Presenting a live 90-minute webinar with interactive Q&A Board - - PowerPoint PPT Presentation

The audio portion of the conference may be accessed via the telephone or by using your computer's

• speakers. Please refer to the instructions emailed to registrants for additional information. If you

have any questions, please contact Customer Service at 1-800-926-7926 ext. 10.

Presenting a live 90-minute webinar with interactive Q&A

Board of Directors Audit Committees Under Heightened Regulatory Scrutiny: Meeting Expanded Demands

Navigating Evolving Requirements for Financial Reporting, Risk Management and Compliance

Today’s faculty features:

1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific THURSDAY, DECEMBER 10, 2015

Paul Marcela, President & Managing Director, Governance Partners Group, Alpharetta, Ga. Chip Presten, Partner, Womble Carlyle Sandridge & Rice, Atlanta

Tips for Optimal Quality

Sound Quality If you are listening via your computer speakers, please note that the quality

• f your sound will vary depending on the speed and quality of your internet

connection. If the sound quality is not satisfactory, you may listen via the phone: dial 1-866-927-5568 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.

FOR LIVE EVENT ONLY

Continuing Education Credits

In order for us to process your continuing education credit, you must confirm your participation in this webinar by completing and submitting the Attendance Affirmation/Evaluation after the webinar. A link to the Attendance Affirmation/Evaluation will be in the thank you email that you will receive immediately following the program. For additional information about continuing education, call us at 1-800-926-7926

• ext. 35.

FOR LIVE EVENT ONLY

Program Materials

If you have not printed the conference materials for this program, please complete the following steps:

• Click on the ^ symbol next to “Conference Materials” in the middle of the left-

hand column on your screen.

• Click on the tab labeled “Handouts” that appears, and there you will see a

PDF of the slides for today's program.

• Double click on the PDF and a separate page will open.
• Print the slides by clicking on the printer icon.

FOR LIVE EVENT ONLY

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE BEST PRACTICES

TOPICS FOR DISCUSSION

• Role and Responsibilities
• Audit Committee Chair Role
• Membership
• Meetings
• Financial reporting oversight
• Oversight of external audit
• Oversight of management and Internal Audit
• Corporate culture and compliance
• Risk and controls
• Special Topics

5

GOVERNANCE PARTNERS GROUP

ROLE AND RESPONSIBILITIES

• Oversight of:
• Financial Reporting
• Risk Assessment Process
• External Auditors and Internal Audit Function
• Non-financial risks
• Related party transactions
• Special Investigations

6

GOVERNANCE PARTNERS GROUP

ROLE AND RESPONSIBILITIES

• Understanding of business model, accounting policies and

estimates and judgments

• Interaction with CFO, Controller and Treasurer
• Internal control over financial reporting
• Corporate Culture and “Tone at the Top”
• Compliance program (FCPA and Whistle-Blowing)

7

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE CHARTER

• Purposes
• Membership and Meetings
• Committee Authority and Responsibilities
• Relationship with Independent Auditors
• Financial Statement and Disclosure Matters (including financial

press releases)

• Oversight of Relationship with Independent Auditors
• Oversight of Internal Audit Function
• Compliance Oversight

8

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE CHARTER

• Corporate Cash Investment Policy
• Pre-approval of Audit and Non-Audit Services
• Expenditure of Resources to retain independent advisors and pay

audit firm and ordinary expenses

• Reports to the Board of Directors
• Annual Charter Review
• Performance Assessment

9

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE CHAIR ROLE

• Choose right number of members (3-5)
• Establish sub-committees for specific issues
• Ensure that at least one member is a financial expert
• Ensure that the Committee has a charter that is reviewed annually
• Ensure that a robust whistle-blowing procedure is in place with

appropriate protection for whistle-blowers

• Communicate regularly with the CEO and Board of Directors

10

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE CHAIR ROLE

• Encourage direct communication with second line management
• Submit an annual Committee report with an executive

summary to the Board of Directors

• Identify potential conflicts of interest to ensure independence
• Evaluate the Committee’s performance annually and develop

improvement plans

11

GOVERNANCE PARTNERS GROUP

MEMBERSHIP

• Personal commitment
• Integrity, courage, skepticism
• Knowledge of company’s specific risks and controls
• Commitment to staying current through education

12

GOVERNANCE PARTNERS GROUP

MEMBERSHP

• Limitations on the number of audit committees
• NYSE requires board approval for more than three
• Many US companies have limits – usually two
• Financial literacy required by NASD and NYSE
• Audit Committee Financial Expert - at least one required by

SEC (includes experience working in a financial area)

