|
|
|
B. The Responsibilities and Duties of Audit Committees
C. Relying on the Work of the Auditors
D. Functioning of the Audit Committee
Appendix 5 - Description of the Audits
Appendix 6 - Examples of the Information and Advice Available from the Auditors
Appendix 7 - Examples of Audit Committee Activities Related to Relying on the Work of the Auditors
Appendix 8 - Examples for Inclusion in an Audit Committee Charter
Appendix 9 - Examples of Support for the Audit Committee
Appendix 11 - Selected Additional Readings
Audit committees are an essential component of the structures and processes of good corporate governance. The Guidelines for Audit Committees in Crown Corporations and Other Public Enterprises have therefore been developed to offer suggestions for consideration by federal Crown corporations' boards of directors and audit committees. Other public enterprises may also find these Guidelines to be of assistance to their organizations.
The Guidelines present a framework that individual audit committees interested in improving how they perform their work can use. Boards of directors and audit committees, however, should tailor the Guidelines to meet their specific needs. In doing so, they should consider the unique circumstances of their corporation in terms of its size, its mandate, and the different levels of experience possessed by the individual members of the board of directors and the audit committee.
The Guidelines are divided into four broad sections: responsibilities and duties of audit committees, relying on the work of the auditors, functioning of the audit committee, and a concluding observation. Appendices for each of the main sections supplement the information with related examples that are additional to the Guidelines.
Over the past decade, the role and importance of an independent board of directors has been the centrepiece of Canadian and international efforts to improve the governance of the corporations that play a key role in modern society. The federal government as well as the boards of directors and management of Canada's Crown corporations have been active participants in efforts to establish good corporate governance practices and to maintain an effective regime of financial management and control.
Recent concerns about financial meltdowns in the corporate world have again raised questions about the integrity of governance practices and the role of audit committees - the guardians of corporate financial reporting.
For Crown corporations, an audit committee helps the board of directors fulfill its responsibility to the Crown, as the shareholder, to lenders, and to Canadians in general. Audit committees assist boards of directors to oversee and objectively assess the performance of the corporation, its management, and its auditors.
In recognition of the importance of audit committees, the federal government's control and accountability regime for its Crown corporations requires that those subject to Part X of the Financial Administration Act have an audit committee. To perform their work, audit committees have the power to investigate any matter brought to their attention. The committee has full access to all books, records, facilities, and personnel of the corporation. In addition, with the specific approval of the board of directors, the audit committee has the power to access outside counsel or other experts. Appendix 1 describes the composition and role of the audit committee as prescribed by section 148 of the Financial Administration Act.
The effectiveness of audit committees depends heavily on an awareness and understanding of the responsibilities and duties of the audit committee and the professional responsibilities of management and the auditors (internal and external and, where required, the special examiner). Strong, open relationships between the audit committee, management, and the auditors with respect to these responsibilities are essential.
As a core committee of the board of directors, audit committees have a challenging set of responsibilities. These delegated responsibilities include overseeing the following broad areas: the corporation's standards of integrity and behaviour, its reporting of financial information, and its management control practices. The duties implicit in fulfilling these responsibilities vary with the specific needs and circumstances of each Crown corporation.
The three broad responsibilities closely interrelate. The corporation's standards of integrity and behaviour will affect the nature and extent of financial reporting. At the same time, the quality of financial reporting depends on the soundness of the internal control systems. The functioning of the control framework depends, in turn, on the values and ethics of the corporation's employees. Standards for corporate behaviour, financial reporting, and effective controls cannot be developed or evaluated in isolation from each other.
Management has primary responsibility for ensuring that the corporation complies with the law and behaves with high standards, for preparing financial reports, and for developing control frameworks. On the other hand, as the representative of the board of directors for the responsibilities delegated to it by the board, the audit committee oversees and reviews the performance of management and the auditors.
The audit committee, on behalf of the board of directors, holds management accountable for the corporation's standards of behaviour, its financial reporting, and its business systems and practices. The audit committee demands that the auditors conduct independent and objective assessments of management's performance in these areas. Often, audit committees also act as a check and balance in the relationship between management and the auditors. In addition, the audit committee is responsible for reporting to the board of directors on the committee's activities, findings, conclusions, and recommendations related to the responsibilities assigned to it by the board.
In practice, audit committees form their judgments based mainly on information obtained from management and the internal and external auditors. For this reason, audit committees should carefully build productive and frank working relationships with each participant in this structure.
The following sections describe the three broad responsibilities of audit committees and provide suggestions on how to carry them out. To meet these responsibilities, each audit committee must exercise judgment in developing an approach that fits the unique circumstances of the corporation. A universal approach is neither practical nor appropriate.
Appendices 2, 3 and 4 supplement the information on the three broad responsibilities with various related examples of an audit committee's activities. The additional reference material expands on the Guidelines but does not describe a recommended set of practices or prescribe how audit committees should exercise their judgment and plan their work.
