Audit Committee Practices

AUDIT COMMITTEE PRACTICES

By John Kyriazoglou

There are several discussions in various professional forums about ‘good’, ‘bad’ or ‘ugly’ practices related to audit committee activities. These terms are not defined at all, so far.

 I think the terms ‘Good’, ‘Bad’, and ‘Ugly’ practices need to be defined and/or specified explicitly, in terms of effectiveness (results-oriented), efficiency (resource-oriented) and morality (according to corporate ethics code, compliance regulations and societal benefits).

 Also these practices should be established in accordance to the pre-defined audit committee’s vision and strategy, which should be aligned and linked to the corporate vision, mission, values, and performance targets.

 And this to avoid a ‘vacuum’ or ‘looking glass’ situation whereby the audit committee is quite off the corporate agenda. 

 Furthermore these practices should relate to the audit committee acting in an oversight and guidance role in respect to various standard-practice ‘red flag’ issues, in order to avoid or protect the company better against fraud and mismanagement.

These ‘red flag’ issues are based on my auditing and consulting experience and on discussions and communications with other consultants, auditors, fraud examiners, accountants, and other professionals.

Issue 1. Policies and Procedures: Inadequate design, development, implementation, annual review and improvement of corporate policies and procedures.  

Issue 2. Board and Management Roles: Ineffective oversight exercised by the board and insufficient discharge of duties and responsibilities by all senior levels of management.

Issue 3. Auditing: Audit (internal and external) findings not acted upon within the time-frame agreed or forgotten all together.

Issue 4. Fines and Legal Breaches: Fines imposed by regulators and government authorities on compliance, tax, customs, accounting, performance results, data privacy, environmental, worker safety and health issues, etc., as well as penal and civic code litigations, breaches, etc.

Issue 5. Training of Staff: Inadequate or ineffective supervision of staff activities by management, including guiding, coaching and training, discussing issues and problems, etc.

Issue 6. Personnel Supervision: Inadequate or ineffective execution of personnel administration controls, including segregation of duties, authorizations and approvals, rotation of duties, hiring and dismissal of personnel, due diligence of all staff, vacation taking, etc.

Issue 7. Personnel Adequacy: Inadequate skills, dexterities, knowledge and experience including professional certifications, for all board members, managers, and critical staff (accountants, auditors, IT resources, etc.).

Issue 8. Corporate Performance: Very high or very low achievement of strategic and operational objectives as evidenced by financial and non-financial performance reports and results.

Issue 9. Morale: Very high or very low morale of board, management and employees.

Issue 10. Turn-over: Very high or very low turn-over of board, management and employees.

Issue 11. Accuracy of Data: Inaccurate data, unsupported or unauthorized transactions, discrepancies and large number of errors in business records, including accounting records, purchase orders, transactions, balances, files, bank accounts, etc.

Issue 12. Conflicts of Interest: Too close relationship with customers, vendors, competitors, regulators and other parties involved in the activities of the organization.

Is this list relevant to you? It is hard to say on an absolute basis. You have to consider these in relation to your operating environment and how you want to implement business management controls to manage these ‘red flag’ issues before disaster strikes you.

Your ‘Good’ practices that are required to get the job of the audit committee done better, and the ‘Bad’ or ‘Ugly’ practices to be avoided need rethinking.

The whole picture would rather be better when you specify your practices, in terms of a purpose-driven approach that incorporates effectiveness (results-oriented), efficiency (resource-oriented) and morality (according to corporate ethics code, compliance regulations and societal benefits).