10 Best Practices for Audit Committee Members

6-28-13_Naomi_Article.pngServing on the audit committee can be one of the toughest jobs on the board, which is why audit committee members often are paid more than what members of other committees receive. Audit committee members have more duties than ever before, thanks to heightened regulatory scrutiny that banks have received in recent years, and are under more pressure than ever to get it right.

Sal Inserra, a partner at accounting and advisory firm Crowe Horwath LLP, spoke at Bank Director’s Bank Audit Committee Conference in Chicago recently, and laid out some of the qualities of highly functioning audit committee members. This is not his list, but was created based on his talk.

  1. Be a skeptic.
    “If you notice inconsistencies, ask the question,’’ Inserra said. “It’s not necessarily wrong. You are just trying to find out.”
  2. Understand your business.
    If you enter a new business line, you must understand that new line of business. Trust departments present banks with a minefield of compliance issues, for example.
  3. Meet with regulators.
    Examiners are more likely now to have a discussion with board members than years past. Regulators are interested in learning about the audit committee’s understanding of the risks in the organization. Attend some meetings with examiners to get a flavor for the bank’s relationship with its regulators and to prepare you for any problems ahead of time.
  4. Support the internal audit department and its findings.
    Make sure the department is adequately funded and staffed. “I have seen way too many situations where internal audit was not a functional unit of the bank because no one respected them,’’ Inserra said. The internal audit chief should report directly to the audit committee chairman.
  5. Look for red flags.
    Red flags include when management delivers the audit committee book without sufficient time for members to digest it before the audit committee meetings. Other red flags include problematic findings that remain unaddressed between audits.
  6. Take control of the audit committee meetings.
    Don’t let management control the meeting agenda by burying you under a mountain of detail. It’s your meeting. Put the priorities at the beginning of the meeting, instead of starting with the easiest things. Get summaries of reports with the most important points highlighted. Who can read a 600 page audit in two nights?
  7. Make sure every member is contributing.
    Three to six people should serve on the audit committee. If it’s politically problematic to remove someone who is no longer contributing, add people you do need on the audit committee.
  8. Hold management accountable.
    Actively monitor management’s action plans. If remediation plans aren’t followed or completed on time, why not?
  9. Communicate with internal and external auditors.
    Be proactive. Have executive sessions with members of the internal auditing staff on a regular basis, as well as with external auditors.
  10. Improve the committee’s knowledge of technology by recruiting an IT expert to be a member, or hire a consultant to advise the board.
    If you are getting third party reports on your bank’s information security you don’t fully understand, then you need help.

Of course, there are many more aspects of being a great audit committee member. This is just a small sample. But at a time when audit committees have an increasing amount of responsibilities, it is important that the audit committee performs at the top of its game.