Audit committees of not for profit organisations have an important role to play in overseeing all aspects of financial reporting.
They exist to ensure stakeholders that the organisation’s finances, risk management and compliance procedures allow it to fulfil its mission and achieve long-term viability. But what reporting do charity audit committees need to maximise their effectiveness while fulfilling their role as defined in their terms of reference? Outlined below are some of the key messages and considerations that have arisen in our discussions with charity chairs of audit committees.
Different worlds: charity boards vs the PLC experience
Among charity chairs of audit, there is a general agreement that there is a profound difference between being a member of a corporate board and a charity. In particular, a board member who works in both sectors may find that management information in charities needs a stronger idea of the organisation's cash position and balance sheet. This is hard to do with a 300-page board pack to read a week before a meeting – this sheer bulk cannot enhance transparency or clarity, or make for an effective committee meeting.
The corporate experience has brought significant changes in emphasis for charity boards: PLCs are placing more focus on people, processes and systems, rather than in organisational or executive decisions. Crucially, the separation between management and board, with the latter being more ‘hands off’ should be achieved by the two parties undertaking distinct roles. The audit committee, and board, should be determining if management are being effective: do they have the right capability to execute and are the systems there to provide assurance? That separation could be enhanced by dividing the roles of the audit/risk committee from finance as the latter tends to get crowded out as committee members focus on areas where they may feel there is less assurance or a lower appetite for risk.
Controlling risk and external expertise
If describing what good governance looks like in PLCs versus charities is relatively easy to explain, how it can be done better is harder to define.
A common opinion is that the audit committee needs to be aware of the wider regulatory environment and specific requirements affecting the charity, which have multiplied over the years. It is certainly crucial to understand the policies the charity has in place to meet regulatory requirements, and to get assurance over them, making sure they are being adhered to. Use of assurance mapping techniques can facilitate this. However, when things go wrong, the committee must be at the forefront of learning from major events and ensuring that the lessons are buried deep into the organisation’s consciousness.
In carrying out these functions, the committee should maximise the value and capability of its external advisers. If a committee can’t get comfortable with the assurance and information provided by management, then it should invest in advice, for example through co-source internal audit. Making good use of advice is about making sure that the right people look at the right issues and effective audit committees are able to define the scope of that work accurately, making sure that everyone knows what contribution advisers should be making.
Co-option: the overlooked route to diversity and expertise?
The skills and experience of your people is at the heart of maximising the effectiveness of the audit committee, management and advisers as they operate together. But with the obligations of being a trustee, and the time requirements, recruiting that capability to the board is often challenging. It is particularly hard to improve the diversity of experience available to the board and prevent too wide a cultural gap opening up between the beneficiaries of the charity and those who run it for their benefit.
Co-opting committee members may offer some solutions to that conundrum. For example, expanding co-optees to very specific positions could be used to bolster knowledge, but also to create close links with management. It may prove easier to recruit an external digital expert to link directly with the IT leader of a charity without the extra step of that expert being a trustee and all the legal and regulatory obligations that go with it. It is also possible, perhaps even likely, that co-optees will upgrade to trustee status later, ensuring greater continuity over time.
Co-option isn’t an easy governance option: there needs to be good practice around recruitment and clarity of responsibilities. But maybe it should be considered more often when boards talk about the difficulty of recruitment and expanding the skills available to work with, and scrutinise, management in the charity sector.