At a Glance
* A well-constituted and well-run audit committee can bring considerable benefits.
* The Smith Guidance sets out additional recommendations on the role and activities of an audit committee.
* The audit committee should be formally constituted and should have written terms of reference.
* The Combined Code includes specific provisions on the membership of the audit committee.
* Appointments to the audit committee should generally be by recom- mendation of the nomination committee and should be for a fixed term.
* Audit committee members must disclose any potential conflicts of interest.
* The company should provide an induction programme and ongoing training and support for audit committee members.
* Management must provide the audit committee with all the information that it needs to discharge its responsibilities.
* The precise role of the audit committee should be tailored to the circum- stances of the company.
* The audit committee should review all financial reporting documents before publication.
* The audit committee should review the company’s internal control and risk management systems, and the procedures for whistleblowing.
* The audit committee should monitor and review the activities of the internal audit function.
* The audit committee has primary responsibility for making a recom- mendation on the appointment, reappointment or removal of the exter- nal auditors.
* The audit committee should approve the terms of engagement and remu- neration of the external auditor.
* The audit committee should assess the independence and objectivity of the external auditors each year.
1.136 Benefits of an Audit Committee
Audit committees have become an important aspect of corporate governance in recent years, partly as a result of the recommendations set out in the Combined Code but also because companies have begun to appreciate the benefits that an effective audit committee can bring in terms of providing additional assurance on the adequacy of the company’s system of internal control and on the quality of its financial information (for both internal and external use) and of its finan- cial decision-making. Although the Combined Code applies primarily to listed companies, the principles underlying the recommendations apply to every com- pany and all directors are therefore encouraged to follow them. The recommen- dations are equally relevant for non-profit organisations, particularly where there is a high degree of public interest in their activities, eg charities and pub- lic sector bodies. The potential benefits of an audit committee include:
improved quality of financial reporting and increased public confidence in the credibility and objectivity of financial statements;
the creation of a climate of discipline and control, which can help to reduce the opportunity for fraud;
the opportunity for non-executive directors to contribute their independent judgement and play a positive role within the company;
Audit
* The audit committee should agree with the board the company’s policy on:
The employment of former partners and employees of the external audit firm, and
the provision of non-audit services by the external auditors.
* The audit committee should agree the scope of external audit work each year.
* The audit committee should review the results of the external audit in conjunction with the annual report and accounts.
* The audit committee should consider the auditor’s report to manage- ment, together with management’s response to the points raised.
* At the end of the audit cycle, the audit committee should assess the effectiveness of the external audit process.
* The audit committee should meet sufficiently often to be able to review and monitor major issues, and at least three times each year.
* Only audit committee members are entitled to be present at meetings, but other individuals may attend by invitation.
* The audit committee chairman should report regularly to the main board.
* The annual report should include a separate section describing the role and responsibilities of the audit committee and the actions taken to dis- charge those responsibilities.
* The effectiveness of the audit committee should be reviewed annually by the main board.
the provision of a forum for the finance director to raise issues of concern and instigate appropriate action;
the provision of a strong channel of communication between the external auditors and the board, enabling them to raise issues of concern and assert their independence in the event of a dispute with management;
the strengthening of the internal audit function, by increasing its independ- ence from management.
1.137 Potential Drawbacks
However, there are some potential difficulties that companies need to be aware of when establishing and operating audit committees:
the existence of an audit committee can result in the main board abdicating its collective responsibilities in respect of the audit and the review and approval of the annual accounts;
the audit committee can become a barrier between the external auditors and the executive directors of the company; and
the audit committee will not function effectively if it lacks the necessary understanding to deal with the accounting and auditing issues that will be brought to its attention.
Careful planning can prevent these becoming real issues in practice.
