Audit Committee Reports Before and After Sarbanes-Oxley
A Study of Companies Listed on the NYSE

By Ganesh M. Pandit, Vijaya Subrahmanyam, and Grace M. Conway

E-mail Story Print Story

In the late 1990s, the SEC began to require listed companies to provide an audit committee report as part of the annual proxy statement. Under Release 34-42266, the SEC required that the audit committee state in its report whether it: 1) has reviewed and discussed the audited financial statements with management; 2) has discussed with the independent auditor the matters required under Statement on Auditing Standards (SAS) 61; 3) has received from the auditor disclosures regarding the auditor’s independence as required by Independence Standards Board Standard 1, and discussed the topic; and 4) has, based on the above, recommended to the board of directors that the audited financial statements be included in the company’s Form 10-K. These mandatory disclosures from the audit committee about its role in the financial reporting and auditing process clearly were intended to build investor confidence.

The Sarbanes-Oxley Act of 2002

The recent wave of huge corporate scandals caused Congress to revisit the regulation of corporate financial reporting, resulting in the Sarbanes-Oxley Act (SOA) in 2002. SOA demands significantly higher responsibility from audit committees of publicly traded companies, and amends section 10A of the Securities Exchange Act of 1934 to make the audit committee of a reporting company an important participant in the financial reporting process of the company. Specifically, SOA sections 202, 301, and 407 require the following:

• Each audit committee member must be independent, as defined in the act;
• At least one member of the audit committee must be a “financial expert,” as defined by the SEC;
• The audit committee is directly responsible for the appointment, compensation, and oversight of the auditor, who in turn reports directly to the audit committee;
• All auditing services and most nonauditing services must be preapproved by the audit committee;
• The audit committee has the authority to engage independent counsel and other advisors as necessary to carry out its duties; and
• The audit committee must establish procedures for the receipt, retention, treatment, and confidential handling of complaints regarding accounting- and auditing-related matters.

Before and After

Subsequent to SOA, the SEC released revised compliance rules in April 2003, and the NYSE revised its listing rules in November 2003. The authors examined the audit committee reports that a sample of NYSE-listed companies published in their 2003 and 2004 proxy statements, that is, before and after the SEC rules became effective. Did the evidence indicate an improvement in the voluntary disclosures made by audit committees in their reports with respect to SOA requirements? Or in the number of times the audit committee met during the year, which is an important indicator of how active the committee is? Did the committee come to a clear conclusion about the auditor’s independence, which would serve as an indicator of the auditor’s objectivity?

The authors limited their focus to the actual “audit committee report” text rather than any of the other information appearing in the proxy statement. It is possible that information about the audit committee might be found in other areas of the proxy statement, but such information is more appropriately included in the audit committee report, where users will naturally look for it. An audit committee’s report can be its most significant means of communicating with stockholders with regard to how effectively it has fulfilled its fiduciary responsibilities. The audit committee report should go above and beyond the SEC’s minimum requirements and communicate any matters of importance to stockholders.

Collection of Data, and Results of the Study

The authors reviewed the contents of the audit committee reports from the 2003 and 2004 proxy statements of 100 randomly selected companies listed on the NYSE. The audit committee report was examined to determine whether the content was enhanced in 2004 with reference to the items listed in the Exhibit. The Exhibit shows a clear diversity in the voluntary disclosure practices that audit committees used in their reports.

The Exhibit indicates significant improvement in some areas and minor improvement in other areas in terms of the voluntary disclosures made in 2004. The change is prominent in three areas: a clear identification of the financial experts on the committee; a definitive conclusion about the independence of the auditor; and a disclosure about the policy regarding the preapproval of nonaudit services.

In the 2003 audit committee reports, there was no disclosure regarding the existence of a policy for the preapproval of nonaudit services; this was expected, because there was no such requirement before SOA. It is an encouraging fact that a large percentage of audit committees not only have adopted such a policy by 2004 but also are making it known through their report. This is important, given the controversy that surrounded the large revenues certain audit firms generated by providing nonaudit services to audit clients.

In 2003, only a small percentage of audit committee reports acknowledged having a financial expert on board. This percentage increased significantly in 2004, which again is a good indication that committees are beginning to realize the significance of having members with expertise in accounting matters that can improve the functioning of the audit committee. It is surprising that, before the new requirements became effective, very few audit committees included a definite conclusion in their reports about the independence of the company’s auditor. Most of them confirmed only that they had discussed the issue with the auditor. In 2004, this percentage went up significantly, which means that more audit committees now recognize the need for emphasizing auditor independence as part of restoring investors’ faith in the corporate financial reporting. Overall, these changes are evidence of a positive trend.

The study found other areas of improvement in the amount of information voluntarily disclosed in audit committee reports:

• The percentage of reports that specifically mentioned that the members of the committee were independent, as defined by the SEC and the NYSE rules, increased from 2003 to 2004. Such a statement helps uphold the objective image of the audit committee members.
• The percentage of audit committees reporting an increase in the number of meetings held per year went up. Informing stockholders about the number of times the committee met can provide added assurance that the committee is working diligently to protect their interests.
• In comparison to the pre-SOA period, more committees now acknowledge their responsibility for the appointment, retention, and compensation of the auditor, and their oversight role in the overall financial reporting and auditing process. This is fundamental to the audit committee’s role as the corporate watchdog of financial reporting.
• While none of the audit committee reports, pre- or post-SOA, contained any information about a procedure to handle complaints from employees regarding internal controls or accounting and auditing matters, there was a slight increase in the number of audit committees reporting that they have hired legal counsel to assist them in the performance of their duties. Given the increased attention of investors and the media toward the performance of audit committees, this may be a vital step.

Other Observations

While all of the audit committee reports in the sample covered the four mandatory disclosures required by the SEC, there was more variety in terms of voluntary disclosures, both before and after the SOA requirements became effective. The reports varied significantly in length and organization; some were one-paragraph summaries; others were presented with subheadings that made it easy to find different pieces of information.

In the post-SOA era, a few committee reports have included disclaimers that explicitly mention what the audit committee is not responsible for, or that note the audit committee is unable to conclude that the auditor is independent. Given the current environment in which audit committees increasingly are being criticized about the performance of their duties, such a disclaimer may be a legally safe step; however, only a small number of audit committees included such a disclaimer or statement in their report.

Providing Stronger Assurance to Shareholders

The rising interest in the audit committee’s role in the financial reporting process is not a new phenomenon. The passage of SOA has focused attention on the responsibility of audit committees to effectively oversee the independent auditor. There is now a greater burden on audit committees to provide a higher assurance to the users of the financial statements regarding the committees’ effectiveness in the performance of their assigned duties. Under these circumstances, it is imperative that an audit committee be cautious in fulfilling its responsibilities and reporting to its shareholders. If the audit committees of listed companies have received the message clearly, the future should see an increase in the amount of voluntary disclosures made in the audit committee report.