Site Search

Menu

Capabilities

Menu

Cybersecurity, Risk and Regulatory

Loading Results

2024 Q1 Audit committee newsletter: Prepare for your next meeting

Overview

Audit committees have a critical oversight responsibility and committee members must stay up to date about changing regulations, reporting guidelines and dynamic expectations. Our quarterly audit committee special edition offers potential topics for inclusion in your upcoming audit committee meeting.

Each quarter we provide highlights of trending financial reporting topics, emerging regulatory and standard setting matters, and updates on current governance topics. We also provide useful links that direct you to more information.

As you perform your oversight responsibilities and plan your next audit committee meeting agenda, check in each quarter for our updated summary.

Playback of this video is not currently available
2:22

Newsletter video preview

Financial reporting

1. SEC issues landmark climate disclosure rules

What the audit committee needs to know   

On March 6, the SEC adopted final rules designed to enhance public company disclosures related to the risks and impacts of climate-related matters. The new rules include disclosures relating to climate-related risks and risk management as well as the board’s and management’s governance of them. In addition, the rules include requirements to disclose the financial effects of severe weather events and other natural conditions in the audited financial statements. Larger registrants will also be required to disclose information about greenhouse gas emissions, which will be subject to a phased-in assurance requirement.

[The rules will] “provide investors with consistent, comparable, and decision-useful information, and issuers with clear reporting requirements.”

- SEC Chair Gary Gensler Source: SEC, “SEC Adopts Rules to Enhance and Standardize Climate-Related Disclosures for Investors,” March 6, 2024.

The final rules differ in several respects from the initial proposal, most significantly in changes to the financial statement footnote disclosures as well as reductions to the scope of and number of registrants subject to the greenhouse gas emission disclosures.  

The new rules call for a dramatic change in the nature and extent of disclosures companies are required to make about the impact of climate change. The gathering and reporting of these incremental disclosures may require significant changes to a registrant’s systems, processes, and controls and effective adoption will require cross-functional coordination among finance, financial reporting, legal, investor relations and others.  

The earliest effective dates start with reporting on 2025 information in 2026. Initial compliance dates are based on the year the registrant’s fiscal year begins (FYB) and vary depending on the provisions and type of filer:

1 As used in this chart, “FYB” refers to any fiscal year beginning in the calendar year listed. For example, a calendar year-end domestic large accelerated filer would begin including disclosures in its December 31, 2025 Form 10-K. Information for prior periods is only required to the extent it was previously disclosed in an SEC filing.  

2 There are three specific Regulation S-K disclosures (Item 1502(d)(2), Item 1502(e)(2), and Item 1504(c)(2)) related to the qualitative and quantitative impact of material expenditures incurred and material impacts on certain financial estimates and assumptions for which the effective date is one year later than listed in this table. 

On March 15, the US Court of Appeals for the Fifth Circuit temporarily stayed the rules; however, next steps, including the timing and location of a potential hearing, are unclear.

Why is it relevant to the audit committee? 

The audit committee will want to understand how management is preparing for the disclosure requirements, including what processes and controls may need to be put in place, how management plans to obtain assurance that such processes and controls are operating as designed, and whether there are plans to increase the company’s climate-risk expertise. The audit committee will also want to understand management’s plans and preparations for the related assurance requirements.

Also, to highlight, the Corporate Sustainability Reporting Directive (CSRD) explicitly puts audit committees of reporting entities on the spot regarding sustainability reporting. To read more about the audit committee’s responsibilities, read our latest piece: The audit committee has specific responsibilities under the EU’s CSRD. Audit committees should also be aware of other developments in sustainability reporting by the CSRD and the International Sustainability Standards Board. There have also been legal challenges to California’s climate disclosure bills. For more information on these updates see The quarter close – First quarter 2024.

What questions should the audit committee ask? 

  • Has management performed a gap analysis to identify where investment is needed to meet the new requirements (considering the other disclosure requirements the company is subject to globally)?
  • How does management assess climate-related risks and opportunities?
  • What processes are in place to produce accurate and reliable climate-related data?
  • What processes, controls and resources do management have or will access to address the disclosure and assurance rules?
  • What other steps are being taken by management to support compliance with the new rules?
  • How is management staying abreast of information related to the legal challenges of the rules and how it may impact the company’s disclosure strategy?
  • What changes are management considering with respect to its disclosure committee to confirm it has the necessary expertise to evaluate the new disclosures?
  • What is management’s process for engaging with stakeholders on climate-related matters?

