Your board’s audit committee is a first line of defense against fraud. But to be effective, committee members need to do more than simply review financial statements and audit results. Members should also adopt the following best practices:
Conduct risk assessments. Identify the types of risks faced by your company and their likelihood of occurrence. These assessments should include an evaluation of existing internal controls.
Be knowledgeable. Become familiar with relevant accounting issues and recent developments. Also ask questions and challenge management on the accounting for complex transactions. If your company’s industry has specialized accounting rules, consider consulting outside specialists.
Communicate with external auditors. Regularly touch base with outside auditors, because the external audit team performs many fraud prevention functions. Schedule formal meetings before the audit to elicit input on issues auditors should examine and after the audit is complete to follow up on those issues.
Verify compliance. Confirm that management is performing annual reviews of your company’s compliance programs and reporting systems. Also become familiar with ethics requirements, such as those in the Dodd-Frank Act, the Foreign Corrupt Practices Act and any applicable whistleblower laws.
Set the tone. Employees can’t reasonably be expected to abide by antifraud standards and processes if they don’t see proper behavior modeled and reinforced from the top of the organizational chart. Your committee can help foster a culture of accountability and integrity by establishing anonymous reporting mechanisms and requiring prompt investigation of, and follow-up on, whistleblower complaints.
Reach out. Don’t restrict internal communications to upper management or the CFO. Reach out to lower-level employees, too, so those employees feel comfortable reporting concerns and suspicions.
Audit committee members have a fiduciary duty to protect investors, lenders and other stakeholders from fraud. Contact Ashley Lee, CPA, CFE at firstname.lastname@example.org if you have questions about following best practices. We can also help you stay on top of fraud trends and compliance requirements.