Enhancing Perceived and Actual Audit Committee Effectiveness through Financial Expert Certification

In the ten years since the passage of the Sarbanes-Oxley Act of 2002 (SOX), audit committees have become significantly stronger and more effective in fulfilling their oversight responsibilities (Beasley et al. 2009; Cohen et al. 2010).¹ In particular, the SOX requirement that the audit committee contain a financial expert has been instrumental in promoting effective oversight (Zhang et al. 2007). For example, in April 2012, Tim Ryan (vice chair of PwC and assurance leader) discussed how the extensive financial expertise of AIG audit committee financial expert Michael Sutton (former SEC chief accountant) was instrumental in the ability of AIG's audit committee to work effectively with PwC on its issuance of an adverse opinion on AIG's internal controls over financial reporting as of December 31, 2007, just prior to the bailout of the company in September 2008 (Ryan 2012).² However, other cases, including Groupon's recent coupon reserve accounting problems, have been attributed in part to a lack of sufficient accounting and financial expertise on audit committees (Aubin 2012).

For the purpose of promoting academic, practitioner, and regulatory discussion on ways to further improve audit committee effectiveness, we propose a method of enhancing and more formally legitimatizing the expertise of financial experts. Specifically, we propose that the SEC require an ongoing CPE-driven certification program for financial experts. This program would address many of the challenges that post-SOX audit committees face (cf. Beasley et al. 2009; Cohen et al. 2010) by (1) emphasizing the audit committee's oversight role (i.e., curbing excessive management influence), (2) promoting the dissemination of audit committee best practices, (3) enhancing the accountabilities of external auditors (cf. Peecher et al. 2011), and (4) sending a strong signal to stakeholders that audit committees own the audit process. We do not assert that present audit committee challenges stem from financial experts' lack of diligence, commitment, business acumen, general ability, or intentions. Rather, we argue that financial experts need mechanisms to ensure and signal to stakeholders that they are being provided with up-to-date knowledge of accounting issues and audit committee best practices to most effectively carry out their oversight responsibilities.³ After describing the proposal and its intended benefits in more detail, we discuss potential stakeholder concerns, reactions from two current audit committee chairs, and other potential mechanisms for promoting audit committee effectiveness.

SOX Sections 406 and 407 require that every public company audit committee have a financial expert or disclose and explain why it does not. The SEC originally defined a financial expert as a director with experience preparing or auditing financial statements of public companies (i.e., accounting financial expert). However, because of concerns that very few directors would meet that narrow definition and that, consequently, highly competent and knowledgeable directors would be excluded (Bryan-Low 2002), the SEC (2003) later broadened the definition to include directors with experience as a chief executive officer or president (i.e., non-accounting financial expert). We propose that the SEC (and the stock exchanges through related listing rule changes) augment this requirement by initiating a comprehensive CPE-driven certification program for financial experts. Consistent with the current requirement, if registrants do not have a Certified Audit Committee Expert (CACE) on their audit committee, then they would have to disclose and explain why they do not.

The program would be administered by the SEC, and we suggest specifically by a division under the chief accountant. The division would be charged with designing and administering the CPE program, tracking CPE status for certification purposes, and serving as a consultation unit for audit committee members. The SEC could require registrants to pay a small fee to fund the division. The comprehensive CPE program would consist of (1) current accounting-related issues (e.g., appropriate accounting treatments for frequently encountered and/or especially complex accounting topics), and (2) best practices for audit committees (e.g., how to evaluate the performance of internal and external auditors). These best practices could be based on materials such as the 2010 Report of the NACD Blue Ribbon Commission on the Audit Committee (NACD 2010). Discussions with current audit committee members indicate that members of many audit committees currently receive this type of information from their external auditors or voluntary CPE programs; however, this education is ad hoc, inconsistent across audit committees, and does not create significant perceived value to shareholders or other external stakeholders.

To minimize the time commitment, the CPE modules would be administered primarily online.⁴ However, for reasons discussed below, an annual national training conference also should be considered. Financial experts who complete the CPE requirements would obtain the designation of CACE. To maintain the certification, CACEs would need to attend the annual national training conference, or an alternative annual CPE course, and complete shorter online CPE modules designed to refresh CACEs on important concepts and communicate important current developments. It is important to note that the CPE modules could substitute for other, less targeted, and possibly less effective, CPE currently being completed by financial experts. There also should be a CACE Code of Conduct (similar to the AICPA Code of Professional Conduct or the Certified Financial Planner (CFP) Board's Standards of Professional Conduct), and violations would be grounds for certification revocation that would help protect the reputation of the CACE designation.