The responsibilities described in these Guidelines are similar to and consistent with those prescribed for audit committees of private sector corporations, with appropriate modifications to fit the circumstances of parent Crown corporations and the duties prescribed for their audit committees and the auditors by Part X of the Financial Administration Act.
The audit committee oversees the corporation's standards of integrity and behaviour
Crown corporations are expected to demonstrate a strong commitment to ethical and lawful behaviour. Through their actions and words, senior management and the board of directors are responsible for creating an environment of integrity - the paramount building block of effective corporate governance.
For this atmosphere to be fostered throughout the organization, management and directors must demonstrate to all employees that high standards of behaviour are expected and that unacceptable behaviour will result in swift and meaningful sanctions. Management is therefore responsible for operating the corporation in an effective and ethical manner on behalf of the Crown. Personal interests should never be put ahead of, or be in conflict with, the interests of the corporation.
Creating a culture of honesty and high ethics often involves formal communication of expectations to all employees. To accomplish this, management is responsible for establishing adequate systems and practices that provide reasonable assurance of compliance with laws, regulations, and standards of ethical conduct and identify and deal with any legal and ethical violations. Management should also establish procedures for monitoring compliance with its code of conduct and ethics policies.
Understandably, boards of directors maintain a keen interest in standards of integrity and behaviour. Some boards retain this responsibility directly for themselves, often with the understanding that the board's main committees will include the oversight responsibility for standards of ethics and behaviour as a key component of their other responsibilities. Whether this oversight responsibility is delegated to one committee or to more than one committee, the audit committee should include overseeing standards of integrity and behaviour as a primary responsibility. Audit committees are in a good position to assist their boards of directors to obtain assurances that management is operating the corporation in an ethical manner.
To reinforce this strong interest in ethical standards, audit committees should request that management report periodically on how its processes encourage and maintain high ethical standards. The report could cover topics such as employee relations, customer and supplier relations, compliance with laws and regulations, reports of examinations by regulatory agencies, current and pending litigation claims, security of company assets and records, sanctions imposed, and planned changes. It could also cover sensitive information, such as information on perquisites, expense accounts, and out-of-pocket expenses for officers and directors.
An audit committee should discuss with its auditors the details of any practices or transactions they identified as being in possible violation of the legal authorities. In addition, this discussion should cover the details of any other matters the auditors considered bringing to the attention of the board of directors, the minister responsible for the corporation, or Parliament. Similarly, at the time of the special examination, the audit committee should inquire about issues the special examiner intends to bring, or may have considered bringing, to the minister or Parliament.
The approach an audit committee adopts to fulfill this responsibility will depend on the unique circumstances of the corporation. Appendix 2 presents examples of audit committee activities and duties related to overseeing the standards of integrity and behaviour.
The audit committee oversees the integrity and the credibility of the corporation's financial reports
Accountability of a Crown corporation to the Crown and to Canadians rests heavily on the integrity of the corporation's financial reports. No Crown corporation can afford any suspicions about the quality of its financial reporting. The Crown, as shareholder, and lenders need timely disclosures to assess the financial and business soundness and risks of the corporation. The reports should adequately communicate the significant issues confronting the corporation and fairly present its financial condition and performance.
The audit committee is expected to provide the board of directors with assurances that the corporation's financial statements are fairly presented in accordance with generally accepted accounting principles (GAAP) in all material respects. These assurances should be based on the audit committee's review and discussion of the corporation's financial reports with management and the auditors.
The audit committee should assess the relevance and the reliability of these financial reports given that the board of directors depends on the committee's advice to help it make informed decisions regarding the corporation's financial condition and performance; its accounting policies, practices, and disclosures; and its approval of the corporation's annual report.
The following sections describe some of the key duties performed by audit committees in conducting assessments and in formulating advice to their boards of directors.
Relevance and accuracy are the hallmarks of good financial reporting. The corporation should embody this value and always report with integrity and accuracy. Financial misreporting to achieve a desired outcome should always remain unthinkable. To ensure that it is, audit committees should promote truthfulness in financial reporting.
An audit committee should ensure that the corporation's financial statements portray the underlying economic circumstances of the corporation in the clearest light possible by reviewing and discussing, with management and the auditors, the financial statements and the key accounting principles as well as the significant judgments used to prepare them.
The quality and clarity of financial reports often depend on how the GAAP are applied. The way they are applied often allows for more than one interpretation. Acceptability of an interpretation, in terms of GAAP, does not always mean the most meaningful disclosure. Management should choose the most appropriate application of the GAAP. For the most important accounting policies, the audit committee should receive an explanation of the rationale in making the selection.
Closely related to the issue of accounting policies is the issue of the reasonableness of significant estimates. The fair portrayal of the corporation's financial condition and results often requires management to make difficult judgments and estimates about the effect of matters that are inherently complex and uncertain. The audit committee should inquire about and discuss the significant accounting accruals, reserves, and estimates, whereas management should explain and defend its judgments.