• Independence required for public companies

13

GOVERNANCE PARTNERS GROUP

MEETINGS

• Meeting dates usually set one or two years in advance
• Frequency and duration
• Four or five in person meetings; telephonic meetings in

between

• Average of 8-10 meetings per year
• Average duration of 2-4 hours
• Using an advance calendar and planner ensures coverage of

responsibilities

14

GOVERNANCE PARTNERS GROUP

MEETINGS

• Typical meeting topics include:
• Fundamental responsibilities from Committee charter
• Discuss draft earnings releases
• Review interim financial statements, annual audited financial statements and

annual report before issuance/filing

• Discuss with management and the external auditors any significant financial

reporting issues and significant judgments

• Review internal audit risk assessment, plans and resources
• Review significant findings from internal audit work

15

GOVERNANCE PARTNERS GROUP

MEETINGS - AGENDAS

• Prepared by Corporate Secretary, Chief Financial Officer or

Internal Auditor

• Chairperson involvement via pre-meetings with CFO, Controller,

Internal Auditor and External Auditor

• Timed agendas allow for monitoring progress, reduce

preparation time and control presentation details

• Consent agendas used for routine/standard matters

16

GOVERNANCE PARTNERS GROUP

MEETINGS - BRIEFING MATERIALS

• One to two week lead time for adequate Committee Member

review

• Reports fro CFO, Controller, Internal Auditor, External Auditor and

Legal

• Executive summaries to accompany each report
• Access to documents should be via Board portal or other secure

internet location

17

GOVERNANCE PARTNERS GROUP

MEETINGS - PARTICIPANTS

• Chief Financial Officer
• Chief Executive Officer
• Controller
• Internal and External Auditors
• Corporate Secretary
• Legal Counsel
• Other directors and functional specialists – as needed

18

GOVERNANCE PARTNERS GROUP

MEETING DYNAMICS

• Private sessions with CFO, Controller, Internal Auditor

and External Auditor should be included on every face- to-face meeting agenda

• Committee only sessions to discuss concerns and

performance

• Avoid surprises through interactive advance

communication

19

GOVERNANCE PARTNERS GROUP

MEETINGS - MINUTES

• Minutes should address:
• Attendees, time spent, and conclusions reached
• Process used for resolution
• Alternatives considered
• Relevant information considered
• Justification of committee’s independent thinking
• Compliance with obligations
• No minutes for private sessions

20

GOVERNANCE PARTNERS GROUP

MEETINGS – REPORTING TO THE BOARD OF DIRECTORS

• Committee Chair provides reports on issues dicussed

and decisions made at each Board meeting

• Copies of approved Committee minutes typically

provided to the Board

21

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

• A very important Committee responsibility - earnings releases

require full Committee attention

• Public companies typically first release their quarterly and annual

results to the press in advance of filing the Company’s Forms 10-K and 10-Q

• This requires financial management, external auditors and the

Committee to perform within a compressed time frame

• In general, the market reacts to press releases, not SEC filings

22

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

AUDIT COMMITTEE CONSIDERATIONS

• Carefully review draft earning releases with attention to how operating results

are described

• Understand length of time between earnings releases and SEC filings and the

status of the external auditors’ related work

• Assess whether an event of finding could arise prior to the SEC filing date that

could impact the results presented in the earnings releases

• Discuss how management plans to record and disclose major developments
• ccurring after the issuance of earnings releases
• Pay attention to “special items” (e.g. material litigation contingency reserves)

23

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

EARNINGS RELEASES

• Earnings releases include limited data (compared to SEC filings),

generally Balance Sheet and Statements of Income and Cash Flow with comparisons to the comparable period of the preceding year

• Committee meets to discuss and approve the draft earnings

releases (usually via conference call) prior to the completion of the relevant financial statement audit or review

24

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT EARNINGS RELEASES

• Committee should understand possible risks associated

with having limited time to review earnings releases

• Length of time between isusance of the preliminary

earnings release and the filing of the related Form 10-K or Form 10-Q impacts the likelihood that a material subsequent event might occur

25

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

SPECIAL ITEMS

• Quantified in press release – nonrecurring, one-time, unusual,

special, etc.

• Consistency is important – over time and in various media

(website, press release, investor calls)

• Company can provide data in tabular form
• Tax effect of special items may be critical but sometimes
• verlooked

26

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

RISK IDENTIFICATION Business risk related to:

• Business strategy and market position
• Major customers and suppliers
• Related parties
• Capital structure and hedging transactions
• Major transactions during the accounting period

27

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

RISK IDENTIFICATION Focus on complex, significant unusual events and changes in account balances to understand:

• Business issues that exist
• Critical accounting policies adopted by the Company
• Significant assumptions used to establish accounting entries
• Understand the Company’s financial statement closing process

28

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

RISK IDENTIFICATION – SUGGESTIONS

• Field visits
• Periodic meetings with financial management, external auditors and

business unit leaders

• Monitor analyst calls
• Review analyst, rating agency and investment firm reports
• Review competitor financial date

29

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

CRITICAL ACCOUNTING POLICIES

• Summarized in MD&A and footnotes
• Is application interpreted aggressively or conservatively?
• Do policies reflect the substance of transactions?
• What are competitors doing?
• Are there any alternative methods?

