Eight priorities for boards and audit committees

  • Share

After a difficult 2016, boards and audit committees need to consider how their companies can safely navigate a range of threats to long-term success and sustainability. Here are eight areas they should aim to prioritize in 2017.

  • Geopolitical risk

    Board directors may feel they have enough to worry about with the short-term economic risks faced by their companies. There are plenty of these around, including the impact of low interest rates, growing unemployment and stuttering growth across Europe, slowing growth in China and energy price fluctuations.

    But many of the longer-term risks are geopolitical, and directors need to be aware of these and have plans in place to deal with them. According to the World Economic Forum’s Global Risks Report 2016, three of the five global risks of highest concern over the next 18 months are geopolitical:

    • State collapse or crisis
    • Interstate conflict
    • Failure of national government

    Geopolitical risk could also include the fallout from the UK’s decision to leave the European Union (EU). This is having short-term effects in the UK, the rest of Europe and beyond, such as currency fluctuations and lower growth, but the longer-term political and economic consequences will be harder to predict. These include: decisions by large companies about business and investment strategies, the exit terms negotiated between the UK and the EU, the effect of Brexit on other EU trade deals, and the potential for a further independence vote in Scotland.

    The UK referendum was part of a wider trend that has seen the rise of nationalism in a number of countries in Europe and Asia. It was also a contributing factor in the result of the US presidential election, which may have significant consequences for the global economy. The new administration’s priorities are likely to include tax policy and reform, infrastructure spending, global trade agreements and financial regulatory reform.

    While negotiating these changes may be challenging for some companies and their boards, it could provide others with opportunities. Either way, boards need to be aware of the risks and be prepared to question management assumptions if they appear overly optimistic.

  • Digital transformation

    Technologies such as artificial intelligence, data analytics and blockchain are already revolutionizing industries. They represent a new level of disruption, characterized by unprecedented speed and scale, and by rapidly evolving customer expectations.

    The board’s role in overseeing this digital transformation involves helping to create and govern the right digital strategy. It needs to focus on the customer as the driver of change, and to find the appropriate balance between new ventures and established revenue streams.

    Board members have to ask the right questions of management and consider a longer-term view than it might be inclined to take. All directors should think 10 to 20 years ahead. Technology moves quickly, and the board needs to be equally adept at adapting strategy and implementing new ways of working.

    A digital approach also brings dangers in terms of cyber attacks and data protection. Data theft is growing, as is the threat from denial-of-service attacks, malware and ransomware. Cybersecurity is vital, and the board needs to ascertain that risk here is minimized. Cyber risks are an essential part of every risk map in each company these days.

    Board members must also understand how to monitor the success of the digital strategy. It may be difficult to develop metrics that capture the entire transformation picture, but there are indicators that can be used. The more digitized the process becomes, the more data is generated to evaluate it.

    Finally, the board should weigh the benefits and costs of adding members with technical expertise, and it should learn about digital issues from both company employees and outside advisors.

  • Tax risk

    Tax compliance and tax uncertainty have become pressing issues for companies. This follows accusations that high-profile multinational companies are not paying appropriate amounts of tax in some of the countries in which they operate.

    Governments and tax authorities are now seeking greater transparency, and this has consequences for company boards and their audit committees. Global coordinated action is now more common, with initiatives such as the Base Erosion and Profit Shifting (BEPS) project from the Organisation for Economic Co-operation and Development and G20 countries. BEPS comprises a 15-point action plan and includes a requirement for country-by-country reporting to the relevant tax authorities by companies with revenues of at least €750m.

    It seems inevitable that collective action on corporate taxation will grow, creating a dilemma for global companies as they weigh up the risks and the possible impact of any controversy and bad publicity. Board members have to understand the reputational risk and make decisions about how much financial information they disclose publicly.

    It is important that the right protocols are in place to make appropriate disclosure decisions at both a local and corporate level – and also to determine how this information should be communicated externally.

    Moreover, boards need to consider tax governance to ensure they are ready to respond to upcoming challenges. There could be the need for additional skilled staff in the tax department, more sophisticated systems and the creation of cross-functional teams.

    Demands for greater transparency aren’t going away. Board members should assume that tax will continue to be a reputational as well as a financial issue.

  • Corporate compliance and culture

    Corporate compliance is an essential element of good governance. Focusing on compliance policies gives companies a competitive advantage and avoids reputational and financial damage.

    Unfortunately, many companies address compliance reactively, in response to events such as regulatory actions and criminal investigations, rather than proactively. This can result in increased costs, nonacceptance by employees and negative public exposure. Additionally, compliance responsibilities may be “siloed” within different functions, departments and units. This creates gaps that undermine efforts to prevent and detect noncompliance.

    For this reason, many organizations have brought together their governance, risk and compliance (GRC) programs under one framework. It is critical to think about compliance as it relates to all risks relevant to the business.

    Companies must determine whether their programs, structures, people, processes and controls effectively prevent and detect noncompliance, and whether they are integrated into everyday decision-making.

    But one element that is much more important than roles and procedures is corporate culture. Leadership at a company has the greatest influence in establishing a particular culture, so board directors need to lead by example and establish the appropriate “tone from the top.” Regulators are increasingly noting the role that culture plays in compliance, and boards need to establish a culture on the basis of ethics, good governance and integrity.

  • Talent agenda

    Boards have a multifaceted role on the talent agenda. They need to ensure their own membership includes an effective mix of skills; have succession plans in place for the chief executive and other directors; and have a role in overseeing management’s recruitment, retention and development policies at all levels across the company.

