I AM CHANGING THIS BLOG’S WEBSITE URL TO AUDITCOMMITTEEUPDATE.COM

Greetings. Just a brief notice. I am changing the url of directorofficernews.com to http://auditcommitteeupdate.com to better reflect the blog’s concentration. The nature of the posts will remain the same – audit committees, risk, compliance, D&O, business, investigations, auditing, etc.  Thank you. Please bear with me as I make this change, and hopefully I will do it correctly – you shouldn’t have to make any changes yourself to continue receiving updates. Happy 2016! It should be a year of great opportunities. Dave Tate

In Anchorage, AK For A Few Days – Picture Of The Mountains

I’m in Anchorage for a few days with wife, helping a son and daughter in law pack for their move back to California. This is a picture of the nearby mountains. It was a bumpy flight into Anchorage – air turbulence and passenger gasps – the Alaska Airlines pilot and staff did a great job – the passengers spontaneously applauded when we touched ground. We’re having a bit of a heat wave – it gets up to the low 30’s during the day.

SEC.gov | J.P. Morgan to Pay $267 Million for Disclosure Failures

Sourced through Scoop.it from: www.sec.gov

Dave Tate, Esq. comment. Another example where the SEC has obtained sufficient evidence to convince the charged business entity to admit facts and acknowledge that the conduct violates laws. As you would be aware from prior posts, I have no respect for a SEC order or finding that is based only on the alleged failure to maintain adequate books, records and controls, or that contains only allegations and no admitted facts or acknowledgement of violation by the entity. The question remains to what extent the SEC will go after individuals now and in the future?

I have also pasted below a copy of the JP Morgan Chase audit committee charter (March 2015) – simply because I find audit committee charters interesting, and most in some manner list compliance with laws to be an oversight responsibility of the audit committee. I am working on an audit committee charter chapter which will be added to Tate’s Excellent Audit Committee Guide (you can find the updated Guide posted at various times to this blog – currently the October update is the most current). I am concluding, however, that audit committee charters for public companies do not have much practical value, except for a court or the SEC that might want to hold an audit committee responsible for not sufficiently satisfying the activities that are listed in the charter. The charter can be useful as a list, but how the audit committee and its members go about satisfying the responsibilities is much, much more important. I do, however, believe that an audit committee charter for a nonprofit entity does, or can, have more value because unlike for public companies, nonprofit audit committees have very few, i.e., almost no, statutory or other listed requirements that can be used as guides.

The following is the JP Morgan Chase audit committee charter. And I’m not being critical, but if you read through the charter, for almost every responsibility you can say “okay, but how is the committee going to accomplish that?” And that is also an issue with most audit committee charters and with the various legal and exchange audit committee requirements, which is where satisfying the business judgment rule comes into play.

JP Morgan Chase & Co. Audit Committee Charter (effective March 2015)

https://www.jpmorganchase.com/corporate/About-JPMC/ab-audit-committee.htm

DT note: the JP Morgan Chase website states that the audit committee has only three members – considering the below list of responsibilities, those three members must be very busy.

 

Audit Committee

 

Committee Charter

 

Mission

The purpose of the Board of Director’s Audit Committee is to assist the Board in its oversight of:

  1. The independent registered public accounting firm’s qualifications and independence;
  2. The performance of the corporation’s internal audit function and independent registered public accounting firm;
  3. Management’s responsibilities to assure that there is in place an effective system of controls reasonably designed to:
  • Safeguard the assets and income of the corporation,

  • Assure the integrity of the corporation’s financial statements, and

  • Maintain compliance with the corporation’s ethical standards, policies, plans and procedures, and with laws and regulations.

    Primary responsibility for assisting the Board in its oversight of legal risk and operational risk, including the New Business Initiative Approval (NBIA) process, rests with the Audit Committee.

    The Risk Policy Committee’s responsibilities include oversight of management’s exercise of its responsibility to assess and manage credit risk, market risk, structural interest rate risk, principal risk, liquidity risk, country risk and model risk; the governance frameworks and/or policies for operational, fiduciary, reputational risks and NBIA; and capital and liquidity planning and analysis.

    Responsibility for assisting the Board in its oversight of compliance risk rests with both the Risk Policy Committee and the Audit Committee.

    Each committee of the Board oversees reputational risks within its scope of responsibility.

    Membership

  1. The Audit Committee shall be comprised solely of non-management directors, not fewer than three in number.

  2. Each member of the Audit Committee shall meet the independence standards and expertise requirements of the New York Stock Exchange corporate governance listing standards, the Securities Exchange Act of 1934 and rules promulgated thereunder, the Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA), and other applicable laws and regulations, in each case, as of the Firm’s most recent annual meeting. In particular, each member of the Committee shall be financially literate and at least one member of the Committee shall be deemed an “audit committee financial expert” as defined by the Securities and Exchange Commission.

