What is an Audit Committee?
An audit committee is a specialized part of the board of directors, responsible for overseeing financial reporting, internal controls, and ethics and compliance. This sub-group usually operates with independent and internal auditors and the management team, to monitor the company’s accounting policies and accuracy of financial statements.
In publicly traded entities, audit committees are typically mandatory and must meet regulatory requirements like those outlined by the Sarbanes-Oxley Act of 2002 (SOX) in the US or the UK Corporate Governance Code. Such regulations ensure that an audit committee is independent from management and will deliver unbiased perspective on the company’s financial health.
Audit Committee Responsibilities
The duties of the audit committee span across multiple critical areas for effective oversight of a company’s financial and compliance processes. Some of these responsibilities include:
- Financial Reporting Oversight
- Reviewing the accounting and regulatory initiatives on the financial statements.
- Evaluating the quarterly and annual reports in compliance with Generally Accepted Accounting Principles (GAAP) or International Financial Reporting Standards (IFRS), depending on the jurisdiction.
- Assessing the analysis of issues made by management in the financial reports.
- Working closely with management and external auditors to discuss adjustments and estimates.
- Compliance and Ethics
- Ensuring the organization complies with relevant legal, regulatory, and ethical standards, such as with tax laws, anti-bribery laws, and other industry-related regulations.
- Reviewing whistleblower programs and other mechanisms created to promote ethical behavior.
- Oversight of External and Internal Auditors
- Responsible for appointing, compensating, and overseeing the work of external auditors.
- Monitoring the effectiveness of internal audit functions, and that their audits are conducted comprehensively and regularly.
- Reviewing audit findings, reports, and management’s response to the auditors’ findings.
- Risk Management and Internal Controls
- Evaluating the effectiveness of the internal control systems and risk management processes, such as policies on cybersecurity.
- Assuring appropriate policies and processes are set for preventing and identifying fraud (e.g. financial statement fraud, corruption, assess misappropriation).
- Being knowledgeable of the laws governing anti-corruption like the U.S. Foreign Corrupt Practices Act (FCPA), as well as the mitigation of risks related to it.
Who are the members of the audit committee?
The audit committee usually comprises independent directors who possess a high level of financial literacy. The members are selected from the board of directors, but should not have direct involvement in the company’s day-to-day operations to maintain objectivity. In many jurisdictions like the US under SOX, at least one member of the audit committee must qualify as a “financial expert” having expertise in accounting or financial management.
Can the CEO be a member of the audit committee?
No, the CEO cannot be a member of the audit committee. The committee’s members must not be non-executive directors who are highly involved in the company’s management. This maintains independence and objectivity. As a member of management, the CEO could introduce conflicts of interest if they were part of the audit committee. Their involvement in day-to-day operations could influence decisions that require an unbiased review.