Oversight of the financial reporting process - Part II.by Waters, Robert K.
Reviewing Annual Financial Reporting
Typically, the committee meets with management and the independent auditors to review the financial statements for the year and the results of the annual audit. The nature of this review depends on the complexity of the company, its industry, and the committee's confidence in company management. When performing this review, the committee should pay particular attention to judgmental areas, such as those involving valuation of assets and liabilities. The committee should be sensitive to areas where different assumptions and judgments could have a significant effect on the statements. These areas could include accounting and disclosure for obsolete or slow-moving inventory; the allowance for doubtful accounts; warranty, product liability and litigation reserves; and commitments and contingencies. Figure 1 lists questions that might be asked at a postaudit meeting, and indicates whether the questions are normally directed to management, the independent auditors or both.
Reviewing Interim Financial Reporting
Many committees are increasing their oversight of interim financial reporting, which reflects the importance of all financial information communicated to outsiders.
For public companies in particular, financial statement users rely heavily on quarterly data. Although management often extensively analyzes major accounts, quarterly financial reporting may include more estimates than annual reporting. While the independent accounts normally do not audit quarterly financial statements, they may perform a limited review. This review may take place either before the release of quarterly results or after year-end, depending on the company's preference.
The committee should be briefed on how management develops and summarizes quarterly financial information, the extent of internal auditor involvement, the extent to which the independent auditors review quarterly financial information and whether that review is performed on a pre-or post-issuance basis. The committee may gain some insight into the fairness of the interim statements and disclosures by obtaining explanations from management, the internal and independent auditors on whether:
* Actual financial results for the interim period varied siginificantly from budgeted or projected results.
* Changes in financial ratios and relationships in the interim financial statements are consistent with changes in the company's operations and financing practices.
* Generally accepted principles have been consistently applied.
* There are any completed or proposed changes in accounting or financial reporting practices.
* The company's financial and operating controls are functioning properly and can be expected to continue to do so.
* The interim financial statements contain adequate and appropriate disclosures, particularly of:
--Unusual risks and uncertainties;
--Unusual or extraordinary events;
--Seasonal variations in sales, costs and expenses.
* The company has complied with loan agreements or security indentures.
Working with Management
Management at all levels influences the accuracy of financial reporting. Therefore, the committee should be briefed periodically on, and have a general understanding of, the financial reporting process, and it should continually assess management's competence and integrity. Effective oversight requires that the committee ask difficult questions and expect reasonable answers.
There are other management activities where it is beneficial to have oversight, including monitoring compliance with codes of conduct and seeking second opinions from other accountants.
Codes of Conduct
The committee cna actively help its company maintain a proper ethical environment. Many companies have formal codes of conduct clearly setting forth guidelines for acceptable business practices. Well- defined ethical standards and written guidelines for acceptable behavior help establish a climate that encourages accurate financial reporting.
Public companies should develop such a code and communicate it to all employees. This alone will not prevent willful, unethical or illegal actions by employees. But a code of conduct can help estabalish the right control environment when it is accompanied by clear signs from management that it will be enforced. Management should establish a program for monitoring compliance and the committee should review the program.
The topics most often addressed in corporate codes of conduct include compliance with laws; conflicts of interest; proprietary information and confidentiality; political contributions and activities; off-the-book transactions; and improper transactions and payments.
Opinions From Other Accountants
Differences of opinion on significant accounting or reporting issues can arise between a company and its independent auditors, especially when transactions are complex or when GAAP or reporting standards are not precise about a particular situation. Under these circumstances, management may wish a second opinion from another accounting firm. Some parties perceive that this practice may, at times, be an attempt by management to put undue pressure on their independent auditors. To safeguard against abuses, the committee should request that management advise it of any instances where a second opinion is sought.
Management may make, or the committee may request, reports on other topics to enhance the committee's understanding of the company, its operations and its business environment. Topics of this sort include:
* Management's assessment of the business risks the company faces and the planned response thereto;
* The legal environment, including the status of any pending lawsuits or administrative proceedings and related accruals, if any, and the status of product liability and warranty reserves;
* Insurance coverage for directors and officers;
* The extent of the work performed for the U.S. government and compliance with related contractual terms;
* Foreign operations, including locations, and controls over financial reporting;
* Current issues affecting the company's specific industry, e.g., regulatory issues or a discussion of the competitive environment;
* The effect of new tax laws and other regulations;
* Policies and procedures for reviewing officer's expenses and perquisites;
* Controls over treasury activities, including cash management, hedging, foreign currency transactions and use of new or unusual financial instruments.