1.138 The Smith Guidance
As part of the UK Government’s response to the collapse of Enron, a small work- ing group was appointed by Financial Reporting Council, under the chairmanship of Sir Robert Smith, to develop further the initial guidance on audit committees included in the original Combined Code. The resulting report ‘Audit Committees:
Combined Code Guidance’, commonly referred to as the Smith Report, was pub- lished in January 2003. The introduction to the report emphasises that the audit committee has a particular role, acting independently from the executive, in ensuring that the interests of shareholders in relation to financial reporting and internal control are properly protected. However, this is in no way intended to cre- ate a departure from the UK principle of the unitary board – all directors continue to have the same legal responsibility for the company’s affairs and any disagree- ments must be resolved at board level. The report included the draft of a revised section of the Combined Code on audit committees, together with supplementary guidance intended to assist boards in establishing and operating an audit commit- tee and also to assist directors who serve as members of an audit committee. The draft set out certain essential requirements for audit committees in bold text in the guidance and noted that compliance with these was considered necessary in order to achieve compliance with the Combined Code. The revised Combined Code, published by the Financial Reporting Council in July 2003, changed this approach slightly. In addition to the provisions on the role, responsibilities and membership of the audit committee, four of the ‘bold text’ items from the Smith Report have
become Combined Code provisions – these cover the audit committee’s work in relation to:
reviewing the company’s whistleblowing procedures;
reviewing the effectiveness of internal audit (or the need for an internal audit function where the company does not have one);
the appointment of external auditors; and
the provision of non-audit services by the external auditors.
For accounting periods beginning on or after 1 November 2003, listed com- panies must confirm their compliance with these provisions or explain any departures. Other aspects of the Smith Report originally highlighted as being essential have simply become part of the supplementary guidance, which is published as an appendix to the Combined Code along with the Turnbull Guidance and other recommendations on good practice. Relevant issues from the Smith Guidance are discussed in the following sections.
1.139 Constitution and Terms of Reference
An audit committee should be constituted formally as a sub-committee of the main board, to ensure that there is a clear relationship between the two. The audit committee should report regularly to the main board and be answerable to it. The Combined Code also recommends that the board should provide written terms of reference for the audit committee and make them publicly available (eg on the company’s website or by request), and that the annual report should include a separate section describing the work of the audit committee in discharging its responsibilities during the year (see 1.166 below). The Smith Report included an example terms of reference under the following headings (although this has not been reproduced in the Smith Guidance attached to the revised Combined Code):
constitution;
membership;
attendance at meetings;
frequency of meetings;
authority;
responsibilities; and
reporting procedures.
A further example, based on that set out in the Smith Report, is given in Appendix 2 to this chapter. However, this is not intended to be prescriptive and companies are encouraged to develop and tailor it to suit their own circum- stances. In particular, the example is drafted from the perspective of an individ- ual company and will need adapting to cover the specific circumstances of a group. Terms of reference should be realistic and should give the committee sufficient resources and authority to perform its role effectively. The Smith Guidance recommends that the audit committee should carry out an annual review of its terms of reference and recommend to the board any changes that are considered necessary.
Audit
1.140 Membership of the Audit Committee
Membership of the audit committee is a critical issue – any committee can only be as good as the people that serve on it. In particular, the effectiveness of the audit committee often depends on a strong, independent chairman who has the confidence of both the board and the external auditors, and on the quality of the non-executive directors. The size and complexity of the company, and the size of the board of directors, will usually have a direct bearing on the size and membership of the audit committee. The Combined Code recommends that:
the audit committee should have at least three members (or two members in the case of smaller companies), all of whom should be independent non- executive directors (see 6.17); and
the board should satisfy itself that at least one member of the audit commit- tee has recent and relevant financial experience (the Smith Report suggested that this might be as an auditor or a finance director of a listed company) and the Smith Guidance notes that this member should preferably hold a profes- sional accountancy qualification.
The chairman of the company should not be a member of the audit committee.
The members of the audit committee should be identified in the annual report.