  3. Membership on the Audit Committee is reviewed each year by the Corporate Governance & Nominating Committee and approved by the Board, which also designates a Chair for the Committee. Each Audit Committee member and Chair serves at the pleasure of the Board.

    Meetings

  1. The Audit Committee shall meet as often as it determines, but not less frequently than eight times per annum. The Chair shall preside at all meetings of the Committee and shall set the agenda.

  2. The Audit Committee shall meet periodically with the General Auditor, the independent registered public accounting firm, and executive management in separate private sessions to discuss any matters that the Audit Committee or these persons believe should be discussed. Such sessions shall generally be held in conjunction with regularly scheduled meetings of the Audit Committee.

  3. The Audit Committee may also meet periodically in separate executive sessions.

  4. The Audit Committee may request any officer or employee of the corporation or the corporation’s outside counsel or independent registered public accounting firm to attend a meeting of the Audit Committee or to meet with any members of, or consultants to, the Audit Committee.

  5. The Audit Committee has authority to retain outside legal counsel, or accounting or other advisors, when deemed necessary, including authority with respect to approval of fees and terms of retention, without the prior permission from the corporation’s Board of Directors or management, and shall be provided the necessary resources for such purposes.

  6. The Audit Committee shall report periodically to the Board, generally at the next regularly scheduled Board meeting following an Audit Committee meeting, on actions taken and significant matters reviewed by the Audit Committee.

  7. The Audit Committee shall meet not less than semi-annually with the Risk Policy Committee on topics of common interest or other matters as required by law, regulation or agreement.

    Duties and responsibilities

    The Audit Committee shall have the following duties and responsibilities:

    A. Oversight of the corporation’s relationship to internal audit and independent registered public accounting firm.

  1. The independent registered public accounting firm for the corporation is accountable to the Board of Directors and Audit Committee of the corporation, as representatives of the stockholders, and shall report directly to the Audit Committee.

  2. The Audit Committee shall have the authority and direct responsibility to appoint, retain, compensate, evaluate and, where appropriate, replace the independent registered public accounting firm (subject to stockholder ratification if required or sought by the Board of Directors), and shall advise the Board of Directors on these matters.

  3. The independent registered public accounting firm shall submit, at least annually, a written report to the Audit Committee regarding:

    • The auditor’s internal quality-control procedures.

    • Any material issues raised by the most recent Public Company Accounting Oversight Board inspection, peer review, or PwC internal quality control review or by any inquiry or investigations by governmental or professional authorities within the preceding five years respecting one or more independent audits carried out by the audit firm, and any steps taken to deal with such issues.

      The independent registered public accounting firm shall also submit such a report to the Audit Committee promptly after any review, inquiry or investigation referred to in the preceding sentence.

  4. The independent registered public accounting firm shall also submit on a periodic basis, but at least annually, to the Audit Committee a formal written statement delineating all relationships between the audit firm and the corporation, including each non-audit service provided to the corporation and at least the matters set forth in Public Company Accounting Oversight Board Rule 3526.

  5. The Audit Committee shall discuss with the independent registered public accounting firm whether any disclosed relationships or services, or any other factors, may impact the objectivity and independence of the independent registered public accounting firm, and shall recommend to the Board that it take appropriate action to satisfy itself of the independence of the independent registered public accounting firm.

  6. The Audit Committee shall have authority to approve all fees and terms of engagement of the independent registered public accounting firm and shall pre-approve, or adopt appropriate procedures to pre-approve, all audit and non-audit services to be provided by the independent registered public accounting firm.

  7. The Audit Committee shall set clear hiring policies for employees or former employees of the independent registered public accounting firm and for audit partner rotation in compliance with applicable laws and regulations.

  8. The Audit Committee shall consider whether, in order to assure continuing auditor independence, there should be a regular rotation of the independent registered public accounting firm.

  9. The General Auditor shall functionally report directly to the Audit Committee and administratively to the Chief Executive Officer.

  10. The Audit Committee shall consult with the CEO and shall approve the appointment, evaluation, replacement, reassignment, or dismissal of the General Auditor. The Audit Committee or its Chair shall consult with the CEO and the Compensation & Management Development Committee or its Chair and shall approve the compensation and succession planning of the General Auditor. The Audit Committee shall also review the performance and approve the succession planning of the General Auditor’s direct reports.

