Audit committee effectiveness in the banking industry: how effective are audit committees in the banking industry? The answer to that question may hinge on who is on the auditing committee.
The 1992 report by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) defined internal control as a "process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
* Effectiveness and efficiency of operations.
* Reliability of financial reporting.
* Compliance with applicable laws and regulations." (1)
In 1999, COSO published Fraudulent Financial Reporting: 1987-1997, An Analysis of U.S. Public Companies. The authors of this study analyzed fraudulent financial reporting alleged by the SEC in Accounting and Auditing Enforcement Releases for 204 companies. Companies committing financial statement fraud were small in size (median assets, $16 million), had senior executives involved in the fraud, and had a board of directors and audit committee that were not functioning properly. Study results showed that approximately 60% of directors were either insiders or "gray" directors (outsiders with special ties to the company or its management). Twenty-five percent of the companies studied had no audit committee. Twelve companies had an audit committee but it never met. Of the companies with an audit committee, only 44% met two or more times per year.
AUDIT COMMITTEE STUDY
We surveyed more than 1,000 commercial banks with assets ranging from $6 million to $350 million. The median asset size of the respondent banks was $50 million. The research instrument, (54 total questions) along with a cover letter addressed to the Chief Executive Officer, was mailed to 1,036 financial institutions. A total of 421 responses were received. Of these 421 responses, 410 were usable, yielding a usable response rate of 39.58%. Coincidentally, 205 of the usable responses were from new banks (banks chartered less than three years) and 205 were from old banks (banks chartered more than 10 years). Eighty of the 410 usable responses were from banks that were publicly traded.
Eighty-three percent of all banks responding to the survey had an audit committee. Of those banks with an audit committee, 63% met three or more times. Sixty-three percent of audit committees consisted of only outside directors (directors not employed by the institution). Approximately 81% of all audit committees had individuals with either banking or related financial management experience.
AUDIT COMMITTEE VALUE
The internal control questionnaire identified five questions that assessed the value of audit committees. These questions either directly or indirectly assessed the objectives of internal controls dealing with the effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations. By analyzing the responses on these five questions, the researchers were able to assess the value added by audit committees based on the following criteria:
* Does the institution have an audit committee?
* Did the audit committee meet three or more times during the year?
* Does the audit committee have only outside directors?
* Does the audit committee have a member that has banking or financial experience?
The first question asked was:
During the last two years, has your institution had to amend its call report or thrift report because of errors?
A call/thrift report is a report filed with bank regulators each quarter. This report enables regulators to detect early warning signs for potential problems within financial institutions. Any bank that has to amend its call report has a problem with reliability of financial reporting. Forty-one percent of banks with an audit committee reported they had amended their call report at least once during the past two years while those without an audit committee had amended their call report during the past two years only 31.89% of the time. A significant difference existed between audit committees with individuals with banking or financial expertise and those without this expertise. Only 38.41% of banks with audit committees that had someone with banking or financial expertise as a member amended their call report while 52.31% of banks without this expertise were required to amend their call report. See Table 1 for the overall results of this and other questions.
The next measure of effectiveness was on the question of regulatory violations. The authors asked the following question:
During your last regulatory exam, was your institution cited for any regulatory violations?
A bank that was cited for a violation obviously has not complied fully with applicable laws and regulations. The findings on this question are in line with the findings of the COSO study. Institutions with an audit committee reported violations only 30.21% of the time while those without an audit committee reported violations at a rate of 36.23%. Audit committees that met three or more times reported violations only 27.91% of the time while those that met twice or less had a violation rate of 34.13%. Audit committees with all outside directors reported violations 28.84% of the time while those with insiders on the audit committee reported violations 32.54% of the time. Institutions with banking or related financial management experience reported violations in 27.54% of all cases while those without this expertise reported violations 41.54% of the time.
The next question was:
Is your institution currently under any administrative enforcement action?
Administrative enforcement action would include such things as a memorandum of understanding between the institution and regulators, a cease and desist order, civil money penalties, and termination of an officer. A financial institution under administrative enforcement action has had a major breakdown in the effectiveness and efficiency of its operations. Approximately 2.90% of institutions with and without an audit committee reported they were under administrative enforcement action. Institutions with individuals with banking experience or related financial experience as a member of the audit committee were significantly less likely to be under any enforcement action than those without this expertise. Only 2.17% of banks with audit committees with expertise in banking or finance were under enforcement action while 6.15% of banks without expertise on the audit committee were under some type of enforcement action. Institutions that met three or more times were more likely to be under enforcement action than those that had met two or fewer times. This result may be due to the fact that these committees were required to meet in order to discuss ways to comply with the enforcement action.
