The document discusses the roles and responsibilities of audit committees for nonprofits. It outlines how nonprofit governance practices have become more formalized with an emphasis on accountability, transparency and compliance. It defines governance and the board's governance role. It then details best practices for audit committees inspired by the Sarbanes-Oxley Act, including establishing a separate audit committee with a financial expert, adopting a charter, overseeing financial reporting and internal controls, and maintaining independence from management. The document provides an overview of an audit committee's functions and limitations.
1. Audit Committees:
Roles and
Responsibilities
Kathy Raffa, Partner, Audit
January 12, 2012
Thrive. Grow. Achieve.
2. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
NONPROFIT GOVERNANCE PRACTICES
ā¢ Legislation for public companies
ā¢ Even without all the legislation applicable to public companies, practices have
changed for Nonprofits
Ģµ Higher visibility
Ģµ More focused accountability and transparency
ā¢ Trend toward more regulation and formal oversight
Ģµ Redesign of the Form 990 in 2008 - emphasis on governance issues as well as
compensation and related party disclosures
Audit Committees/ Page 2
3. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
DEFINITION OF GOVERNANCE
ā¢ āAt its broadest, corporate governance encompasses the framework of rules,
relationships, systems and processes within and by which fiduciary authority is
exercised and controlled in corporationsā¦
ā¦Key elements of good corporate governance principles include honesty, trust
and integrity, openness, performance orientation, responsibility and
accountability, mutual respect, and commitment to the organizationā¦ā (from
Wikipedia)
Audit Committees/ Page 3
4. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
GOVERNANCE ROLE OF THE BOARD
ā¢ Preserving and reshaping the mission
ā¢ Selection of chief executive
ā¢ Ensuring the organization is well managed
ā¢ Representing the outside to the organization and the organization to the outside
ā¢ Protecting the organization from external threats
ā¢ Exercising financial stewardship
ā¢ Ensuring the board has the right skills
ā¢ Ensuring compliance with laws and regulations
Audit Committees/ Page 4
5. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
RELEVANCE OF SARBANES TO NONPROFITS
ā¢ Most provisions of the Act legally apply only to SEC registered companies
ā¢ Two provisions apply to all organizations, including nonprofits
Ģµ Prohibition against retaliating against a whistleblower
Ģµ Falsification or destruction of documents relevant to a pending or contemplated
regulatory proceeding
Audit Committees/ Page 5
6. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
BOARD GOVERNANCE BEST PRACTICES STEMMING FROM SARBANES
ā¢ Adopt Code of Ethics for the Board and the Nonprofit
ā¢ Adopt Conflict of Interest for the Board and senior management
ā¢ Establish policy prohibiting loans to directors and officers
ā¢ Develop whistleblower policies
ā¢ Develop document destruction policies
ā¢ Establish training for non-financial Board members
ā¢ Require management and ED certify financial statements
Audit Committees/ Page 6
7. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE
ā¢ Much of the burden of regulatory reform falls on the shoulders of the audit
committee
ā¢ Sarbanes definition of an audit committee:
Ģµ ā(A) A committee (or equivalent body) established by and amongst the board of
directors of an issuer [of securities] for the purpose of overseeing the accounting and
financial reporting processes of the issuer and audits of the financial statements of the
issuer, and (B) if no such committee exists with respect to an issuer, the entire board
of directors of the issuer.ā
Audit Committees/ Page 7
8. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE BEST PRACTICES INSPIRED BY SARBANES
ā¢ Establish a separate audit committee
ā¢ Audit committee minimum size of three members (preferably more)
ā¢ Members of the audit committee must be financially independent of the
organization (no member of management)
ā¢ At least one āfinancial expertā member, as defined by the SEC
Ģµ Understanding of GAAP and financial statements
Ģµ Ability to assess application of GAAP for estimates, accruals and reserves
Ģµ Understanding of audit committee functions
Ģµ Experience preparing, auditing, analyzing or evaluating financial statements, or
experience actively supervising persons engaged in such activities
Ģµ Understanding of internal controls and procedures for financial reporting
Audit Committees/ Page 8
9. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE BEST PRACTICES (CONTINUED)
ā¢ Written charter that includes committeeās responsibilities, updated periodically
Ģµ Mission, purpose and responsibilities
Ģµ Reporting relationship to the Board
Ģµ Member qualifications
Ģµ Structure of committee
Ģµ Relationship with management, internal and external auditor
Ģµ Frequency and topics for meetings
Ģµ Self-evaluation
