ey brightly illuminated residential building

What audit committees are reporting to shareholders

Authors

9 minute read 13 Feb 2024
Related topics
EY Center for Board Matters

Disclosures about the vital work of public company audit committees continue to evolve.

In brief
  • Audit committees play an essential role in financial reporting, but disclosures about the committee’s important oversight role are often limited.
  • The percentage of companies providing audit committee-related disclosures has only changed slightly each year, but since 2012, we have seen notable increases.
  • Companies are expanding the descriptions of audit committee oversight and responsibilities, particularly related to cybersecurity and ESG matters.

For more than a decade, the EY Center for Board Matters has reviewed audit committee disclosures in the proxies of Fortune 100 companies to analyze their evolution. The type and scope of information has increased significantly since 2012, although the pace of change has slowed over the past several years.

How EY can help

Financial reporting is at the heart of the US public capital markets, providing critical information to investors so they can make informed decisions about where to place their money. Audit committees play a key role in supporting high-quality financial reporting, including overseeing the selection, performance and compensation of the external auditor.

 

Despite the importance of the audit committee’s role overseeing the audit, related disclosures often are limited. While an audit committee report must be included in the proxy, regulations and stock exchange listing rules require few specific disclosures about the audit and auditor. A number of companies provide voluntary disclosures regarding how audit committees exercise their audit oversight responsibilities, affording important information to investors about the reliability and quality of financial reporting. The voluntary disclosures have shifted over time due to investor interest, market and regulatory developments, and other factors.

 

 

What we saw in 2023

While the year-over-year change in the percentage of companies providing these voluntary disclosures is incremental, there has been a dramatic increase in disclosures in most categories since we began examining these disclosures in 2012. For example:

 

 

Expansion of audit committee role

Consistent with the trends of voluntary audit committee disclosures, we continue to see companies bolster their description of audit committee oversight and the roles and responsibilities of the committee – particularly relating to cybersecurity and environmental, social and governance (ESG) matters. This responds to increased investor interest in how boards are executing their oversight of these and other nonfinancial risks (e.g., how boards are assigning oversight responsibilities at the committee level, how directors are developing related competency).

 

The audit committee has emerged as the primary committee overseeing cybersecurity. Seventy-five percent of reviewed companies disclosed that the audit committee oversees cybersecurity matters. This percentage may be poised to change even further in the near future. Under Securities and Exchange Commission (SEC) finalized rules on cybersecurity, companies will need to disclose whether the entire board, specific members or a board committee is responsible for cybersecurity oversight.

 

Beyond cyber, more audit committees are overseeing other nonfinancial risks or nonfinancial disclosure controls and procedures. Notably, “ESG,” “environment,” “sustainability” and “climate” are terms now appearing in the descriptions of audit committee oversight responsibilities for 29% of reviewed companies, up from 11% in 2021.

 

 

Committee areas of focus

Leading companies are adding additional specificity by highlighting any changes to oversight activities and key focus areas for the audit committee for the previous year.

 

 

Growing number of financial experts

We continue to see an increase in audit committees with three or more financial experts (now 68%, up from 65% in 2021 and 51% in 2012). This could be indicative of the increasing complexity of risks that audit committees are dealing with, requiring more financial expertise.

 

 

Independence and performance of the auditor

The number of companies that disclosed factors used in the audit committee’s assessment of the external auditor’s qualifications and work quality increased to 71%, up from 68% in 2021. Only 15% of reviewed companies made that disclosure in 2012. Further, nearly 92% of companies disclosed that the audit committee considers non-audit fees and services when assessing auditor independence, vs. just 23% in 2012.

 

 

Critical audit matters

We specifically tracked whether any of the audit committee disclosures this year referenced critical audit matters. We noted that 28% of companies made references to the audit committee’s discussion of critical audit matters with the external auditors, up from 20% in 2021.

 

 

Auditor ratification support

In terms of voting results for proposals to ratify the auditor, support levels remain significant. In 2023, the average support was 98% for S&P 1500 companies, which is in line with recent years. Less than 1% of the auditor ratification proposals voted on in 2023 received less than 90%.

 

 

A look at audit committees over time

Audit committee composition data – S&P 500 companies

Audit committee attribute

2023

2019

2015

Size

4.3

4.2

4.2

Meetings per year

8.1

8.5

8.8

Age

63.6

63.0

63.6

Years served on board

7.2

7.7

8.2

% of designated financial experts

68%

64%

58%

% of female committee members

39%

30%

23%

Trends in audit committee disclosures

Percentages based on total disclosures for audit committees each year. Data based on the 75 companies on the 2023 Fortune 100 list that filed proxy statements each year from 2012 to 2023.


Download the PDF to see disclosure observations and sample language from 2023 Fortune 100 proxy statements

PDF (1 MB)

Questions for the audit committee to consider

  • Does the company’s proxy statement effectively communicate how the audit committee is overseeing and engaging with the independent auditor? Does it address areas of investor interest, such as the independence and performance of the auditor and the audit committee’s key areas of focus?
  • How has the role of the audit committee evolved in recent years (e.g., oversight of enterprise risk management, cybersecurity risk), and to what extent are these changes being communicated to stakeholders?
  • In light of the changing environment, what additional voluntary disclosures might be useful to shareholders related to the audit committee’s time spent on certain activities, such as cybersecurity, data privacy, business continuity, corporate culture, and financial statement reporting developments?
  • Has the audit committee considered how changes in the auditor reporting requirements may impact audit committee disclosures?
  • How do director qualifications and board composition-related disclosures highlight the diversity considerations, expertise, experience and backgrounds of audit committee members?

Download Audit committee reporting to shareholders in 2021 [PDF]

PDF (3 MB)

Summary 

A company’s proxy must include an audit committee report, but regulations and stock exchange listing rules require only a few specific disclosures. Some companies provide voluntary disclosures, which can provide important information to investors about the reliability and quality of financial reporting. The EY Center for Board Matters has been reviewing audit committee-related disclosures in the proxies of Fortune 100 companies for more than 10 years and finds that while the type and scope of information has increased significantly since 2012, the pace of change has slowed in recent years.

About this article

Authors

Related topics
EY Center for Board Matters

Related articles

What directors need to know about the 2024 proxy season

Get a preview of the 2024 proxy season and learn what investors are prioritizing around talent, director accountability, ESG, engagement topics, and more.

Jamie Smith

Eight AI-related US policy issues for boards and management to consider

As the use of AI evolves, boards and the C-suite should consider these key AI-related issues attracting US policymaker attention.

Bridget Neill + 1

Americas board priorities 2024

Find out what board members in the Americas consider to be top priorities for 2024.

Barton Edgerton + 1

    EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.