30

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

CRITICAL ACCOUNTING POLICIES

• Importance of advance planning for new standards
• Accounting policy changes
• Rationale for change
• Effect on income, loan covenants, executive compensation plans
• Investors/analysts reaction to change
• Change in estimate versus change in accounting policy
• Focused discussion of a specific policy at a particular meeting

31

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

ACCOUNTING ESTIMATES

• Estimation areas involving a high level of judgment include:
• Allowance for bad debts
• Environmental reserves
• Pension obligations
• Obsolete inventory
• Asset impairments
• Income tax exposures
• Restructuring reserves
• Litigation reserves

32

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

ACCOUNTING ESTIMATES

• Important for Committee to understand:
• Key assumptions and variables used in making estimates
• A range of estimates can result in significantly different results
• The level of conservatism applied in the estimation process can

dramatically influence estimate results

33

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

RELATED PARTY TRANSACTIONS

• Related parties are:
• Affiliates
• Principal owners, management and their immediate families
• Other parties subject to significant influence
• Related party transactions can lead to a higher incidence of fraud
• Financial management cannot presume that related party

transactions are entered into on an arms length basis

34

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

RELATED PARTY TRANSACTIONS

• The Company must disclose the nature and description of related

party transactions and the amounts involved

• Auditors must specifically evaluate the Company’s process for

identifying and disclosing relatiohships and transactions with related third parties and communicate the results of that work to the Committee (PCAOB Auditing Standard No. 18, Related Parties)

35

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

MANAGEMENT DISCLOSURE COMMITTEES

• Most public companies have management-level disclosure

committee

• Periodic internal financial certifications roll-up under this committee
• Membership usually consists of the CFO, Controller, Internal

Auditor, functional and business leaders, the Corporate Secretary, and Investor Relations, Legal and Compliance representatives

• Some companies have the Disclosure Committee report to the

Audit Committee committee

36

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

TRANSPARENCY IN DISCLOSURE

• The complete story regarding a disclosure item should be clear
• Disclosure of potential future events (or foreshadowing) is closely

scrutinized by the SEC

• Management Discussion & Analysis should be robust and more

than a mere overview

• Segment reporting is closely scrutinized by the SEC and heavily

used by analysts

37

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

INTERACTION WITH REGULATORS

• All SEC filers are reviewed on a 3-year cycle
• SEC comment letters often question:
• Segment reporting
• Asset impairment testing
• Tax allowances and uncertain tax positions
• Early warning disclosures
• Pension obligations
• Revenue recognition
• Financial derivatives valuations
• Cash flow classification

38

GOVERNANCE PARTNERS GROUP

FINANCIAL REPORTING OVERSIGHT

INTERACTION WITH REGULATORS

• Responses to SEC comment letters are published on EDGAR –

they should be reviewed by the Audit Committee and the external auditors before they are submitted

• The SEC will issue “pre-clearance letters” in cases where there is

significant uncertainty regarding a position that a Company is considering with respect to its financial statements

39

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

GENERAL PRINCIPLES

• Under Sarbanes-Oxley, the Audit Committee is directly

responsible for the appointment, compensation and oversight of a Company’s external auditor, and the external auditor reports directly to the Committee

• Ongoing candid communication is critical
• Periodic informal meetins are important

40

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

GENERAL PRINCIPLES

• Selection, reappointment, replacement and evaluation

considerations include:

• The auditing firm’s reputation, industry experience and international network
• The lead partner’s business acumen and pragmatism
• The ability of the engagement team to work with the Company’s

management and financial staff

• The ability to exercise independence

41

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

REPORTING RELATIONSHIP TO AUDIT COMMITTEE Selection, reappointment, replacement and evaluation issues:

• Candidate “beauty contests” can provide useful information
• A change in the external auditor presents the following challenges:
• Management time and attention
• New auditing firm learning curve, personalities and re-interpretation of

previously adopted accounting policies

• Additional challenges are presented by lead partner rotation

requirements; lead partner transitions require purposeful “shadowing” of departing lead partner

42

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

REPORTING RELATIONSHIP TO AUDIT COMMITTEE

• The External Auditor should consider the following key questions in

connection with the Company’s auditing engagement:

• What are the key business and audit risks?
• How is materiality determined?
• How does the Company determine its accounting “estimates”?
• How is internal controls testing structured at the Company?
• What is the Company approach to information technology issues?
• Which subsidiaries and locations will be visited??

43

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

COMMUNICATIONS

• Candid communications between the external auditor and the

Committee and the Company’s CFO and Controller are essential for every audit or review

• The external auditor’s specialists may become involved in

communications with the Committee regarding unique topics or issues

• The external auditor can provide the Committee with perspectives

based on experience with other clients and the quality of the Company’s financial management and staff

44

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

COMMUNICATIONS

• The Audit Committee might engage in a discussion with the

external auditor regarding the following questions:

• Were proposed changes to the financial statements or press release not

made?