Audit committees should seek the external auditor's judgment about the quality of the corporation's financial reports. Discussions with the external auditors should focus on the appropriateness, and not just the acceptability, of the accounting principles selected for financial reports and on the degree of aggressiveness or conservatism in determining estimates. Discussions with management and with the external auditors about the inherent fairness and completeness of financial disclosures should occur before the annual report is finalized.
In addition to the normal written reports and opinions received from the auditors, the audit committee should establish free and open oral communications with them. Frank discussion of some topics, such as the quality of financial communications, often lend themselves to the less-formal oral format. Sometimes requests for written views and opinions result in a more formal standardized boilerplate response. The audit committee should make it clear that they want the external auditor's advice and that they rely on the auditor's observations to formulate the views and assurances they give the board of directors.
Management prepares information to meet the needs of its board of directors. This information should help the board to better participate in the formulation of the corporation's strategic direction and to hold management accountable for achieving objectives. Often, audit committees are delegated responsibility for reviewing and evaluating the quality, quantity, and timeliness of the information that flows from management.
Periodically, the audit committee should ask management to review how well the financial information provided to the board meets the board's needs. Discussion of this review with the audit committee often leads to changes that better meet the evolving information needs of the board.
The audit committee should be satisfied that the corporation's financial information systems and management practices meet the board's needs.
To portray the financial situation and performance adequately, a corporation's annual report has two main components: the audited financial statements and management's discussion and analysis (MD&A). A good MD&A section in the annual report is essential to responsible financial reporting.
The MD&A provides additional contextual information that helps readers, including the Crown and lenders, more fully understand the business of the corporation, its performance, and its prospects. It helps in evaluating the appropriateness of management's business strategies and risk assessment. When relevant, this section also discusses how the accounting policies are applied and on what the significant accounting estimates are based. Enhanced MD&A disclosure improves corporate governance.
Audit committees should review the MD&A report as an integral component of their financial review processes.
For Crown corporations, the primary vehicles for communicating with the government are the corporation's annual report, including the financial statements and, where applicable, the corporation's corporate plan. The annual reports of Crown corporations must also be tabled in Parliament. In addition, corporations subject to Part X of the Financial Administration Act must prepare summaries of their approved corporate plan and budgets for tabling in Parliament by the minister responsible for the corporation. At a minimum, these reports should allow parliamentarians to evaluate how well the corporation has fulfilled its objectives.
The audit committee's review of the annual report should ensure that it portrays in a balanced and complete way the corporation's financial situation and performance. The review of both the audited financial statements and the MD&A sections together should involve discussion with management and with the auditors.
The audit committee should consider how it could assist the board of directors in the processes leading to the approval of the corporate plan by the board and, where applicable, the preparation and submission of the summaries of the approved corporate plan and budgets for tabling in Parliament.
In addition to annual reports, some Crown corporations also issue other public financial reports. These can include interim financial reports (quarterly, semi-annual), statements in prospectuses, and other offering memoranda and statements required by regulatory authorities. Audit committees usually review, prior to release, all published financial statements that require approval by the board of directors. The audit committee should be involved in determining the extent of the involvement of the external auditor in the review or audit of these reports.
Audit committees need to know the scope and the nature of these other public financial reports as well as the role and the professional responsibilities of the external auditors with respect to them. This information combined with a discussion with management and the external auditors can help the audit committee determine the role it wishes to take with respect to other public financial reports.
The approach an audit committee adopts in order to fulfill its broad responsibility for overseeing the financial reports will depend on the unique circumstances of the corporation. Appendix 3 presents examples of an audit committee's activities and duties that are related to overseeing financial reporting.
The audit committee oversees the corporation's systems and practices of internal control
The preparation of relevant and reliable financial reports and the maintenance of high standards of ethical behaviour require a well-functioning control framework. Good internal controls contribute to the assessment and mitigation of risk; the protection of assets; the economic, efficient, and effective use of resources; and the control and direction by management of the significant business processes.
Control frameworks, although they are often described using different words, consist of a broad array of policies, practices, internal control systems, processes, structures, and task allocations that, when taken together, support the management team in formulating and achieving the organization's objectives, in learning and adapting to change, in managing risks, and in recognizing and acting on opportunities.
It is important that the audit committee take a strong interest in these control practices. A poorly functioning framework can have a negative effect on the corporation's performance, its financial reports, and its standards of integrity and ethical behaviour.
Regular discussions with both management and the auditors about their assessments of the design and functioning of the control framework will help the audit committee to obtain assurances that the framework facilitates the achievement of objectives by managing risk and promotes good financial reporting, effective practices, and honest behaviour. Periodically, the committee should request and review reports or briefings from management on how well the control framework is working.
Assessing risk is a key step in formulating a corporation's plans and in developing its controls. Because every Crown corporation has a unique set of risks, opportunities, and challenges, boards of directors, audit committees, management, and auditors all require an understanding of the principal risks facing the corporation.
Management must identify and assess the organization's risks in order to manage them and to ensure that they are considered in decision making, strategic planning, and designing the corporation's information and control systems. Since business risk is inextricably linked to the understanding of financial reporting risk, risk assessment procedures are included in the generally accepted bases for planning audits.
