July 24, 2018

Audit Reports: Tenure Disclosure to Heighten AC Scrutiny of Auditors?

According to this “Compliance Week” article, the new audit report standard’s requirement to disclose auditor tenure in audit reports may result in audit committees devoting more attention to tenure-related issues. This excerpt explains why:

There are plenty of public companies that have engaged the same audit firm for decades, according to the latest study. The average tenure for the first 21 companies listed in the Dow 30 is 66 years, the study says. Analysis from Audit Analytics shows nearly 20 companies have had the same audit firm for 100 years or longer – and nearly 200 have had the same firm performing the audit for 50 years or longer. More than 850 companies have engaged the same firm for at least 20 years or longer.

That puts the onus on audit committees to determine whether the company is benefiting or not from a longstanding relationship with the firm. And the new disclosure puts it front and center before investors, which may serve to heighten pressure on audit committees, says Kevin Caulfield, managing director at Navigant Consulting. “Because it’s disclosed now, it’s a chance for audit committees to take that second look to think about are we still getting quality audits from this auditor,” he says.

The article goes on to note that while audit committees must be sensitive to the potential risks associated with long-tenured auditors, they should also consider the benefits associated with having an auditor that is well-acquainted with the company & its operations, systems & processes.

Risk Management: “It’s a Mad, Mad, Mad, Mad World”

Did you know there’s a theory that we’re all just living in a computer simulation – a video game – being played by some super-advanced alien intelligence? If so, then I think that some alien teenager grabbed the controller in 2016 & has been messing with us ever since.

I believe that I can even pinpoint the date that the kid grabbed the joystick: Sunday, June 19, 2016. That’s when Cleveland overcame a 3-1 Golden State lead to win the NBA Championship. That was followed by the Chicago Cubs winning the World Series (against the Indians, no less), and then the 2016 election. . .

It’s been a little more than 2 years, and it looks like the alien kid is still calling the shots (Nick Foles? The Washington Capitals?). Since that’s the case, corporate boards would be smart to take the advice in this EY memo and factor today’s volatile geopolitical environment into their risk management oversight efforts. Here’s an excerpt:

Rising geopolitical tensions and increasing electoral share for populist parties are a concern for businesses. With policy becoming harder to predict, many executives see policy uncertainty, geopolitical tensions, and changes in trade policy and protectionism as key risks to their business.

At the same time, business leaders are optimistic about the near-term US outlook – in part because of deregulation and the passage of US tax reform. In fact, the recent Borders vs. Barriers report from EY, Zurich Insurance and the Atlantic Council indicates that despite concerns about policies restricting their ability to transport goods and raise capital, global CFOs are overwhelmingly bullish on investing in the US – and 71% expect continued improvement in the US business environment in the next one to three years.

These dynamics underscore the need for companies to proactively address strategic opportunities and risks stemming from geopolitical and regulatory changes. For the board to provide effective oversight in this area, it is imperative that directors understand the geopolitical and regulatory landscape and how relevant developments are identified and evaluated within their strategy-setting process and Enterprise Risk Management (ERM) framework. Boards should also consider whether they have access to the right information and expertise to effectively oversee this space.

How to Deal With Leaks

This recent “Corporate Secretary” article by Iridium Partners’ CEO Oliver Schutzman reviews the leak of Saudi Aramco’s financial information to Bloomberg, and uses that as jumping off point for a general discussion on dealing with leaks. Here are some of the article’s “golden rules” for responding to a leak:

– Have a leak strategy in place. Regularly reviewed and updated, the strategy should sit alongside procedures for handling a crisis or operational disaster and should receive the same senior-level investment and attention.

– When a leak occurs, do not embark on a witch hunt to find the leaker. Instead, put all energy and efforts into executing the leak strategy.

– Don’t hide behind ‘no comment’ if there is truth to the leak. Acknowledge it and state the facts. This may be unpalatable and painful. It may involve criminality or unsavory behavior. If this is the case, confess errors and present the measures and consequences taken to ensure prevention going forward. Only by dealing with the substance of a leak can a company regain the initiative

Companies should act to address any shortcomings exposed, & then take back control of the narrative. All actions should be taken with complete transparency.

John Jenkins