This proposal is designed to enhance the expertise of financial experts, as opposed to revising any of their existing duties, responsibilities, or reporting requirements. The certification provides additional perception benefits and helps them stay current on financial reporting issues and audit committee best practices in a formal, systematic way.

There have been two comprehensive qualitative studies of audit committee effectiveness in the post-SOX era.⁵ Beasley et al. (2009) interview 42 audit committee members in the United States, while Cohen et al. (2010) interview audit managers and audit partners about their experiences with audit committees in the post-SOX era, and assess SOX-related changes by comparing their results to similar interviews conducted in the pre-SOX era (reported in Cohen et al. 2002). Both studies find that, compared to the pre-SOX era, audit committees have more expertise, are more diligent, and are more influential when confronting management and resolving disputes, but they also continue to face numerous challenges.

Many of the challenges relate to what several audit committee members describe as a necessary reliance on management. For example, despite the provisions in SOX, management still heavily influences the decision to hire and fire external auditors (KPMG 2004; Gendron and Bédard 2006; Cohen et al. 2010).⁶ In addition, audit committees often take a passive role in resolving disputes between management and external auditors. As audit committees generally expect that disputes be resolved before being brought to the audit committee, they are seldom consulted during important accounting policy decisions (Gendron and Bédard 2006; Beasley et al. 2009; Cohen et al. 2010). In fact, nearly half of the auditors in Cohen et al. (2010) report that post-SOX audit committees are ineffective in resolving such disputes.

By ensuring that audit committees have sufficient information and follow best practices, our proposal should help reduce reliance on management. With respect to hiring and firing external auditors, CACEs would be trained on best practices for evaluating the external audit function. A lack of knowledge of these best practices likely explains why Beasley et al. (2009) find that audit committees frequently do not evaluate external auditors' performance. Such evaluations are critical in thwarting management attempts to unduly influence hiring and firing decisions. For example, audit committees likely feel compelled to change external auditors when management voices displeasure with them. Armed with an effective evaluation of external auditor performance, audit committees likely will be more objective and assertive when responding to management and able to probe management for and assess the reasonableness of the source(s) of displeasure. Accordingly, if management voices displeasure, audit committees would be less likely to fire external auditors that performed well on a best practices evaluation.

As for consideration of accounting policies, CACEs would be trained to ensure that external auditors are sufficiently presenting relevant alternative accounting methods. Likewise, a new SEC division would maintain a consultation unit available to audit committees that are evaluating accounting methods. This expertise would allow audit committees to exercise more effective oversight over critical accounting policies and to better resolve disputes between management and external auditors. Additionally, audit committees would be less likely to rely on management and external auditors for identification of accounting alternatives (Cohen et al. 2010), thereby promoting effective oversight.

These benefits likely will be more pronounced for non-accounting financial experts. Research indicates that accounting expertise helps audit committees constrain earning management (Xie et al. 2003; Bédard et al. 2004), prevent restatements (Agrawal and Chadha 2005), identify internal control weaknesses (Zhang et al. 2007), and promote financial statement conservatism (Krishnan and Visvanathan 2008). Although non-accounting financial experts offer invaluable business knowledge and acumen (e.g., current or retired CEOs), they often are inexperienced in terms of evaluating external auditors and accounting policies. This experience disadvantage could be mitigated by the CPE program, bringing the expertise of non-accounting financial experts closer to that of accounting financial experts.

Our proposal also would be beneficial because it would facilitate sharing audit committee best practices (e.g., NACD 2010; PwC 2011). Beasley et al. (2009) document substantial variation in audit committee processes, including differences in the procedures that members use to prepare for meetings, as well as the frequency, source, and type of communications between meetings. In fact, numerous audit committee members voiced concern about reliance on management for information/agenda setting, insufficient time between receipt of the information packet and meetings, and information overload. Although Beasley et al. (2009) find that 81 percent benchmark their processes against best practices, only 53 percent have a formal benchmarking process. They also document substantial variation in benchmarking procedures.