In addition to acquiring a general understanding of the major risks facing their Crown corporation, audit committees should ensure that management monitors and controls them. Particular attention should be paid to how financial risks and the risk of unethical behaviour - including fraud - are controlled.
Managing financial risk involves striking a balance that accepts a reasonable level of risk and contains financial exposure within the levels established by the Crown.
Management is responsible for establishing and maintaining adequate control systems and practices. Part of this responsibility involves assessing the effectiveness of the internal control structure and procedures periodically. The audit committee should request a report from management on its evaluation of the effectiveness of the corporation's control systems and practices.
The external auditors acquire a working knowledge of the corporation's internal control structure. The audit committee should seek the views of the external auditor on the adequacy of the internal control systems and on management's assessment of the systems' effectiveness.
The special examiner's mandate to examine the workings of the control systems and practices offers the audit committee a unique opportunity for informed and objective insight. Discussions with the special examiner should focus on the examiner's views on risk management, any significant or major deficiencies identified, and the overall judgment of the examiner about the quality of the management systems and practices.
The audit committee should hold discussions with management and the auditors (internal, external and special examiner) on management's plans to improve the effectiveness of the accounting and financial controls, including the corporation's system to monitor and manage business risk as well as legal and ethical compliance.
The approach an audit committee adopts to fulfill the broad responsibility for overseeing management control practices will depend on the unique circumstances of the corporation. Appendix 4 presents examples of audit committee activities and duties related to this responsibility.
Audit committees rely on the work of the auditors for independent and objective advice and information. Their expertise and their professional responsibilities provide the audit committee with a valuable basis for obtaining assurances.
Through their work, auditors can help the audit committee form judgments about the relevance and reliability of financial reports as well as about the corporation's commitment to integrity, its compliance, and its management and control systems and practices. In addition, the audit committee can look to an internal audit as an important source of insight and understanding about the culture and controls within the corporation from the perspective of people who are within the organization full-time.
The Financial Administration Act recognizes the importance of audits to the work of the board of directors by requiring that three types of audit be conducted: an annual audit, a special examination, and an internal audit. On behalf of the board of directors, the audit committee oversees these audit activities.
The annual audit deals with the fairness of the statements, compliance of transactions with specified legal authorities, and any other matter identified by the external auditor as important.
The special examination, conducted at least once every five years, deals with the financial and control systems and processes as well as management practices.
The internal audit, which is a part of management's system of internal control, deals with matters similar to those of the annual audit and the special examination.
Appendix 5 describes each of the three audits.
While the three audits differ in purpose, each works through five generic phases. The audit committee has an interest in each of the five phases for each type of audit. The first phase involves a formal articulation of the purpose of the audit and its terms of reference. The second requires the selection and organization of a team of experienced professionals to plan and conduct the audit. The third phase involves the development of an audit plan. The fourth is conducting the audit. The fifth is the reporting and the review of the audit results and findings.
Each of the auditors has professional responsibilities in each of the five audit phases. The professional standards of responsibility are prescribed by the Financial Administration Act, the Canadian Institute of Chartered Accountants (CICA), the Auditor General of Canada, and The Institute of Internal Auditors (IIA). CICA's generally accepted auditing standards (GAAS) apply to the annual audit; the Auditor General of Canada's Manual on Special Examinations of Crown Corporations and the value-for-money component of CICA's Public Sector Auditing Standards apply to the special examination; and the IIA's Standards of the Professional Practice of Internal Auditing apply to the internal audit.
The audit committee should become familiar with the professional responsibilities and the work of the auditors. This, combined with a constructive and open working relationship, will help guide the work of the auditors in ways that maximize the assurances the audit committee can draw from the auditors' independent observations and opinions.
Audit committees should not hesitate to engage the auditors in active discussions about issues related to the auditors' responsibilities. The work of auditors can contribute significantly to the assurances the audit committee seeks about the corporation's financial reports, its commitment to integrity and compliance with the law, and its management systems and practices.
Appendix 6 presents examples of the kinds of information and advice an audit committee could consider seeking from the auditors.
For each audit, the audit committee should confirm the presence of the basic underlying conditions essential to their reliance on the auditors' work. These conditions concern clarity of client focus, independence, qualifications, cost, access, and co-operation.
The audit committee should explicitly affirm that the committee, and not management, is the primary client for the work of each of the three auditors. Confusion about the accountability of the auditors has created major problems in the audits of corporations in the private sector.
The audit committee should confirm that the external auditor and the special examiner are independent of management and are able to maintain their objectivity. Conflicts of interest should be avoided; these include performing significant non-audit work for the corporation or the anticipation that members of the audit teams would be allowed to work for the corporation without an appropriate cooling-off period (for example, of at least one year).
To maintain a fresh perspective, the periodic rotation of auditors should be considered. This can be accomplished by changing the audit firm, the audit partner or, in the case of the Auditor General, the audit team, every five to seven years, or as necessary. While rotation may reduce audit cost efficiency, it likely increases the independence of the auditor.