Where to go for more information: 

PwC: What boards need to know about the SEC’s climate-related disclosure rules
PwC: Navigating the SEC climate-related disclosure requirements
PwC: Sustainability and ESG oversight: the corporate director’s guide
SEC: Disclosures: Final Rules

2. Discontinued operations: Revisiting the presentation and reporting requirements

What the audit committee needs to know

Companies re-evaluating their portfolios of businesses in the current economic environment may consider disposing of businesses or long-lived assets by sale, abandonment, spinoff or otherwise. Disposal of a component, entity or group of components is reported as discontinued operations if it represents a strategic shift that has (or will have) a major effect on the entity’s operations and financial results. When the criteria are met, presentation as discontinued operations is required for all periods presented.  

Why is it relevant to the audit committee?

As part of its oversight responsibilities, the audit committee will want to understand presentation and reporting requirements for discontinued operations to confirm compliance with accounting standards, provide transparency in financial reporting and support accuracy in assessing the company’s financial performance. This understanding helps the audit committee properly evaluate the treatment of discontinued operations in the financial statements, which can impact investors’ decisions and impact overall trust in the company.   

What questions should the audit committee ask?

  • What is management's process for evaluating considerations in the disposal of a business or long-lived asset (e.g., strategic fit, value of asset or business, legal, regulatory)?
  • How has management evaluated whether a disposal would meet the requirements of reporting as a discontinued operation?
  • How has management ensured that all assets and liabilities related to the disposed business or asset have been captured in the company’s reporting?

 Where to go for more information:

PwC: US Financial statement presentation guide (Chapter 27: Discontinued operations)
PwC: Presenting discontinued operations (podcast)

3. Pillar Two legislation becomes effective in several jurisdictions

What the audit committee needs to know

The Pillar Two Model Rules released by the Organisation for Economic Co-operation and Development (OECD) established a global framework of minimum taxation. In several jurisdictions around the world, aspects of Pillar Two legislation became effective for tax years beginning in January 2024.  

The objective of the Pillar Two model is that companies pay a minimum of 15% tax in each jurisdiction where they operate. The Pillar Two model is based on a company’s financial statement results (book income) by jurisdiction and before intra-group eliminations, with certain modifications. Pillar Two taxes are based on a comparison between a calculated jurisdictional effective tax rate (ETR) and the 15% minimum tax.

The complexity of a global minimum tax based on book income should not be underestimated. Many factors, such as book income adjustments, may result in ETRs below 15% despite the statutory rate exceeding 15%. Accordingly, companies will need to assess their potential exposure to Pillar Two even if they operate entirely in jurisdictions with statutory rates greater than 15%. Also, due to the jurisdictional nature of Pillar Two, companies operating in jurisdictions with a low ETR may be subject to Pillar Two taxes, regardless of the presence of other jurisdictions with high-taxed earnings.

Legislation to enact Pillar Two in the US is unlikely in the near term, but US companies with operations in countries that have enacted Pillar Two will be subject to its requirements. There are no incremental Pillar Two disclosures specifically required for US GAAP reporters. However, certain existing disclosures will be affected, such as the ETR reconciliation and uncertain tax position disclosures. An SEC registrant’s MD&A will also likely be impacted if it is impacted by Pillar Two (e.g., effect on ETR, cash flows). Companies should provide transparent disclosures to address their ongoing evaluation of the impact of Pillar Two.

Why is it relevant to the audit committee?

The audit committee will want to understand the company’s international tax structure and how the Pillar Two requirements could affect it. While Pillar Two requirements may not be effective in the US, several key stakeholder groups within multinational organizations, including accounting and finance teams, may be impacted. Companies may also need to modify existing governance, systems, processes and controls.    

What questions should the audit committee ask?  