• What areas of financial reporting could be challenged by regulators?
• What is the quality of reported earnings?
• How capable is the Company’s finance team?
• Is pressure being placed on financial reporting to achieve a desired
• utcome?
• What areas of the audit take the most time and why?

45

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITORS

Management Representation Letters

• The external auditor should highlight non-standard customized

representations

• The Audit Committee should inquire whether the external auditor

encountered any difficulty in obtaining any specific representations

46

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITOR

DISAGREEMENTS WITH MANAGEMENT

• The Audit Committee is required to resolve any disagreements

between the external auditor and the Company’s management. In that process, the Audit Committee should:

• Discuss the disagreement with management and the external auditor to

understand each party’s viewpoint

• Develop an understanding of the SEC’s viewpoint on the topic
• Determine whether to consult with external advisors regarding the topic
• Discuss options for resolution of the disagreement with management and the

external auditors

47

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITOR

NON-AUDIT SRVICES

• The Audit Committee must pre-approve of the following services to

be performed by the external auditor:

• Corporate tax return preparation
• Corporate tax planning activities
• Financial due diligence activities
• Tax legislation advice
• Transfer pricing analysis
• Fraud and other investigations
• Personal tax preparation services

48

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF EXTERNAL AUDITOR

NON-AUDIT SERVICES

• The Audit Committee will usually provide a blanket approval for

certain categories of services up to a specified fee limit to be ratified at the next following Audit Committee meeting

• The external auditor may not perform the following services:
• Auditing its own work
• Making management decisions
• Serving as an advocate for the Company
• Performing work with respect to which the external auditor has a potential

conflict of interest

49

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF MANAGEMENT

RELATIONSHIP WITH MANAGEMENT

• The Audit Committee should interact with management with an

appropriate degree of skepticism

• The Committee should rigorously question management:
• Were there any transactions that were entered into primarily to impace

financial ratios or presentation of financial results?

• Were any transactions recorded during the last few weeks of the quarter

that did not occur earlier in the period?

50

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF MANAGEMENT

RELATIONSHIP WITH MANAGEMENT

• The Committee should rigorously question management:
• Were any significant exceptions reported in the internal repsresntation

letters?

• What significant accounting judgment calls were made during the

period?

• What kind of input into accounting determinations does non-financial

management have?

• What areas present recurring challenges or problems?
• What areas of accounting require the greatest time commitment of

financial reporting personnel?

• What pressures influence financial reporting?

51

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF MANAGEMENT

RELATIONSHIP WITH MANAGEMENT

• Management bench strength assessment
• Committee discussions with CFO
• Perceptions based on personal interactions
• Confidential feedback from external and internal auditors
• Focus on finance managers at higher risk and international locations
• Succession planning for CFO and Internal Auditor

52

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF MANAGEMENT

RELATIONSHIP WITH MANAGEMENT

• Audit Committee meetings with management
• Attendance:
• CFO, Controller, Internal Auditor, Tax Director
• CEO, CAO, CIO, Business Leaders, CEO
• Private sessions are critical
• Informal meetings between board meetings help build the

relationship between the Committee and Management

53

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

ROLE AND STAFFING OF THE INTERNAL AUDIT DEPARTMENT

• The role of the Internal Auditor has been evolving from being

compliance focused to being value added focused.

• Areas of Internal Audit focus:
• Financial reporting and internal controls
• Regulatory compliance - Environmental, Health and Safety
• Investigations
• Information Technology
• Process re-engineering
• Operational Efficiencies

54

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

ROLE AND STAFFING OF THE INTERNAL AUDIT DEPARTMENT

• The key to Internal Auditor effectiveness is empowerment by

executive management

• There should be agreement between executive management and

the Audit Committee regarding the role of the Internal Auditor

• The Internal Audit Department should conduct an annual planning

and risk assessment meeting

• A rotational approach to auditing locations is typically warranted

and advisable

55

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

STAFFING OF THE INTERNAL AUDIT DEPARTMENT

• The Internal Auditor should be a member of the Company’s (financial)

leadership team

• The role of the Internal Auditor should be enterprise-wide
• There should be an informal relationship between the Internal Auditor and

the Audit Committee Chair

• The Audit Committee should evaluate the Internal Audit Department’s

staffing level and capabilities

• An effective system for the evaluation of the Internal Audit Department

should be developed and implemented

56

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

STAFFING OF THE INTERNAL AUDIT DEPARTMENT

• Coordination with External Auditor
• Staffing Strategies
• Rotation of sites audited
• Outsourcing of certain audits to third parties
• Challenges related to staffing for audits of non-US locations

57

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

INTERNAL AUDIT REPORTING LINES AND LEADERSHIP

• Communicating internal audit results
• Executive summaries
• Current period audits and findings reported at each meeting
• Recommendation to implement an aging chart
• Internal audit reporting lines
• Most report directly to Audit Committee Chair
• Most report administratively to the CFO

