The Role of the Audit Committee

Amidst the boards of directors and executive leadership is a vital, often understated, group that plays a crucial role in safeguarding an organization's financial integrity and reputation: the Audit Committee.

More than just a statutory requirement - a well-functioning audit committee acts as a critical oversight body, providing an essential layer of challenge and assurance over financial reporting, internal controls, and the audit process itself.

What is an Audit Committee?

The audit committee is a sub-committee of the board of directors, typically composed entirely of independent non-executive directors (NEDs).

Their independence is key as it allows them to challenge management and the external auditors without being influenced by day-to-day operational pressures or personal relationships.

Their primary mandate is to oversee:

1. Financial Reporting: Ensuring the integrity of the company's financial statements and disclosures.
2. Internal Control and Risk Management: Monitoring the effectiveness of the company's internal control systems and risk management framework.
3. Internal Audit Function: Overseeing the effectiveness and independence of the internal audit function.
4. External Audit Function: Overseeing the appointment, independence, effectiveness, and remuneration of the external auditor.
5. Compliance: Reviewing the company's whistleblowing arrangements and compliance with legal and regulatory requirements.

Key Responsibilities of a High-Performing Audit Committee

1. Overseeing the External Auditor

This is perhaps the most visible and defining responsibility of the audit committee. They act as the primary liaison between the external auditors and the board, ensuring the independence and effectiveness of the audit process.

• Appointment and Reappointment: Recommending the appointment, reappointment, and removal of the external auditor to the board and shareholders. This includes overseeing the tender process when a new auditor is sought (e.g., every 10 years for UK Public Interest Entities, as per FRC rules).
• Independence and Objectivity: Regularly assessing the independence and objectivity of the external auditor. This involves scrutinizing threats to independence (such as the provision of non-audit services), reviewing the auditor's declarations, and ensuring compliance with ethical standards (like the FRC's Ethical Standard in the UK).
• Audit Fees: Agreeing the terms of engagement and approving the external auditor's remuneration. This requires careful consideration to ensure the fee is sufficient to enable a quality audit without compromising independence.
• Audit Scope and Approach: Reviewing and approving the external auditor's audit plan, including the scope of the audit, materiality levels, and key areas of audit risk.
• Reviewing Audit Findings: Discussing the external auditor's findings, management's responses, and any significant accounting and auditing issues arising from the audit. This includes challenging management's judgments and estimates.
• Performance Evaluation: Annually assessing the performance of the external auditor and holding them accountable for audit quality.

2. Reviewing Financial Reporting

The audit committee is central to the integrity of the company's financial statements and related disclosures.

• Review of Annual and Interim Reports: Critically reviewing the annual financial statements, interim reports, and other significant financial announcements before they are submitted to the board for approval. This includes considering whether they provide a true and fair view and comply with relevant accounting standards (e.g., IFRS) and legal requirements.
• Significant Accounting Policies and Judgments: Discussing with management and the external auditors the appropriateness of significant accounting policies, changes in policies, and areas involving significant judgment or estimation uncertainty. This includes challenging the rationale for specific accounting treatments.
• Going Concern and Viability Statements: For UK companies, particularly larger ones, the audit committee plays a crucial role in reviewing management's assessment of going concern and the associated disclosures, as well as the company's longer-term viability statement.
• Narrative Reporting: Overseeing the integrity of narrative reporting (e.g., strategic report, directors' report) in the annual report, ensuring consistency with the financial statements. This is particularly relevant with the FRC's focus on connected reporting.

3. Overseeing Internal Controls and Risk Management Systems

While the full board has ultimate responsibility for risk management, the audit committee often takes the lead in overseeing internal control systems, especially financial and operational controls.

• Effectiveness Review: Reviewing the effectiveness of the company's internal control and risk management systems. This often involves reviewing reports from internal audit, management, and the external auditor on control deficiencies.
• Fraud and Error: Considering the potential for fraud and error, and ensuring that adequate systems are in place for their prevention and detection. This aligns with ISA (UK) 240 and the auditor's fraud responsibilities.
• Cyber Security and IT Controls: Increasingly, the audit committee's oversight extends to key IT controls, including cyber security and data privacy, given their critical impact on financial systems and data integrity.

4. Overseeing the Internal Audit Function

For companies with an internal audit function, the audit committee is responsible for its effectiveness and independence.

• Independence and Scope: Approving the internal audit charter, ensuring its independence from management, and reviewing its scope and objectives.
• Resource Allocation: Reviewing the internal audit function's resources and ensuring they are sufficient to cover key risks.
• Performance Monitoring: Monitoring and assessing the performance of the internal audit function, including reviewing its reports and management's responses to findings.
• Head of Internal Audit: Approving the appointment, remuneration, and removal of the Head of Internal Audit.

5. Compliance and Whistleblowing

• Regulatory Compliance: Reviewing the company's systems for ensuring compliance with relevant laws, regulations, and ethical codes.
• Whistleblowing Arrangements: Ensuring that effective whistleblowing arrangements are in place to allow employees to raise concerns about financial malpractice or other wrongdoing confidentially and without fear of retaliation.

Composition and Effectiveness

To be effective, an audit committee needs:

• Independence: As noted, all members should be independent non-executive directors.
• Financial Literacy: At least one member (and ideally more) should have recent and relevant financial experience, often a qualified accountant or someone with significant experience in financial management or audit.
• Expertise: Collectively, the committee should possess the necessary skills and experience to understand the company's financial statements, internal controls, and audit process, including knowledge of the industry and relevant accounting principles.
• Sufficient Time: Members must be able to dedicate sufficient time to their responsibilities, which are often significant and demanding.
• Strong Chair: A strong, experienced, and independent Chair who can lead challenging discussions and foster open communication.

The Audit Committee and the Auditor

The relationship between the audit committee and the external auditor is symbiotic. For external auditors, the audit committee is their primary contact point within the governance structure. A robust audit committee empowers auditors by:

• Providing a sounding board: Offering a forum for auditors to raise concerns, including disagreements with management, without fear of reprisal.
• Supporting independence: Helping to protect the auditor's independence from management influence.
• Driving quality: Challenging both management and the auditors to ensure a thorough and effective audit.

Conclusion

The audit committee stands as one of the most critical elements of effective corporate governance.

Through their diligent oversight of financial reporting, internal controls, and the external audit process, they provide vital assurance to the board, shareholders, and the wider public.