The Audit Committee has perhaps the most demanding mandate of all the board committees. While this can be daunting, it becomes easier to discharge the role effectively if one recognizes a few “core responsibilities” as being distinct from an “array of other objectives,” which audit committees are generally expected or well positioned to fulfill. I may clarify that this differentiation of objectives is somewhat arbitrary as there is considerable overlap between what I refer to as “core” and “other” objectives, though all the core responsibilities are mandatory or non-negotiable. It is this total package of responsibilities that enables audit committees to drive organisational excellence through empowering oversight.
The first core responsibility is to ensure the integrity of the financial statements.
Stakeholders depend on these statements, and ensuring an appropriate framework for their preparation, review, and audit, including a critical review by the audit committee itself, is necessary. Many of the statutory requirements from the audit committee are focused on ensuring this.
The second core responsibility is to ensure and enhance an appropriate and effective risk and control environment in the company.
This requires coverage of a wide range of areas, including to ensure adequate and effective internal controls, an appropriate and effective internal audit framework commensurate to the size and complexity of the company, and appropriate and functioning second level controls as may be desirable such as revenue assurance, internal financial control testing and a comprehensive and effective compliance framework.
The third core responsibility is to safeguard the interest of minority shareholders, perhaps all shareholders and other stakeholders, with regard to financial matters and shareholder value.
While ensuring an appropriate and effective framework for related party transactions is perhaps at the heart of this requirement, special attention needs to be given to all dimensions of specific substantive transactions, particularly if they are of a capital or exceptional nature, or relate to an arrangement with related parties which may or may not be at arm's length or in the normal course of business.
While the law, SEBI and other regulations specify the regulators' expectations relating to the above core responsibilities in fair detail, there are other objectives or areas (referred to above as “an array of other objectives”) that an audit committee needs to additionally cover to effectively achieve the above objectives and to add value beyond these. Some of these areas are fairly basic, while others depend on circumstances and needs and may therefore vary from company to company and also change over time. Rather than dwelling too much on the essence of the above core responsibilities, extensively covered by regulations, let me share thoughts on additional areas which the audit committees may, or perhaps even should, cover to drive organisational excellence within the broad ambit of good governance and financial management, keeping in view their character as the specialist board committee with financial expertise and an independent perspective.
The audit committees should therefore not consider their mandate as being limited to the legal entity on whose board they serve, but must also take appropriate responsibility for the structure in place, their subsidiaries and associates, maintain oversight over their risk and control environment, and periodically review the financial performance, financial management, and financial health of all material investments.
An area that audit committees should periodically review in order to ensure satisfactory fulfillment of all the core responsibilities, as well as additional value added, relates to the Finance Function or CFO Office, covering the adequacy of this function in the company, its resources, capabilities, and structuring, including segregation of duties and clear and appropriate responsibility assignments extending, inter alia, to the responsibility for oversight of subsidiaries, associates, and significant investments. A comprehensive review of these areas and the CFO's plan for strengthening the finance function, succession planning, and the development of key individuals to enhance capabilities may be done by the audit committee as per needs, but at least once every two or three years, including within six months to a year of a new CFO taking charge, with an action plan emanating from such a review that the committee continues to oversee. Such reviews are generally best done in private sessions.
Financial management is, of course, a management responsibility, with the leadership team and particularly the CFO having a lead role. Consequently, only a few specific areas within financial management are spelled out in the law or regulations as being required to be addressed by the audit committee. However, financial expertise, experience, and the independence of the committee may allow them to provide oversight and contribute insights and ideas for improvement, covering a wide range of matters such as funding structures and options, working capital management, operating and financial leverage, cost management, structuring, and restructuring. The committee may seek to add value in some of these areas as a part of its quarterly review of financials by requiring information on key parameters to be circulated reasonably in advance of the meetings and to include fairly detailed analysis, including key ratios, comparisons, and trends, together with an insightful CFO report. Apart from these quarterly financial reviews, certain specific areas, such as funding structure and options, cost containment, surplus fund management, etc., may be covered if and when warranted by need and circumstances.
Key decisions relating to business portfolios, mergers, acquisitions, divestitures, and substantial investments are closely tied to the company's strategy and business plans and are therefore best made at the board level. However, the audit committee plays a key role in evaluating such options and opportunities, particularly regarding valuations, for which the law recognizes the audit committee as having a statutory responsibility. Keeping in view the nature of these decisions, the analysis and recommendations of the audit committee must keep in view the strategy, plan, competitive situation, key assumptions and their basis, sensitivity analysis, key foreseeable risks, and risk mitigation possibilities.
