April 24, 2024

Audit Committees: Keeping Your Eye on the Ball

We’ve talked around here about the perils of the Audit Committee becoming the “kitchen sink” of the board. Part of the conundrum is that the Committee’s risk oversight role makes it a natural launching pad for new oversight responsibilities. However, the ever-growing list of responsibilities may be contributing to a rise in enforcement activity around financial reporting errors, according to a recent report that John shared. So, it’s more important than ever to review the Committee’s charter & scope with a critical eye, and to keep tabs on developing practices.

Wachtell Lipton’s annual “Audit Committee Guide” can help with this. It dissects the Audit Committee’s oversight duties, lays out the charter & committee membership requirements for NYSE and Nasdaq companies, and gives reminders on prohibited auditor activities, internal controls issues, and more. There are model charters and policies, as always. Lots of good “bread & butter” reminders.

The Guide also reinforces reports that many audit committees are taking on cybersecurity oversight. And it includes a new section on artificial intelligence:

With the recent explosion of artificial intelligence, matters pertaining to artificial intelligence are top of mind for companies, consumers and regulators alike. While the potential benefits of artificial intelligence are being explored, it is important for companies to simultaneously consider the risks, including those related to cybersecurity and privacy concerns.

Legislators and regulators around the world, including in the United States, are currently contemplating, discussing and, in certain instances, passing significant legislation and regulation of artificial intelligence. In notable legislation coming out of Europe in March 2024, the European Parliament approved the Artificial Intelligence Act, which contains regulatory restrictions of artificial intelligence that increase in relation to perceived risks to health, safety and individual rights, and which, among other things, creates a new AI Office within the European Commission. The requirements of the act will be phased in, with the earliest requirements coming into force later in 2024.

In October 2023, an executive order by President Biden laid out certain guiding policy principles and a timeline for artificial intelligence-related action by various sectors of the U.S. federal government. The priorities identified in the executive order are: (1) addressing key security risks, including by developing clear indicators of when content is AI-generated; (2) promoting innovation, competition, and collaboration by investing in AI education and development and addressing novel intellectual property issues; (3) protecting workers’ rights and the quality of workplace life; (4) protecting civil rights; (5) protecting consumer rights; (6) protecting privacy and civil liberties; (7) managing the use of AI in the federal government and any associated risks; and (8) ensuring that the United States is an international leader in AI development and risk management. And regulators have already signaled increasing scrutiny of artificial intelligence-related corporate disclosures, including warning against “AI washing,” which is the practice of overstating or misstating corporate artificial intelligence activity.

Given this emerging tool that comes with both new risks and heightened attention from many different stakeholders, it is important for boards and relevant committees to engage in active oversight of artificial intelligence risk management and to stay apprised of updates in the rapidly-evolving space.

Although a recent survey said that AI was not getting a lot of attention in meetings quite yet, this Guide plants the seed that is another risk that may fall in the Audit Committee’s lap.

This resource is posted along with heaps of other helpful resources in our “Audit Committees” Practice Area. If you aren’t already a member of, start a “no-risk trial” today! Our “100-Day Promise” guarantees that during the first 100 days as an activated member, you may cancel for any reason and receive a full refund. If you have any questions, email – or call us at 800.737.1271.

Liz Dunshee