58

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

INTERNAL AUDIT REPORTING LINES AND LEADERSHIP

• Internal Audit Department leadership is very important
• Drives the department’s effectiveness; must be objective and independent of

management

• Should portray a willingness not to “stand down” with respect to identified

issues

• The Audit Committee should play a role in hiring the Internal Audit Department

leadership

• Exit interviews are critical during transitions between Internal Audit Department

leadership

59

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

EVALUATING INTERNAL AUDITOR PERFORMANCE

• CEO input is the starting point
• External auditor input can be helpful
• Management input provides a view of how the Internal Auditor is

perceived internally

60

GOVERNANCE PARTNERS GROUP

OVERSIGHT OF INTERNAL AUDIT

EVALUATING INTERNAL AUDITOR PERFORMANCE

• Questions to be addressed by the Audit Committee:
• Is the focus of the Internal Auditor on the right areas?
• Does management look to the Internal Auditor when issues arise?
• Are reports provided by the Internal Auditor to the Audit Committee on a

timely basis?

• How independent does the Internal Auditor appear to be?
• Is the Internal Auditor properly leveraging technology?

61

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

TONE AT THE TOP

• How should the Audit Committee evaluate the “tone at the top”?
• Direct interaction with executive management
• Employee surveys - can address satisfaction, working conditions and

pressure to bend rules; broad employee participation is important

• Upward feedback to be provided via the Human Resources Department
• Employee complaints communicated via whistleblower hotline

62

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

TONE AT THE TOP

• How should the Audit Committee evaluate the “tone at

the top”?

• Meet with middle-management finance personnel
• Solicit input from internal and external auditors
• Conduct private sessions with executive management
• Evaluate the degree to which presentations to the Board are scripted and

rehearsed

63

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

OVERSIGHT OF COMPLIANCE PROGRAMS

• Understand the design of the Company’s compliance program
• Areas of high risk assessed
• Key personnel involved
• Internal reporting lines
• Implementation challenges
• Discuss effectiveness of various programs

64

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

OVERSIGHT OF COMPLIANCE PROGRAMS

• Periodically review the Company’s ethics policy and code of conduct
• Address how standards differ from country to country
• Meet with Chief Ethics Officer
• Receive periodic briefings from Internal Auditor, Chief Risk Officer, General

Counsel and executive management

• Analyze incidents and trends over time

65

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

OVERSIGHT OF COMPLIANCE PROGRAMS

• Review statistics regarding code of conduct training
• Understand results of employee certification process
• Review planned remediation actions
• Evaluate code and communications
• Understand potential issues before they become complaints
• Understand the role of the Internal Audit Department in aiding compliance

66

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

CODES OF CONDUCT AND CONFLICTS OF INTEREST

• Codes of Conduct
• Expectations of behavior at and outside of work when conducting business
• Employee responsibility for reporting misconduct
• Process for disciplinary actions (warnings, corrective action, dismissal)
• Confidentiality, fairness, honesty, integrity, use of company asssets,

accountability for compliance with the Code

• Conflicts of Interest Policies
• Should be written and easy to understand and apply to everyone
• Pertain to both real and apparent conflicts
• Include disciplinary guidelines

67

GOVERNANCE PARTNERS GROUP

CORPORATE CULTURE AND COMPLIANCE

CODES OF CONDUCT AND CONFLICTS OF INTEREST

• Whistleblower and Complaint Hotlines
• Report to Audit Committee
• Should set thresholds for immediate reporting
• Administered by Corporate Compliance Officer and/or Internal Auditor
• Significant allegations communicated quarterly
• Annual summary to be reviewed by Audit Committee

68

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

AUDIT COMMITTEE ROLE

• Risk management is intertwined with a Company’s system of

internal controls

• Audit Committee traditionally focuses on financial reporting risks
• Focus on compliance and other risks as well
• Audit Committee needs to develop an agreement on specific risk

management responsibilities

69

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

AUDIT COMMITTEE ROLE

• NYSE and other exchanges require discussion of risk

management

• Audit Committee is not required to be the sole governing body

responsible for risk assessment and management

• Audit Committee must discuss guidelines and policoies to govern

process by which risk assessment and management is undertaken by the Company

70

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

AUDIT COMMITTEE ROLE

• Audit Committee must:
• Identify whether the process is continuous
• Understand how management identifies risks
• Assess whether primary risk role is adequately staffed
• Understand top identified risks
• Understand the roles of the Internal Auditor and Chief Compliance Officer
• Coordinate with other Board Committees engaged in similar activities (e.g.