Each of the auditors should employ highly competent staff, capable of carrying out their work in accordance with generally accepted auditing standards. The audit teams should possess the skills and experience appropriate to the complexity of the corporation and to the profile of its management.
The estimated cost of each audit should provide sufficient, but not excessive, resources. Each of the auditors should have full access to the records and full co-operation from the management of the corporation without becoming an unreasonable burden on management's ongoing work.
The audit committee should anticipate that the external auditor and the special examiner would satisfy the basic conditions for reliance.
As part of the corporation's management control systems, the internal audit function, however, may have less perceived independence and objectivity. Consideration of the particular circumstances and of the extent of the external auditors' reliance on the work of internal audit can guide the audit committee in formulating its judgment about the nature of the assurances it can derive from the work of internal audit.
The independence and objectivity of the internal audit function normally increases under certain specific conditions. These conditions include having it report to a senior officer outside the finance and accounting areas or directly to the chief executive officer. The allocation of sufficient resources in a separate budget, the presence of qualified professional staff, and a minimum of restrictions on the scope of its work will also help contribute to independence and objectivity. Some audit committees review management's annual evaluation of the performance of the internal audit function. Some boards of directors pass a resolution instructing the chief internal auditor to bring any situation that has not been corrected to the attention of the chief executive officer and, if action is not taken within a reasonable time, to the attention of the chair of the audit committee.
Audit committees usually confirm the presence of these basic conditions for reliance when they review and discuss the audit plans, the audit reports, and the corporation's financial reports with the auditors.
Just as the audit committee does not prepare the corporation's financial statements, it does not plan or conduct audits. The audit committee should seek, however, to ensure that the level and scope of the audit will provide the assurances needed from the auditors.
For each of the three audits, the audit committee should become involved in discussing the audit plans, monitoring progress, and reviewing the audit reports. The discussion of the audit plans should ascertain that the scope of the audit addresses the significant areas of risk, the potential weaknesses in internal control, and the possible areas for fraudulent or illegal acts. The extent of the planned audit should be sufficient to allow for reliance on the findings. The audit committee should be satisfied that management has not placed any inappropriate restrictions on the audit.
The audit committee should review and discuss the major findings and reports of each audit with the auditor. Management should develop a proposed set of actions to respond to the audit findings and observations. The audit committee, in turn, should review management's plans to correct any significant problems raised by the internal and external auditors and the special examiner. The committee should also monitor and review management's progress in implementing its response plan.
The audit committee should expect to devote time and effort to the development and maintenance of its relationships with each of the auditors. The audit committee's effectiveness depends on having relationships characterized by free and open communication and mutual trust and respect for each other's role.
Demonstrating a keen interest in the auditors' responsibilities, plans, findings, views, and advice will significantly add to the audit committee's effectiveness. Creating an environment of continuous open communication will foster a culture of "doing what is right" instead of one that is limited to "doing what the rules require." Support for the auditors should also include a clear message to management to co-operate fully with the auditors.
In order to demonstrate to auditors that their work is valued, the audit committee and the board of directors should clearly express their intention to rely on the work of the auditors. The audit committee should ensure that each of the auditors is aware of its overall objectives. Involving the auditors in the committee's work should include seeking suggestions from them on ways to improve its work.
Whenever it judges it appropriate, the audit committee should feel free to conduct separate private discussions with either management or the auditors. To enhance the audit committee's independence from management and to add further opportunities to ask probing questions freely, the audit committee should meet at least once a year with each of the auditors without management present. Furthermore, each of the auditors should be encouraged to request meetings with the audit committee in private whenever they consider it advisable. The committee should ask the auditors to consult it if they have any problems dealing with management. Similarly, the committee should seek management's views on the value and efficiency of the audits.
The auditor's role of evaluating management practices, judgments, and reports creates occasions for conflict and disagreement. The audit committee must be sensitive to the potential tensions. Its deliberations with both management and the auditors will affect the dynamics among these players and will sometimes put the committee in the role of intermediary between the auditors and management. Identifying these tensions and helping to reduce them requires strong leadership, tact, and diplomacy on the part of the audit committee.
The audit committee should hold each of the auditors accountable for meeting the auditor's professional responsibilities. To do so, the committee should evaluate the performance of each auditor annually. This review should consider the auditor's actual performance against audit plans. It should also consider the auditor's contribution to the audit committee's work, the quality of the information and advice received by the committee, and the nature of the auditor's working relationship with the audit committee. After discussing the evaluation with the auditor, the committee should report on it to the board of directors.
Appendix 7 presents additional examples of activities related to relying on the work of the auditors.
The value of an audit committee's contribution to the board of directors depends on the level of assurances that the committee is able to provide regarding the responsibilities delegated to it by the board.
This section offers suggestions about selected practices that audit committees may wish to consider when formulating their approach to managing their work. The topics covered include capturing the terms of reference in a formal charter, selecting audit committee members, independence, financial literacy, orientation and continuing education, audit committee meetings, the chair of the audit committee, support of the chief executive officer, support for the audit committee, and evaluating the committee's performance. Each audit committee should develop its own plan and practices for performing its work effectively.