  11. The Audit Committee shall annually review and approve the charter of the internal audit function, and the General Auditor’s proposed annual audit plan, financial budget and staffing, and overall risk-assessment methodology, and shall approve any significant interim changes to the foregoing.

  12. The Audit Committee shall receive periodic communications from the General Auditor on the completion status of the annual audit plan (including any significant changes made to such plan), as well as the results of internal and external quality assurance reviews.

  13. The Audit Committee shall discuss with management and the independent registered public accounting firm, and resolve, any disagreements between the auditors and management regarding financial reporting.

  14. The Audit Committee shall review with the independent registered public accounting firm any audit problems or difficulties and management’s response thereto.

    B. Compliance and regulatory oversight responsibilities

    The Audit Committee shall:

  1. Receive from the General Auditor, periodically, and from management, as appropriate, communications and presentations on:

    • Significant operating and control issues in internal audit reports, management letters, and regulatory authorities’ examination reports, and the status of the resolution of such issues; and

    • The status of significant investigations.

      The Audit Committee may initiate such other inquiries into the affairs of the corporation as it deems necessary or appropriate.

  2. Receive periodic presentations from management and the independent registered public accounting firm on:

    • The identification and resolution status of material weaknesses in the internal control environment and any significant deficiencies in the design or operation of internal controls that could adversely affect the corporation’s ability to record, process, summarize and report financial data.

    • Any fraud, whether or not material, that involves management or other employees who have a significant role in the corporation’s internal controls.

  3. Receive periodic presentations, but not less frequently than annually, from the General Auditor on the review, and related results, of each Operating Committee member’s expense account and perquisites, including their use of corporate assets.

  4. Establish procedures for the receipt, retention and treatment of complaints received by the corporation regarding accounting, internal accounting controls or auditing matters, and for the confidential, anonymous submission by corporation employees of concerns regarding questionable accounting or auditing matters.

  5. Review periodically with the corporation’s General Counsel or appropriate delegates and other members of management, significant legal cases outstanding against the corporation or its subsidiaries and other regulatory or legal matters that may have a material impact on the corporation’s financial statements.

  6. Review the program established by management that monitors compliance with the Code of Conduct and reviews the record of such compliance.

  7. Review, together with the Risk Policy Committee, periodically with the Global Head of Compliance, or appropriate delegates and other members of management, compliance and regulatory matters affecting the Firm, material changes to the Compliance Program framework, and any specific compliance policies requiring Board review or approval. The Global Head of Compliance shall have access to communicate with the Audit Committee and the Risk Policy Committee on any matter relevant to the compliance program.

  8. Review, together with the Risk Policy Committee, reports prepared by the internal audit function regarding the performance of the risk management function.

  9. Review a report to be submitted periodically by the Chief Risk Officer to the Audit Committee and the Risk Policy Committee on:

    • The corporation’s risk management control environment, including: the establishment, review, and compliance with risk limits; staffing; and independence of the risk function; and

    • Any material issues regarding risk management raised by internal audit reports rated less than satisfactory or by regulatory reports identifying matters requiring attention.

  10. Receive regulatory authorities’ significant examination reports, or summaries of the same, pertaining to the corporation that are within the scope of responsibilities of the Audit Committee.

  11. Receive communications and presentations from management summarizing the suspicious activity report filing activity of the Firm and/or its subsidiaries with the appropriate regulatory and law enforcement agencies.

  12. Review management reports issued by the corporation in accordance with FDICIA and the corresponding independent registered public accounting firm’s attestation and agreed-upon procedures reports.

    C. Financial statement and disclosure matters

    The Audit Committee shall:

  1. Provide reports to the Board which include reviews of any issues that arise with respect to the quality or integrity of the corporation’s financial statements, the corporation’s compliance with legal or regulatory requirements, the performance and independence of the independent registered public accounting firm, or the performance of the General Auditor.

  2. Prepare the Audit Committee report required by the rules of the Securities and Exchange Commission to be included in the corporation’s annual proxy statement.

  3. Review and discuss, at least annually, with management, the independent registered public accounting firm and the General Auditor the scope of the audit.

  4. Review and discuss, at least quarterly, with management, the independent registered public accounting firm and the General Auditor the annual audited financial statements and quarterly financial statements, including reviewing the corporation’s specific disclosures made in “Management’s Discussion and Analysis of Financial Condition and Results of Operation.”

