450 likes | 1.48k Views
CHAPTER 16 Auditing and corporate governance. Contents. Corporate governance Independent directors Chairman of the board and chief executive officer Institutional shareholders Statutory audit Issues in international audit Audit independence Internal control and risk management
E N D
Contents • Corporate governance • Independent directors • Chairman of the board and chief executive officer • Institutional shareholders • Statutory audit • Issues in international audit • Audit independence • Internal control and risk management • Audit committee
Corporate governance • Agency problem: the owners of a business (principals) need means to ensure that those whom they appointed to run the business (agents) do so in a way that matches with shareholders’ needs • Agency problem has been broadened out into the concept of corporate governance
Corporate governance (cont.) • Increased emphasis on the effectiveness and accountability of corporate boards of directors • Extending the shareholder perspective to wider stakeholder concerns
Corporate governance regimes • Governance regimes are heavily influenced by the institutional environment • Stakeholder model (Continental Europe) versus shareholder model (Anglo-Saxon environment) of corporate governance • Tendency towards convergence on the issue of effectiveness and accountability of corporate boards
Reporting on internal control • An effective system of internal control is seen as crucial for good goverance • Reporting on the effectiveness of internal control as a governance requirement • COSO Framework is considered to offer an established set of control criteria to assess the effectiveness of internal control • US Sarbanes-Oxley Act of 2002
US Sarbanes-Oxley Act • Each annual report filed with the SEC has to include an internal control report • Management’s responsibility for establishing adequate internal control over financial reporting • Management’s assessment of its effectiveness • The independent auditors must attest to and report on the assessments made by company management
Independent directors • Independent directors are non-executive directors who attend board meetings on a regular basis and monitor corporate behaviour • A (unitary) board should include a significant portion of independent directors • In a dual-board system, the supervisory board exercises oversight over what executive directors in the management board are doing
Independent directors (cont.) • Independent directors should be free of personal or business ties with the company • They are increasingly asked to participate in subcommittees to deal with particular tasks • Remunertaion committee • Audit committee
Chairman of the board • Most corporate governance codes recommend a clear division of responsibilities at the top between the chairman of the board and the CEO • Ensures a balance of power and authority • Less acute in a dual-board system
Institutional shareholders • Financial institutions (banks, insurance companies, fund managers, pension funds, etc.) with large shareholdings • Institutional shareholders increasingly pressure companies to sign up to codes of conduct
Statutory audit • The independent auditor’s assurance plays a central role in corporate governance • Auditing (multinational) group accounts is more complicated than individual accounts, as subsidiaries are working in different legal environments and involves intra-group reconciliations. Moreover, it adds time pressure • The auditor of group accounts is responsible for any error in the group audit, even if such an error has arisen because of a mistake by the auditor of a subsidiary
International audit • Multinationals tend to have an exclusive auditor (large audit firm) for all their subsidiaries • The conduct of an international audit is usually guided by the set of international auditing rules put out by the International Federation of Accountants (IFAC) • The audit report should specify what auditing rules have been followed by the auditor
Audit independence • The value of an audit depends partly upon the technical skills of the auditor and partly upon his independence and ethical qualities • Independence issues: • Restrictions on the type of non-audit services that an auditor is allowed to provide to audit clients • Employment of former audit firm employees by the audit client • Periodic audit partner rotation • Limits to the audit appointment
Internal control and risk management • Effective risk management should enable companies to take risks with more confidence and in a rational and informed manner • Those charged with corporate governance are expected to systematically identify, evaluate and respond to company risks • COSO’s Enterprise Risk Management – Integrated Framework (2004)
Enterprise risk management -Definition “Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.” Source: COSO, Enterprise Risk Management – Integrated Framework, 2004
Enterprise risk management • COSO sees internal control as a subset of risk management • Other risk management devices include transferring risk to third parties, risk-sharing, contingency planning and consciously excluding activities deemed too risky • Risk disclosure requirements may empower shareholders to use disclosures to bring companies to adopt more elaborate risk management standards
Audit committee • Independence is an essential quality for audit committee members • The audit committee should provide a quasi-independent forum where those concerned with checking the effectiveness and quality of the company’s accounting and control should be able to meet and discuss with shareholder representatives (independent directors) and raise issues of concern
Audit committee roles • Oversee of the financial reporting process • Monitor the effectiveness of the system of internal control (and possibly of the enterprise risk management system) • Act as an intermediary between the board of directors and the external auditors (and possibly internal auditors as well)