Even board directors from large, multinational companies in Europe lack the opportunity to meet and discuss important issues. To provide that common ground, Tapestry Networks organized the European Audit Committee Leadership Network (EACLN) in 2004 with the support of EY.
The network was the first of its kind and remains the best forum for bringing together directors from European Union member states and non-EU countries, such as Russia and Switzerland, to discuss corporate governance and board leadership.
Members are committed to explaining the work of audit committees in dialogue with stakeholders like the European Commission, the International Accounting Standards Board, national regulators like France’s Autorité des Marchés Financiers, and the investment community.
Members are also committed to improving the performance of their own and – through the publication of the ViewPoints synthesis of insights generated in their meetings – other audit committees in Europe. The EACLN’s insights are often cited by groups like the Institut Français des Administrateurs.
Recent network topics:
EACLN members met to discuss the relationship between the board and the Chief Information Security Officer (CISO) with Robert Coles, CISO and head of information protection at GlaxoSmithKline (GSK); Mike Maddison, partner at EY; and Emma Smith, group technology security director at Vodafone. Although their precise responsibilities vary, CISOs typically oversee security related to information technology (IT) and may also oversee security relating to production systems and third-party cyber risk. The role continues to evolve to keep up with evolving cyber threats and new regulations. CISOs’ responsibilities differ from organization to organization, as do their status and relationship with the board.
EACLN members met with Hans Hoogervorst, chair of the International Accounting Standards Board (IASB). They discussed the IASB’s structure and process, including the challenging task of assessing the costs and benefits of new standards. They also discussed the IASB’s current focus on making financial communications more effective and meaningful, even as these communications seek to describe an increasingly complex reality. Finally, they addressed the issue of non-GAAP metrics and non-financial reporting, touching on the role of audit committees versus the IASB in overseeing these kinds of reporting.
At its 14–15 November meeting in London, the European Audit Committee Leadership Network (EACLN) hosted the chair of the International Accounting Standards Board (IASB) for a discussion on accounting standards. Members also discussed the role of the chief information security officer (CISO), the current state of Brexit, and new developments in fraud detection.
Audit chairs agree that evaluating the work of the external auditor is a core responsibility of the audit committee, although there is no single set of metrics that universally indicates a high-quality audit. The relationship with the audit partner and team built on honest communication is a crucial variable in audit quality, and one that audit committees must gauge on a more intuitive level. As regulators and other external stakeholders pay greater attention to the audit committee’s responsibilities, reporting on the oversight of the external auditor will be increasingly important and will remain a focal point for audit chairs.
EACLN members discussed the work of the Committee of European Auditing Oversight Bodies (CEAOB) with its chair, Ralf Bose. The CEAOB is a forum in which national regulators can cooperate on effective and consistent regulation, through information sharing and joint resolution of implementation issues. The CEOAB is reaching out to audit committees to understand their role in audit quality and how regulators can assist them. Mr Bose and EACLN members agreed that trilateral conversations among regulators, audit committees and audit firms would be beneficial for audit quality.
EACLN members were joined by Jonathan Blackmore, senior partner at EY, and Hans Winters, chief audit officer at Siemens, for a discussion of how digital technologies are presenting both challenges and opportunities for internal audit departments. Digital transformation complicates internal control and risk management, requiring new approaches from internal auditors. At the same time, robotic process automation and advanced analytics are strengthening internal audit, though they require new skills and a continuing focus on maintaining the objectivity and independence of internal audit.
EACLN members were joined by Luka Mucic, CFO and member of the executive board of SAP SE, and Roland Sackers, CFO and managing director of QIAGEN, for a dialogue about the opportunities and risks of digital innovation and transformation for chief financial officers (CFOs) and their teams. Digital capabilities are transforming the business models of established companies, and many are making money in new and different ways. New digital capabilities can also radically transform the roles and responsibilities of CFOs. Audit committees are focused on how to effectively monitor the most pressing opportunities and risks that are tied to transformation in the finance function.
EACLN members discussed audit policy and regulation with Alain Deckers of the European Commission, Paul George of the UK Financial Reporting Council, and Tim Volkmann of the German Auditor Oversight Commission. They discussed the implementation of the EU audit legislation, including mandatory rotation and reporting on audit committee performance. The audit chairs also described how they evaluate their own performance, and the audit regulators described their efforts to assist audit committees. Participants agreed that the dialogue should continue.
