With accounting standards changing and regulatory scrutiny expanding beyond financial performance, 2020 offers an opportunity for audit committees to work on improving the broader risk and control environment, including non-financial — enterprise, process and technology — risk disclosures.
As in years past, Protiviti has prepared a recommended agenda for audit committees to help focus their efforts amid changing expectations in a rapidly evolving risk landscape. In 2020, audit committees should be asking the questions below to enhance the context of their oversight activities.
Enterprise, Process and Technology
Do we use risk as a context for oversight? It is critical that audit committees conduct annual risk assessments and update the company’s risk profile to reflect emerging and changing risks. According to Protiviti’s recently published Top Risks survey, the top two risks companies face in 2020 are the potential for disruptive regulatory scrutiny, and economic uncertainty. These two risks are followed closely by concerns about the ability to recruit and retain top talent, the effects of outdated technology, and resistance to change. It’s to be noted that most of the top ten risks in this year’s Top Risk survey — including cybersecurity and data privacy — are tied, in one way or another, to the company’s ability to adapt to the wide-ranging effects of digital technology.
Is finance delivering value? The role of finance departments is changing. In addition to the increasing expectations around core financial reporting functions, high-performing finance functions are being asked to become more security-minded, more data-driven, and more focused on delivering measurable value to internal and external customers. These expectations are explored at length in Protiviti’s 2019 Finance Trends report.
Is internal audit evolving? Next-generation internal audit organizations are using digital tools and embracing an agile, holistic approach to focus on governance, methodology and technology to deliver more valuable insights. This transformation is of vital importance to organizations, as outlined in our latest Internal Audit Capabilities and Needs survey report.
Can we back up our environmental, social and governance claims? As institutional investors become more socially conscious in their investment decisions, audit committees need to review environmental, social and governance (ESG) disclosure controls and procedures and understand them enough to be able to stand behind them. We addressed this topic at some length in Volume 7, Issue 4 of The Bulletin in 2019 and in a recent Flash Report, BlackRock’s Larry Fink Draws Another Line in the Sand – The Message Is Getting Clearer.
Are we prepared to use Critical Audit Matters (CAMs) as opportunities for improvement? New requirements for disclosure in audit reports effective in 2019 for accelerated filers, and 2020 for most other public companies, require external auditors to report any significant, complex audit concerns or assumptions that necessitated considerable judgement during the audit process. It makes sense for audit committees to ask auditors to communicate CAMs to the committee as soon as practicable.
Where are we on accounting changes? The effective dates of new accounting standards covering lease accounting, credit losses and long-duration insurance contracts have been pushed back by the Financial Accounting Standards Board (FASB) for some companies. That’s good news for those affected, because many were struggling to meet the original deadline. Audit committees should keep pushing to make sure their organizations continue to move forward with utmost speed, because it would be ill-advised to assume the FASB will defer the implementation of these standards again.
So what have we learned? Although most significant changes (such as the pending accounting changes) will require their own workstreams, many will rely on common resources, and all will follow similar implementation processes. Audit committees should push for annual evaluations to identify lessons learned and opportunities for process improvements that can be applied going forward to improve efficiency and outcomes.
This was a high-level summary of the detailed agenda outlined in Volume 7, Issue 5 of The Bulletin. You can read the entire issue here. To access a recorded version of our most recent webinar discussing the 2020 Audit Committee Agenda, click here.