Company structures evolve and may become fairly complex over time for good business, funding, liability containment, and other reasons, resulting in shareholder and lender funds and interests being impacted or exposed, possibly significantly, by its subsidiaries, joint ventures, associates, or other material investments. Since board and audit committee responsibilities are to its shareholders and other stakeholders, the audit committee must exercise appropriate oversight over these related entities while being mindful of governance proprieties requiring due respect for the boards and committees of these entities. Regulations and experience reinforce the reputation and financial risks and liabilities that may extend to the parent and other related entities.
The audit committees should therefore not consider their mandate as being limited to the legal entity on whose board they serve, but must also take appropriate responsibility for the structure in place, their subsidiaries and associates, maintain oversight over their risk and control environment, and periodically review the financial performance, financial management, and financial health of all material investments. In my experience, this can be done through two types of reviews:
Risk & control environment review
The risk & control environment review of the company's subsidiaries may be conducted annually, and its findings presented to the audit committee, by the CFO or a senior member of the Finance Team who bears responsibility within the CFO office for Enhancement of Controls and / or oversight of subsidiaries. This should include collation and a critical review of all relevant information, including for example, the capabilities and experience of people in key positions, arrangements for internal and statutory audit, mechanisms and track record of resolution of audit issues, any significant long pending unresolved issues, any significant control failures noted, and satisfactory working of parent oversight. The emphasis should be on identifying possible gaps and strengthening needs.
Financial & related business performance review
The financial & related business performance review of material subsidiaries and large investments may be warranted from time to time, usually at least once annually. This may be conducted by the person responsible in the office of the CFO for oversight of investments or material subsidiaries, jointly with the business lead for that area. Collation, analysis and critical assessment of relevant information, ratios, comparisons and trends against budgets/plans and over a period of time usually helps evaluating against objectives and plans, while also evaluating financial and business performance.
Key determinants of empowered oversight and some suggested best practices
Empowered oversight to drive organisational excellence depends on numerous factors including an enabling environment provided by the controlling shareholders, board attitude and encouragement, management cooperation and responsiveness, the composition, capabilities and dynamics within the committee, and certain best practices, such as:
(1.) While a formal audit committee charter is not always necessary, but a shared understanding of the role and expectations from the committee can be immensely helpful for a shared understanding among committee members, and to define and clarify board expectations.
(2.) Quality agenda papers circulated well in advance have a huge impact on the committee's functioning; the inclusion of succinct presentations prepared by relevant senior management, which make key observations, share insights, and raise 'matters for consideration' are not only helpful for informed and efficient decision making, but also provide the committee with an opportunity to get to know senior members of the management team.
(3.) Private sessions can add huge value, and may be set up with statutory or internal auditors, the CFO, or just among the directors. They provide an opportunity to candidly share insights, concerns and suggestions; such sessions held only among the directors can help identify changing priorities for the audit committee in line with situation and circumstances.
He is an Independent Director and Chairman of the Audit Committee of Titan Company Limited (2016-ongoing), and also serves as a member of its Risk Management Committee and the Ethics Committee. He was till recently (2012-24) the Chairman of the Audit Committee at Coforge Limited (formerly NIIT Technologies Limited) and of Aditya Birla Finance Limited (2010-2023). A chartered accountant and certified management accountant, Mr. Puri worked with PwC for 34 years, including 22 years as Partner.
Owned by: Institute of Directors, India
Disclaimer: The opinions expressed in the articles/ stories are the personal opinions of the author. IOD/ Editor is not responsible for the accuracy, completeness, suitability, or validity of any information in those articles. The information, facts or opinions expressed in the articles/ speeches do not reflect the views of IOD/ Editor and IOD/ Editor does not assume any responsibility or liability for the same.
About Publisher
Bringing a Silent Revolution through the Boardroom
Institute of Directors (IOD) is an apex national association of Corporate Directors under the India's 'Societies Registration Act XXI of 1860'. Currently it is associated with over 30,000 senior executives from Govt, PSU and Private organizations of India and abroad.
View All BlogsMasterclass for Directors
Categories