The Audit Committee’s Evolution: Now on the Front Lines of ESG

A look back at the emergence of the Audit Committee
The emergence of the Audit Committee has catalyzed improvement of disclosure to public securityholders under US federal securities laws. Beginning in the 1970s, the Securities and Exchange Commission (SEC) recommended that publicly traded corporations create an audit committee, and in 1977, the New York Stock Exchange began to require that all listed companies have an audit committee with independent directors. These developments reflected the growing recognition that disclosure mandates, whether under the securities laws themselves or as part of the companies’ obligations under the listing agreement, were not sufficient to fully protect securityholders from management failings. The integrity of financial information was identified as especially salient.

As is well understood, Sarbanes Oxley (SOX) of 2002 legally required that every company listed on a national securities exchange or traded on a national securities association such as NASDAQ have an audit committee. Accordingly, the audit committee has established the accounting and financial reporting processes and audits of its financial statements and related work. To ensure good governance, it must be overseen by independent directors. Furthermore, SOX mandates that an audit committee include a “financial expert” as committees without the necessary accounting and financial expertise would not be able to carry out their essential functions.

The rise of Corporate Sustainability and ESG
Similar to SOX, the rise of Corporate Sustainability and ESG poses new challenges and structural considerations in risk management and disclosing of investor-grade data. In 2020, the US Government Accountability Office (GAO) published a report on public companies’ disclosure of ESG factors and options to enhance them. The GAO undertook the study because it found investors are increasingly asking public companies to disclose information on ESG factors to help them understand risks to the company’s financial performance and other issues, such as the impact of the company’s business on communities. Securityholders seek information about Sustainability factors and their management in order to, among other things, make investment and divestment decisions regarding portfolio composition, protect their long-term investments through monitoring management of Sustainability and ESG risks, and inform voting decisions.

The GAO Report considers several options for governments and companies to address investor needs for additional ESG information:

1. Additional regulatory action – mainly issue-specific rulemaking by the SEC
2. Additional legislation
3. Additional stock exchange listing requirements
4. Sporadic private sector initiatives
   
   

The SEC’s Climate Rule will put additional oversight responsibilities on corporations
To date, the SEC has not adopted a set of comprehensive disclosure standards relating to ESG management and risks. Item 303 of Regulation S-K, Management’s Discussion and Analysis of Financial Condition and Results of Operations, has long required disclosure of matters that would impact future operations.

As the SEC finalizes its proposed rule to standardize climate-related disclosure, companies and investors must both prepare for a long-term change to corporate reporting. Attacks on the SEC’s proposed policy have done little to dampen investors’ demand for consistent and comparable sustainability information.

Europe’s stronger regulatory framework puts more pressure on US companies
The European landscape poses stark differences and has developed a much more mature set of Corporate Sustainability and ESG requirements. With the rise of the European Union’s Corporate Sustainability Reporting Directive (CSRD), this is critically important for US companies with significant European operations. As part of the European Green Deal adopted in December 2019, the European Commission took steps to review provisions of the nonfinancial reporting directives of the Commission and the European Parliament regarding Sustainability reporting and disclosure.

Under the CSRD all organizations listed in an EU-regulated market with 500 or more employees must start reporting in 2025 with data for the 2024 financial year. Other large companies will be required to do the same in subsequent years, followed by small and midsize enterprises.

The expectations and pressures rise for Audit Committees by the Audit Profession
With growing investor pressure for improved ESG disclosure and the impetus for the development of comprehensive Sustainability reporting standards along the line of comprehensive financial accounting standards, boards need to take decisive action to ensure careful oversight of the corporation’s management and disclosing of ESG risks. They need to ensure that the information is accurate and adequate. While the audit committee has traditionally focused on financial statement review and internal control issues, more recently it has become clear that the audit committee has an additionally crucial role to play in enterprise risk management.

The auditing profession supports this evolution. For example, the Deloitte Center for Board Effectiveness shares the following assessment of the role of the audit committee in overseeing ESG disclosures:

Although the audit committee’s key responsibility with respect to disclosures relates to financial reporting, it has an important role to play in the oversight of the company’s other disclosures. The role is increasingly played out in areas in which disclosure is not mandated by current SEC rules, including reporting on the company’s Environmental, Social, and Governance (ESG) activities . . . Audit committees will be on the “front line” in overseeing whether and the extent to which assurance can be provided as to ESG and other non-financial disclosures.

Similarly, PwC recently published a recommendation that the audit committee oversee whether the company’s ESG disclosures (both qualitative and quantitative) are investor grade and which ESG frameworks and/or standards the company is using. Furthermore, they recommend that the audit committee must oversee whether there are processes and controls in place to ensure the accuracy, comparability, and consistency of the ESG disclosures.

Two key responsibilities for the Audit Committee to take on
The specific responsibilities to be taken on by the audit committee will vary across companies and will be dependent on its industry, the board’s assessment of the importance of ESG issues, whether other board committees have primary or additional responsibility for ESG risks, etc. Regardless, two themes should be prominent in the assignment of responsibility by the board of directors to the audit committee:

1. ESG Risk Management. The committee needs to review the steps taken by management to identify and manage Sustainability risks that are material to understanding the company’s financial disclosures to securityholders and to assess the adequacy of these efforts
2. ESG Disclosures. The committee needs to inventory and understand the specific ESG-related ESG disclosures the company has made in its SEC, other regulatory filings, and other reports to securityholders to ensure accuracy, completeness, and adequacy of response
   
   

Key takeaways for board members:

• The chart of the audit committee should include the responsibility for reviewing and assuring the accuracy and completeness of the corporation’s ESG-related disclosures in its public disclosures and regulatory filings
• Ensuring that at least one member of the audit committee has specifically relevant ESG-technical background and experience will be critical
• The audit committee must have the explicit authority to engage its own counsel and consultants to advise on ESG-related disclosures matters as well as the corresponding funding
• All board members must be kept abreast of new ESG-related disclosures mandates and the development and harmonization of Sustainability reporting standards
  
  

Additional Telesto resources:
Find additional information on how to get started with ESG, Eight Corporate Sustainability Trends for Corporate Directors, Six Reasons Why Board Members Should Manage Cyber Risk as an ESG Issue, build topical familiarity with our ESG Glossary as well as Telesto’s ESG Maturity Model.