  • How has management considered the impacts of the company’s international tax structure considering implementation of tax rules globally?
  • How has management considered the need for additional resources to support internal teams impacted by global tax changes?
  • How has management considered the adequacy of the finance and tax teams’ current technology to support the company’s data needs as tax laws evolve?

 Where to go for more information:

PwC: Pillar Two Guide for US Multinational Enterprises
PwC: OECD Pillar Two: Time to act on the global minimum tax
PwC: Global taxation: More than an idea - what it means for you now
PwC: OECD Pillar Two country tracker

4. SEC updates rules for special purpose acquisition company (SPAC) filings

What the audit committee needs to know

In January 2024, the SEC adopted final rules related to filing and disclosure requirements for SPAC initial public offerings (IPOs), as well as the subsequent merger between a SPAC and private operating company (de-SPAC). The rules aim to enhance investor protection by requiring additional disclosure and aligning reporting requirements with traditional IPOs.

The final rules require additional disclosure in SPAC IPOs related to the SPAC sponsors, affiliates and promoters, including compensation that has been or will be awarded on completion of a de-SPAC transaction, terms of lock-up agreements, conflicts of interest and potential sources of dilution. Similarly, new required disclosures in regulatory filings for the de-SPAC transaction include the compensation received or to be received by the SPAC sponsor, its affiliates and promoters; tabular presentation of the nature and amounts of each source of potential dilution; and conflicts of interest. The rules also more closely align the financial statement requirements for a de-SPAC transaction with those of a traditional IPO and expand existing rules regarding the use of projections for all reporting entities.  

The final rules will become effective on July 1, 2024. Certain information must be tagged using inline XBRL in filings made on or after June 30, 2025

Why is it relevant to the audit committee?

As part of its oversight role, the audit committee should understand management’s plan for complying with the new disclosure reporting requirements, if applicable.

What questions should the audit committee ask?   

  • If applicable, what measures are being taken to educate relevant personnel about the new rules?
  • What mechanisms are in place to monitor compliance with the new rules?
  • What is management’s process for monitoring new and emerging SEC rules that may be applicable to the company?

Where to go for more information:

PwC: SEC updates rules for SPAC filings

The audit committee may want to consider discussing the above topics with management to understand how they are being addressed. For an in-depth discussion and more insights on these topics, see PwC’s The quarter close – First quarter 2024.

Other topics

5. Audit committee members identify key areas of focus for 2024

What the audit committee needs to know

During Q1, PwC held peer exchanges among audit committee members who collectively identified and discussed the following high priority matters (not ranked by priority):

  • Artificial intelligence (AI) – Increasing directors’ knowledge of AI and generative AI; the audit committee's role in overseeing AI; managing AI risks; understanding the opportunities and costs of AI; understanding AI governance
  • Board continuing education  – Leading practices for board member education, especially relating to newer areas of focus (e.g., cybersecurity); strategies for keeping committee members abreast of emerging topics; navigating complex topics and risks
  • Non-GAAP metrics  – SEC comment letter trends; collaboration with other committees; potential areas for enhanced audit committee scrutiny (e.g., press releases); non-GAAP policies
  • Audit committee effectiveness  – Tools and tips to gain efficiency; strategies for evolving the governance culture; setting the annual agenda
  • ESG oversight  – Determining the audit committee’s role and oversight responsibilities given evolving stakeholder expectations; impending and emerging rules and regulations
  • Cybersecurity oversight  – Collaboration with other committees; strategies for obtaining/accessing expertise; effective management reporting to the audit committee; incorporating tabletop exercises that include director participation
  • Risk oversight/enterprise risk management (ERM)  – Considering appropriate risk oversight allocation among the board and committees; the audit committee’s role relating to ERM
  • Talent management – Understanding the audit committee’s role in contributing to talent management oversight
  • External auditor oversight – Establishing open lines of communication; setting clear expectations for the conduct of the audit; regularly assessing the external auditor’s performance

Why is it relevant to the audit committee?

Peer exchanges are a great way for audit committee members to network with colleagues, dialogue about common matters, and benchmark leading practices. We will be hosting additional audit committee peer exchanges in the coming months. Please email us if you are interested in participating in a peer exchange, and additional information will be shared with you when available.

What questions should the audit committee ask?

