The growing role of audit committees

Prior to June 2014, and as a result of EU Directive 2006/43, only public interest entities were required to have an audit committee. Public interest entities include companies with shares quoted on the stock exchange; banks and other credit institutions; and insurance companies.

With effect from 1 June 2015, Section 167 of Companies Act 2014 (the Act) introduced a requirement for directors of all large companies to establish an audit committee. A large company or group is defined as one with a balance sheet total, in the most recent financial year and the year immediately preceding that year, of over €25 million; and a turnover of over €50 million.

If the board of directors does not establish an audit committee, the directors must disclose the basis for that decision in the directors’ report within their financial statements. Where directors are found not to have complied with the requirements of the Act, they will be guilty of an offence carrying a fine of up to €5,000, imprisonment not exceeding six months or both.

The board should ensure that the audit committee consists of directors who are knowledgeable and competent in financial matters, have adequate independence and are not afraid to challenge management. While the audit committee of a public interest entity must contain at least two independent non-executive directors, the Act’s only requirement with regard to the composition of an audit committee is that it should include one non-executive director who is independent and suitably qualified.

‘Independent’ means that they have not, in the three years preceding their appointment, had a material business relationship with the company, held a position of employment or been engaged in the daily management of the company. ‘Suitably qualified’, on the other hand, means that the non-executive director is competent in the areas of accounting or auditing.

Committee responsibilities

Audit committees are an integral part of a company’s internal control and corporate governance function. As such, the role of the audit committee typically includes the following:

 

The audit committee undertakes many responsibilities. These responsibilities will vary depending on the size of the company and the nature of its business. Risk management remains an important area of focus for audit committees, as committee members are tasked with identifying corporate risks and ensuring that relevant mitigating controls are in place. In larger companies, this has resulted in risk management committees being established. Such committees usually stem from the audit committee, but concerns ultimately come back to the audit committee for monitoring.

The audit committee is responsible for the appointment of the external auditor and oversight of their work. In this regard, committee members should seek to appoint an audit firm with relevant expertise. The committee will review the proposed audit approach and an active audit committee will stay involved with the auditors throughout the year – not just at the beginning and/or end of the audit.

In relation to the internal audit function, the audit committee will review and approve the audit plan. Committee members will also meet with management and the internal auditors regularly to discuss matters arising from internal audit reports.

The remit of an audit committee is often broad, covering areas such as financial reporting, operations, risk management and compliance. An audit committee brings an objective perspective to the company’s internal controls and processes, and can benefit the company over the long-term. It can also assist in identifying and assessing the company-wide risks and recommend actions to mitigate those risks.

The overall independence and integrity of the internal audit function is strengthened by having the internal auditor reporting directly to an audit committee. Similarly, an active audit committee that meets with external auditors can share perspectives and gain valuable insights about best practice and how it could be adopted by the company.

By strengthening the internal controls and corporate governance, an audit committee can also assist the company in mitigating the risk of fraud.

Today’s regulatory environment can be challenging for audit committees, which are under significant pressure to keep up-to-date with financial oversight requirements and guidelines. This pressure can be alleviated by having effective relationships with highly-skilled and technically proficient internal and external auditors. Engagement – both formal and informal – among the audit committee, internal auditors and external auditors is important as it enhances the value that each brings to the company. The relationship between the three parties can be developed by understanding one another’s roles; enhancing skills or expertise; and communicating effectively.

It is also important that there is sufficient clarity between the roles and responsibilities of the audit committee, internal audit and external audit and that each function is aware of the remit of the others’ roles. This will help individuals understand what is expected of those involved and avoid duplication of activities. While each has their own distinct role, the audit committee, internal audit team and external auditors all feed into the overall corporate governance and performance management of the company.

Audit committees should be comprised of members who are independent and objective, and yet have a clear understanding of the needs, objectives and priorities of the business. An audit committee should therefore include members with a range of skills and experience that will contribute effectively to the work of the committee.

Internal auditors are required to possess the knowledge, skills and other competencies necessary to perform their individual responsibilities, and they often have a high level of risk assessment expertise. Internal auditors should also have a deep understanding of the policies, processes and procedures of the company and act as the audit committee’s eyes and ears.

External auditors should be technically proficient and possess knowledge of the company’s industry and business environment. They should also be equipped with the necessary tools to assess areas for improvement and make useful recommendations that will add value to the company.

Effective communication is the key to any relationship, be it personal or professional. In the case of audit committees, internal audit and external audit, a good working relationship will enhance the overall effectiveness of each function and, consequently, the overall internal control function. Communication between the three can be enhanced through regular meetings, timely and accurate information sharing and by keeping the strategies and goals of the company in mind at all times.

Information should be shared relating to emerging issues external to the company, and to regulatory guidance so that any significant developments can be addressed.

The implementation of Companies Act 2014 has created an opportunity for companies to apply best practice when it comes to governance practices and procedures. In practice, most large indigenous companies will embrace the opportunity to have an audit committee as doing so has the potential to enhance existing financial and corporate governance structures and protect stakeholder’s interests.

Niall May is an Audit and Assurance Partner at RSM Ireland. Michael Mulholland is a Senior Audit and Assurance Manager at RSM Ireland.