The strength of our public company financial reporting system relies on many stakeholders playing different but interconnected roles in a process designed to provide investors and our markets with high-quality, reliable financial information.
Sara Lewis serves on the Board of Weyerhaeuser, and is the Chair of the Audit Committee. She also sits on the Audit Committee Council at the CAQ. In an interview with the CAQ, she shared her thoughts on the importance of her role.
“Audit committees play a vital role in the integrity of the financial reporting system,” said Lewis. “Our primary role is oversight of financial reporting, including the audit of a company’s financial statements and internal control over financial reporting. I’ve served on eight public company audit committees over the last eighteen years and I believe we all want the same outcome – to provide reliable, high-quality financial information to the market and our investors.”
In 2002 after a series of financial reporting scandals, the Sarbanes-Oxley Act (SOX) was established and introduced a number of requirements to increase and strengthen the role of audit committees in financial reporting, including the requirement to have an independent audit committee. Among other responsibilities, audit committees are directly responsible for the appointment, compensation, retention and oversight of the work of auditors who provide audit services to the organization.
“There were a number of good outcomes, including the explicit certification of financial statements by the CEO and CFO,” said Lewis. “And I think the most important change at the board level was the requirement for executive sessions. At the audit committee, we meet separately with the CFO and CAO, internal audit and the external audit team to discuss anything the members would like to pursue further. After these executive sessions, the audit committee meets privately to debrief.
She added, “These private meetings allow each group to discuss anything they may be hesitant to discuss with a broader group. A free and open dialogue is essential for a high-quality audit.”
These measures have proven to be some of the most effective financial reporting enhancements included in SOX.
“Effective oversight by strong, active, knowledgeable and independent audit committees is key to our common goal of providing high-quality, reliable financial statements,” said Lewis.
But in light of the pandemic, the growth of ESG and other factors that are rapidly evolving the corporate governance landscape, audit committee members are facing increasing demands.
“We now often have oversight of enterprise risk management, cybersecurity and compliance. And we may now also have oversight responsibility for internal controls over ESG and climate reporting,” said Lewis. “Sometimes the full board or another committee may be better positioned to oversee these risks. The board evaluates these responsibilities on a regular basis.”
A recent survey of audit committee aligns with this. Conducted by the CAQ and Deloitte, the results found that while all audit committee members remain focused on their primary roles of financial reporting and internal controls including fraud risk, audit committee members are facing scope creep in areas like audit cybersecurity, data privacy security, ethics and compliance, third-party risk and enterprise risk management (ERM).
Lewis also shared how she believes audit firms can benefit from teams of subject matter experts as public companies become more and more complex.
“When I was an audit committee chair previously at a large, global corporate board, the actuarial team at our audit firm provided invaluable expertise to the audit process,” said Lewis. “As companies become more complex, their accounting and financial reporting also becomes more complex. The speed of change in IT environments and business models is unprecedented. Having these experts and specialists available improves audit quality from my perspective.”