  • What is the overall AI strategy, and which AI uses or policies could impact financial reporting and/or underlying processes and controls?
  • What are management’s plans to keep the audit committee apprised of AI’s growing capabilities and planned uses within the company?
  • What is management’s plan to train and upskill employees on using AI and understanding its risks and opportunities?
  • How is management preparing for enhanced disclosure of climate-related matters in response to emerging laws and regulations?
  • How does the company collect ESG/sustainability information, what controls are in place to support information that is reliable and complete, and what policies and procedures are in place to keep the audit committee updated?
  • What protocols and processes can be implemented to enhance overall audit committee effectiveness?
  • How are key risk indicators defined, measured and monitored, and who has accountability for such within management?

Where to go for more information:

PwC: The power of AI and generative AI: what boards should know
PwC: Audit committee oversight checklist
PwC: Audit committee effectiveness: practical tips for the chair
PwC: Non-GAAP measures: the role of the audit committee
PwC: Sustainability and ESG oversight: the corporate director’s guide

6. Enhancing effectiveness through agenda planning

What the audit committee needs to know

With the audit committee’s agenda continuing to expand along with its responsibilities, re-evaluating the annual calendar may offer the audit committee an opportunity to enhance efficiency. Periodically revisiting some of the fundamental elements of the audit committee’s annual calendar can help confirm that it is functioning as efficiently as possible, while making sure enough time and priority are devoted to the committee’s most pressing responsibilities and emerging matters. It can also be an opportunity for the audit committee to confirm that responsibilities assigned to it are still appropriate given its capacity and competencies.  

Reviewing the annual calendar early in the year allows the time and flexibility to adjust agendas and timing for standing/recurring items. It can also be helpful in determining when special topics and “deep dives” from management and/or outside specialists on matters like cybersecurity education, IT transformation projects, climate risks, ERM, regulatory updates and other high priority areas should be on the agenda.   

Why is it relevant to the audit committee?

Flushing out when critical topics will be discussed, prioritizing them on the agenda and establishing a cadence for updates over the year can be critical to the audit committee in meeting its charge effectively. Some leading practices for agenda planning review include:

  • Designate a management liaison – Designating a specific person (e.g., corporate secretary) to liaise with other members of management and coordinate changes to the agenda can be helpful in managing the agenda-setting process.
  • Comply with the charter – The charter is the audit committee’s commitment to shareholders and reflects its required responsibilities. Agenda planning needs to account for each item in the charter (as well as other responsibilities that may not be specifically described in the charter) and confirm appropriate time is allocated to each matter.
  • Plan the topics annually – Map out the agenda topics and time allotments, by meeting, for all scheduled meetings at the start of each year. An agenda planning tool can help chart and monitor meeting topics.
  • Confirm agenda topics before each meeting – A critical step is for the audit committee chair to touch base with other committee members, management and the external auditor before the agenda is distributed.

What questions should the audit committee ask?

  • Have all significant audit committee responsibilities in the charter been mapped to the annual meeting calendar?
  • Does the agenda reflect the prioritization of topics and level of risk associated with each matter?
  • Are the time allotments for topics/discussions appropriate?
  • Have all topics requiring a deep dive from management and/or outside specialists been identified and scheduled on the annual calendar?
  • Are meetings planned with the external auditor, independent of management, whether formal or informal?
  • Has adequate time been allotted for in-depth discussions of financial reporting and internal control matters with the external auditor?
  • Has time been dedicated to asking the external auditor probing questions to assess audit quality?

Where to go for more information:

PwC: Audit committee effectiveness: practical tips for the chair

7. Oversight of the external auditor and enhancing audit quality

What the audit committee needs to know

As Q1 ends, now is a good time for the audit committee to add focus to its interactions and communications with the external auditor. Given the volatile and complex business and economic landscape, the auditor’s planning and execution are likely to continue to evolve, which means audit committee oversight should evolve too. Effective oversight of the external auditor can help enhance the annual audit’s efficiency and overall audit quality. A high-quality audit can also help the company build trust with the capital markets and other stakeholders.

The audit committee’s role in supporting audit quality was emphasized by the SEC’s Chief Accountant Paul Munter in a statement on February 5. The statement highlighted SEC staff’s views on the importance of audit committees prioritizing and promoting audit quality through their interactions with the external auditor.

