The concept of an independent Audit Committee composed of outside directors and reporting directly to the board has been briefly introduced above. In the United States, the Audit Committee is general practice in all companies of a certain importance. In Europe, too, its role is growing in importance. Because among its most vital duties is overseeing of internal control and of the audit function, the Audit Committee must be characterized by a significant degree of independence.
For instance, in the United States regulators insist that the Audit Committee does not include individuals who are large customers of the company. For US credit institutions, this requirement is a rule established by the Federal Deposit Insurance Corporation (FDIC), one of the four main regulators. As I have already mentioned, the Audit Committee should be composed of outside directors.
The concept of an independent Audit Committee is not new, but it has been significantly strengthened by the seminal work done by the Treadway Commission. This Commission, which was active in the mid- to late 1980s is named after its chairman James C. Treadway, Jr, formerly a commissioner of the Securities and Exchange Commission (SEC).
Officially in the United States this is known as the National Commission on Fraudulent Financial Reporting - and it is in fact a milestone in financial reporting and auditing practices:
• Individually, most of the Treadway Commission's recommendations filtered into the Statement of Financial Accounting Standards (SFAS) by the Financial Accounting Standards Board (FASB).
• As a pattern, the implementation of the Treadway Commission's recommendations was promoted by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission (Chorafas, 2000a).
22 Why Internal Control Systems Must be Audited
Today COSO is used as a term to identify the pattern of these recommendations and their application for reliable financial reporting. In
1998 the Federal Reserve Banks of New York, Boston, and Chicago were the first to implement COSO. This has been followed by the other Fed banks and, according to a 1998 decision by the Federal Reserve Board, by all credit institutions with $500 million or more in assets.
COSO has been instrumental in seeing to it that credit institutions are also now concerned about internal controls. Companies which have focused on value-added auditing services assert that traditional approaches to audit are no more able to deliver because they are not self-sufficient in assessing the growing range of issues which add up to organizational and operational deficiencies. These companies are also seeing to it that they have an Audit Committee at the level of their board of directors, and that the independence of this committee is ensured at all times.
True enough, there is no unique definition of the duties an Audit Committee should perform other than receiving and examining the confidential report of the internal auditors. However, from meetings with companies with an Audit Committee, I have compiled a list of other responsibilities. These include:
• Approving salary, hiring and firing related to senior staff of internal auditing
• Providing the opportunity for auditors to meet and discuss findings without internal directors and line management being present
• Recommending or approving appointment of external auditors and the scope of their services
• Reviewing with senior management and external auditors the year-end findings and
• Meeting with regulatory authorities to sort out problems, if any.
Within the scope of these references, the Audit Committee can play an important role in preventing, or at least in detecting, fraudulent financial reporting. The Treadway Commission highlighted important aspects of the Audit Committee's oversight function - stating, for example, that senior management and the Audit Committee should ensure the internal auditors' uninhibited involvement in examining the company's entire financial reporting process. This, the Treadway Commission said, should:
• Be done in an appropriate, rigorous and detailed way and
• Be co-ordinated with the work by independent, certified public accountants.
The Role of Auditing 23 Some sources suggest that, in the absence of a universal definition of goals and mission, in the current state of affairs there are certain gaps in the Audit Committee's work. For instance, a Treadway Commission-sponsored study found that internal auditors often concentrate on the review of controls at the division, subsidiary, or other business component level, rather than at corporate level. Independent public accountants, on the other hand, are generally responsible for audit examination at corporate level.
The Treadway Commission has also highlighted other important Audit Committee functions, such as the need to review the company's process of assessing the risk of fraudulent financial reporting. It also pressed the point that the Audit Committee should evaluate the fitness of the programme established to monitor compliance with the code of corporate conduct.
According to these guidelines the Audit Committee should:
• Oversee the quarterly or more frequent reporting process, with particular emphasis on financial statements and finding of misconduct and
• Keep at all times open lines of communication, not only with the chief internal auditor but also with the chief accounting officer.
The Treadway Commission developed this set of recommended Audit Committee duties and responsibilities from a review and consideration of practices many well managed companies follow, the extensive guidance the public accounting and legal professions have published on the subject, and necessary improvements suggested by the results of its own research. In the years which followed the publication of the recommendations, most of the suggested improvements have been incorporated into the definition of the mission of an Audit Committee. In order to provide for integration of auditing reports the auditing committee must ensure:
• A greater awareness of audit results by the chief financial officer, who usually has responsibility for the preparation of financial statements and
• A steadily improved co-ordination between internal auditors and independent public accountants, all the way from the supervision of fraudulent financial reporting to internal control.
The Audit Committee should appreciate that organizational status and independence of action are essential in insulating internal auditors from compromising with different organizational influences and political pressures. This role is further enhanced by helping to establish an ethical environment throughout the company's operations and management functions.
24 Why Internal Control Systems Must be Audited
The Basle Committee on Banking Supervision, too, has looked into audit commission functions and responsibilities. In early 1998 it recommended that all credit institutions of a certain size should have an Audit Committee.
The Bank for International Settlements (BIS) immediately put in to practice this recommendation, choosing a former governor of the Bank of England as chairman of its newly instituted Audit Committee.