Welcome back to the corporate governance section of our BEC CPA Review Course. We're going to talk next about audit committees. Now back when I was in public accounting, I worked for a large public accounting firm and we used to have to meet with the audit committees frequently about the financial statement audits.
And I also was in the financial operational internal audit director for a very large not-for-profit in Washington DC. And I also had the responsibility as the internal audit person to meet with the audit committee. So the audit committee has a very important role and function and, and their job is to actively oversee the entities, accounting, and financial reporting policies and practices.
So the larger board, the board of directors would be responsible for many different objectives, including compliance with laws and regulations, effective and efficient operations, and reliable financial reporting. The audit committee really just takes one of those three objectives and focuses on it more precisely.
So they assist the larger board with fulfilling their fiduciary responsibilities. So there needs to be a process where the audit committee is informed of significant judgments and issues that affect accounting and financial reporting so that they can deal with those issues on a timely basis. And often it's the internal audit group or the external audit group that would be involved in that process to come in and have those conversations with the audit committee in addition to the audit committee meeting with the senior management of the organization.
So the audit committee needs to understand how it is that management actually identifies, monitors and controls, financial reporting risks that would affect the organization. So how do they make sure that the financial statements are complete and that all the assets exist and that accounts receivable is properly valued?
They're going to go through and think about what are the major things that could be wrong or misrepresented within the financial statements. And then their job is to know, well, what is this particular organization's greatest risks and how can we make sure that management is appropriately managing those risks?
So there's going to be a direct line of communication that's going to be necessary in order for them to do that, and it's going to involve talking directly with management, but it also is going to involve a direct line of communication with internal and external auditors to discuss. Those types of relevant matters.
Now you'll notice I said direct line of communication. So what that means is that periodically the audit committee is going to meet with the internal and external auditors. Without management around so that they're, if they want to say something that they don't feel comfortable saying in front of the management directly, they have an opportunity to have these Eyeful offline conversations with the audit committee in order for them to make sure that they can discuss the reasonableness of the financial reporting process and significant comments and recommendations they might have as a result of doing.
Audit type services and just being able to give that feedback in an open and free environment. The audit committee beyond just overseeing management is also responsible for overseeing. The auditor activities, whether it's an internal audit activity or whether it's an external audit activity, they have a responsibility to understand what is it that these internal and external auditors are doing.
And they're supposed to also, particularly with the external auditors to challenge whether or not there are any independence issues that might exist with who they have done their, their financial statement audit. Cause that's one of the things that's important about a financial statement audit is that the external auditors.
Really should have no impediments for them to be able to. Judge and evaluate whether or not the financial statements are materially misstated. And so it's very important for them to be independent and objective. And over the course of time, for example, there might be a familiarity threat where the auditor has been the organization's auditor for 10 years.
And so the audit committee might make a judgment to say, well, maybe we should go out for bid to see if we should hire a different. CPA firm to come in and do our financial statement audit in order to try and mitigate the risk of this familiarity threat that the auditors might be presuming that things are being done above board because they have such great, great relationships with management and the people that they're dealing with on a day to day basis as it relates to the financial statement audit.
So they do have the responsibility of making sure they're comfortable with the. Auditor, external auditor relationship with the firm as well as overseeing what internal audit is doing and the results of their services, and then also monitoring and overseeing management. There also might be circumstances where there needs to be some interaction with outside regulators.
Say the sec, the sec might have a question about the financial reports and. The audit committee would often be involved in those interactions along with management, just to make sure that they're comfortable, that what's being represented to these outside third parties in this compliance type arena is something that they're comfortable with because they're going to look at things from the viewpoint of preserving and protecting the best interests of the company.
Whereas management is probably going to be looking to preserve and protect their own best interest. So they may. Skew things. Management may skew things in dealing with outside regulators to try and preserve their job, to not make it look like they did anything wrong. So they may be coming from a more defensive posture, whereas the audit committee being on an oversight role could be the one that would be more of the mediator between the two and try and make sure that conversations are such that they can objectively look at both viewpoints and try and big Springs such issues to resolution.
So they do have the authority to engage and replace and determine external auditors. When they're hiring them, they have influence over making recommendations to compensation and performance evaluations for management. And they also have the authority to have influence over the internal audit department as well.
So the audit committees purely have they, they clearly have a lot of influence over the organization as it relates directly to ensuring reliable financial reporting. The Sarbanes Oxley act is the act that came out, and it's, uh, it's applicable to organizations that are regulated by the sec. So if you're a publicly-traded organization or an issuer, as they're called, they have to follow the Sarbanes Oxley act.
The Sarbanes Oxley act actually has a requirement that publicly traded at an exchange has an audit committee. Now, the audit committees are a subset. Uh, the board of directors. So usually it's the people that sit on the audit committee also sit on the full board of directors. And as they're looking at who's sitting on the audit committee, the Sarbanes Oxley act says that more than half of the audit committee should be outside directors, or they should be independent directors.
So that means that they can't be executive directors, meaning that they can't be a member of management and they can't be. Inside directors, meaning that they have a vested financial interest or another sort of conflict with the entity itself. They have to be truly outside directors that are independent and want at least one of these outside directors has to be financially literate.
Now, they don't give specific definitions around what financially literate means, but what they do is provide a list of, here are some things that might make somebody. Qualified to be financially literate, and it includes things like their experience and their education and whether or not they've ever sat on a board before.
There's a whole laundry list of things that could qualify somebody to be financially literate, but it's important to have at least one outside director that qualifies as being financially literate on the audit committee of a publicly-traded organization that follows the Sarbanes Oxley act. In addition.
Remember at least half of the members of an audit committee of a publicly-traded organization should be independent or outside directors.
The other thing that the Sarbanes Oxley does as it relates to the audit committee is it says that the internal auditors are required to report directly to the audit committee. Now, generally, if there is an internal audit department, they do have a direct line of communication with the audit committee because that's.
Kind of the whole point of having an audit committee is to have, that means that independence and objectivity, uh, it's optional for private companies to do that. It's just a best practice that they do. Whereas if it's a publicly-traded organization, their internal auditors are required by law to have that direct line of reporting.
So by law, if you're a publicly-traded organization, there has to be a direct line of. Reporting for internal audit, a direct line of reporting for. External auditors and there has to be at least one outside director that's financially literate or determined to be a financial expert. And remember that financial expert determination can be made up of a lot of different factors.
It could be because they've had prior experience as a controller of a large organization, or they previously were in public accounting, or they. Actually have been involved in preparing audited financial statements in the past. It could be that they were an internal auditor for another organization. The goal is to make sure that they have enough understanding and experience formally or informally to be able to understand financial statements, generally accepted accounting principles to be able to make judgment calls around the sufficiency and appropriateness of key decisions like selecting.
Alternatives that might be available within generally accepted accounting principles. And they want to understand controls and what does it mean to have a good sound system of controls over reliable financial reporting. So they need to be able to understand preparing financial statements, reading financial statements, the controls.
Over generating financial statements. And then they also need to understand what it means to be a member of the audit committee. So what are our duties and our responsibilities, and why is it that we have to take these jobs so seriously? So in looking at. With an audit committee and trying to decide, well, who should sit on the audit committee?
It's very important that the board ensures that they have somebody that is sitting on that committee, that they feel comfortable, has those skill sets necessary. So they're going to make sure that they do independent reference checks in that they look at the relationships that that individual might have.
So do they have any conflicts of interests or any other types of? Related party relationships that might impair their ability to really be considered an outside director as opposed to an inside director. Sometimes companies use independent search terms to help find individuals to sit on the audit committee, uh, and that might be appropriate for a much larger publicly traded type organization.
In all cases, you should know enough about the individuals to feel competent about their financial literacy, their commitment. Their ability to be able to perform their, their responsibilities, with due diligence and an appropriate amount of professional skepticism in some cases. The audit committee might be required to actually certify that they've complied with independence and ethics rules that the organization has established.
And often if there are these certifications, these certifications are updated periodically, often, once a year to make sure that somebody that. Sitting on the audit committee as circumstances change, that they're, that they are able to identify where there might be some emerging issues with independence and ethics that might require them to change their relationship.
Perhaps they could no longer be on the audit committee, or perhaps they can no longer be on the full board if the conflict of interest is, is large enough, but it's definitely something that needs to be periodically evaluated. So we've gone through and talked about the. Composition of the audit committee itself.
And so now it'd be a good time to go back and revisit the earlier CPA Exam sections that talk about what's the definitions of those charged with governance? What's the definition of a board? Wow. Is the board and the audit committee different and what types of responsibilities is the audit committee have that the full board does not have.
Is your CPA Review on track for Exam Day?