Risk Management Committee)

71

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

KEY RISK AREAS, INCENTIVES AND FRAUD RISK

• Areas of greatest risk:
• Management override of controls
• Outside service providers not subject to company controls
• Integration of business, culture, ethics, systems following an acquisition
• Implementation of restructuring activities
• Information Technology issues (e.g. cyber-security breaches)
• Bribery risk and violations of Foreign Corrupt Practices Act

72

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

KEY RISK AREAS, INCENTIVES AND FRAUD RISK

• Incentives can create fraud risk
• CEO pressure is the greatest contributing factor
• Financial targets can motivate bad behavior
• Compensation plans can create inappropriate risk taking
• Typical reasons for fraud:
• To meet expectations
• To conceal bad news
• Personal gain
• Pending sale/equity offering

73

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

KEY RISK AREAS, INCENTIVES AND FRAUD RISK

• Audit Committee Actions:
• Understand scope of responsibility and maintain skepticism
• Exercise oversight of the Company’s fraud risk assessment process and

internal controls

• Consider risk factors that create pressures and opportunities for

employees to commit fraud

• Assess management integrity and conduct

74

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

KEY RISK AREAS, INCENTIVES AND FRAUD RISK

• Audit Committee Actions:
• Evaluate whistleblower complaints and tone at the top
• Evaluate related party and non-routine transactions
• Receive periodic reporting on fraud prevention programs
• Assess the need to rotate CFOs at international locations
• Be most alert during significant events (e.g. IPOs, acquisitions and

divestitures)

75

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

INFORMATION TECHNOLOGY RISKS

• Accelerating pace of technological change and increasing role of IT in gaining

competitive advantage create new risks

• The Audit Committee needs to pay particular attention to IT risks when the

Company:

• Is in an industry where IT is a large part of the product/service offered
• Processes a multitude of transactions and operates several different systems
• Is implementing new major high cost technology systems
• Is integrating systems of an acquired business

76

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

INFORMATION TECHNOLOGY RISKS

• Cloud computing has created a new set of information technology

risks:

• Third party hosting puts data outsource of Company controls
• There are attendant privacy and security issues
• There are sensitivities regarding customer data – because encryption is not

fool-proof

• Data back-up and recovery can be difficult

77

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CYBERSECURITY RISK

• Cyber-security risk has arisen as a result of:
• Increasing reliance by business on technology
• The rise of new and advanced adversaries who probe for systemic

vulnerabilities in IT systems

• The rise of adversaries who have competitive, strategic, financial and

political motives

78

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CYBERSECURITY RISK

• Audit Committees should:
• Understand which corporate officer is ultimately accountable for IT risks and

whether this is documented and well understood at the Company

• Assess whether this individual is sufficiently empowered and part of the

leadership team

• Agree on how often to meet and discuss cyber-security with the responsible

individual

79

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CYBERSECURITY RISK

• Audit Committees should:
• Evaluate whether there is meaningful communication and dialogue regarding

IT risks and cyber-security and provide feedback if the presentation of the materials is ineffective

• Determine whether IT materials presented to the Board are prepared in a

manner that enhances and maximizes the oversight function and, if not, request changes

• Evaluate whether the cyber-security related information being presented to

the directors enhance and maximize the oversight function

80

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CYBERSECURITY RISK

• Audit Committees should:
• Ask whether management took an overarching view of IT risks beyond basic cyber-

security when considering reporting cyber-security related information to directors

• Evaluate baseline metrics to understand the Company’s current cyber and IT

environment and the gaps to achieving its desired cyber state

• Discuss and agree on the prioritization of the most important metrics, with a focus on

the top 10-15

81

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CYBERSECURITY RISK

• Audit Committees should:
• Continue to regularly re-evaluate cyber-metric reporting to directors,

updating it for changes in the Company’s maturity, circumstances and current cyber environment

• Consider the impact of changes to the Company’s operating environment

and broader cyber community on current cyber-metric reporting and consider whether any changes are necessary

82

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

BRIBERY/FCPA VIOLATION RISK

• The Audit Committee must understand the Company’s susceptibility

to bribery fraud:

• A basic understanding of the FCPA and other anti-bribery laws is essential
• Compliance and ethics programs mitigate risk
• A clear understanding of the Committee’s scope of responsibility is important
• Top challenges are local culture and customs, third party agents, distributors

and resellers

83

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

BRIBERY/FCPA VIOLATION RISK

• Controls should include:
• Making anti-bribery training an integral part of all acquisition integration

activities

• Implementing policies requiring review and pre-approval of entertainment

gifts, marketing funds, consulting arrangements and contributions

• Including employees, agents and resellers in training
• Auditing of expense reports, marketing expenditures, commissions, discounts

and fees to agents

• Enforcing the consequences of improper behavior to send the right message

84

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CONSIDERATIONS DURING INVESTIGATIONS

• Robust compliance programs are highly correlated to a measurable reduction in

fraud exposure

• Allegations arise from whistleblower hot-lines, internal audits, external audits or

regulatory inquiries

• Audit Committee should consider whether an investigation would be appropriate
• Input from legal counsel, external auditors and other experts should be

considered

• External auditors have a duty to report issues to the SEC if the Company and

Board do not investigate the issues

85

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CONSIDERATIONS DURING INVESTIGATIONS The Company should:

