Big Brother's Watching: Brave New Audit Committee World

Aldous Huxley's utopian masterpiece includes the now-famous line, “Oh brave new world that has such people in it. Let’s start at once.” Well, if you're an audit committee member, “at once” started about a year ago.

Greater responsibilities have been thrust at audit committees through the Sarbanes-Oxley Act, and through initiatives by the Securities and Exchange Commission, the New York Stock Exchange, and the Nasdaq system.

These responsibilities carry with them many implications and consequences in the brave new world in which all public companies and their professional advisors now operate.

The numerous changes affecting audit committees include a loss of discretion in certain areas regarding what the audit committee does and how it operates. Audit committees also now face heightened expectations of investors, regulators, the rest of the board, and the auditors.

An Ambiguous Line

Internal control matters present the most visible examples of loss of discretion. The audit committee now has unequivocal responsibility to oversee the development and operation of internal controls regarding financial reporting. Before Sarbanes-Oxley, internal controls sometimes were no more than an occasional topic of discussion for an audit committee.

The audit committee also is charged with oversight of the public accounting firm’s work, including its attestation work related to management’s report on internal controls over financial reporting. At the same time, the independent auditor must now evaluate the effectiveness of the audit committee as part of its audit of the internal controls over financial reporting.

Brave new world implications also are driving an array of other realities for audit committee members. The most prominent change concerns the role and attitude of the independent auditor and its interaction with the audit committee.

The independent auditor has been forced to mark an unambiguous line between its responsibilities and those of management. Spurred by a flurry of malpractice claims, finger-pointing, bad press—as well as increasing oversight by the Public Company Accounting Oversight Board—auditors have taken a hands-off approach to public company client accounting issues.

When the auditor does ultimately become involved, its national office frequently is part of that exercise, often involving long delays and sometimes ultra-conservative views. Proposed restatements have also become more common, as auditors are increasingly reluctant to be part of any process that fails to correct known errors. Further, what sometimes appears to be near-paranoia on the part of the auditors often results in audit committee directed investigations when there is even a hint of management integrity issues.

Evolving Relationships

Independent auditors also produce “trickle-down” effects from PCAOB activities. For example, the PCAOB’s standards on audit workpapers are becoming de facto documentation standards for accounting matters at corporations internally. Similarly, the PCAOB’s rules on Sarbanes-Oxley section 404 internal control reporting for auditors are setting the practical standards for management’s report on internal controls, since the auditor is required to attest to, and report on, the assessment made by management.

A particularly intriguing part of the brave new world of the audit committee/auditor relationship is the reciprocal evaluations now required. Part of this “audit” of internal control must include an assessment of the effectiveness of the audit committee in overseeing internal controls over financial reporting. At the same time, the audit committee is responsible for overseeing auditor activities and performance.

With the evolving nature of the relationship in this brave new world there sometimes is a significant amount of tension. One indicator of that tension is the record number of changes of independent auditors, estimated by the firm Glass Lewis at approximately 900 through July 2004—which, at that point was equal to that of all 2003.

This is surely due, in part, to the auditing profession not having endeared itself to those with whom it must interact most frequently. A survey by JD Power & Associates indicated a 9 percentage point drop in the number of audit committee chairs and CFOs expressing confidence in the accounting profession.

The tension is not limited to the auditor/client relationship. Many audit committees are finding it necessary to break management’s habit of spoon-feeding it information. CEO’s are used to running the show, and some are having difficulty adjusting to the brave new world.

Points To Ponder

The SEC’s expectations of audit committees have ratcheted up substantially and they have the tools to help turn expectations into reality. SEC inquiries and investigations regarding financial reporting now routinely include a review of the audit committee’s role in the matters being investigated. Other regulatory bodies such as the NYSE and the Nasdaq also are moving in that direction.

The SEC recently filed an administrative action charging an audit committee member of Koninklijke Ahold N.V. with causing violations of the reporting, books and records, and internal control provisions of the securities laws. The member failed to inform the auditors and the other members of the board of the existence of a rescinded “control letter” prior to approving the issuer’s annual report and financial statements. According to a speech by SEC Division of Enforcement director Stephen Cutler, more such actions are in the pipeline (see related documents, speeches at right).

The audit committee’s substantial new responsibilities have some obvious implications (i.e., it is a lot of work) and some not-so-obvious ones. Here are some points to ponder regarding the latter sorts of implications:

FRAMEWORK: The auditor now must evaluate the effectiveness of the audit committee. Has a framework been established for the committee to perform a self evaluation that also will suit the auditors’ needs?

INVOLVEMENT: Is the audit committee routinely involved in productive dialogue with management on financial reporting matters? Or does the relationship seem more like orchestrated presentations from management?

BRAVE OR LEISURELY: Does management understand and accept the brave new world? Or, is there—at least on occasion—a flavor of earnings management, a leisurely pace in correcting internal control deficiencies, or a “business as usual” attitude?

ADJUSTMENTS: Is the audit committee routinely receiving a “schedule of unrecorded audit adjustments”? If so, why? If the adjustments are valid, why aren’t they being recorded?

ACQUISTIONS: Is the audit committee involved in oversight of the due diligence exercise when an acquisition candidate is being considered? The company is, after all, also acquiring whatever accounting and internal control issues come with the package. Similar considerations apply when outsourcing business processes.

WARNINGS: Has the audit committee received an “early warning” from the auditors regarding Sarbanes-Oxley Section 404 certification? If so, have the disclosure implications of such a warning been thoroughly considered?

STANDARDS: Does the audit committee routinely review new and proposed audit standards issued by the PCAOB?

GUIDANCE: Does the company provide “guidance” on future operating results? If so, has the audit committee reviewed—or had others review—the forecasting process used by management?

MD&A: “Financial reporting” does not end with financial statements. Does the audit committee have mechanics in place to assess the quality and completeness of Management’s Discussion and Analysis and other financially oriented disclosures?

ACTIVISM: The world now expects a much more activist role for the audit committee over both management and auditor activities. Does the committee have the resources—internal or otherwise—to fulfill these expectations?

Audit committees have their hands more than full these days, and so may be reluctant to probe even harder, or into areas where they historically have not been involved. But asking some tough questions now might be the key to avoiding bigger issues later—ones where the audit committee increasingly may be seen by regulators and others as part of the problem, when there is a problem.

This column solely reflects the views of its authors, and should not be regarded as legal advice. It is for general information and discussion only, and is not a full analysis of the matters presented.

What did you think of this column? If you'd like to react or respond, we urge you to write a letter to the editor.