Audit Committees in Europe: Facing Change
If change is constant, what impact does this have on audit committees? To find out, ICAEW and Deloitte came together again to explore how audit committees in Europe are grappling with changes in their regulatory responsibilities while responding to shifting business needs against the backdrop of fast-paced environmental, technological and societal evolutions.
Understanding the challenges that audit committees are dealing with – whether practical or strategic, inward-looking or outwards-focused – provides valuable insight into how businesses are approaching a changing world. Building on a similar exercise we undertook in 2017 focused on Central and Eastern Europe, we decided to take another close look at how audit committees are performing in practice across a different group of European countries.
Based again on conversations with audit committee members, our latest research considers developments in six other EU countries, spread across the centre and south – namely Belgium, Cyprus, Greece, Malta, The Netherlands and Portugal. The individuals we spoke to are members of audit committees operating across a range of sectors, in entities of varying size and structure – and with different national corporate governance traditions. While such diversity plays out in the roles, responsibilities and priorities of audit committees, there are key issues and challenges that are common to all.
Across the countries surveyed, audit committee members remain focused on driving improvements in core areas, helping to ensure the effective stewardship of corporates. The audit committees we surveyed are overwhelmingly spending time on financial reporting, internal controls, risk management, internal and external audit. These broad headings cover a long list of more specific issues, including restructuring financial reporting functions, enhancing internal control processes, monitoring related party transactions, dealing with whistleblowing and complaint procedures.
Looking more closely at external audit, we find a number of audit committees are trying to improve coordination with the external auditors. Most are satisfied with audit quality. Where assessments are undertaken, the frequency and nature of such exercises varies widely. Issues related to risk management are referenced by almost all, although approaches and attitudes in this area vary significantly. Audit and risk responsibilities are split across different board committees in a minority of cases, often reflecting corporate size and sector.
Greening and digitalization
In addition to dealing with evolutions in corporate reporting and corporate governance frameworks, audit committees are increasingly having to address new sets of issues tied to broader changes resulting from the accelerating greening and technological transformation of business and society.
This is particularly evident when looking at the corporate reporting area, where audit committees are dealing with a growing focus on non-financial information and a concurrent increase in disclosures. The majority of respondents view this evolution as positive and this category of respondents tends to also believe that non-financial information is feeding into improved decision-making. Indeed, some call for more measures, for instance in relation to intellectual capital, technology and tax. Others are more circumspect, agreeing with the overall trend but questioning whether too much information – or, indeed, the right information – is being disclosed.
Adoption of new technologies varies between audit committees as it does between entities. Technology is being used for different purposes in different entities: from improving data flows and identifying deviations, to dealing with cyber threats and benchmarking against industry standards. But the emergence of new technological solutions is also accompanied by a growing awareness amongst audit committee members of significant IT, data and cyber security risks and the potential impact on core business operations and on corporate reputations. While audit committee members are generally not IT specialists, they do need to be able to collectively raise questions and indicate whether appropriate policies and procedures are in place. This raises questions about the appropriate skill-set of audit committees.
The workings of audit committees
Unsurprisingly, the need to remain centred on core responsibilities while concurrently addressing sustainability and technological change is impacting how audit committees work. Audit committee members feel under pressure, facing growing claims on their time and increasing scrutiny of their mix of skills and experiences. There is a clear awareness of the importance of bringing together individuals with distinct and independent perspectives to enable audit committees to fulfil their role. Whether such individuals then receive sufficient support varies, however, from entity to entity.
Assessing audit committee performance also remains work in progress. EU soft and hard laws may have put in place provisions encouraging better evaluation of audit committee performance but the specifics of how to do this are undefined. Where assessments do take place they tend to be internal affairs. In the best cases, performance evaluations are seen as vital to enhancing the effectiveness of boards. In others, they are still viewed as more of a box-ticking exercise.
Audit committees do not operate in isolation. How and when audit committees engage with management, supervisory boards, external auditors, shareholders and regulators is still developing, notwithstanding closer regulatory scrutiny of the quantity and quality of such interactions. Responding to regulatory change, some audit committees are assuming a more pro-active role. While some fluidity is to be expected, reflecting the attitude of individual committees (or chairs) or influenced by an entity’s corporate structure, ownership and sector of activity, in other cases the degree of interaction with internal and external actors does raise questions about the appropriate balance between engagement and challenge.
What lies ahead?
Above all, our interviews revealed a community of individuals deeply engaged in thinking about the role that audit committees will need to fulfil in coming years – and what this might mean for their set-up, way of working and focus. What will be the appropriate composition of future audit committees – and is the weight of demands making membership increasingly unappealing? How do audit committees find the space and time to play a more future-oriented, independent and strategic role – while dealing with ongoing change?
With change unlikely to abate, we hope that the collective insights captured in our report are of interest to all those concerned with ensuring an effective corporate governance ecosystem in Europe and beyond. We welcome all comments.