The Audit Committee’s Role in Overseeing Non-financial Information.
What do drug pipelines, like-for-store growth and website traffic have to do with a company’s financial statements? Virtually nothing—and that may be a problem for audit committees.
Here’s the issue: investors, analysts and other stakeholders no longer evaluate a company’s performance based solely on its financial statements. Instead, stakeholders in all industries increasingly demand—and receive—a wide range of non-financial information that can be found in corporate responsibility reports, corporate presentations to investors—even in the MD&A (management discussion and analysis). Investors may also look at corporate press releases, speeches, blog posts and a range of other disparate sources. In oil and gas, for instance, they might consider a company’s exit rate, which is the daily volume of oil or gas a company produces on a specific date. Similar metrics are of equal interest in other industries as well.
As the extent to which people rely on historical financial statements declines, the importance of non-financial metrics—and their quality—rises. Many audit committees, however, continue to confine the focus of their review process to financial statements and the MD&A. As a result, non-financial information that appears outside those traditional documents—for example, in a corporate responsibility report—is frequently un-vetted and un-reviewed for accuracy of information or consistency of message. This can be an issue, as few reporting processes are as rigorous as those for financial reporting. For example, a recent KPMG survey found that in 2013, 25% of the world’s largest companies made restatements to their corporate responsibility data. While some of these were due to changing reporting methodologies, this clearly suggests the initial information was not prepared with suitable rigor; a proper vetting process would help lower the risk of investors receiving unreliable non-financial information from that source.
These kinds of inaccuracies could potentially expose companies to significant risk if it turns out investors are relying on inaccurate information. This is especially true in the age of social media, where information is often released to the public every day (or several times a day) without passing through official channels. It’s important to note, however, that the concept of integrated reporting is on the rise, combining financial, management commentary, governance and remuneration, and corporate responsibility reporting into an accurate, coherent whole. Many firms, in fact, are making a tentative move toward vetting non-financial information along with financial data in their annual reports and the trend may be expanding: In 2011, South Africa’s regulator became the first to require listed companies to produce annual integrated reports of financial and non-financial information.
51% of companies now include non-financial information in their annual financial report.
To be sure, this issue is not—and should not be—the sole domain of the audit committee. In fact, some companies have set up separate disclosure committees specifically to review the accuracy of non-financial information the company plans to release. These disclosure committees often include members of the senior management team who are charged with reviewing materials intended for external circulation to ensure their accuracy. Depending on the type of information being released, it may be reviewed by executives in finance, operations, technology or other relevant functional areas.
Where non-financial disclosures have the potential to be heavily relied on, some companies even distribute the information to the board in advance—not necessarily to ask for approval, but to help ensure the board remains informed of relevant disclosures.
The role of the audit committee, then, is not to review all non-financial information, but to assist in ensuring that management has well-defined processes and controls in place for the preparation, dissemination and oversight of this information. Questions they can ask in pursuit of this goal include:
Given the complexity and variety of issues that require audit committee oversight, it is no surprise that many audit committees have not seriously considered this issue. On the plus side, this is likely not an issue that needs to be made into a regular agenda item. Quite the contrary, most audit committees can consider this issue in one meeting by asking management to present their process for handling the disclosure of non-financial information. If an effective process is in place, the issue can be tabled for annual review. If not, the audit committee should be aware of this gap and take steps to have management remediate it.
Right now, companies release non-financial information in varying degrees and through various mechanisms, and what and how much information gets released is not fully regulated in Canada. Does your audit committee understand the processes and controls your organization has—if any—around the non-financial information that gets disseminated? Based on our survey, many issues exist. If non-financial metrics continue to gain value in stakeholders’ eyes, regulation may increase, and audit committee oversight may be expected and perhaps required. If that happens, companies that have never considered the matter will have some serious catching up to do.