Shortly after his appointment as vice chair-Audit at KPMG LLP, the U.S. member firm of KPMG International, Jim Liddy sat down with NACD Directorship for an interview that delved into his mission, aspirations and how the external auditor’s role has evolved, particularly since the passage of the Sarbanes-Oxley Act in 2002 and the more recent economic crisis. The financial services sector is one of his sweet spots. So, too, is the role of the audit committee, which Liddy is focused squarely on, both as an auditor and a member of an upcoming Blue Ribbon Commission on Audit Committees to be published this fall by the NACD.
What does KPMG’s Audit Committee Institute do for audit committee members, particularly in these times?
The Audit Committee Institute is viewed as an honest broker in the audit and governance arenas. It is a catalyst that brings audit committee members together to discuss the most important topics of the day and to provide a forum for sharing insights and perspectives. Certain audit committees and audit committee members stand out as leaders—and ACI helps the entire audit committee and board community benefit from the best practices and best thinking.
Where are board and audit committee oversight practices headed?
Every audit committee faces the ongoing challenge of continuous improvement. They want to be responsive to changing business environments and dynamics that the companies they serve are operating in. At the same time, they want to be able to step back and think about how they perform their audit committee role and assess their effectiveness, particularly given the current economic environment.
A lot of companies and their audit committees, as they react to this business environment, are re-examining what they do and why. For example, audit committees are taking a hard look at financial reporting. Are they truly getting insight about the associated processes and risk issues? How much does business strategy play into the discussion? The timing of the NACD’s Blue Ribbon Commission on Audit Committees couldn’t be better. It marks an important opportunity for audit committees to re-examine how they do what they do—and to ramp-up their effectiveness. The BRC report will offer 10 principles to help guide audit committees—and the management and audit professionals supporting them—in their oversight of financial reporting and related risks. Plenty of how-to’s and practical suggestions.
How has the audit committee’s role evolved?
Harry Truman may have said it best: “The buck stops here.” I’ve heard more than one audit committee member say that if an issue is complicated and requires a lot of time and focus, it usually lands on the audit committee’s plate. The challenges and priorities that companies face keep increasing, and executives and boards can’t simply give matters a cursory review. There’s a tremendous amount of information that needs to be considered, and I think you’ve seen audit committees gravitate toward delving into the intricacies of these activities with a much more attuned focus on the salient financial reporting items. The audit committee’s role and scope of oversight activities will vary by company and by industry – but there’s a “great reassessment” taking place now…many audit committees are reassessing their role in risk oversight.
We’re seeing the full board increasingly taking on responsibility for oversight of major strategic risks facing the business – with the audit committee focusing squarely on financial reporting and related risks. In some cases, the audit committee is overseeing the risk process, and serving as a catalyst to help the board get a handle on risk.
How has the auditor and the audit committee dynamic changed, especially since SOX?
The professional bond or the relationship between the external auditor and the audit committee has become much stronger in the post-SOX era. The level of dialogue has been raised, as well as the quality of communication, and most importantly, the quality of understanding about the company and its risks. Audit committees get a lot of information sent their way, and one of the things I often hear people ask is, “I get a lot of data, but am I really getting the right information?” One of the roles the external auditor can play is helping to bridge the data/information gap.
As a best practice, we spend time with the AC Chair, or the whole audit committee before their committee meeting—to discuss what we think are the more important elements and questions they should consider. Instead of listening to a presentation, they can have a more meaningful dialogue about the issues at hand.
What’s coming from the impact of the financial reform regulations on accounting and audit committees?
It’ll be sizeable for most companies. Directors, however, should not view the reforms as an additive burden, but rather, how do you build-in the impact of the reforms to benefit your business? One likely change is that a lot of companies will focus on getting back to basics. Many companies have observed that over time, they got involved in periphery activities outside of their core competencies. We’re seeing companies re-examining what those peripheral activities are, what impact those activities have on liquidity, capital and other organizational resources and what they want to be known for in the marketplace.
What can boards do to manage risk better?
I think the NACD’s 2009 Blue Ribbon Commission on Risk Governance is a great starting point. The report provides a very practical framework to help boards get their arms around risk. Three big points that are made in the report: risk is part of doing business; risk and strategy are inseparable—and they should be assessed and monitored together; and risk oversight is a team sport—which means every director and every committee plays a role.
Post financial crisis, what learnings from the financial services sectors can be applied to businesses in other industries?
A lot of people overestimated the resilience and strength of liquidity and capital resources in the market. They assumed that there would always be access to capital and liquidity to fund ongoing business activities. People also made some very general assumptions on how products would perform and how service activities would develop based on historical experience, which is not always the best predictor. A lot of companies got involved on the periphery of their core business. Those activities drew a disproportionate share of capital, and most importantly, did not always operate within an expected risk threshold—and the commensurate financial statement impact was particularly large.
Now, companies are saying, “Let’s decide what we want to be known for in the marketplace and let’s make sure we deliver that service better than anyone else. Let’s do things in a measured and thoughtful fashion and make sure that we truly understand the inherent risk in our products and services.”