The audit committee should set itself clear terms of reference that fit the circumstances of the corporation. The terms of reference should explicitly state the responsibilities delegated to the audit committee by the board of directors, identify the planned processes for performing its work, and contain a commitment to report to the board on its activities, findings, and recommendations. The charter should help the audit committee understand and focus on its priorities. It should be approved and reviewed on a regular basis by the board of directors.
Appendix 8 presents examples of topics that an audit committee could consider when preparing its terms of reference.
The board of directors should carefully select members for its audit committee. Audit committees require independent, financially literate members who are prepared to spend the time necessary to address complex issues and to challenge both management and the auditors, where necessary. The selection of members with these characteristics will serve to assure the audit committee's effectiveness.
Asking many tough questions is a key part of an audit committee member's job. A tolerance for differences of opinion, even when there may be the potential for conflict, should be encouraged. The subsequent discussions and processes to resolve differences of opinion enrich the quality of the audit committee's work.
Audit committees should value objectivity and independence highly. Each member should ensure that he or she maintains an independent perspective. Members must not become beholden to management and to the corporation. Furthermore, they should avoid receiving special favours, paid consulting work, or involvement in day-to-day management.
Audit committees should regularly remind themselves of the difference between their oversight function, management's decision-making function, and the auditors' function of conducting audits and formulating opinions. Audit committee members must be able to hold both management and the auditors accountable for fulfilling their responsibilities. A free and objective perspective is essential to the capacity to challenge and evaluate effectively.
Understanding fundamental accounting issues is essential for audit committees. Audit committees need to question the financial and accounting experts of the corporation and to consider the views and the assurances provided by the auditors. To accomplish this, audit committee members should be financially literate, and at least one member should have accounting or related financial management expertise.
Audit committees should assess their financial literacy relative to this standard and to the particular needs of their corporation. Although not all members of an audit committee would require a sophisticated level of financial expertise, the committee, as a whole, should have significant experience.
With the full support of its board of directors, the committee should develop its financial capacity. Some combination of briefings from the corporation's financial managers and auditors as well as the participation by the members (or the full committee) in training workshops tailored to their needs could be used.
If an audit committee judges that it does not possess a level of knowledge in a subject area sufficient to fulfill an audit committee responsibility, the chair of the audit committee should discuss the matter with the chief executive officer and the chair of the board of directors to find a solution, including the possible recommendation that the board of directors engage outside expertise to assist in filling the identified gap.
The audit committee should ensure that its new members receive the necessary preparation and support. New audit committee members should therefore receive an orientation to understand the committee's responsibilities and objectives; become familiar with its relationship with management and the internal and external auditors; and become familiar with the recent or recurring issues of interest to the committee, including high-risk audit areas.
Similarly, new members should ensure that they have a sound knowledge of the corporation and its operations. Acquiring this knowledge would build on their knowledge as a director. Knowledge about the director's role in governance, the corporation's public policy role, its overall strategy, and its performance are essential for members of audit committees. Special attention should be paid to knowledge about the role of auditors in the governance structure, the corporation's business risks, and the financial and other information used to manage and demonstrate accountability.
In addition to orientation for new members, audit committee members should receive continuing education on current accounting, auditing, and financial reporting developments and current business and industry issues. Audit committee members should be encouraged to participate in education programs that focus on developing and maintaining the committee's financial and other identified expertise.
Meetings are a main working forum for the committee, and members should expect to participate actively in them. The meetings provide an opportunity to review information, develop an understanding of important issues, and form informed judgments. A representative from each of the corporation's auditors (internal and external) and from senior management should normally attend each meeting. In addition, the committee should request the participation of other managers and members of the audit teams on an as-needed basis. Part of each meeting should be in-camera for committee members only, without the presence of the representative of management or the auditors.
The usefulness of the meetings and the overall effectiveness of the audit committee depend on thorough preparation by members. The minutes of previous meetings, the draft agenda, the relevant background information for the agenda items, and other material requiring the committee's attention are usually circulated prior to the meetings. Audit committees, under the leadership of their chair, often prepare annual work agendas that allocate the year's work to the scheduled audit committee meetings for the year.
The number of meetings largely depends on the extent and nature of the committee's work and tends to be an average of four meetings annually. Generally, these occur in advance of the board of directors' meetings so that the committee has ample time to do its work and follow up prior to the board meeting. In addition, committee members, the internal or external auditors, and management should have the power to call a meeting.
The chair of the audit committee provides leadership and presides over the activities of the audit committee. He or she works closely with the board of directors, the chair of the board, the lead partner or principal of the external auditor, the chief internal auditor, the chief executive officer, and the chief financial officer, acting as the formal link between them and the audit committee.
