KPMG's Audit Committee Institute Offers Annual 'Ten To-Do's for Audit Committees in 2011'

NEW YORK, Jan. 11, 2011 /PRNewswire/ -- As audit committees focus their agendas on key challenges for 2011, KPMG's Audit Committee Institute again offers its annual "Ten To-Do's for Audit Committees" highlighting issues that should be top of mind in 2011.

"The audit committee's workload is not going to get any lighter in 2011," said Jim Liddy, vice chair, Audit, KPMG LLP, the U.S. audit, tax and advisory firm.  "Whether it's new accounting standards, the impact of Dodd-Frank regulations and the demands on compliance programs, or the global risk environment, audit committees will have a full plate in the year ahead."

"In 2011, every audit committee will face its own particular challenges depending on the industry they are in, their global footprint and their competitive position," said Mary Pat McCarthy, executive director of the Audit Committee Institute (ACI) and a vice chair of KPMG LLP.  

"The Ten-To Do's provide audit committees with a helpful framework for prioritizing and focusing their agenda," she said.

When considering and carrying out their 2011 agendas, audit committees should:

1. Keep the audit committee's eye on the ball: financial reporting and related internal control risk. Ensuring that the audit committee agenda appropriately focuses on the issues that require the committee's attention will be a significant undertaking in 2011. The challenges of a continuing slow growth economy coupled with the impact of major public policy and regulatory initiatives – Dodd-Frank, IFRS and accounting standards convergence, financial services regulation, healthcare, the environment, energy, etc. – on the company's compliance, risk, and governance processes will require the attention of every audit committee. To meet this workload challenge, develop more-focused (yet flexible) agendas, with an eye on the company's key financial reporting and related internal control risks. Streamline committee meetings by insisting on quality pre-meeting materials, spending less time on low-value or checklist activities, and engaging in more discussion (versus presentations).

2. Understand how the raft of accounting changes on the horizon will impact the company and its resources. While the SEC determines what role IFRS will play in U.S. financial reporting, significant change to U.S. accounting is on the way. The FASB and the IASB are working on a number of joint projects, and final accounting standards in several areas – including revenue recognition, leases, and fair value measurements – are scheduled to be issued by June of 2011 (with more new standards to follow later in the year). Understand how these projects will impact your company, including implementation / resource requirements, and stay close to where the projects are headed and the timeline. FASB has requested comment on how it should proceed with implementation of these major convergence projects. If your management team has concerns, make sure they submit comments.

3. Review the company's whistleblower processes and compliance program. The Dodd-Frank Act's whistleblower bounty program, together with stepped-up enforcement efforts by the SEC and DOJ – particularly in connection with suspected FCPA violations – point to the need for companies to reassess their compliance efforts. In light of the Act's incentives for whistleblowers to report concerns directly to the SEC, consider whether there is a need to revitalize the company's existing whistleblower processes so that employees are encouraged to talk to the company first. (Test the whistleblower system yourself.) A comprehensive review of the company's anti-fraud and compliance programs, including its FCPA program, may be in order. The right tone at the top and throughout the organization is critical.

4. Understand the company's significant tax risks. Tax authorities in the U.S. and globally are ratcheting-up their enforcement efforts – and are more aggressively sharing information to increase the effectiveness of their tax audits of multinationals. In September, the IRS announced that it will require companies to report uncertain tax positions on their tax returns – providing important information to the IRS for use in tax audits. Given this tax risk environment, understand management's process for determining the company's tax risk appetite. Who is involved? What are management's processes for determining whether a tax position is uncertain? What about the related controls? When did your tax director last meet with the audit committee?

5. Continue to monitor fair value estimates, impairments, and management's assumptions underlying critical accounting estimates. These issues, together with loss contingencies, pension funding shortfalls, and going-concern challenges, should continue to be a major area of focus for the audit committee. Recognize that the company's greatest financial reporting risks are often in those areas where there is a range of possible outcomes, and management is called upon to make difficult judgments and estimates. Understand management's framework for making accounting judgments and estimates, and make sure that management has appropriate controls in place. One such framework is provided in the Pozen Report, Chapter 3, Section III, Aug. 2008 (http://www.sec.gov/about/offices/oca/acifr/acifr-finalreport.pdf).

6. Consider whether the company's financial statements and disclosures provide investors with a good, plain-English understanding of the state of the business. Given the importance of transparency to the investor community, as well as the SEC's intense focus on disclosures (as reflected in SEC staff comment letters), consider how disclosures can be improved – perhaps going beyond what's required to better address expectations. Enlist management's disclosure committee in this effort. At the end of the day, do the financial statements and disclosures tell the company's story?

7. Reassess the quality of business controls around the company's key operational risks – and consider possible lessons learned from the business crises of the past 18 months. Understand the company's key operational risks – including low probability, high impact risks – and assess the adequacy of the business controls management has put in place around those risks. What's changed in the operating environment? Have we had any failures – or near misses? What are the risks posed by the extended organization – sourcing, outsourcing, sales and distribution channels? How good are our disaster recovery plans? Are emerging risks – whether slow-moving or fast-hitting – getting sufficient agenda time? Does the audit committee have a good sense of the company's risk culture – beyond the boardroom and senior management level? Is the company's risk appetite clearly articulated and understood?

8. Set clear expectations for external and internal auditors, and be sensitive to the strains on the CFO and finance organization. The audit committee relies heavily on internal and external auditors for insights, technical expertise, judgment, and independence. Encourage (and expect) frequent, informal communications with the audit engagement partner, and ask to receive important information on a real-time basis. Assess whether internal audit has adequate resources, and is sufficiently focused on the company's key operational risks and related controls. Given the demands of the economic environment, resource constraints, and pressure to meet performance expectations, make sure the CFO and finance organization have what they need to succeed.

9. Talk about the audit committee's role in IT governance. Understanding the opportunities and risks posed by IT is a critical challenge for companies today – from IT spending and strategic alignment of IT resources, to systems implementation and outsourcing, information privacy and security, cloud computing, internal controls, business continuity, and ultimately to information quality and the company's competitive position. Does the company have a social media networks policy in place? Is there a need for IT expertise on the board? Does management – particularly the CIO –  communicate with directors in plain-English, and in business context? Clarify the role of the audit committee (versus the board and other board committees) in IT governance and oversight – and keep IT on the radar.

10. Make time to review and discuss the new Report of the NACD Blue Ribbon Commission on The Audit Committee. Leverage the report to benchmark and calibrate your audit committee's oversight practices. Released in October, the report offers important insights for every audit committee member and director. It's a quick and easy read – written for the layman.

About KPMG LLP

KPMG LLP, the audit, tax and advisory firm (www.us.kpmg.com), is the U.S. member firm of KPMG International Cooperative ("KPMG International.")  KPMG International's member firms have 140,000 professionals, including more than 7,900 partners, in 146 countries.

SOURCE KPMG LLP

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED