Every year presents corporate audit committees with new challenges and changes. The annual Audit Committee Leadership Summit brings together audit committee chairs from leading North American and European companies for a rich sharing of perspectives on the most significant financial, risk, reporting, auditing, and governance matters facing boards today.
Network members learn how leading audit committees in other markets address these issues and identify new strategies for improving governance. In dialogue with regulators, government officials, and financial reporting experts, members provide input on international public policy matters. EY supports the Summit.
Topics covered at the Audit Committee Leadership Summit:
particularly the European Union’s (EU’s) adoption of the General
Data Protection Regulation, attempt to harmonize data protection laws to
enhance protection for individuals and make obligations clearer for companies. Audit committee chairs were especially
interested in changes to the ways that companies obtain consent from
individuals and in the new requirements that companies notify national
authorities about data breaches. The
changes, which must be implemented by May, 2018, come with increased sanctions
for companies that fail to comply.
EACLN and ACLN members discussed the impact of disruptive
technologies with Laurence Buchanan, Partner and head of Digital EMEIA Advisory
at EY, and Paul Willmott, Director at McKinsey. Highlighting the unprecedented
speed and scale of technological change, they discussed strategic imperatives
such as focusing on the customer and finding the right balance between new
ventures and established revenue streams. They also discussed the board’s role
and capabilities in overseeing digital transformation.
EACLN and ACLN members discussed EU competition policy with
Paul Csiszár, Director in the Directorate-General for Competition at the
European Commission, and Stephen Kinsella, Partner and head of the European
antitrust/competition group at the law firm of Sidley Austin.The guests explained how the Commission approaches
merger control, antitrust actions, and state aid control.They underscored the importance for companies
of engaging with the Commission to clarify the complexities of mergers and
other strategies that might impact competition.
Audit chairs from North America and Europe discussed how the risks associated with cybersecurity have grown in breadth and impact the past few years and how they are stepping up their oversight in parallel. These efforts include having management provide dashboards with metrics on types and number of attacks on the company and in the industry as well as getting external evaluation of company cybersecurity efforts. Companies are also looking for generally accepted standards with which they can compare their efforts across borders to minimize the chances of serious incidents.
Independent regulation of auditing is evolving as regulators address important challenges and forge stronger ties with stakeholders. The PCAOB’s Lew Ferguson and Jay Hanson explained how the PCAOB and its counterparts internationally have improved their reporting and coordination of efforts, working on a bilateral and multilateral basis, increasingly through IFIAR, a growing international forum for audit regulation. One priority for regulators has been to strengthen relations with audit committees, an area in which regulators in some nations have taken significant steps.
Audit chairs from North America and Europe discussed the importance of culture to corporate strategy and the board's role in making sure a strong culture permeates the organization. Hiring, firing, and compensating the CEO and senior management are the main tools boards have to change corporate culture. Other tools of use include a dashboard populated with cultural indicators from across the company and having either internal audit or a separate culture team monitor culture.
Audit chairs from Europe and North America met with several Dutch audit chairs and auditors to discuss how they are coping with the recent audit reforms in the Netherlands, which impose audit firm rotation and restrictions on non-audit services. Managing the tender and transition process is best handled with a multiyear, multiservice strategy that includes sufficient overlap between audit firms. Both companies and auditors need to ensure that pressure on fees and staffing constraints do not undermine audit quality.
Audit chairs from Europe and North America reviewed the range of international threats that are hard to predict – yet significant in impact – such as political strife, economic crises, and natural disasters. They explored ways of identifying more of these risks before they materialize, noting that information from a variety of sources is critical. To prepare for the threats that remain unexpected, a company can develop general response plans and implement policies that strengthen the company for any blow it might suffer.
Integrated reporting is still in its nascent stages but is becoming the communication vehicle of choice for companies and their stakeholders as a means of reporting value beyond just financials. Internal reporting leaders and a representative from the International Integrated Reporting Council joined European and North American audit chairs to discuss the value and risks of integrated reporting. Oversight of the endeavor, the role of the audit committee, and the level of assurance needed on non-financial information is still up for debate.
More than 40 representatives from audit committees, investment firms, and external auditors came together to discuss how audit committees oversee and evaluate the work of the external auditor. Investors asked for more information in auditor and audit committee reports on the tasks undertaken during the fiscal year, key audit matters, and how risk was prioritized. Some investors said enhanced disclosures could spur more engagement with audit committee chairs. However, several participants suggested legal and other impediments prohibit enhanced disclosure and engagement in many jurisdictions.