• Take action quickly
• Decide on the investigation team and to whom it will report (e.g. Board, Audit

Committee or Special Committee of Directors)

• Obtain agreement of external auditors to process and scope becasuse they

must rely on the results

• Consider the role of management involvement in the investigation so that they

do not become absorbed by it

• Obtain skilled legal counsle with relevant experience

86

GOVERNANCE PARTNERS GROUP

RISK AND CONTROLS

CONSIDERATIONS DURING INVESTIGATIONS

• The Company should:
• Use skilled advisors because internal resources may not be sufficient
• Consider notifying investors and relevant regulators
• Meet requirements to preserve documents and record the investigative

work

• Manage communications to the external world via a designated

spokesperson

• Take appropriate punitive/remedial action against responsible employees
• Audit Committee should continuously monitor progress and be

informed of findings

87

GOVERNANCE PARTNERS GROUP

SPECIAL SITUATIONS

ERRORS IN FINANCIAL STATEMENTS

• The Audit Committee must be aware of potential errors in the

financial statements that could be more than immaterial

• If a conclusion is reached that an error is immaterial,

contemporaneous documentation of the error is necessary

• Intentional errors may be an illegal act and lower materiality

thresholds

88

GOVERNANCE PARTNERS GROUP

SPECIAL SITUATIONS

ERRORS IN FINANCIAL STATEMENTS Restatements of Financial Statements:

• Raise questions about integrity of reporting and internal controls
• Divert management focus
• Lead to significant legal, internal and external audit costs
• Can require informing users that previous results should not be relied on
• Can prohibit further filings until the investigation of the error is resolved,

which may restrict ability to raise capital

• Create uncertainty between the date the error is announced and the date

the restated financial statements are filed

• Can result in a drop of share price

89

GOVERNANCE PARTNERS GROUP

SPECIAL SITUATIONS

ERRORS IN FINANCIAL STATEMENTS

• Areas subject to restatement:
• Expense recording
• Liabilities, payables, reserves and accrual estimates
• Deferred compensation
• Revenue recognition
• Accounts and loans receivable
• Tax provisions

90

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

FIRST QUARTER

• Identify agenda items for the coming year and prepare work plan
• Confirmation of independence, review of performance, and appointment of

independent auditors

• Annual evaluation of Committee’s performance
• Review Committee Charter and recommend any necessary changes
• Year-end/Q4 financial results and press release
• Approve 10-K filing

91

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

FIRST QUARTER

• Internal audit report for quarter
• Independent auditor’s report for quarter and prior year end
• Review related party transactions
• Confirm any requests for waivers from Code of Conduct
• Approve report of the Committee for inclusion in the proxy
• Conduct executive session without management

92

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

SECOND QUARTER

• Q1 financial results and press release
• Approve 10-Q filing
• Internal audit report for second quarter
• Independent auditors report – including management representation letter

from annual audit

• Review related part transactions
• Confirm any requests for waivers of Code of Conduct
• Conduct executive session without management

93

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

THIRD QUARTER

• Q2 financial results and press release
• Approve 10-Q filing
• Internal Audit report for third quarter
• Independent auditors’ report for third quarter
• Confirm auditor’s independence and performance, approve

retention for current audit

94

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

THIRD QUARTER Review auditor’s plan for year end audit, SOX audit and approve fees Review related party transactions Conform any requests for waivers from Code of Conduct Conduct executive session without management

95

GOVERNANCE PARTNERS GROUP

AUDIT COMMITTEE PLAN OF WORK

FOURTH QUARTER Q3 financial results and press release Approve 10-Q filing Internal audit report for quarter Independent auditor’s report for quarter Review related party transactions Confirm any requests for waivers of Code of Conduct Conduct executive session without management

96

GOVERNANCE PARTNERS GROUP

SAMPLE AUDIT COMMITTEE MEETING AGENDA

Consent Agenda

• 1. Liquidity Matters
• 2. Outstanding Legal Matters
• 3. Consent portion of audit firm agenda
• 4. Review of other matters, guided by the Checklist of Responsibilities from the Audit Committee Charter

Discussion Agenda

• 5. Call to order
• 6. Approval of previous meeting minutes
• 7. Management update on 10-Q status
• 8. Auditor Report to Audit Committee
• 9. 10-Q review and approval
• 10. Press release review
• 11. Executive session with audit firm
• 12. Executive session with Internal Auditor
• 13. Adjourn

97

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE

• Focus on Audit Committee’s reporting of its responsibilities and

activities with respect to its oversight of the Independent Auditor

• Three main areas of disclosure
• Audit Committee’s oversight of the Auditor
• Audit Committee’s process for appointing or retaining the Auditor
• Qualification of the audit firm and the engagement team

98

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE

• Committee’s process for appointing or retaining the Auditor
• What is the typical or best process for evaluating the Auditor and deciding

whether to retain the current Auditor?

