For more than a decade, the EY Center for Board Matters has reviewed audit committee disclosures in the proxies of Fortune 100 companies to analyze their evolution. The type and scope of information has increased significantly since 2012, although the pace of change has slowed over the past several years.
Financial reporting is at the heart of the US public capital markets, providing critical information to investors so they can make informed decisions about where to place their money. Audit committees play a key role in supporting high-quality financial reporting, including overseeing the selection, performance and compensation of the external auditor.
Despite the importance of the audit committee’s role overseeing the audit, related disclosures often are limited. While an audit committee report must be included in the proxy, regulations and stock exchange listing rules require few specific disclosures about the audit and auditor. A number of companies provide voluntary disclosures regarding how audit committees exercise their audit oversight responsibilities, affording important information to investors about the reliability and quality of financial reporting. The voluntary disclosures have shifted over time due to investor interest, market and regulatory developments, and other factors.
What we saw in 2023
While the year-over-year change in the percentage of companies providing these voluntary disclosures is incremental, there has been a dramatic increase in disclosures in most categories since we began examining these disclosures in 2012. For example:
Expansion of audit committee role
Consistent with the trends of voluntary audit committee disclosures, we continue to see companies bolster their description of audit committee oversight and the roles and responsibilities of the committee – particularly relating to cybersecurity and environmental, social and governance (ESG) matters. This responds to increased investor interest in how boards are executing their oversight of these and other nonfinancial risks (e.g., how boards are assigning oversight responsibilities at the committee level, how directors are developing related competency).
The audit committee has emerged as the primary committee overseeing cybersecurity. Seventy-five percent of reviewed companies disclosed that the audit committee oversees cybersecurity matters. This percentage may be poised to change even further in the near future. Under Securities and Exchange Commission (SEC) finalized rules on cybersecurity, companies will need to disclose whether the entire board, specific members or a board committee is responsible for cybersecurity oversight.
Beyond cyber, more audit committees are overseeing other nonfinancial risks or nonfinancial disclosure controls and procedures. Notably, “ESG,” “environment,” “sustainability” and “climate” are terms now appearing in the descriptions of audit committee oversight responsibilities for 29% of reviewed companies, up from 11% in 2021.
Committee areas of focus
Leading companies are adding additional specificity by highlighting any changes to oversight activities and key focus areas for the audit committee for the previous year.
Growing number of financial experts
We continue to see an increase in audit committees with three or more financial experts (now 68%, up from 65% in 2021 and 51% in 2012). This could be indicative of the increasing complexity of risks that audit committees are dealing with, requiring more financial expertise.
Independence and performance of the auditor
The number of companies that disclosed factors used in the audit committee’s assessment of the external auditor’s qualifications and work quality increased to 71%, up from 68% in 2021. Only 15% of reviewed companies made that disclosure in 2012. Further, nearly 92% of companies disclosed that the audit committee considers non-audit fees and services when assessing auditor independence, vs. just 23% in 2012.
Critical audit matters
We specifically tracked whether any of the audit committee disclosures this year referenced critical audit matters. We noted that 28% of companies made references to the audit committee’s discussion of critical audit matters with the external auditors, up from 20% in 2021.
Auditor ratification support
In terms of voting results for proposals to ratify the auditor, support levels remain significant. In 2023, the average support was 98% for S&P 1500 companies, which is in line with recent years. Less than 1% of the auditor ratification proposals voted on in 2023 received less than 90%.
A look at audit committees over time