    CEO succession is one of the most important responsibilities of the board of directors. Thoughtful planning for the CEO’s succession can avoid conflicts on strategy discussions, reduce downward pressure on a company’s stock price and prevent significant business interruptions. It reduces uncertainty, strengthens investor confidence and improves employee morale. Developing both long-term and emergency succession plans is vital.

    But board effectiveness is about more than one individual. Lack of turnover and slow changes in gender diversity on boards (in the US, for example, the average S&P 1500 board is less than 20% female) have raised concern among investors that independence may be compromised, with “group-think” stifling debate. It is important that boards are refreshed regularly and have a broad composition – not just in terms of gender, race and age, but also different mindsets, skillsets and geographic locations.

    Boards also play an important role in ensuring that management builds the right organizational talent strategy. Directors should focus on how to prepare for generational transitions in their organizations, and anticipate the changing dynamics at all levels. As new and complex opportunities and risks emerge, having the right people in place is vital.

    For many boards, talent management remains a challenge. Failure to understand and mitigate human capital risks and complexities will affect strategy and value creation. Boards should seek reassurance from management about leadership development and ask where the next level of talent is coming from.

  • Corporate social responsibility

    The impact of globalization, fears over climate change and demand for greater sustainability have put corporate social responsibility (CSR) in the center stage. For example, the EU’s directive on nonfinancial and diversity information, which came into force in January 2017, requires PIEs with an average of 500 or more employees to disclose a variety of information in a nonfinancial statement. If companies decide not to disclose this information, they have to provide a “clear and reasoned explanation” for not doing so.

    The required information covers labor-related issues, environmental, social and employee-related matters, and measures undertaken in respect of human rights and against corruption and bribery. There is also a requirement for affected companies to disclose the diversity policy for their administrative, management and supervisory boards.

    The EU is not the only organization pressing for change. For instance, the Sustainability Accounting Standards Board in the US is becoming increasingly influential. Meanwhile, the Task Force on Climate-related Financial Disclosures, established by the Financial Stability Board, has been developing a private-led, voluntary approach. In December 2016, it announced a set of climate-related financial risk disclosures for use by companies in providing information to investors, lenders and insurers.

    There are a number of other initiatives in this field, including the United Nations Global Compact, the OECD Guidelines for Multinational Enterprises, ISO 26000, the Global Reporting Initiative guidelines and the International Integrated Reporting Council framework.

    So, board directors would do well to keep CSR near the top of their agenda. It affects not only the CFO but also audit committee members, because of their role in monitoring the integrity of the financial statements.

  • EU audit reforms

    The EU audit legislation that came into effect in June 2016 ushered in far-reaching changes for public interest entities (PIEs). Boards, and especially audit committees, of PIEs (and of the parent companies or subsidiaries of PIEs) need to be fully aware of their new responsibilities. Audit committees of companies that are based outside the EU, but that have EU PIEs somewhere in their group structure, will also be affected by the legislation.

    In particular, all PIEs in the EU must rotate their auditor after a maximum of 10 years, with the possibility of extending this by a further 10 years through a tender (or 14 years in the case of a joint audit). There are also restrictions on the non-audit services that auditors can provide to their PIE audit clients. These take the form of a cap on the non-audit fees that can be billed, and a list of prohibited services that cannot be provided by the auditor.

    Every PIE under the single-tier corporate governance system has to establish an audit committee (for two-tier arrangements, a supervisory board can perform the same function). Although Member States can decide to exempt certain PIEs from that requirement, it is possible that some groups of companies might have to establish more than one audit committee. This will require a degree of coordination between those audit committees to avoid unnecessary duplication of effort while affording full compliance with the law. Audit committees must also meet specific requirements for monitoring auditor independence, including preapproving expenditure on permissible non-audit services.

    Since the time frames and requirements for auditor rotation vary by jurisdiction, audit committees must understand the specific rules that apply to their PIE and its different subsidiaries, implement the necessary changes and monitor compliance with the rules.

  • Shareholder communication

    Since the financial crisis, the shareholder communication landscape has changed. Regulators now encourage institutional investors to play a role in achieving good governance and to engage more with their investee companies. Consequently, an increasing number of stewardship codes have been introduced, most prominently in the UK and the US.

    The announced amendment to the EU Shareholder Rights Directive promotes shareholders to take a more active role in order to adequately monitor investments within different European jurisdictions. To carry out this task responsibly, a dialogue with nonexecutive directors is required, in order to increase transparency and foster mutual trust.

    It is now a responsibility of investors and nonexecutive directors to engage, communicate and interact effectively with each other on issues including director independence and qualifications, executive remuneration, GRC effectiveness, and board and committee structure. It is crucial, therefore, to establish clear guidelines on when and how the dialogue between investor and nonexecutive director should be performed.

    Nonexecutive directors should expect increasing pressure to improve engagement with investors. This is especially true for countries with an established two-tier board system and legal stipulations requiring responsibility for external communication through the management board rather than the supervisory board. Because of the division of powers between the two bodies, it is crucial to align on a common understanding about the initiative, responsibility and topics for the communication with investors.

    Boards should focus on shareholder communication plans and guidelines to ensure a productive dialogue with investors. They should recognize that required filings are not merely compliance documents, but also effective engagement tools.

This is an edited version of an article that first appeared on the EY Center for Board Matters (Top priorities for European boards in 2017). See also Top priorities for US boards in 2017.

February 2017


Download article