• If the Committee elects to change Auditors, how does or should a typical

RFP process work?

• How important are the audit fees in the Committee’s decision?
• What roles are played by management, the Committee Chair and other

members of the Committee?

99

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE

• Suggestion of disclosure of details regarding the Auditor
• Would disclosure about the audit team’s experience, including the

number of prior audit engagements performed and whether the were in the same industry, be useful?

• Would disclosure of the names of individual audit partnes a good or

bad thing for Audit Committees, or is it primarily an issue for the auditors?

100

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Evaluate meeting agendas to focus on key matters and risks.
• What should be on a typical Committee agenda?
• How do the Committee Chair and the CFO set the agenda?
• Should the Committee Chair communicate with the audit partner or the

head of Internal Audit when setting the agenda?

• When and how often should the Committee meet in executive session (with
• r without the auditors)?

101

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Building robust, earnest relationships and communications with

management, the Internal Auditor and external auditors

• Should the Committee Chair communicate with the audit partner or the

Internal Auditor periodically between meetings? If so, how often?

• Does the Committee receive any information from management’s

Disclosure Committee? What for does that communication take?

• Are PCAOB required disclosures from the External Auditor to the

Committee in the form of a presentation or a dialogue?

102

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Building robust, earnest relationships and communications with

management, the Internal Auditor and external auditors

• What form would SEC suggested disclosure regarding significant risks

identified, nature and extent of specialized skill used in the audit, planned use of the Company’s internal auditors, involvement by other independent public accounting firms or other persons, and the basis for determining that the External Auditor can serve as the principal auditor in its oversight of the independent auditor take?

103

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Building robust, earnest relationships and communications with

management, the Internal Auditor and external auditors

• What are priorities of the Committee when determining the scope of

the audit, including locations to be visited by the auditor and the quantitative coverage provided by those locations? Should the priorities of the Committee and management in terms of coverage vs. cost be aligned or is some tension between the two appropriate?

104

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Building robust, earnest relationships and communications with

management, the Internal Auditor and external auditors

• To whom does the Internal Auditor report?
• What role does the general counsel or in-house legal play in Committee

discussions and deliberations?

• Should the Committee speak directly with external counsel?

105

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Assessing performance and striving for continuous improvement
• Does your Audit Committee perform an annual self-assessment, and what

form does it take?

• What type of feedback arises from the self-assessment process?
• How could the self-assessment process be improved?
• How often is the Committee Charter updated?

106

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Assessing performance and striving for continuous improvement
• How do Committee members stay current on accounting, auditing,

financial reporting and related developments?

• Is updating the Committee on those matters the responsibility of

management, the Committee or individual Committee members?

• Has your Audit Committee ever hired its own accounting advisors or

special counsel?

107

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Understanding the Company, its industry, strategies, customers,

suppliers and competitors

• NYSE requires that the Committee discuss guidelines and policies to govern

the process by which management assesses and manages exposure to

• risks. Under these rules, the Audit Committee should:
• Discuss the Company’s major financial risk exposures
• The steps management has taken to monitor and control such exposures.
• What formal processes can be undertaken by management and the

Committee to fulfill these requirements?

108

GOVERNANCE PARTNERS GROUP

SPECIAL TOPICS

SEC CONCEPT RELEASE – RECONSIDERING BASICS

• Understanding the Company, its industry, strategies, customers,

suppliers and competitors

• Are the results of these processes reflected in the Company’s risk factors

and other disclosures?

• How do Committee members stay current on these topics?
• How much does the Committee need to know about the Company’s

information technology?

109

GOVERNANCE PARTNERS GROUP

CONCLUDING THOUGHTS

• The Audit Committee’s role and responsibilities have evolved and

expanded from a basic financial statement approval oriented Committee beginning with the passage of SOX

• The current day Audit Committee has taken on the role of proactively

ensuring the Company’s compliance with applicable securities laws, exchange requirements, and PCAOB rules and FASB standards and pronouncements

• This role includes oversight of a Company’s internal controls over financial

reporting, risk (including cyber-security risk) management program and compliance programs

110

GOVERNANCE PARTNERS GROUP

CONCLUDING THOUGHTS

• The Audit Committee has strengthened its working relationship with the

Company’s Internal Audit function and the Company’s external auditors

• Audit Committee members are increasingly having a financial background

beyond the requirements instituted by SOX

• As a result, the requirements for, and required commitment of, Audit

Committee members are both substantial and critical

111

GOVERNANCE PARTNERS GROUP Delivering Excellence in Outsourced Chief Governance Officer Services!

Paul Marcela President & Managing Director 770-815-4445 paul.marcela@governancepg.com www.governancepg.com Chip Presten Womble Carlyle Sandridge & Rice cpresten@wcsr.com

112