The upcoming reporting period will likely include scenario plans reviews, stress tests and updated enterprise risk management information.
Audit committees are preparing for the upcoming reporting period with a focus on material matters and changes to key performance indicators of financial condition and operating performance. Given the current environment, their focus will likely also include a review of scenario plans, stress tests and updated enterprise risk management (ERM) information while reviewing financial statements and disclosures, systems of internal controls and other regulatory filings.
The committees will also need to determine that there are appropriate processes in place to evaluate new and emerging legislative, administrative and regulatory developments for impacts on reporting and disclosure.
We summarize the following matters for consideration to aid audit committees as they enhance oversight in these uncertain times.
Accounting and disclosures
Audit committees should assess the following key accounting and disclosure implications arising from COVID-19, given their increased significance in the current environment:
- Asset realizability and impairment (e.g., inventory, indefinite-lived intangible assets including goodwill, long-lived assets and other investments)
- Loss contingencies, changes in assumptions and ranges in estimates related to contractual commitments, guarantees, indemnifications, self-insurance, legal exposures and other contingencies
- Compliance with financial and other contractual covenants (e.g., material adverse change clauses)
- Debt modifications, changes to encumbrances and draws on committed credit lines
- Timing and impact of CARES Act and other governmental relief, assistance and stimulus programs
- Evaluation of going concern and the ability to predict the timing and extent of the expected turnaround
- Consideration of subsequent event recognition and disclosure, which may be significant depending on the circumstances
- Business interruption and other insurance claims and recoveries
- Revenue recognition with consideration given to material modifications to existing contracts and arrangements, variable consideration and changes in estimates and collectability assessments
- Changes to sale and purchase commitments
- Incorporation of revised estimates and changes in reserve methodology for credit risk and customer concentrations
- Fair-value measurements for financial and nonfinancial assets and liabilities
- Hedge accounting and counterparty risk
- Foreign currency matters
- Accounting related to employee transition matters (e.g., termination, severance, furlough)
- Accounting for idle operations and facilities
- Valuation of defined benefit and other post-retirement plans’ assets and liabilities
- Income taxes: ability to estimate annual effective tax rates based on pre-tax book income projections, income tax provision effects of the CARES Act and various government stimulus programs, realizability of deferred tax assets, appropriateness of valuation allowances and indefinite reinvestment assertions
- Accounting for modification to share-based payment and other incentive-based compensation arrangements and changes in estimates
- Classification of assets and liabilities between short and long term
- Financial statement disclosure considerations associated with estimates and assumptions, including risks and uncertainties underpinning the aforementioned topics
In this volatile environment, it is critical that organizations maintain a robust ERM program and continuously assess, respond and monitor the shifting risk landscape. Some key considerations include:
- Assess whether the ERM program is being updated in a timely manner based on scenario planning and stress testing over relevant ranges.
- Consider the impacts of changes in strategy, operations, financial results/position and compliance as identified by the ERM program on financial reporting and disclosure.
- Reassess the risk appetite and evaluate whether tolerances are being adjusted appropriately based on emerging risks and material threats, vulnerabilities and potential impacts.
- Continue to evaluate business continuity and contingency plans for the appropriate levels of redundancy, supply chain resiliency and effectiveness of third-party service providers to allow for the continuation or quick recovery of critical business functions.
- Evaluate internal control over financial reporting and disclosure controls and procedures to achieve regulatory requirements for financial reporting and public disclosures and to satisfy broader stakeholder demand for material information.
- Determine whether additional company personnel should be added to the disclosure controls and procedures process.
- Consider the efficacy of remote controls and whether there have been changes or overrides of existing controls to accomplish the financial close and reporting process.
- Assess whether information security measures have been reviewed to be responsive to the changing business environment. Additionally, inquire about stakeholder education efforts related to increased phishing emails and messages with a COVID-19 theme.
- Determine if appropriate precautions are being taken relating to the security of directors’ and executive management’s personal IT networks.
- Consider whether the governance over the company’s ERM program at the board or committee level should be changed and whether the timing, frequency and extent of the communications of the audit committee’s overall updates to the board should also be adjusted.
Inquiries with management, compliance personnel and auditors
In discussions with management, compliance personnel and auditors, consider the following questions in addition to standard inquiries:
- What new accounting, internal control, cybersecurity, business continuity, legal and compliance and auditing matters are of concern?
- Are there any resource concerns and, if so, what are the mitigating plans? Has management confirmed whether specialists routinely used by the company to assist in complex financial reporting inputs (e.g., valuation, impairment) or in internal audits (e.g., IT, cybersecurity) have the bandwidth and ability to meet the company’s financial reporting needs?
- Can financial reporting, compliance and auditing procedures (internal and external) continue to be adequately performed through a combination of physical and remote working procedures? What options are there to perform alternative procedures to facilitate timely collection, processing and reporting of information for internal use and to prepare regulatory filings?
- What are the accounting, reporting and disclosure matters specifically related to actions taken and being contemplated relative to the company’s workforce?
- Have there been any meaningful changes to key policies governing internal controls over financial reporting or disclosure controls and procedures to address the changing operating environment?
- Have there been any meaningful changes to the company’s key policies, any material exceptions granted or any unusual allowances to any compliance provisions? If so, what were they?
- Do the CEO and CFO who certify financial statements filed with the SEC presently see any issues with providing such certifications?
- External auditors: What changes are anticipated with materiality, scope, physical inventories and additional procedures? Has there been a re-evaluation of critical audit matters?
- Internal auditors: How should audit plans be adjusted to address changes in risk appetite and tolerances as identified from the company’s ERM program?
- What is the appropriate cadence and frequency of risk reporting and financial reporting to the audit committee that would enable effective oversight and decision-making?
Audit committees should continue to monitor information from the SEC and other regulatory authorities and assess the impact on reporting requirements and related disclosures. Reporting considerations may include:
- Determine the company’s ability to meet financial reporting and filing requirements (with the SEC and other parties) and comply with other legal and regulatory requirements.
- Evaluate whether the company expects or may need to rely on the temporary regulatory relief provided by the SEC and if a consultation with the SEC may be warranted.
- Consider the timing of filing with the SEC in relation to the company’s public earnings release given the potential requirement to provide subsequent event disclosures.
- Evaluate updates and more expansive disclosures in areas such as risk factors, critical accounting policies and estimates, liquidity and current vulnerabilities due to certain concentrations (e.g., customer, supplier, geographic).
- Discuss implications to operations, liquidity and financial condition; consider enhancements to MD&A disclosures, including any known material events and uncertainties related to forward-looking information.
- Re-consider earnings and other performance or financial position guidance previously provided and the ability to provide future guidance.
- Re-evaluate the use of non-GAAP measures and adjustments thereon.
- Consider whether material events necessitate the filing of a Form 8-K or 6-K (for foreign private issuers) to address material events, such as debt arrangements or curtailed operations.
- Evaluate whether other regulatory filings need to be similarly evaluated (e.g., bank and insurance regulators, foreign jurisdictions in which the company operates).
- Obtain an update on how management communicates, monitors and enforces the insider trading and Regulation FD policies, including whether those policies have changed or may need to change to address the latest business developments.