1.141 Skills, Experience and Training
There should normally be wide consultation before recommending that an individual is appointed as a member of the committee. The Smith Guidance suggests that appointments should be by recommendation of the nomination committee (where there is one), in consultation with the audit committee chair- man. Qualities that will commonly be taken into account in assessing an indi- vidual’s suitability for membership of the audit committee will include:
breadth of general business experience;
knowledge of the company’s operations, finances and accounting;
understanding of the roles of external and internal auditors and familiarity with the main concepts of Auditing Standards;
knowledge and understanding of the key aspects of financial reporting;
personal qualities; and
commitment (including the amount of time that the individual can make available).
The audit committee will usually function as a team and it may therefore be appropriate to consider the balance of experience and abilities across the mem- bership as a whole. The nature of the audit committee’s activities makes it particularly important for the committee as a whole to have an adequate under- standing of the management of business risk, accounting and financial report- ing and internal control. Additional relevant skills may be needed, depending on the nature of the company’s activities – for instance, where it is involved in specialised financial activities. Members of the company’s executive management
team should not be appointed to the audit committee as their attendance at every meeting could inhibit others from raising sensitive issues. However, their input to audit committee discussions may be needed from time to time, and there should be a facility for them to attend audit committee meetings by invi- tation (see 1.163 below).
1.142 Appointing a Chairman
The Cadbury Committee emphasised the importance of the chairman in ensur- ing the effective operation of the audit committee and the Smith Report high- lighted the need for a frank and open relationship, and a high level of mutual trust, between the audit committee chairman and the board chairman, chief executive and finance director. The chairman of the audit committee will usu- ally be appointed by the board as a whole. Particular qualities that will need to be assessed in appointing a chairman include:
strength of personality;
experience of the role of chairman;
attitude to business risk management and control, and related ethical issues;
attitude towards the audit function (both external and internal); and
commitment (including the amount of time that he/she can make available).
1.143 Length of Appointment to Audit Committee
The long-term nature of the activities of the audit committee mean that a cer- tain degree of continuity of membership is helpful. However, this needs to be balanced against the need for fresh input and a new outlook from time to time.
The Smith Guidance recommends that appointments should be for a period of up to three years, extendable by no more than two additional periods of three years, provided that the individual continues to be sufficiently independent.
From a practical point of view, it is often helpful for the appointment periods of the individual members to end in different years so that the company is not faced with a loss of significant audit committee experience by two or three members retiring at the same time.
1.144 Avoiding Conflicts of Interest
Individuals recommended for appointment to the audit committee should be required to confirm their independence at the time of appointment. Once appointed they are responsible for ensuring that their entry in the register of directors’ interests is kept up to date and for declaring any potential conflict of interest in respect of agenda items at meetings of the audit committee. They should not vote on any item in respect of which they have a potential conflict of interest.
Audit
1.145 Training and Support for Audit Committee Members
The Smith Guidance recommends that an induction programme is provided for each new audit committee member, covering:
the role of the audit committee and its terms of reference;
the expected time commitment; and
an overview of the company’s business, including the main business and financial dynamics and risks.
It may also be helpful to provide new members with summaries of the issues raised in recent reports from both external and internal auditors. Ongoing train- ing should be provided to all audit committee members to enable them to keep up to date with issues relevant to their role. This training might cover:
principles and developments in financial reporting and related company law;
understanding financial statements, applicable accounting standards and recommended accounting practice;
the regulatory framework for the company’s business;
the role of external and internal audit; and
risk management.
The Smith Guidance notes that both induction programmes and ongoing train- ing might take a variety of forms, including attendance at formal courses and conferences, internal seminars and briefing sessions led by external advisers.
The audit committee should also be given the facility, and the funding, to obtain independent legal, accounting or other advice where it reasonably con- siders this to be necessary.
1.146 Information Provided to Audit Committee
The Smith Guidance emphasises that management has an obligation to ensure that the audit committee is kept properly informed and to provide the informa- tion that it needs to fulfil its role. Management is expected to take the initiative in providing information to the committee, rather than waiting to be asked for it, and to make clear to all directors and employees that they must co-operate with the audit committee and provide any information requested.