Faced with the task of voting on many companies’ proxies in a short period of time, institutional investors of all sizes continue to rely upon ISS and its competitors for both proxy voting advice and execution.ISS’s reach is only expanding as it grows beyond its proxy advisory services into a global governance company.In a meeting with ISS President Gary Retelny, EACLN members recognized the importance of developing a relationship with ISS, both to ensure that their voices are heard in its policy process and to serve as a check on the accuracy of its work.Mr. Retelny, for his part, encouraged board directors to play that role and participate in the process.
Three experts on tax discussed current trends in corporate taxation and their implications for global companies. In response to widespread concerns about tax avoidance, the EU and the G-20 are implementing ambitious initiatives that attack the issue on many fronts. For companies and their boards, this dynamic new landscape entails a reassessment of company strategies and processes, including the company’s objectives in the area of tax, its relations with tax authorities, its disclosures to the public and the tax function itself.
Three experts on tax discussed current trends in corporate taxation and their implications for global companies.In response to widespread concerns about tax avoidance, the EU and the G-20 are implementing ambitious initiatives that attack the issue on many fronts.For companies and their boards, this dynamic new landscape entails a reassessment of company strategies and processes, including the company’s objectives in the area of tax, its relations with tax authorities, its disclosures to the public and the tax function itself.
EACLN members discussed the cybersecurity risks and oversight of effective cyberrisk mitigation processes with Ms Helen Arnold, Chief Information Officer and Chief Process Officer at SAP SE; François Brisson, global head of Cyber & Technology for Swiss Re; and Chris Gibson, director of the United Kingdom's national Computer Emergency Response Team (CERT-UK). Cybersecurity has moved from being a technology issue to being a business issue that needs to involve every level of the company. Ms Arnold told members that SAP approaches this issue by building a "human firewall" and making sure all employees are "emotionally engaged" in the issue. Members agreed creating a culture of cybersecurity requires the CEO make cybersecurity a top priority. However, the lack of standards and external guidance to help boards and audit committees understand what they need to be looking for and what they should be asking management about cybersecurity and cyberrisks continues to frustrate members.
EACLN members met with Harlan Zimmerman of Cevian Capital to discuss investor activism and company responses. Mr Zimmerman explained the role of constructive activists who focus on the long-term success of companies, an approach that may work better in Europe than more adversarial strategies. The members and Mr Zimmerman agreed that companies should cultivate their long-term investors and evaluate the ideas of activists with an open mind. An activist joining the board can bring benefits, especially in improved information flow and analysis.
Audit committee agendas have grown considerably the past few years, particularly since the financial crisis, as companies have come under greater scrutiny. As audit committees have taken on more responsibility and higher-profile roles, so has attention to their work by regulators and stakeholders. To deal with the growing burden, audit committee chairs shared their leading practices for managing their expanding agendas and meeting today’s demands.
The chair and deputy chair of the International Auditing and Assurance Standards Board (IAASB) joined EACLN members to discuss current and future IAASB projects. Members urged the IAASB to consider the role of the auditor in assessing – and possibly providing assurance on – information beyond the annual report. They also confirmed the value of enhancing the auditor’s report more broadly; noting that enhanced reporting could strengthen rather than undermine the relationship between the auditor and the audit committee.
Stephen Haddrill, CEO of the UK Financial Reporting Council (FRC), joined EACLN members to discuss the FRC’s role in financial reporting and regulation. Mr. Haddrill described a regulatory approach that is collaborative and relies on both voluntary and mandatory elements. He noted that the FRC works closely with its overseas counterparts and international organizations. The discussion also focused on how audit chairs can make financial reports more useful and keep clutter to a minimum.
Andrew Archibald, deputy director of the National Cyber Crime Unit of the United Kingdom’s National Crime Agency, and Paul C. Dwyer, director of strategic solutions at the security firm Mandiant, joined European audit committee chairs to explore cybersecurity threats and how companies and governments should respond. They touched on preventative measures and incident response strategies. In addition, audit committee chairs learned about governments’ efforts on cybersecurity, including how governments and the private sector can work together.
Dr. Werner Brandt
European Audit Committee Leadership Network
Audit Committee Member, RWE