To help identify the pressing challenges and concerns that are top of mind for audit committees today, KPMG's 2014 Global Audit Committee Survey captures the views of nearly 1,500 audit committee members around the world on a range of timely issues—from the top challenges facing companies in the year ahead and the audit committee's increasing workload, to corporate performance, the effectiveness of the CFO and finance organization, and the quality of the information directors receive about the company's key risks.
As highlighted in the following pages, our survey identifies broad international trends and provides detailed country data on audit committee challenges and concerns in different geographies. Generally, we continue to find that audit committees in countries where corporate governance and audit committee practices are more deeply rooted tend to be more confident in their oversight; yet, audit committee members in every country we surveyed cite opportunities for improvement.
Audit committees have a unique perspective on the risks facing the business; their vantage point sheds important light for the full board—as well as management and auditors. As directors help guide their companies forward in the challenging months ahead, our survey findings can serve as an important tool for benchmarking current practices, identifying gaps and emerging risks, and sparking robust conversations about how audit committees and boards can strengthen their oversight and keep pace in an increasingly complex and fast-changing world.
KPMG's Audit Committee Institute Key Findings:
- Regulation, uncertainty and volatility, and operational risk are top challenges today.
Perhaps not surprisingly, most audit committees around the world point to regulation and the impact of public policy initiatives, economic and political uncertainty, and operational risk and controls as the risks posing the greatest challenges for their companies.
- The audit committee's job continues to grow more difficult.
Nearly half of audit committee members indicate that, given the audit committee's expertise and heavy agenda, it is "increasingly difficult" to oversee major risks—e.g., cyber risk and IT, the risk management processes, and global compliance—in addition to the committee's core responsibilities. A significant number of others said their board has recently reallocated or rebalanced risk responsibilities or created a new committee to address specific risks (or may consider doing so in the near future).
- The quality of information about cyber risk, technology and innovation, and global systemic risk is falling short.
While audit committees rate much of the information they receive about key risks facing the company— legal/regulatory compliance, operational risk, public policy developments—as "good" or "generally good," many say information about cyber security, emerging technologies, and the company's growth and innovation plans needs mprovement. Audit committees also want to better understand the company's global systemic risks and supply chain dependencies.
- Most companies don't have a CFO succession plan in place.
Only about 40 percent of survey respondents said their company has a formal succession plan in place for the CFO—and clear performance objectives to evaluate the CFO's performance. Audit committees would like to see the CFO contributing more to the company's strategy and risk management efforts, as well as "developing talent and bench strength."
- Leading indicators and non-financial drivers of long-term performance are often elusive.
Measuring and monitoring key non-financial drivers of long-term performance—particularly talent, innovation, and brand reputation—continues to pose challenges for many companies, as does identifying "leading indicators" that show where the company is headed and whether its strategy is on track.
- Internal audit should also be looking at risk management, IT, and operational risk—but may lack necessary skills and resources.
More than 80 percent of survey respondents said internal audit's role should extend beyond the adequacy of financial reporting and controls, to include other key risks facing the business; however, only 50 percent said internal audit currently has the skills and resources to be effective in the role they envision.
For more information, download the full report below.