The next question asked the following:
During the past 24 months has your institution dismissed any employee for fraud, theft, or misuse of funds?
Approximately 9.4% of banks with an audit committee and 11.6% of banks without an audit committee had dismissed an employee for fraud, theft, or misuse of funds. Once again significant differences were found between institutions with banking or financial experience on the audit committee and those without this experience. Only 7.61% of banks with audit committees had dismissed an employee while 16.92% of banks without expertise on the audit committee had dismissed employees for these activities.
The last question to assess the audit committee's value was:
During your last external audit or regulatory exam was your institution cited for any technical exceptions (TEs) related to loan documentation?
Technical exceptions include such items as failure to perfect a lien by not filing a UCC Financing Statement or failure to obtain updated financial statements from borrowers. TEs are often indicative of larger internal control problems and were widespread during the bank failures of the 1980s and early 1990s.
Institutions with an audit committee reported fewer problems with TEs than those institutions without an audit committee. Both, however, would be deemed as having weak controls with nearly 50% of the banks reporting being cited for TEs. Once again significant differences were found between those institutions with expertise in banking or finance on their audit committee and those institutions without it.
FINANCIAL EXPERTISE NEEDED
This study indicates that even though banks do have an audit committee, it is not enough. Because of the nature of the banking industry, it is crucial to have someone with banking or financial expertise as a member of the audit committee. Institutions with this expertise on their audit committees consistently reported fewer call report amendments, fewer regulatory violations, fewer employees dismissed for fraud or theft, less enforcement action, and fewer technical exceptions than other institutions.
The lesson learned here for both banking and other industries is to have individuals with industry or financial experience as a member of the audit committee. Audit committees without this expertise will be fortunate if they can add value to the organization.
Table 1: Evaluation of Audit Committee Effectiveness NO AUDIT AUDIT MEASURE OF EFFECTIVENESS COMMITTEE COMMITTEE Amended Call Report 31.89% 41.06% Violations 36.23% 30.21% Enforcement Action 2.90% 2.93% Dismissed Employee 11.59% 9.38% Technical Exceptions 53.62% 48.38% AUDIT BANKING OR COMMITTEE OUTSIDE FINANCIAL MEASURE OF EFFECTIVENESS MEETINGS DIRECTORS EXPERTISE Amended Call Report 3 or more All outside Experience 40.47% 41.39% 38.41% 2 or less Insiders No experience 42.06% 40.47% 52.31% Violations 3 or more All outside Experience 27.91% 28.84% 27.54% 2 or less Insiders No experience 34.13% 32.54% 41.54% Enforcement Action 3 or more All outside Experience 3.72% 2.33% 2.17% 2 or less Insiders No experience 1.58% 3.97% 6.15% Dismissed Employee 3 or more All outside Experience 9.76% 9.30% 7.61% 2 or less Insiders No experience 8.73% 9.52% 16.92% Technical Exceptions 3 or more All outside Experience 49.30% 46.52% 45.65% 2 or less Insiders No experience 46.83% 51.58% 60.00%
(1) Committee of Sponsoring Organizations of the Treadway Commission (COSO), Internal Control: Integrated Framework, COSO, New York, 1992.
Thomas G. Noland, Ph.D., CMA, CPA, is assistant professor of accountancy at Georgia Southern University, Statesboro, Ga. He can be reached at firstname.lastname@example.org. Dave L. Nichols, Ph.D., CPA, is associate professor of accountancy, University of Mississippi, and Dale L. Flesher, Ph.D., CMA, CFM, CPA, CIA, CFE, is associate dean and professor at University of Mississippi, University, Miss.
|Printer friendly Cite/link Email Feedback|
|Author:||Noland, Thomas G.; Nichols, Dave L.; Flesher, Dale L.|
|Publication:||Management Accounting Quarterly|
|Date:||Mar 22, 2004|
|Previous Article:||Cost terminology in the 21st Century: using direct labor cost in a costs vs. resources framework: updating the traditional treatment of cost terms...|
|Next Article:||Editor's letter.|