By Daniel Hunter
Risk management and crisis readiness continue to pose significant challenges to companies across the globe, according to a new survey of some 1,800 audit committee members in 21 countries undertaken by [b]KPMG’s[b] Audit Committee Institute.
Nearly half (45%) of survey respondents globally said their company’s risk management programme requires “substantial work” (39% of UK respondents).
The quality of information that audit committees receive about critical risks facing the company continues to pose concerns — particularly cyber security where only a fifth of UK respondents are completely satisfied with the quality of information they receive — while only just over a third of UK audit committee members are fully satisfied that their company’s risk management process is dynamic enough to cope with a rapidly changing environment including new technology and social media risks.
Meanwhile, anti-bribery laws have become a significant area of attention with over three quarters of UK audit committee members saying that they have increased their focus on the issue.
“Considering how dramatically technology, globalisation and government regulation are reshaping the business and risk environment, we’re not surprised to see significant concerns about risk and compliance,” said Timothy Copnell, Chairman of KPMG’s UK Audit Committee Institute.
“Audit committees are still coming to terms with the higher regulatory expectations placed upon them and the ever-increasing range of risk oversight falling within their remit. The challenges of keeping ahead in a fast-moving risk environment are clear.”
Audit committees also have some concerns around annual reporting. Only 62% globally (UK: 56%) of respondents are fully confident that their company’s annual reports present an understandable picture of the company’s position — though higher numbers are satisfied that the reports are “fair” and “accurate”, perhaps highlighting the challenges of effectively communicating complex information.
Furthermore, audit committees are not fully confident in their own technical accounting abilities. Around a third of respondents globally (UK: a quarter) said that their understanding of key assumptions underlying management’s material accounting judgements and estimates could be deeper.
Surprisingly, nearly a fifth (19%) of respondents globally said that they do not carry out an annual evaluation of their auditor. In the UK, this figure was slightly lower at 14% while in Europe as a whole it was 18%.
“Audit effectiveness and understanding the assumptions underlying the material accounting judgements and estimates should be fundamental to both the board and the audit committee; and certainly to the interests of shareholders," Timothy Copnell said.
"So why are they in danger of slipping under the net? One would hope issues like this are being identified through the board and audit committee’s own effectiveness evaluation processes and appropriately addressed.”
With audit reform measures being debated in the European Union and elsewhere, over three quarters of respondents (76%) said that they did not believe that mandatory auditor rotation would improve audit quality (UK: 80%, Europe: 73%). A lower majority did not believe that mandatory retendering of audit contracts would improve audit quality — 61% globally and 58% in the UK (Europe: 52%).
Whilst satisfaction with the quality of external audit was very high (84% of respondents globally; UK 86%), there were more mixed views on internal audit. In the UK, only 48% of respondents said they are fully satisfied that internal audit delivers the value to the organisation that it should, and a third (32%) said that the internal audit plan could more effectively focus on critical risks to the enterprise.
Meanwhile, sustainability and CSR issues ranked relatively low down audit committees’ priority list: one in three (34%) of UK respondents do not discuss sustainability or CSR issues at all and over four in ten (42%) do so only “periodically”.
Two thirds of audit committees in the UK have re-evaluated their own effectiveness in the last two to three years, with over half making improvements.
When asked what would most improve their effectiveness further, additional expertise (eg IT, risk, M&A, industry knowledge) and greater diversity of thinking and background were the top responses.
“While there is a high degree of satisfaction in many areas, the percentages are not comfortably strong and highlight some unsettling truths — such as the 71% of respondents that aren’t wholly convinced that dissenting views on risk and control are actually heard," Timothy Copnell said.
“A committee is only as good as the people on it. Whilst committees are generally satisfied that they are doing a good job, the challenges produced by the prolonged downturn and the difficulty of keeping up to speed with a whole range of new developments and technologies means that a committee with greater diversity of thinking, background, perspective and experience is likely to be best equipped for the future. We could see a war for talent emerging.”
Join us on