Cohen et al. (2010) document that external auditors report substantial variation in what is discussed at audit committee meetings. Although results revealed that most audit committees discuss the major accounting and auditing issues, just under half of external auditor respondents noted the discussion of audit plans or results, personnel assignment, audit risk, disagreements with management, internal control, audit fees, or auditor independence at audit committee meetings—the majority of these issues are required matters to be discussed under SOX. Through the CPE program and interaction with other CACEs at the national conference, CACEs would be able to share relevant best practices with their fellow audit committee members, as well as members of other audit committees, regulators, and academics.

CACE-facilitated implementation of best practices would be especially beneficial for financial statement fraud prevention. Beasley et al. (2009) find that audit committee members attempt to distance themselves from responsibilities for assessing fraud risk, and preventing and detecting fraud. Such distancing is potentially attributable to a lack of consensus and awareness of best practices. The Center for Audit Quality (2010) released a set of best practices for audit committees with respect to fraud prevention and detection. CACEs could facilitate the implementation of these and other best practices related to financial statement fraud prevention.

Peecher et al. (2011) provide seven recommendations to strengthen the accountability of external auditors. Our proposal would directly fulfill four of the seven recommendations, including:⁷

1. 1. 

   Utilizing a reasonableness test to evaluate auditor judgment processes.

2. 2. 

   Conducting a concurrent review of auditors by the appropriate regulatory agency.

3. 3. 

   Rewarding auditors that effectively challenge financial statement quality.

4. 4. 

   Developing communication channels about auditor best practices.

Peecher et al. (2011) posit that assessing the reasonableness of auditor judgment processes provides a more consistent and reliable means of evaluating auditors than being held accountable for audit outcomes, as failing to detect material misstatements does not necessarily indicate that a poor audit was performed (e.g., well-concealed fraud) and the lack of material misstatements does not necessarily indicate that a good audit was performed. Currently, applying this recommendation is difficult because PCAOB inspections are conducted on a retrospective basis, making the judgment process only observable through audit documentation.

Through their enhanced expertise, CACEs would be well equipped to evaluate the reasonableness of auditor judgment processes. In fact, the SEC could incorporate such a reasonableness test into the best practices for evaluation of external auditors. Although we do not advocate publicizing the results of these reasonableness tests, CACEs could be encouraged to communicate particularly unreasonable or exemplary judgment processes to the SEC, satisfying Peecher et al.'s (2011) second and third recommendations.⁸ That is, auditors would be made aware that CACEs have the responsibility to report highly questionable judgment processes (Recommendation 2), and also to reward auditors who are particularly resolute in challenging management on financial statement quality (Recommendation 3). The SEC could then provide some form of public acknowledgement for audit firms that are doing a particularly good job.⁹ For example, the SEC could publish a periodic “honor roll” with descriptions (that maintain client confidentiality) of exemplary judgment processes.

Finally, Peecher et al. (2011) discuss how auditors can review PCAOB inspection reports to assess what auditors “do wrong,” but there is little information about what auditors “do right.” The SEC could compile CACE communication about best external audit practices and communicate the results among public accounting firms, the PCAOB, and academics.

The final benefit relates to the signals that it sends to stakeholders. Currently, audit committees do not have particularly effective ways of communicating efforts to enhance their expertise and effectiveness (e.g., members attending regional or national conferences or participating in other CPE) to stakeholders. In addition, if the SEC invests resources into the expertise of the audit committee, this would send a strong signal to stakeholders (e.g., management, internal and external auditors, shareholders) that the audit committee owns the audit process. Also, DeFond et al. (2005) find that the market reacts positively to the appointing of accounting financial experts, but treats appointment of non-accounting financial experts as a non-event. Thus, it is reasonable to expect similar positive reactions when financial experts (especially non-accounting financial experts) obtain the CACE designation, because of perceptions of increased accounting expertise.

Some stakeholders might be concerned that the affiliation of CACEs with the SEC will result in external auditors being reluctant to engage in candid discussions, including troublesome issues, with the audit committee. However, this proposal only involves reporting particularly unreasonable judgments and potentially rewarding auditors for strong performance (i.e., CACEs are not auditing the auditors). As such, this concern only should apply to auditors with “something to hide,” who would be reluctant to approach the audit committee in the first place. As long as auditors are properly informed about the role of CACEs, there should be increased, rather than decreased, interaction between external auditors and audit committees.