What’s on the horizon for changes in financial reporting and to financial statements?
There are at least a dozen projects up at the Financial Accounting Standards Board (FASB) right now with a view toward converging with International Financial Reporting Standards (IFRS). Some of these issues are particularly challenging, and the FASB may end up looking at things in a different fashion than the international community.
Companies need to understand the FASB proposals, and get involved in the comment letter process, so that from a deliberation perspective, the FASB gets the best information from the marketplace.
In terms of financial statements, I think the question that should be asked is whether financial statements should simply be a snapshot of what was, a rear-view mirror look at how things shaped up last year? Or should the financial statements and related disclosures be part of a process that includes a look at the financials as well as a forward-looking discussion of risks and other issues facing an organization?
What are expectations of a company for their audit and how has KPMG helped its clients get more out of the audit process?
Everybody expects a high-quality audit that is in accordance with the professional standards. But more than that, companies want their auditors to provide insight and perspective, not only into the company but also into the industry in which the company operates.
Executives also want a great client experience. They want the auditor to be efficient and effective. They want us to be “collaborative” in terms of working to leverage the work of the company’s internal audit department, where appropriate. They also want good communicators who offer practical and timely guidance on matters important to them.
Looking ahead, what are the main concerns voiced by your client organizations? Risk oversight tops the list. I would also point to strategic focus—as in, what do we want our company to be known for in the marketplace? What is our risk appetite? What rewards will accrue to the organization as a result of providing that activity or service to the marketplace?
Of course, greater financial transparency is also top of mind. A lot of companies are reexamining how they communicate with the external marketplace—for example, explaining the significant judgments and estimates that underlie their financial performance.
Many boards and audit committees are also focused sharply on understanding the risks posed by cost reductions made in response to the economic crisis. It’s important to ask whether the company’s delivery model has been changed, and whether a “cost-reduced” business model can be sustained.
Another area of concern for boards and management is preparing for the potential impact of public policy initiatives—healthcare, the environment, energy, and financial services regulation. These reforms will impact a broad cross-section of companies and industries, and may impose additional reporting, transparency and compliance obligations.
What do you envision for the Audit Committee Institute going forward?
We’ve always wanted ACI to provide a forum for audit committee and board members to liaise with their peers, and get insight and perspective as to how people are dealing with common issues and challenges, and to feed that information back into the marketplace. Issues like risk, uncertainty posed by economic and public policy environments, financial statement issues, and interestingly, IT risk – those are some of the issues that audit committee members have highlighted as their most pressing concerns, and that’s what shapes the dialogue at ACI forums.
How do you drive efficiency in the audit process?
Just like companies have to take a hard look at what they do and why they do it, we need to do the same thing from an external audit perspective. How do we enhance the professional communication process with our client? How transparent are we with the audit committee about how we assess risks in the organization and how we’re going to go about doing our work? Are we collaborating with the internal audit group and the finance function to perform our work in the most effective and efficient fashion?
We need to focus on three primary things for our clients:
First, rigorous execution of professional standards – our credibility and the credibility of financial statements depends on it. Second, timely and proactive dialogue regarding salient risk matters and those other items impacting financial statements and related disclosures. This needs to be an ongoing dialogue. The accounting profession needs to overcome a perception of being stand-offish and dogmatic. And, third, active analysis of critical judgments and factors impacting the financial statements – we need to understand how management made its judgments and how certain decisions affected the financial statements.
How would you describe KPMG’s business strategy?
Our strategy is very simple. We want to be regarded by our people, our clients and the external constituencies we serve as the very best Big Four public accounting firm.
From an organizational perspective, four priorities underlie our culture:
- Professionalism and integrity. Very simply, do the right thing in the right way—every single day.
- Be an employer of choice. Our people represent our intellectual capital, and we foster an environment where people feel that they have a great place to build a career.
- Quality growth. We want to have the right clients and the right services.
- Think globally and act globally. It’s one of the things we challenge our people with daily. We operate in the global marketplace and we’ve got to display our global strength and consistency.
Can you talk briefly about your commitment to diversity and why that’s important to KPMG beyond the obvious? And how do you envision your role as head of an 8,000-person audit organization?
We operate in a diverse world. The workforce that we interact with everyday, here at KPMG and at our client organizations, is diverse. For us, diversity is a business imperative and we take it very seriously. We have a proven record of support for diversity initiatives at our firm and in the communities we serve, and we are firmly focused on engaging in even more impactful activities looking forward.
My personal goal is to help our people be more successful every day. How can I help them do better quality audits and deliver an unmatched client service experience? How can I help them grow our business, and how can I help them develop, deploy and inspire our people? I do believe that my role is to make sure that we’re focused on the right things, that our people have the resources, the tools, and anything else they need to serve their clients day-in and day-out.
What do you do when you’re not working?
Well, my full-time job when I’m not working is my family. My wife and I have four children, and we try to spend as much time with them as we can. The kids have an extremely busy schedule, often times every bit as busy as my own. So any chance I get to spend time with them I enjoy it to its fullest.