AUDITING AND ITS ROLE IN CORPORATE GOVERNANCE

AUDITING AND ITS ROLE INCORPORATE GOVERNANCEBank for International SettlementsFSI Seminar on Corporate Governance for Banks20 June 2006Derek BroadleyDeloitte Touche Tohmatsu, Hong Kong1 2005 Deloitte Touche Tohmatsu

Corporate Governance Defined§ International Standard on Auditing (ISA) 260:“Communications of Audit Matters with Those Chargedwith Governance”§ Governance is the term used to describe the role ofpersons entrusted with the supervision, control, anddirection of an entity.§ Depending on the jurisdiction, different bodies may haveresponsibility for corporate governance:§ Board of Directors§ Audit Committee§ Other supervisory committees§ ISA 260 requires the auditor to determine those personsthat are charged with governance2 2005 Deloitte Touche Tohmatsu

Benefits of Good CorporateGovernance§Most direct benefit is to nonmanagement shareholders.§Ultimate benefit is the more efficientallocation of capital to its mostproductive uses.3 2005 Deloitte Touche Tohmatsu

Reasons for Corporate GovernanceFailures§No governance system, no matter how welldesigned, will fully prevent greedy, dishonest peoplefrom putting their personal interests ahead of theinterests of the companies they manage.§ But many steps can be taken to improve corporategovernance and thereby reduce opportunities foraccounting fraud.§ The auditing profession has an important role toplay.4 2005 Deloitte Touche Tohmatsu

Where does the auditor fit in?§The auditor does not have directcorporate governance responsibility butrather provides a check on theinformation aspects of the governancesystem.5 2005 Deloitte Touche Tohmatsu

Where does the auditor fit in?6 2005 Deloitte Touche Tohmatsu

Auditor’s Role in CorporateGovernance§Corporate governance involves decision making,accountability, and monitoring.§ Decisions require relevant and reliableinformation.§ Accountability involves measuring, reporting,and transparency.§ Monitoring involves systems and feedback.§Auditor’s primary role is to check whether thefinancial information given to investors isreliable.7 2005 Deloitte Touche Tohmatsu

Objective of an Audit§ To express an expert opinion on thefairness with which financial statementspresent, in all material respects, acompany’s financial position, results ofoperations, and cash flows in conformitywith GAAP.§ To be able to express such an opinion,the auditor must examine the financialstatements and supporting records usingsound auditing techniques.8 2005 Deloitte Touche Tohmatsu

Reliance on Financial Statements§ People rely on financial statements tomake economic decisions.§ Especially people outside theenterprise.§ Audit provides confidence.§ Audit reduces uncertainty and risk.§ Audit adds value.9 2005 Deloitte Touche Tohmatsu

“Present Fairly in Conformity withGAAP”§ Why might financial statements NOTpresent fairly? Two main reasons:§ ERROR.§ FRAUD.§ Auditor’s role is to look formisstatements caused by either reason.10 2005 Deloitte Touche Tohmatsu

Focus on Internal Controls§One reaction to corporate governance failureshas been to focus on public companies’ internalcontrols:§ Sarbanes-Oxley Act (SOX) requires separatereport on effectiveness of internal controls§ Recent changes to ISAs place a much higherfocus on the auditor understanding internalcontrols as part of the audit§ Both ISAs and EU 8th Directive requirereporting of material internal controlweaknesses to Audit Committee11 2005 Deloitte Touche Tohmatsu

Reforms to ISAs§Another reaction to the audit and corporategovernance failures is the expected changes toISAs dealing with:§ Group audits – requiring the group auditor tohave a more intimate understanding of theentire group and its audit§ Related parties – placing moreresponsibilities on the auditor to identifyrelated party relationships and transactions12 2005 Deloitte Touche Tohmatsu

Auditing is a Public Responsibility§ Public accounting firms offer manyservices to clients.§ Auditing is different.§ It involves a public responsibility that ismore important than the employmentrelationship with the client.13 2005 Deloitte Touche Tohmatsu

Relationship between the Boardand the Auditors14 2005 Deloitte Touche Tohmatsu

Relationship between the Boardand the Auditors§ To meet its obligations to shareholders,the board must ensure that it receivesrelevant and reliable information.§ Auditor assists the board in achievingthat goal.§ There must be open and frank dialoguebetween the auditors and the board.15 2005 Deloitte Touche Tohmatsu