Another possible concern is that our proposal would reduce the appeal of serving as an audit committee's financial expert, thereby reducing the overall quality of financial experts. We view this possibility as remote, considering that the CACEs' CPE requirements could substitute for other less valuable courses currently being taken, and that much of the CACE requirements could be fulfilled online, at the financial expert's convenience. In addition, the CACE designation should increase the financial experts' appeal to other companies searching for competent audit committee members. Another aspect of our proposal that might decrease the attractiveness of serving as a financial expert is the potential for increased legal liability because of a higher perceived standard of care. However, as their expertise is enhanced while their role is unchanged, financial experts' potential legal liability could actually decrease because of a reduced probability of accounting restatements and related shareholder litigation.¹⁰ Nevertheless, the possibility of increased litigation exposure is something to be carefully examined if the proposal is pursued.

A related concern is that the proposal will be perceived as placing an additional burden on financial experts who currently fulfill their oversight responsibilities effectively. The concern assumes that, as long as financial experts attempt to do a good job, they will not benefit from enhanced expertise and knowledge of best audit committee practices. We believe that the Beasley et al. (2009) and Cohen et al. (2010) findings convincingly demonstrate that further improvements are possible, even for the most diligent audit committee members. For example, COSO (2012) recently released a paper discussing how board members can avoid judgment biases to which even the most diligent decision makers are susceptible. In an increasingly complex and dynamic business environment (i.e., looming IFRS convergence or accounting for new business models, such as Groupon and Facebook), additional training for even the most adept and experienced financial expert will only enhance appropriate oversight. As for the less than diligent financial experts, our proposal hopefully would serve as a wake-up call or motivate them to resign as financial experts because of the more stringent requirements. A related impediment to our proposal leading to behavioral change might be when the audit committee must overcome excessive cronyism. In such cases, it might be prudent for the board to replace the current financial expert with a more independent CACE; however, that decision should be made by the nominating and governance committee, which is beyond the scope of this proposal.

An additional concern is that the proposal could lead to isomorphism—that is, the CACE training process could lead to audit committees becoming very similar over time (cf. DiMaggio and Powell 1983), rather than being tailored to specific industries and benefitting from a diversity of opinions and processes. We believe that this risk would be mitigated because the proposal does not affect the current composition of audit committees. Rather, the CACE's role would augment industry-specific considerations with knowledge of best practices. In addition, the SEC could design CPE courses that are tailored to specific industries, or elective courses for topics of particular concern to certain financial experts.

To gauge reaction to and improve our proposal, we elicited feedback from two current audit committee chairs. Both chairs agreed that further increases in audit committee effectiveness were possible, and hoped that our proposal would stimulate practitioner and regulatory discussion on how to best promote effectiveness.

Chair 1 was not supportive of a previous version of the proposal that included a required certification exam for financial experts. He felt that financial experts would be averse to taking an exam that would limit audit committee flexibility and therefore the supply of competent financial experts. He was more supportive of the revised proposal that eliminated the exam, but stressed the importance of tone-at-the-top. Specifically, he believes that audit committee effectiveness hinges on the chair setting the proper tone-at-the-top, which he asserts is largely unaddressed by our proposal. Our reaction is that many, if not most, audit committee chairs would like to set the proper tone-at-the-top, but struggle for a number of reasons, including the issues discussed in this proposal plus the challenges associated with an audit committee chair also not serving as chairman of the board. Our proposal equips audit committee chairs with a mechanism, the CACE, which should lead to increased knowledge of best practices by both the financial expert and the other audit committee members. Accordingly, the audit committee members' role as full board members should enhance the tone-at-the-top for most boards. As for the (hopefully small number of) audit committee chairs who are not concerned with setting the proper tone-at-the-top, almost any proposal would likely be met with resistance and be ineffective.

