Audit committees have long been the mandated nexus of corporate financial reporting, internal controls, and risk management. Even though these committees face a full slate of topical oversight and compliance – financial, internal audit, AI, cyber, ESG, Sustainability, DEI – 2025 has also brought forward a new suite of risks. Namely, trade and tariffs, supply chain resilience, and geopolitical conflict. With so much responsibility across a broad spectrum of issues, have audit committees become the “kitchen sink” of corporate boards?
Key takeaways:
- The scope of audit committees has rapidly burgeoned over the past five years, with the likes of cyber, ESG and climate, AI, and whistleblower protections being added
- Under the second Trump administration, global trade policy upheaval and simmering geopolitical tensions bring new supply chain resilience, tariff and sanction compliance, and geopolitical risks to the fore for audit committees to manage
- Audit committee members at large multinationals will spend on average 250 hours per year fulfilling their duties – signaling room to review the committee’s scope, composition, process, tools, and overall efficacy
- To improve effectiveness, boards will have to consider the scoping across committees as well as increased training for audit committee members
Over the past decade, the audit committee has evolved from a traditional financial gatekeeper to a multidisciplinary oversight body with a mandate that increasingly touches risk, technology, ESG, and compliance. According to PwC’s 2024 Governance Insights Center, 78% of audit committee chairs now say their responsibilities have “significantly increased” over the past five years.
Key drivers have included regulatory changes, stakeholder pressure and activism, technological innovation, and globalization. With the rise in populism in 2025 and additional political upheaval in 2025, geopolitical tensions, conflict, trade wars, export bans, and regulatory shifts pose a new layer of challenges and potential threats to the Audit Committee.
| Expanded area | Key drivers | Typical responsibilities added |
|---|---|---|
| Cybersecurity | Breach incidents, SEC cybersecurity disclosure rule | Oversight of risk posture, threat response, cyber audits |
| ESG & Climate disclosures | EU CSRD, California Climate Bills | Review of ESG reporting frameworks, greenwashing risk, materiality, climate risk, compliance, assurance |
| AI & Technology Risks | AI adoption, algorithm bias, internal controls on automation | Review of controls over AI-driven finance and reporting tools |
| Whistleblower protections | SEC bounty program, cultural transparency | Oversight of hotline mechanisms and retaliation policies |
| Audit quality and independence | PCAOB enforcement, investor concerns | In-depth audit firm performance review, rotation considerations |
| Political risk | Geopolitical tensions and operating risks, sanctions | Oversight of vendor due diligence, business continuity plans, government affairs strategy |
| Third-party risk and compliance | Global supply chain complexity, traceability, and transparency | Oversight of vendor due diligence, ethics and compliance |
Audit committees provide tariff oversight
The reimplementation and expansion of tariffs under President Trump’s 2025 trade agenda, –especially targeting Chinese goods, European metals, Mexican agriculture, and EV components—has significantly altered the risk landscape for U.S. multinationals. These changes are driving audit committees to expand their scope (yet again) to monitor tariff compliance and disclosures, and integrate global trade exposure into their core financial and risk oversight responsibilities.
The implications for audit committees are numerous:
- Verify tariff-related financial disclosures
- Scrutinize supply chain restructuring, sourcing decisions, and cost pass-throughs
- Monitor contingent liabilities, transfer pricing, and duty drawbacks
- Face exposure to regulatory penalties if misstatements, evasion, or misclassification occur
- Review whether tariff implications are properly quantified in MD&A and earnings guidance
- Ensure consistent classification of costs as COGS, capitalized inventory, or exceptional items
- Verify compliance with customs regulations, rules of origin, and harmonized tariff codes
- Assess exposure to critical minerals in value chain and human rights, supply chain transparency risks
- Monitor vendor practices to ensure no evasion of tariffs through trans-shipment
- Assess financial exposure to retaliatory tariffs (e.g., on U.S. soy beans, bourbon, cars)
- Monitor export controls, sanctions, and dual-use technologies in trade disputes
- Ensure internal controls over import/export documentation are SOX-compliant
- Review controls related to duty drawback programs, tariff engineering, and financial hedging
- Oversee cybersecurity protections on ERP and customs systems that manage trade flows and classify goods
- Prevent manipulation of tariff-relevant data (e.g., country-of-origin declarations
How are U.S. multinationals evolving their audit committee responsibilities?