Working with Independent Auditors
In addition to its communication with independent auditors concerning financial reporting, the committee should maintain ongoing communications concerning several areas, including:
* The proposed audit scope and approach.
* Suggestions management receives from the independent auditor.
* The findings resulting from the annual audit. To enhance the information flow to committees, the professional standards of the AICPA require the auditors to communicate certain matters to the committee directly or to make sure that management had sone so. These matters are set forth in SAS No. 61.
Reviewing the Proposed Audit Scope and Approach
The committee should meet with the independent auditors to review the proposed audit scope and approach. Often, this meeting takes place early in the year. Figure 2 lists questions that might be asked at this meeting. The company's key financial personnel and the chief internal auditor also usually take part in this meeting. This gives the committee a general understanding of what it can expect from the audit and helps it understand:
* The auditor's approach to evaluating the internal control systems and how that evaluation will affect the scope of the audit.
* Areas receiving major audit emphasis and the general approaches to be taken.
* The auditor's use of information technology, including general and special-purpose audit software and the use of expert systems.
* The effect major changes in the company will have on the audit approach.
* The accounting and operating locations to be visited and the scope of work at each location.
* The extent to which audit work is coordinated with that of internal auditors.
* The extent to which other auditing firms may be involved.
* The effects on the audit of any new professional or regulatory pronouncements.
* Any economic or operating problems facing the company and how these will be addressed in the audit.
* The company's financial reporting requirements and the timetable for meeting them.
The committee should make sure the independent auditors know that it is available for consultation and, if necessary, will arrange for direct access to the board of directors. It should also advise the independent auditors to inform it of any major unresolved problems the auditors encounter or any restrictions management may impose on the audit. The committee should meet privately with the independent auditors at least once each year to ensure free and open communication.
The committee should be aware of the auditors' letters to management on suggestions arising from the audit. These letters also may contain constructive suggestions on the company's business and its operations. The committee should ask management to respond to any significant suggestions received.
Conducting the Postaudit Review
Generally, the committee, management and the independent auditors meet to review the financial statements and the results of the audit, as discussed previously. ideally, this review should be performed before the financial results are released, although timing considerations may make this impracticable.
Reviewing Audit Fees
The committee usually reviews management's analysis of the audit fees and discusses any questions with management or the auditors. Management's analysis should highlight changes in the services provided and other matters that will directly affect fees, such as the number of operating units visited, the level of internal auditor involvement, or changes in the structure or size of the company or other significant factors affecting the operating environment.
Reviewing Management Advisory Services
While the committee focuses primarily on the audit of the financial statements, it shoudl also be aware of other services the auditing firm can provide. Management may engage the firm for consulting and special services because it is cost-effective, and audit quality is often enhanced by the increased knowledge the auditors gain from these services.
Auditing firms are required to report to the committees of public companies the total fees received from the company for management advisory services during the year and the types of services performed. The committee should review this information to satisfy itself that the services performed did not impair the auditor's independence. The committee also may want to familiarize itself with management's process for engaging the auditing firm for consulting services to ensure the questions concerning independence are being appropriately considered.
Ensuring the Auditor's Independence
Although it is unlikely that situations will arise where the external auditors are not independent, the audit committee, as part of its oversight function, should ask the auditors to affirm their independence and consider asking for a review of the firm's mechanisms to maintain independence.
Appointing the Auditors
Usually, management makes a recommendation to the committee on the appointment of the auditor; management works closely with the auditors and can evaluate the level and quality of the services provided. The committee reviews this recommendation and, in turn, makes its recommendation to the directors, who then make the appointment. Often this appointment is subject to ratification by the shareholders.
Working with Internal Auditors
Internal auditors play an important role in financial reporting. To be most effective, the internal audit department should have the support of both management and the board of directors through its audit committee.
Understanding the Internal Audit Function and its
Some internal auditing activities of particular interest to the committee include:
* Reviewing compliance with company policies and procedures at all levels.