Ģµ Orientation and continuing education for members
Audit Committees/ Page 9
10. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE BEST PRACTICES (CONTINUED)
ā¢ Typically meet 4 or 5 times per year
ā¢ Be responsible for relationship with external auditor
Ģµ All work (not just the audit) of the outside auditor approved by the audit committee
Ģµ Responsible for appointment, compensation, retention and oversight
Ģµ Clear reporting line with external auditor
Ģµ Set policies on audit partner rotation
Ģµ Meet in executive session with the auditor
Audit Committees/ Page 10
11. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE BEST PRACTICES (CONTINUED)
ā¢ Work closely with internal auditor
Ģµ Internal auditor periodically reports to the committee about internal controls and risks
ā¢ Oversee financial reporting and disclosures
Ģµ Transparency
Ģµ Quality of disclosures
ā¢ Consider management certification of accuracy and completeness of financial
reports
ā¢ Oversee and be well informed about internal controls
Ģµ Consider process for documenting and assessing key controls
Audit Committees/ Page 11
12. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE BEST PRACTICES (CONTINUED)
ā¢ Oversee risk management guidelines and policies
ā¢ Oversee compliance with legal and regulatory requirements
Ģµ IRS, federal, statesā¦
ā¢ Ensure there are appropriate whistleblower polices
Ģµ Toll-free hotline established and communicated
o The Network; Ethicsline; ComplianceLine
ā¢ The Network; Ethicsline; ComplianceLine
Ģµ Ensure it is anonymous
Ģµ Ensure complaints handled appropriately
ā¢ Oversee code of conduct and conflict of interest policy
Audit Committees/ Page 12
13. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEE LIMITATIONS
ā¢ Committeeās responsibility is one of oversight.
Ģµ Management is responsible for preparing the organizationās financial statements
Ģµ Independent auditors are responsible for auditing the organizationās financial statements.
ā¢ Committee does not have the duty to:
Ģµ Plan or conduct audits
Ģµ Determine that the organizationās financial statements and disclosures are in accordance
with GAAP
Ģµ Design and implement internal controls
Audit Committees/ Page 13
14. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
AUDIT COMMITTEES AND AUDIT FIRMS
ā¢ Rotation of audit firms
Ģµ Not a requirement
Ģµ Requirement of Sarbanes (only for public companies) is for the lead engagement partner
on the engagement to rotate every five years
Ģµ Partner and/or manager rotation has been adopted by some organizations
Audit Committees/ Page 14
15. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
COMMITTEES ā¦WHATāS CHANGED UNDER THE NEW DC NONPROFIT
LAW? ā¦
ā¢ Committees of the Board may carry out the most of the responsibilities of the
Board but may not engage in the following:
Ģµ Delegate authority to authorize distributions
Ģµ Fill BoD or committee vacancies
Ģµ Amend bylaws
Ģµ Propose matters to be voted on by Members (if the organization is a membership
organization)
ā¢ If non-BoD members serve on the committee it is an Advisory Committee or
Designated Body, NOT a committee of the Board
Audit Committees/ Page 15
16. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
TOP CONCERNS FOR AUDIT COMMITTEES 1
ā¢ Risk Management and Crisis Response
ā¢ Financial Communications/Disclosures and New Accounting Standards
ā¢ Legal/regulatory compliance
ā¢ Uncertainty: Economy and government regulation
ā¢ Leadership/Culture/Tone at the Top
ā¢ IT/Emerging Technologies (Cloud Computing)
ā¢ Audit Committee Effectiveness
ā¢ Globalization
1 FROM THE 7TH ANNUAL AUDIT COMMITTEE ISSUES CONFERENCE
(NOT SPECIFIC TO NONPROFITS)
Audit Committees/ Page 16
17. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
TOP CONCERNS FOR AUDIT COMMITTEES
ā¢ October 18, 2011 annual forum of the National Association of Corporate
Directors (NACD) highlighted views from audit chairs on the following for 2012
Ģµ Compensation
Ģµ Corporate political contributions
Ģµ Information technology (IT) and data governance
o Cloud computing
o Cyber security
o Viral social media events
Audit Committees/ Page 17
18. AUDIT COMMITTEES: ROLES AND
RESPONSIBILITIES
TO DOāS FOR AUDIT COMMITTEES 1
ā¢ Keep the audit committee focused on financial reporting and internal control risk
ā¢ Understand the impact of accounting changes on your organization
ā¢ Review the organizationās whistleblower process and compliance program
ā¢ Understand the organizationās tax risks and reporting
ā¢ Monitor managementās assumptions underlying critical accounting estimates
ā¢ Consider whether the organizationās financial statements provide the user of
those financial statements with a good understanding of the organization
ā¢ Reassess the quality of business controls around the organizationās key
operational risks
ā¢ Set clear expectations for external and, as applicable, internal auditors
ā¢ Discuss the audit committeeās role in IT governance
1 AS OUTLINED BY KPMGāS AUDIT COMMITTEE INSTITUTE
Audit Committees/ Page 18