An engaged community of governance professionals gathered to discuss audit committee best practices with Women Get On Board (WGOB). The event delivered in partnership with KPMG, National Strategic Partner of WGOB, on November 5 featured insights from panelists Trish Volker, experienced corporate director, and Toronto Hydro’s CFO, Aida Cipolla. Moderated by Silvia Montefiore, Canadian Managing Partner, Business Enablement and Operations with KPMG, the panel provided tremendous insight into a wide range of issues affecting audit committees.
1. Optimizing Audit Committee Composition
As a committee of the board, the first task is to optimize the overall board membership by developing a skills matrix. Look at the skills needed to deliver on the overall mandate of the board, and then separately for each committee.
For publicly traded companies, the audit committee composition must comply with a range of regulatory requirements. These include ensuring that the audit committee is composed of independent members who are financially literate.
Then consider the broader mandate of the audit committee beyond its regulatory mandate and ensure that you have identified members with the appropriate skills to ensure the committee can deliver on its Audit Committee mandate.
2. Critical areas for the Audit Committee mandate
Every board committee should have a written mandate. For publicly traded companies, the audit committee’s fundamental responsibilities are discharging regulatory compliance requirements. These include oversight of financial reporting, internal controls, disclosures and filing requirements (this is typically a board decision). Other key components include oversight of relevant policies and whistleblower reporting systems, and both internal and external auditors.
“It’s really about looking at the relationship of management and the auditors to ensure there is independence from management; appropriate selection criteria and work quality,” said Cipolla.
There is considerable variance around risk management as part of the audit committee mandate. Organizational risk profile will vary considerably between sectors. Some companies assign a broad risk oversight mandate to the audit committee, while others split specific risks up between relevant board committees.
“Every company does things a little bit differently,” said Volker. “At Ornge, we set up the board to have a committee structure that paralleled every C-suite office. Every committee has risk on its agenda, and it all gets rolled up through the audit committee.”
As the audit committee has such weighty statutory compliance duties, it may be overwhelmed by a broad risk mandate. Some organizations give their corporate governance and nominating committee the mandate to review the mandates of all board committees and ensure that all key risks are appropriately assigned across the committee structure.
“One committee can’t do it all on its own,” added Cipolla. “Risk is pervasive throughout all organizations. You have to make sure you can manage it and share the load across various teams.”
3. Oversight of Emerging Issues
The panelists agreed that key emerging issues include Environmental and Social Governance (ESG), Corporate Social Responsibility (CSR), social media oversight; and white-collar crime and behaviour as reflected in corporate scandals and the #MeToo movement.
Board members need to proactively educate themselves on emerging issues by attending continuing educational sessions and seminars, reading, and actively participating in professional/industry associations.
4. Oversight of Corporate Culture
Tactics for board oversight of corporate culture include regular review of policies and the selection criteria for the CEO and executive.
“At the end of the day, the CEO is responsible for ensuring an appropriate corporate culture in the organization,” noted Cipolla. “I think what’s important is that the board and the committees are monitoring. Are the actual objectives of the organization for that year being measured in a manner consistent with the culture that you’re looking to instill in the organization?”
5. Optimal relations between the company and the Audit Committee
The audit committee has a broad mandate with limited time. Open communications, advance preparation, and avoiding surprises at the committee are key to building trust between management and the audit committee. An experienced committee chair will mentor the CFO to help them understand priorities and think strategically about putting together a committee agenda to get the win.
“Whichever executive is responsible for the audit committee has to figure out, ‘what do I tell them, and what don’t I tell them,’” noted Volker. “It’s usually the ‘what don’t I tell them’ that is more interesting.”
“Do audit committee members know everything about the operation? No, but nor should you,” added Cipolla from the perspective of the CFO. “You have to feel comfortable with your executive member at the table that they’re informing you and educating you in those appropriate areas. Ask those good questions so that you get a good sense that they are providing you the information that you need to do your job.”
A lively question and answer period followed the presentation. What I found especially helpful and unique about this session was that the panel included a board member, a CFO and an external audit partner, each representing a different key perspective on how best to approach the core issues facing audit committees. Ultimately, all agreed that open, transparent and timely communications between these three roles will create the trust necessary for the audit committee to effectively fulfill its mandate.