* Reviewing operations to evaluate the effectiveness of the internal control systems, including controls over computerized systems.
* Evaluating the effectiveness of management's proposed actions to correct internal control deficiencies.
* Recommending operational improvements, which have the potential to increase profits.
* Evaluating the effectiveness of the physical protection of assets and the security of data.
* Verifying account balances.
* Making special examinations into areas such as illegal payments, defalcations or conflicts of interest.
* Working with the independent auditors.
The emphasis placed on these activities by internal auditors varies between companies. The committee should understand the function and activities of the internal audit department and review significant internal audit findings.
The committee can gain a basic understanding of the internal audit function and its activities from:
* The department's charter or other written description.
* A department organization chart.
* The internal audit plan, which includes the manner in which it plans its activities and a list of the proposed projects.
* Periodic reports on the internal audit activities that include a list of completed projects, projects in progress and selected audit findings.
* A description of the process for ensuring that management takes the appropriate corrective action on suggestions made in internal audit reports.
* An analysis of open audit findings, categorized by age and significance.
* A report on the adequacy of the department's current personnel, such as the staff's academic and professional credentials, EDP experience and foreign language skills, when appropriate.
* Plans for recruiting and training personnel.
* Reports for planned changes in the internal audit function.
It is important that the committee have contract with the internal auditors. the chief internal auditor should attend all committee meetings and should meet privately with the committee at least once each year.
Assessing the Internal Audit Department
The committee can enhance the quality of the internal audit department by determining whether the internal auditors:
* Are adequately trained. The company should not only ensure that the new staff is qualified, but alos provide a supportive atmosphere where internal auditors can receive continuing professional education.
* Keep up with current technology. For example, where a company has significant computerized operations; internal auditors should have the skills to understand and test them.
* Have appropriate credentials to meet the company's needs. The company should encourage its internal auditors to become members of professional associations, such as the Institute of Internal Auditors, and to seek professional certifications.
The committee should also consider the adequacy of the internal audit staff and should be aware of planned changes in its size. The committee may want to review personnel changes in the positions of chief internal auditor and, possibly, other key internal audit supervisors. The committee should be satisfied with the impact of these changes on the department's effectiveness.
As an additional step, the committee (or management) may want to have the department's activities independently reviewed. Such "quality assurance reviews" can help strengthen its effectiveness and can identify the actions necessary to ensure that future needs are met. These reviews can be performed by independent auditors or by professional organizations.
Reporting to the Board of Directors
The board is responsible for overseeing all activities of the company. When it establishes an audit committee, it creates a vehicle to carry out its own oversight and financial reporting responsibilities. However, this does not relieve other directors of their responsibilites. Accordingly, the committee should, on an ongoing basis, inform the board about:
* Any situations in the reporting system taht could result in significant misstatements in financial reporting.
* Discussions it has about significant risks affecting the company.
* The committee's general activities and topics discussed at its meetings.
At least once a year the chairman of the committee should formally report, preferably in writing, to the board on the committee's activities. In addition, the committee normally provides the board with its recommendation for the appointment of independent auditors.
(*1) See also, "Audit Committees for Governmental Units--How-To," by Patrick F. Hardiman, Alan Reinstein and David R. L. Gabhart; The Cpa Journal, June 1986.
(*2) This article is adapted with permission from a monograph "Audit Committee Guide," published and copyright by Coopers & Lybrand.
James S. Gerson, CPA, is a Partner and Director of Audit Policy in the National office of Coopers & Lybrand. Mr. Gerson is a member of the AICPA and the NYSSCPA.
J. Robert Mooney, CPA, is a Partner in the Richmond, VA, office of Coopers & Lybrand. Mr. Mooney is a member of the AICPA and the Virginia Society of CPAs.
Donald F. Moran, CPA, is a Partner in the Detroit, MI, office of Coopers & Lybrand. Mr. Moran is a member of the AICPA, the Massachusetts and Michigan Societies of CPAs.
Robert K. Waters, CPA, is a Partner in the Washington, DC, office of Coopers & Lybrand. Mr. Waters is a member of the AICPA and the Minnesota Society of CPAs.
The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.
©2009 The New York State Society of CPAs. Legal Notices
Visit the new cpajournal.com.