Insight
Many audit committees are taking a closer look at their interactions with management’s disclosure committee, including their understanding of its operations—particularly how controls and procedures are updated in light of changing and expanding disclosure requirements.
The Securities and Exchange Commission (SEC) continues to scrutinize management’s discussion and analysis (MD&A) disclosures for quality and compliance with Item 303 of Regulation S-K. Key areas of focus also include risk factors, cybersecurity risk, and non-GAAP financial measures. At the same time, companies face pressure from regulators and stakeholders to enhance disclosures on topics such as strategy, board composition, auditor oversight, and compensation. The preparation of these disclosures and the MD&A generally—not to mention the pay ratio disclosures to be reported by calendar year companies in 2018—is a complex and time-consuming undertaking, with management’s disclosure committee playing a key role.
Given this critical role, many audit committees are taking a closer look at their interactions with management’s disclosure committee, including their understanding of its operations—particularly how controls and procedures are updated in light of changing and expanding disclosure requirements.
Download PDF
As recommended by the SEC, most public companies have management disclosure committees tasked with considering the materiality of information and determining the company’s disclosure obligations on a timely basis. These committees, comprised of company officers and senior managers, typically report to the CFO or CEO and play a key role in maintaining the company’s disclosure controls and procedures and in preparing disclosures contained in the company’s SEC filings.
The fundamental challenge for audit committees is to help ensure that the company has the necessary procedures so that, as noted by the SEC, “important information flows to the appropriate collection and disclosure points in a timely manner,” and the company’s principal executives can provide accurate and complete information to security holders. That challenge can be made more difficult by complex organizational structures and global operations. To address these issues, consider the following:
Understand the role of the disclosure committee. How and from whom does the committee obtain the information it uses? How is the information analyzed and verified for accuracy? The specific procedures and controls required will vary based on the company’s structure and complexity. Questions audit committees may ask include:
- Do members of the disclosure committee understand the company’s disclosure obligations, i.e., the types of information that are required to be disclosed and materiality thresholds?
- Has the company identified and trained personnel in each business unit who are responsible for providing relevant information to the disclosure committee? Do they understand the types of information that may need to be disclosed?
- Has the company identified the significant risks facing the enterprise, as well as other likely disclosure topics, and executives to monitor and provide information regarding matters that may need to be disclosed?
- Does the disclosure committee have written processes for the collection, retention, and handling of information that may need to be disclosed? Are they regularly updated in light of changing and expanding disclosure requirements?
- How do the company’s disclosures compare with those of industry peers in areas such as critical accounting policies, judgments, and estimates; risk factors; and non-GAAP financial measures?
Review the disclosure committee’s practices for apprising the CEO and CFO of its activities. Given the CEO’s and CFO’s ultimate responsibility for the company’s disclosure controls and procedures, it is essential that they set the tone. The CEO and CFO should meet regularly with key members of the disclosure committee to enable them to assess the committee’s comfort with the proposed disclosures and to review the committee’s work in preparation for the quarterly certifications of the company’s disclosure controls and procedures.
Assess the audit committee’s level of interaction with the disclosure committee. Many audit committees request periodic—often quarterly—reports from the disclosure committee, and some audit committee chairs occasionally attend disclosure committee meetings. The goal of these interactions is for the audit committee to understand how the disclosure committee operates and the rigor of its processes, the issues the committee deliberates, and to probe any close calls.