  5. Review and discuss with management, the independent registered public accounting firm and the General Auditor, and receive a timely report from the independent registered public accounting firm with respect to:

    • Any significant accounting, income tax, financial, reporting policies, issues or judgments made in connection with the preparation, or audit, of the corporation’s financial statements and other financial or informational reports, any major issues regarding or significant changes in the corporation’s selection or application of accounting principles, the development, selection and disclosure of critical accounting estimates or judgments (including reserves), and, as appropriate, analysis of the effect of any alternative assumptions, estimates or GAAP methods on the financial statements, and the effect of regulatory examinations or any regulatory and accounting initiatives, as well as off-balance sheet structures, on the financial statements.

    • Obtain from the independent registered public accounting firm a timely report relating to any material communications between the independent registered public accounting firm and management, such as any “management letter” or schedule of unadjusted differences.

  6. Review internal accounting control reports (management letters) submitted by the independent registered public accounting firm which relate to the corporation.

  7. Review summaries of significant issues in management letters addressed to subsidiaries of the corporation.

  8. Discuss with management the corporation’s earnings press releases, as well as financial information and earnings guidance provided to analysts and rating agencies.

  9. Discuss with the independent registered public accounting firm the matters required to be described by PCAOB AS 16 (Communication with Audit Committees), including without limitation, any difficulties encountered in the course of the work, any restriction on the scope of the independent registered public accounting firm’s activities or on access to requested information and any significant disagreements with management.

    Action on behalf of national bank subsidiaries

  1. The Committee has full and complete authority to act for and on behalf of the Firm’s national bank subsidiaries (the “Banks”) in the exercise of the Audit Committee responsibilities of the Banks, pursuant to authority granted to the Committee by the By-laws of the Banks and by the Board of Directors of JPMorgan Chase & Co. In furtherance of such responsibilities, the Committee has a duty to seek to preserve the safety and soundness of the Banks and exercises its oversight of Banks’ Audit Committee matters with the understanding that the Banks’ interests are not to be subordinated to the interests of the parent holding company in a way as to jeopardize the safety and soundness of the Banks.

    Charter Review

  1. The Audit Committee shall review, at least annually, the committee’s charter and recommend any proposed changes to the Board for approval. The Audit Committee shall conduct, and report to the Board the results of, an annual performance evaluation of the Audit Committee, which evaluation shall compare the performance of the Audit Committee with the requirements of this charter.

    Effective March 2015

​Five 2015 Headlines That Had High Implications for Internal Auditing​

In my mind, 2015 will be remembered primarily as the year of the corporate culture-induced scandals.

Sourced through Scoop.it from: iaonline.theiia.org

Dave Tate, Esq. comment. Regarding Richard’s point number 3, “Regulators Increasingly See Internal Audit as Their ‘Boots on the Ground,’ the audit committee also should consider internal audit (IA) as one of its boots on the ground to help the audit committee members satisfy their oversight responsibilities. That’s the way that I view it.

Risk Reporting to the Board

Risk reports should address how risk relates to achieving objectives, rather than just looking at it as a single point whose axes are impact and likelihood.

Sourced through Scoop.it from: iaonline.theiia.org

Dave Tate comment (CPA (California, inactive) and Attorney. These discussions are worthwhile. Risk management (surprise management) definitely is here to stay, and is a worthwhile activity for all industries and businesses, including public companies, private companies, nonprofits, governmental entities, banks/financial institutions, etc. Some industries and businesses are required to perform risk assessment. But, really, there is no set or recognized approach or process. For the board, I would like to see at least a quarterly report and discussion, but obviously more often if legally required or if the board requests. I have posted other discussions about risk management on this blog, and also in Tate’s Excellent Audit Committee Guide (updated October 2015, 172 pages) which you can also find posted on my blog. Thanks.

Audit Committees – Setting Up An Internal Audit Function – From The IIA, With Comments

I have attached below a link to this discussion by the Institute of Internal Auditors. This is a worthwhile discussion for key areas, although broad and lacking in specifics. I’m not being critical in that comment – this is a detailed and time intensive endeavor. I will say that as an audit committee member I would have more involvement in the process than these points indicate. As an audit committee member I want to be sure that internal audit is very helpful to me in accomplishing my oversight responsibilities. And that approach is in keeping with director and audit committee member responsibilities and the business judgment rule, and is beneficial to everyone including the shareholders, the audit committee, the board, the executive offers, internal audit, the external auditor, and others. Click on the following link for the IIA discussion – CLICK HERE

Dave Tate, CPA (California, inactive), Attorney, San Francisco and California
Tate’s Excellent Audit Committee Guide (updated October 2015) https://auditcommitteeupdate.files.wordpress.com/2015/10/tates-excellent-audit-committee-guide-10242015.pdf