In guiding the work of the audit committee, the chair should
The effectiveness of the audit committee depends heavily on how it manages a complex set of relationships with the board, the auditors, and management. The audit committee, working under the leadership of its chair, should build a strong, open, and positive working relationship with the chief executive officer (CEO), the chief financial officer (CFO), and the chief internal auditor. Support of these senior managers for the audit committee's work will help it earn the confidence and co-operation of the corporation's full management team. The CEO, CFO, and the chief internal auditor can also assist the chair to develop an in-depth understanding of the corporation's business and the challenges facing it.
To perform its work, an audit committee requires the full support and co-operation of management. The committee depends on management for information reports, knowledge, and insight about the corporation's practices and the issues confronting it. In addition, management provides practical administrative support.
Audit committees find this support in different ways. The audit committee and management should discuss this issue and find ways of meeting the committee's needs in a helpful and cost-effective manner.
The support given to an audit committee can cover a wide range of activities, including providing basic administrative service, planning the committee's work agenda, identifying issues, preparing reports, researching assigned topics, and liaising with management. This support is provided to some committees with the help of a well-qualified and experienced corporate secretary. Some have administrative support combined with other services on an as-needed basis. Others have the support of a dedicated resource person selected from among the managers or the internal audit staff on a part-time basis.
Appendix 9 describes examples of the kinds of support and assistance audit committees could receive to help them to work more effectively.
On some occasions, to ensure independence, an audit committee may require advice and assistance from outside legal, accounting, or other advisors. In these cases, the audit committee should discuss its needs with management and then ask its chair to seek the support of the board of directors on the retention of consultants who would report directly to the audit committee or the board.
The audit committee is accountable to the board of directors for the responsibilities delegated to it by the board. Each year, in order to improve its work for the next year, the audit committee should review the adequacy of its charter and assess its effectiveness in meeting the needs of the board of directors. This annual assessment should review how well the committee has met its responsibilities and performed its duties. The chair of the committee should also periodically review and discuss the performance of individual committee members.
Appendix 10 presents examples of activities and duties related to the functioning of an audit committee.
These Guidelines offer suggestions aimed at improving an important aspect of corporate governance as practised in the federal government's portfolio of Crown corporations. The Guidelines may also have applicability in other public enterprises. The Guidelines focus on improving the effectiveness of audit committees - a key component of the structures and processes of good corporate governance.
The Guidelines, as their name implies, provide guidance - they do not prescribe. They are intended to foster discussion between the board of directors, the audit committee, the auditors, and management. Each Crown corporation should consider them as a framework for strengthening how its audit committee performs its important work. Boards of directors and audit committees should judge how to tailor the Guidelines to meet the specific needs and circumstances of their particular corporation.
148.(1) Each parent Crown corporation that has four or more directors shall establish an audit committee composed of not less than three directors of the corporation, the majority of whom are not officers or employees of the corporation or any of its affiliates.
(2) In the case of a parent Crown corporation that has less than four directors, the board of directors of the corporation constitutes the audit committee of the corporation and shall perform the duties and functions assigned to an audit committee by any provision of this Part and the provision shall be construed accordingly.
(3) The audit committee of a parent Crown corporation shall
(a) review, and advise the board of directors with respect to, the financial statements that are to be included in the annual report of the corporation;
(b) oversee any internal audit of the corporation that is conducted pursuant to subsection 131(3);
(c) review, and advise the board of directors with respect to, the annual auditor's report of the corporation referred to in subsection 132(1);
(d) in the case of a corporation undergoing a special examination, review, and advise the board of directors with respect to, the plan and reports referred to in sections 138 to 141; and
(e) perform such other functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.
(4) The auditor and any examiner of a parent Crown corporation are entitled to receive notice of every meeting of the audit committee and, at the expense of the corporation, to attend and be heard at each meeting, and, if so requested by a member of the audit committee, the auditor or examiner shall attend any or every meeting of the committee held during his term of office.
(5) The auditor or examiner of a parent Crown corporation or a member of the audit committee may call a meeting of the committee.
(6) Where the report referred to in subsection 132(1) is to be prepared in respect of a wholly-owned subsidiary separately, subsections (1) to (5) apply, with such modifications as the circumstances require, in respect of the subsidiary as though
(a) the references in subsections (1) to (5) to a parent Crown corporation were references to the subsidiary; and
(b) the reference in paragraph (3)(a) to the annual report of the corporation were a reference to the annual report of the parent Crown corporation that wholly owns the subsidiary
R.S., 1985, c-F-11, s.148; 1991, c.24, s.50(F).
The examples of practices employed by audit committees related to overseeing the standards of integrity and behaviour are grouped below into three interrelated subsections: "Management's approach," "Compliance with authorities," and "Unusual transactions and other matters."
The examples of practices employed by audit committees related to overseeing financial reporting are grouped below into six interrelated subsections: "Standards of financial reporting," "Accounting principles and practices," "Accounting judgments and estimates," "Review of financial statements," "Annual report and management's discussion and analysis," and "Other."
The examples of activities and duties performed by audit committees related to overseeing management control practices are grouped below into two interrelated subsections: "Risk management" and "Functioning of the control systems."
The following summarizes the main characteristics of each of the three types of audits prescribed for most Crown corporations.
