provisions on conflict minerals and compensation clawbacks— will require continued attention. The right tone at the top and throughout the organization is critical.
9. Understand the company’s significant tax risks and how they are being managed and modeled. To stay abreast of critical tax risks—including internal control, compliance and disclosure issues—establish a clear communications protocol for management to update the audit committee on tax risk-management activities.
10. Monitor the PCAOB’s initiatives on auditor independence and transparency, and consider the implications for the audit committee. PCAOB initiatives designed to promote auditor independence, objectivity and professional skepticism have potentially significant implications for the audit process and the role of the audit committee. Consider how the audit committee currently reinforces auditor independence and skepticism, and whether a more robust audit committee report would be beneficial to investors.
The full text of “Ten To-Do’s for Audit Committees in 2012” is available at www.auditcommitteeinstitute.com.
Dennis T. Whalen is partner in charge and executive director of KPMG’s Audit Committee Institute.