Three Keys to Effective Internal Control over Financial Reporting

Audit Committee ICFR

The following is a guest post from the CAQ‘s Executive Director Cindy Fornelli.


Many factors go into the robust confidence that investors consistently show in U.S. financial markets. One of those factors is internal control over financial reporting (ICFR). Investors depend on reliable financial information, and effective ICFR helps reduce the risk that financial statements will contain material errors or misstatements.

As with any system, maintaining sound ICFR requires continual effort and dialogue among stakeholders on how to address challenges. The Anti-Fraud Collaboration, a coalition of leading organizations representing key constituents of the financial reporting supply chain, explored ICFR challenges and solutions at a pair of 2016 workshops in New York and San Francisco. The events—which brought together audit committee members, financial executives, internal auditors, external auditors, and regulators—generated a wealth of insights. Many of these insights were captured in a recent Anti-Fraud Collaboration report that should be of interest to boards of directors and others involved with financial reporting.

1. Set a Healthy “Tone at the Top”

From the workshops’ wide-ranging discussions, several overarching ICFR considerations became clear. Foremost among them is the idea that for all members of the financial reporting supply chain, the importance of tone at the top cannot be overstated. Management, together with the board of directors, sets this tone by (1) communicating effectively, (2) visibly adhering to clear ethical principles and codes of conduct, and (3) providing necessary support and resources for robust fraud risk management programs and internal controls.

2. Watch for Warning Signs

On the flip side, what are potential warning signs that tone at the top could be improved? At the workshops, participants identified several:

  • A very strong-willed CEO who creates a “don’t ask questions” culture. CEOs tend to have commanding personalities, but it is a problem if a CEO is so intimidating that opposing views are not welcomed or adequately considered.
  • A culture of perfection that inhibits open and transparent communication. “Perfection might sound good—everyone is striving to do their best,” said one workshop participant. “But will anybody raise their hand when there’s bad news to deliver?” In a culture of perfection, problems can be ignored and allowed to mushroom.
  • Pressure to meet key metrics. How much pressure is there to find that extra revenue or income to meet an analyst’s forecast, or comply with a debt covenant? A related issue: significant compensation plans that are tied only to revenue and earnings. “Compensation needs to be a combination of short- and long-term incentives,” observed a participant. “Compliance must be part of the compensation determination as well.”

3. Enhance the Vital Role of the Audit Committee

As observed by Wesley R. Bricker, Chief Accountant at the Securities and Exchange Commission, audit committees “play a critical role in contributing to financial statement credibility through their oversight and resulting impact on the integrity of a company’s culture and ICFR, the quality of financial reporting, and the quality of audits performed on behalf of investors.”

In keeping with this critical role, the Anti-Fraud Collaboration workshop participants devoted significant discussion to leading practices for audit committees. Several key themes emerged:

  • The audit committee’s lines of communication should be widely open to senior management, not just to the CEO and CFO. Employees should feel comfortable reporting to the audit committee, either directly or through the company’s ethics hotline, in situations where they believe they have been pressured by management to perform illegal or unethical acts.
  • The audit committee should look beyond their meeting materials and ask, “What else should we be talking about?” Similarly, audit committee meetings with management are often arranged for a specific purpose with agendas decided well in advance of meetings. Audit committees should be proactive in broaching other topics when necessary.
  • The audit committee needs to take greater ownership of accounting issues and ask more open-ended questions about them. One workshop participant recommended that a member of the audit committee listen to the company’s earnings call with analysts to consider if the messaging is consistent with the financial filings.
  • For audit committees in industries with highly specialized accounting, the audit committee may benefit from external industry specialists. The role of the audit committee should include challenging senior management on the accounting for complex transactions and estimates. Having expert advice promotes the ability to have a robust dialogue on these issues.
  • When audit committee members and management have both served long terms, there can be a tendency for problems to go unnoticed and questions left unasked. Turnover on boards can provide fresh eyes and a new spirit for engaging in accounting issues.
  • As part of the assessment of ICFR by both the company and the external auditor, concerns related to inadequate or ineffective staffing should be considered when evaluating the design and operation of a company’s controls. Some participants said the external auditor and audit committees should address the topic of company staffing.
  • Formal and informal interaction are necessary between and among external auditors, the financial reporting team, internal auditors, and the audit committee. Through these interactions, relationships are strengthened and more candid communication can occur.

The full Anti-Fraud Collaboration report is not only an invaluable resource for board members, but it is available free of charge. In addition to providing perspective and tips on ICFR, the report sheds light on crafting sound accounting policies and addressing staffing challenges around financial reporting.

About the author: A securities lawyer, Cindy Fornelli has served as the Executive Director of the Center for Audit Quality since its establishment in 2007. Fornelli also co-chairs the Anti-Fraud Collaboration.

More Resources for Audit Committees

annual corporate directors survey

On our Audit Committee resource page, we cover everything from audit chair succession and enterprise risk management (ERM) to the new revenue recognition standard. Browse our Episodes, Insights, and Events.

Browse Resources