The examples of information and advice that an audit committee could seek from the auditors of the corporation are grouped below into six interrelated subsections: "Legal and ethical standards and practices," "Risk assessment," "Control systems and practices," "Financial reporting processes," "Annual report," and "Other issues."
The examples of practices performed by audit committees to enhance their reliance on the work of the auditors are grouped below into four interrelated subsections: "The work of the auditors," "Conditions for relying on the auditors," "Overseeing the audits," and "Relationships with the auditors."
The Charter functions as the audit committee's terms of reference. For some corporations, the terms of reference is contained in a set of bylaws, and these can be brought together as the initial charter.
In addition, the Charter guides the operations of the audit committee and is reviewed annually by the board of directors.
Examples of topics, procedures, or activities that could be considered for inclusion in an audit committee charter are as follows.
The charter would explicitly state the responsibilities delegated by the board of directors to the audit committee.
Examples of the kinds of support and assistance that an audit committee could receive to enhance its effectiveness include the following.
General duties:
Introducing new committee members:
Audit committee meetings:
If the corporate secretary is not responsible for providing the above-noted possible support to the audit committee, the following liaison with the corporate secretary could be considered:
The following are examples of practices performed by audit committees related to the functioning of the audit committee.
|
Please note: Some of the following links point to Web sites of organizations not subject to the Official Languages Act, and, as such, information contained therein is available in the language in which it was written. |
Canada. Office of the Auditor General of Canada. Chapter 18, "Governance of Crown Corporations." 2000 Report of the Auditor General of Canada. Ottawa, 2000. http://www.oag-bvg.gc.ca/domino/reports.nsf/html/00menu_e.html
---. Office of the Auditor General of Canada. Appendix B, "Extracts from Part X of the Financial Administration Act." 2000 Report of the Auditor General of Canada. Ottawa, 2000.http://www.oag-bvg.gc.ca/domino/reports.nsf/html/00ab_e.html
---. Office of the Auditor General of Canada. Appendix D, "Report on the Audit of the President of the Treasury Board's Report to Parliament." 2000 Report of the Auditor General of Canada. Ottawa, 2000. http://www.oag-bvg.gc.ca/domino/reports.nsf/html/00menu_e.html
---. Office of the Auditor General of Canada. Manual on Special Examinations of Crown Corporations. Ottawa, 2000. http://www.oag-bvg.gc.ca/domino/other.nsf/html/sem_c1_e.html
---. Treasury Board. Corporate Governance in Crown Corporations and Other Public Enterprises - Guidelines. Ottawa, 1996. http://www.tbs-sct.gc.ca/gov-gouv/index_e.asp
Canada Deposit Insurance Corporation (CDIC). Standards of Sound Business and Financial Practices. [N.p.] 2001. http://www.cdic.ca/index.cfm/ci_id/1218/la_id/1.htm
Canadian Council of Chief Executives. Governance, Values and Competitiveness: A Commitment to Leadership. Ottawa, 2002. http://www.ceocouncil.ca/en/corporate/corp_gov.php
Canadian Institute of Chartered Accountants. Section 5751, "Communications with those having oversight responsibility for the financial reporting process." CICA Assurance Handbook. Toronto, 2002.
---. Sabia, Maureen J., and James L. Goodfellow. Integrity in the Spotlight - Opportunities for Audit Committees. Toronto, 2002.
Gibson, Dunn & Crutcher, LLP. After Enron: Issues for Boards and Audit Committees to Consider. Los Angeles, 2002. http://www.gibsondunn.com/Pages/default.aspx
The Institute of Internal Auditors. Professional Practices Framework (The Standards for the Professional Practice of Internal Auditing). Altamonte Springs, Florida, January 2002. http://www.theiia.org/bookstore.cfm?fuseaction=product_detail&order_num=487
Joint Committee on Corporate Governance. Beyond Compliance: Building a Governance Culture, Final Report. Toronto, 2001. http://www.cica.ca/multimedia/Download_Library/About_the_CICA/Corporate_Governance/Governance_Eng_Nov26.pdf
KPMG's Audit Committee Institute - Canada. Shaping the Canadian Audit Committee Agenda. [N.p.] 2002.
PricewaterhouseCoopers. The Sarbanes-Oxley Act of 2002 and Current Proposals by NYSE, Amex and NASDAQ - Board and Audit Committee Roles in the Era of Corporate Reform: A White Paper. [N.p.] 2003. http://www.pwc.com/Extweb/NewCoAtWork.nsf/docid/D0D7F79003C6D64485256CF30074D66C/$FILE/Final_SO_WP_2-BoardsAC.pdf
United States. U.S. Senate. Permanent Subcommittee on Investigations of the Committee on Governmental Affairs. The Role of the Board of Directors in Enron's Collapse. Washington: U.S. Government Printing Office, 2002. http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_senate_committee_prints&docid=f:80393.pdf
Verschoor, Curtis C. "Reflections on the Audit Committee's Role." Internal Auditor. 59, 2 (April 2002), pp. 26-35.