1.147 Role and Activities of the Audit Committee
The role of audit committees has become increasingly diverse as they have become more common. The detailed role and activities of the audit committee must be tailored to the needs of the individual company, but the principal role of the audit committee is summarised as providing assurance that the board’s collective responsibility for financial matters and internal control is rigorously
discharged. The Smith Guidance summarises the role and responsibilities of the audit committee under the following headings:
financial reporting;
internal controls and risk management systems;
whistleblowing;
the internal audit process;
the external audit process:
appointment,
terms and remuneration,
independence, including the provision of non-audit services, and
the annual audit cycle.
In the case of a group of companies, the parent board should ensure that there is adequate co-operation within the group, and with the external and internal audit- ors of each company within the group, to enable the audit committee to discharge its responsibilities. The Smith Guidance also emphasises that the work of the audit committee is wide-ranging, time-consuming and sometimes intensive – it is therefore important that members of the committee are able to make the appropri- ate amount of time available for the task and that they receive appropriate recom- pense for this, and that companies make appropriate resources available.
1.148 Financial Reporting
The audit committee’s responsibilities in relation to financial reporting cover:
the interim statement;
the preliminary announcement;
the company’s financial statements;
the operating and financial review (OFR);
the company’s corporate governance statements; and
the summary financial statement (where one is prepared).
Wherever practical, the audit committee should also review other statements containing financial information which require board approval prior to publica- tion – for instance, the release of price sensitive information, or financial reports to regulators. Management are responsible for preparing accounts which show a true and fair view, and for meeting relevant accounting and disclosure require- ments, and the audit committee’s review should focus in particular on:
comparisons with the previous year and the explanations for any significant variances;
the significant accounting policies, estimates and judgements, and whether these are appropriate;
any changes in accounting policies and their disclosure in the accounts;
any adjustments necessary as a result of the work carried out by the external auditors;
going concern;
disclosure of any significant commitments or contingent liabilities;
Audit
impact of any significant events since the balance sheet date;
compliance with accounting standards and other reporting requirements (including, where appropriate, those laid down by the FSA);
the clarity and completeness of the disclosures, and whether they are set properly in context; and
the results of the external audit.
In particular, management should explain the accounting treatment of any signifi- cant or unusual transactions, particularly where the treatment is open to different approaches, and the committee should consider whether the approach adopted is appropriate. Following their review, the audit committee should submit the rele- vant financial statements to the board with their recommendations on approval. If the committee is not satisfied with any aspect of the company’s financial report- ing, it should report its views to the board.
1.149 Internal Controls and Risk Management Systems
The audit committee should review the company’s internal financial controls (ie the systems used to identify, assess, manage and monitor financial risks) and, in the absence of other specific arrangements (for instance, the establish- ment of a separate risk committee of independent directors) should review the company’s internal control and risk management systems. Management should report to the committee on the effectiveness of the systems that they have estab- lished and, in particular, the results of any testing carried out by the internal and external auditors. Following their assessment, the audit committee should review and approve the directors’ statements in the annual report in respect of internal control and the management of risk (see 6.66 below).
1.150 Whistleblowing
The audit committee should review the arrangements in place to enable com- pany staff to raise, in confidence, concerns about possible improprieties in respect of financial reporting or other issues, and should consider whether these provide for proportionate and independent investigation and follow-up of the matters raised (see also 12 FRAUD).
1.151 The Internal Audit Process
Where the company has an internal audit function, the audit committee should monitor and review the effectiveness of internal audit activities. This process should normally include:
reviewing and approving the remit of the internal audit function;
confirming that there is appropriate liaison between external and internal auditors, to prevent duplication of work and make the most effective use of the available resources;
confirming that the head of internal audit has direct access to the board chair- man and to the audit committee, and is accountable to the audit committee;