Why is it relevant to the audit committee?

The audit committee serves as a critical gatekeeper for the financial reporting process and therefore, investor protection. Increasing complexity, new and emerging rules and regulations, and high expectations from shareholders and other stakeholders mean external auditor oversight should consistently be a high priority for the audit committee. To meet this charge, the audit committee should build a strong working relationship with the external auditor, help protect auditor independence, go beyond required auditor communications and assess the auditor’s performance.

What questions should the audit committee ask?

  • How does the auditor confirm the engagement team has the appropriate industry expertise for the audit engagement?
  • How is the external auditor using technologies like data analytics, cloud services and AI to execute the company’s audit? What are the potential risks and benefits?
  • What kind of data visualizations and insights does the auditor provide to management to add value?
  • What new or emerging auditing standards could impact the company’s audit?
  • What changes can the audit committee make to enhance its processes for assessing the auditor’s performance?
  • What are the results of the auditor’s most recent PCAOB inspections and what actions has the firm taken in response to the findings?

Where to go for more information:

PwC: Overseeing the external auditors
PwC: Audit committee effectiveness: practical tips for the chair
PwC: 2023 Audit Quality Report

8. Institute of Internal Auditors (IIA) issues new global internal audit standards

What the audit committee needs to know

 In January, the IIA issued new Global Internal Audit Standards, which will take effect in January 2025. The Standards aim to help internal auditors define and fulfill their mandate and provide a framework of principles, requirements, considerations and examples for the professional practice on internal auditing globally. The Standards also call on the chief audit executive (CAE) to be more transparent with the board in its communications on areas such as its mandate, strategic plan, capabilities, budget and key performance metrics.

Why is it relevant to the audit committee?

Whether the internal audit function has historically conformed with the IIA’s Standards 
or not, the standards can support the audit committee in achieving broader internal audit impacts and can serve as a catalyst for strengthening internal audit’s effectiveness. The new Standards present an opportunity for the audit committee to confirm its expectations of the internal audit function and internal audit’s support of the audit committee’s risk oversight responsibilities. The audit committee may want to allocate time at a future meeting for the CAE to discuss the new Standards. The audit committee may also want to know how the CAE is considering any changes within the internal audit function and how the audit committee can support the CAE in adopting the Standards.

What questions should the audit committee ask?

  • What impact will the Standards have on the organization’s internal audit function?
  • How will adopting the Standards benefit the organization and the audit committee in meeting its responsibilities?
  • What are the main challenges or concerns with adopting the new Standards?
  • What resources or budget will be needed to implement the new Standards?
  • How will the CAE update the audit committee on progress and outcomes of adopting the new Standards?
  • What support does the CAE need from the audit committee to facilitate any potential changes?
  • What is internal audit’s process to make certain its efforts are spent in the areas driving the most value to the audit committee and the organization?

Where to go for more information:

PwC: A chance to reframe Internal Audit: the new Global Internal Audit Standards
IIA: Global Internal Audit Standards
PwC: Getting the most out of internal audit
PwC: Audit committee focus: thinking outside the box when leveraging internal audit

9. Recurring items for the audit committee agenda

Every audit committee meeting agenda should include these important items or, at least, they should be discussed at scheduled intervals:

  • Hotline complaints and code of conduct violations
  • Changes in the regulatory environment
  • Private and executive sessions
  • Related-party transactions
  • Internal and external audit plan reviews
  • Discussions with the CIO, CISO and GC as needed

Related content

Contact us

Maria Castañón Moats

Maria Castañón Moats

Leader, Governance Insights Center, PwC US

Linkedin Follow Email
Stephen G. Parker

Stephen G. Parker

Partner, Governance Insights Center, PwC US

Linkedin Follow Email
Tracey-Lee Brown

Tracey-Lee Brown

Director, Governance Insights Center, PwC US

Linkedin Follow Email
Gregory Johnson

Gregory Johnson

Director, Governance Insights Center, PwC US

Linkedin Follow Email
Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide
Trust solutions Consulting Tax services Newsroom Alumni US offices Contact us

© 2017 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.