Chair 2 was supportive of the proposal, as he believes that it addresses many of the listed challenges. Specifically, he asserts that the proposal would be beneficial because it ensures a minimum level of audit committee competence and access to the tools that audit committees need to be effective. However, he described two issues that he felt would be largely unaddressed by our proposal. First, he asserts that the necessary reliance on management is largely a function of the public accounting profession not acknowledging the proper role of the audit committee and continuing to work primarily through management. That is, although audit committees still hire, fire, and evaluate external auditors, he believes that their oversight ability is hindered by external auditors not informing audit committees of critical audit issues, etc. on a timely basis, and being presented with highly sanitized solutions that protect management. Second, he believes that even the most competent and well-informed financial expert is still only one member of the larger audit committee and board of directors. Therefore, in many instances, such as in the presence of excess management cronyism, our proposal would be unlikely to result in significant behavioral change.

It is not surprising that SOX did not completely change the longstanding, engrained accounting firm cultures of treating management as the client. However, if the audit committee chair perceives that the committee's effectiveness is being compromised, this belief should factor into the committee's evaluation and retention of the external auditor. Having an independent provider of CPE materials and sharing best practices should help audit committees more readily identify these situations and feel more empowered to address this issue, by reminding the external auditor that it works for the audit committee and not management. As discussed, our proposal would equip the audit committee with related best practices, which could include how to set and communicate audit committees' expectations of appropriate communication and behavior to the external auditors. Similar to the tone-at-the-top concern expressed by Chair 1, effectiveness improvements for boards with, for example, extreme cronyism will be challenging, and more radical reforms may be necessary if cronyism is deemed pervasive (see the “Alternative Methods” section).

There are several alternative methods for promoting effective audit committees. One less radical proposal would be finding ways to simply increase information dissemination from regulators and auditors to audit committee members. Such dissemination would offer similar benefits to our proposal if (1) it were consistently relevant and of high quality, and (2) there were a mechanism to ensure that audit committee members who already complain of information overload (cf. Beasley et al. 2009) would read the material. Our proposal satisfies both of those conditions more reliably than simply disseminating more information.

Another less radical proposal would be to simply raise the required qualifications for financial experts. Although stronger qualifications might offer similar benefits in terms of enhanced expertise, it would also reduce the pool of potential financial experts. In addition, enhanced expertise does not necessarily translate into up-to-date knowledge of best audit committee practices. Also, as previously noted, the SEC initially had higher qualifications for financial experts (i.e., accounting expertise), but relaxed that requirement because of opposition.

Similarly, the SEC could simply raise the CPE requirements for financial experts (or all audit committee members). This suggestion essentially is what we are proposing, but the certification aspect of our proposal also signals to external stakeholders the commitment of CACEs to approach the role of financial expert diligently. Another less radical proposal would be to offer retreats or conferences where audit committee members could informally network and share best practices. Although such networking and information sharing is the purpose of the national conference aspect of our proposal, it does not, in isolation, offer the same benefits of the CPE program and CACE certification. Further, there already are similar regional and national conferences; however, the CPE is not standardized, nor are there effective ways to signal these efforts to stakeholders.

More radical changes include government-appointed audit committee members. These appointments could be seen as a more effective means of overcoming management cronyism and the necessary reliance on management. Advocates of such government intervention cite Beasley et al.'s (2009) finding that 33 percent of audit committee members have personal ties to management or other board members. Our proposal to increase audit committee effectiveness also could be considered an alternative to more radical changes to the auditing profession in general. For example, the PCAOB (2011) recently raised the issue of audit firm rotation. Likewise, the European Commission (2010) Green Paper was highly critical of the audit profession and suggested potential radical changes in Europe, including government-appointed auditors, audit firm rotation, audit fee limits, and changes to the organizational structure of audit firms. Three of the Big 4 international firms have responded to the EC Green Paper by advocating an expanded role of the audit committee (e.g., Ernst & Young 2010). We echo these sentiments that promoting effective audit committees would likely be preferable to more radical reforms.

This paper proposes that the SEC initiate and require a comprehensive CPE and certification program for audit committee members serving as financial experts. Benefits of the proposal include curbing excessive management influence, promoting the sharing of best audit committee practices, enhancing the accountabilities of external auditors, and sending a strong signal to stakeholders that the audit committee owns the audit process. Although we cannot guarantee any of these outcomes, our primary purpose is to simply stimulate and inform regulatory, practitioner, and academic discussion on how to promote effective audit committees.