Audit Committee Agenda Advice for the Second Half of 2022
Earlier this year, the Update summarized accounting and consulting firm publications that suggested issues on which audit committees should focus during 2022. See What Should be on the Audit Committee’s 2022 Agenda? January-February 2022 Update. Below is a brief overview of two new papers that highlight potential audit committee agenda items in connection with second quarter reporting and for the balance of 2022.
How audit committees can prepare for 2022 Q2 reporting (EY Center for Board Matters)
In How audit committees can prepare for 2022 Q2 reporting, the EY Center for Board Matters summarizes recent and upcoming developments for audit committees to consider in connection with second quarter reporting. The EY Center identifies three “key points”:
Inflation, rising interest rates, supply chain disruptions, and market volatility continue to be significant focus areas for audit committees.
Audit committees should consider how to prepare for potential regulatory changes that may impact reporting requirements, disclosures, and enforcement trends.
Audit committees are looking for more from the internal audit function on environmental, social and governance matters. EY discusses in detail six ways that internal audit can incorporate ESG into its audit agenda.
The EY Center discusses three other topics in depth -- risk management, accounting and disclosures, and SEC and other reporting considerations. With respect to these topics, the EY Center suggests questions the audit committee may want to pose to management and/or to the auditor. For example –
How is management understanding and monitoring the effectiveness of risk management of critical third parties with respect to financial and operational resiliency; IT security; data privacy; culture; and ESG factors?
Does the company have sufficient controls and procedures over nonfinancial data? Is internal audit providing any type of audit coverage on ESG-related data, or is the company obtaining any external assurance?
Has the engagement team identified any incremental risks and/or adjusted its audit response in light of the war in Ukraine? If so, what are the impacts to the engagement’s audit strategy and overall approach to the interim reviews?
The Top 10 Topics for Audit Committees to Consider in 2022 (Forvis)
Forvis, which was created by the merger of accounting firms BKD and Dixon Hughes Goodman, has released The Top 10 Topics for Audit Committees to Consider in 2022. This paper discusses issues that financial institution audit committees should focus on in with discussions management, internal and external auditors, and other advisors. These topics, many of which appear to be relevant beyond financial institutions, are:
LIBOR Transition. Use of the London Interbank Offered Rate (LIBOR) as a reference interest rate has been discontinued, requiring the amendment of millions of contracts. Audit committees should closely monitor their institution’s progress as it relates to LIBOR transition.
Environmental, Social, & Governance (ESG). Forvis recommends that audit committees gain an understanding of their institution’s ESG program so that they will not “be scrambling to respond to mandatory reporting requirements.” Forvis recommends a four-phase approach to building an ESG program: Assess (“Define what success looks like”), Design (“Develop an ESG narrative and messaging plan”), Implement (“Draft a report, using a structured, machine-readable format”), and Monitor (“Actively seek key stakeholder feedback; measure and refine reporting”).
Tax Considerations. Forvis describes several tax law developments that affect, or may affect, financial institutions.
Current Expected Credit Loss (CECL). Large public companies have been required to apply the FASB’s new standard on credit losses since the beginning of 2021; smaller public companies and private companies must comply in 2023. Forvis suggests questions and issues for audit committees of financial institutions in either of these categories.
Cybersecurity. Forvis notes that the cybersecurity threat landscape has dramatically changed over the last several years. It recommends that financial institutions transition from “perimeter security design to a well-thought-out ‘zero-trust’ network design architecture.”
Enterprise Risk Governance. Regulatory expectations for financial institutions are increasing, and institutions should have internal controls, information systems, and internal audit programs that are commensurate with their size, sophistication, and complexity. Forvis recommends implementation of a board-approved risk appetite statement, identification and assessment of risks on a regular basis, and a risk culture framework supported by training at all levels.
Culture & Conduct Risk. “With the shift to more companies adopting a remote or hybrid work structure for employees, maintaining a strong ethical culture where employees feel connected to other team members with a shared purpose is even more important due to the complications of employees working in various locations.”
Regulatory Compliance – Impact of the Russia-Ukraine War. As a result of Russia’s invasion of Ukraine, sanctions have been imposed on Russia. Audit committees should monitor compliance programs designed to prevent penalties for non-compliance with Russia sanctions.
Emerging Technologies. The audit committee has a critical role in monitoring the impact of new technologies on financial reporting. Forvis recommends use of the CAQ’s publication Emerging Technologies: An Oversight for Audit Committees. See The CAQ Gives Audit Committees Some Help on Oversight of Emerging Technologies, January-February 2019 Update.
Press the Reset Button. The “Press the Reset Button” topic is essentially a call for the audit committee to step back and assess its structure, priorities, and performance. Forvis suggests that the audit committee “take some time to review the committee’s focus to determine top priorities.” Further, a “rigorous self-assessment of the audit committee, including skill sets or expertise that can help with succession planning for future board members” should be considered. “Press the reset button, study the current state of the committee, and prioritize changes that may be needed to establish your committee as best in class.”
Comment: A high-level review of these papers, along with those released earlier this year, could be helpful to an audit committee as a check that it is not overlooking topics that should be on its agenda. As noted in What Should be on the Audit Committee’s 2022 Agenda?, above, there are many common themes. As the recent papers illustrate, in the past six months, some new topics have emerged – e.g., the impact of the Ukraine-Russia war – and others have changed in scope – e.g., the potential impact on ESG disclosure of the SEC’s climate-change disclosure proposals.