Relationship between the Boardand the Auditors§ Auditor must be open (candid) incommunicating with the board and itsaudit committee.§ May have to say things the client doesnot want to hear.§ May have to stand up to the client.16 2005 Deloitte Touche Tohmatsu

Audit Matters of Governance Interest§SOX, EU 8th Directive and ISAs all require theauditor to communicate to the audit committeeand the board about:§ Approach, scope, limitations of the audit.§ Going concern uncertainties.§ Selection of and changes in accountingpolicies and practices.§ Significant risks and exposures, such aslitigation, requiring disclosure.§ Disagreements with management that couldaffect the financial statements or auditreport.continued ,17 2005 Deloitte Touche Tohmatsu

Audit Matters of Governance Interest§More communication items:§ Audit adjustments that could significantlyaffect the financial statements.§ Weaknesses in accounting and internalcontrol systems.§ Expected modifications to the auditor’sreport.§ Irregularities, fraud, non-compliance withlaw and regulations.§ Other matters agreed in the terms of theaudit engagement.18 2005 Deloitte Touche Tohmatsu

Relationship between the Boardand the Auditors§ Auditors must express, to the board,their view on the appropriateness – notjust the acceptability – of the accountingprinciples used or proposed to be used,and on the transparency andcompleteness of the disclosures.19 2005 Deloitte Touche Tohmatsu

Relationship between the AuditCommittee and the Auditors20 2005 Deloitte Touche Tohmatsu

Relationship between the AuditCommittee and the Auditors§ An effective audit committee is a vitalcomponent of an effective corporategovernance system:§ The Audit Committee and the Auditorsneed to maintain an ongoing dialogueindependent of management and therest of the board21 2005 Deloitte Touche Tohmatsu

Audit Committees§Audit committees should:Include mainly non-executive directors.Approve the appointment of the auditors.Establish the audit fees.Approve all non-audit services provided bythe auditors (SOX).§ Meet with the auditor independently of therest of the board.§ Review earnings releases and management’spresentations to analysts.§§§§22 2005 Deloitte Touche Tohmatsu

Audit Committees§ Audit committee members must have“financial competence”:§ Minimum – a financial background.§ Even better – qualified accountants.§ Better audit committee training isneeded.§ 1993 study by the Institute of InternalAuditors said this is the single mostimportant key to audit committeeeffectiveness.23 2005 Deloitte Touche Tohmatsu

Regulation of Auditors24 2005 Deloitte Touche Tohmatsu

Regulation of Auditors§Regulators are increasingly taking an interest inthe activities of auditors evidenced by:§ Regulation of the relationship between theauditors and the company (independence andfreedom from conflicts)§ Public inspections of audit firms (qualitycontrol systems within the firm andappropriateness of audit work)25 2005 Deloitte Touche Tohmatsu

Regulation of Auditors§It is imperative that the auditor is perceived tobe independent of the client§ SOX adopts a rules-driven approach settingout prohibited services and requiring preapproval by audit committee of non-auditservices§ International Federation of Accountants (andEU 8th Directive) apply a “threats andsafeguards” approach§ Rotation of audit partners every 5 years(SOX) or 7 years (IFAC)26 2005 Deloitte Touche Tohmatsu

Regulation of Auditors§ Inspection of audit firms is important toenhance public confidence in audits§ PCAOB expected to begin inspectionsin Asia next year§ Most jurisdictions currently enhancingsystems of oversight and inspection27 2005 Deloitte Touche Tohmatsu

In Conclusion§ The cost of accounting and audit failuresis immense:§ Immense in terms of skepticism aboutthe auditors and the companies.§ Immense in terms of litigation againstthe auditors and the companies.§ Immense in terms of the survival ofthe auditors and the companies.28 2005 Deloitte Touche Tohmatsu

In Conclusion§ The cost of accounting and audit failuresis immense:§ Immense in terms of misallocation ofcapital to companies that don’tdeserve it or that should be payingmore for it.§ And immense in terms of the investorsand society.29 2005 Deloitte Touche Tohmatsu

Thank you for your attention.30 2005 Deloitte Touche Tohmatsu

Corporate Governance Defined §International Standard on Auditing (ISA) 260: “Communications of Audit Matters with Those Charged with Governance” §Governance is the term used to describe the role of persons entrusted with the supervision, control, and direction of an entity.