- Proctor & Gamble. Audit committee is actively engaged in reviewing how tariffs on packaging materials (e.g., resins, aluminum) affect cost structures and pricing strategies. They have added tariff exposure tables to internal audit risk dashboards
- General Motors. GM’s audit committee has expanded its internal audit focus to include third-party reviews of suppliers’ compliance with U.S. and Mexican origin requirements under USMCA, especially around EV battery sourcing
- Caterpillar. The audit committee oversees a new geopolitical risk register tied to tariffs, foreign sale disclosures, and segment reporting vulnerabilities from China and Brazil
- Tyson Foods. After tariffs on poultry and grain imports tightened margins, Tyson’s audit committee approved expanded internal audit testing on sourcing decisions and customs classifications for export-bound goods
- Ford. The audit committee added cybersecurity audit checkpoints to its SAP-based trade management system to guard against data integrity breaches tied to tariff compliance
What technical skills will corporate boards need in 2025?
According to X research, corporate boards will be focused on adding critical international, AI, and environmental expertise to their boards. This is a direct outgrowth of the growing demands of all corporate boards, and especially audit committees.
Actions boards can take:
- Refresh the committee charter annually. Ensure that the audit committee charter reflects new responsibilities (e.g., AI, ESG, cyber, third party)
- Adopt a structured annual calendar. Integrate non-financial topics across the year, not episodically
- Ensure cross-committee collaboration. Hold joint sessions with Risk, Tech, ESG, DEI committees on a recurring basis to address qualitative and quantitative information, cross-functional risks, and regulatory shifts
- Rotate audit firms or evaluate audit quality regularly. Consider PCAOB inspection reports, independence, and innovation
- Use audit committee dashboards. Incorporate real-time data on risk, fraud reports, compliance trends, geopolitical risks
- Create tariff exposure dashboard. Monitor total cost impact, origin risk, and retaliatory vulnerability
- Track global regulatory developments. Monitor EU rules (e.g., the Simplification Agenda), anti-corruption regimes, and cross-border enforcement trends
- Anticipate increased time commitment. Be prepared for increasing time demands – average now exceeds 250 hours/year for large-cap audit committee members
- Seek out training. To ensure financial literacy and fluency in ESG, cyber, AI, and tariff policy, board members will have to stay current on many frameworks, regulations, standards, and more
Questions for the boardroom:
- How has the audit committee’s scope changed over the past 5-10 years, and how are we documenting those changes in the charter?
- How do we evaluate whether the audit committee’s oversight has materially improved risk detection or disclosure quality?
- Are the responsibilities clearly delineated between the audit committee and other committees (e.g., Risk, Sustainability, Technology, etc.)?
- How often does the audit committee receive regular briefings on emerging threats and topics – cyber, AI, ESG, Climate, sanctions exposure, and now, tariff and trade? Geopolitical tensions?
- How does the audit committee, if at all, provide oversight in reviewing supply chain and geopolitical risk frameworks that may impact audit integrity or financial disclosures?
- Have audit committee members completed recent continuing education on topics like cyber, ESG, AI, trade, geopolitical conflict?
- How confident are we that the audit committee’s expanding workload is not leading to “audit fatigue” or governance dilution?
Additional Telesto resources:
- Board Series: Know Your Supplier – Diversification risks amidst escalating trade wars
- Board series: How can companies stay ahead of Political Risk under Trump 2.0?
- Board series: The CEO confidence gap – How can boards step up in a context of global uncertainty?
- Atlas, equips your organization’s corporate directors and leaders with the insights and knowledge necessary to stay up to date, mitigate risks, and seize business opportunities associated with sustainability, climate, and ESG
- Prism, our ESG benchmarking tool, helps your organization to rapidly strengthen its sustainability, climate, and ESG performance and disclosures through in-depth benchmarking of industry peers and identification of gaps and areas of distinction
- Recently released by Telesto Strategy’s CEO & Founder, Alex Kruzel, The Courage to Continue: Stay the Course on Sustainability to Secure our Future, explores the connection between corporate priorities and President Trump’s national security agenda
If your audit committee’s scope keeps expanding and you’re thinking it might be time for a reset, we’d be happy to share what we’re seeing
RELATED ARTICLES
