Financial oversight is one of the key pillars of good governance, and audit committees play a key role in providing this oversight in central banks. This report highlights the key characteristics and principles of effective audit committees in achieving good central bank governance.
The audit committee should be an informed, vigilant, and effective overseer of the financial reporting process. One of the biggest changes to its regulatory mandate is its direct responsibility for external audit. It is essential that audit committees work closely with the external auditor establishing rapport through active, open two – way communication.
In building an effective audit committee, the following are fundamental principles we recommend central banks implement:
It is good practice for central banks to publish financial statements and annual reports – providing a level of transparency that is consistent with their public – interest mandate. As part of this mandate, it is fundamental that the audit committee ensures the reports are comprehensive, transparent, and abide by the central bank's local reporting law. When analyzing financial reports, audit committees are encouraged to assess the appropriateness and consistency of management's classifications, disclosures, methodologies, estimates, and policies – maintaining a healthy dose of skepticism and judgement. The audit committee should evaluate the performance of the CFO and the finance function as a whole, ensuring the central bank keeps pace with ongoing changes in the economic environment.
With a public – interest mandate, audit committees need to be proactive in managing risks. Most central banks act as lenders of last resort for financial institutions facing liquidity problems. The decision to lend to these types of institutions poses significant risks to the central bank - whose risk appetite is generally low. With a plethora of risks on the rise - cyber security, confidentiality, IT – central banks require a system of internal control that helps ensure an effective conduct of operations and management of risks. The board has the responsibility for maintaining sound risk management and internal control systems which is normally delegated to the audit committee. Often times, audit committees may only be responsible for oversight of internal controls for financial reporting; albeit, sometimes this mandate is extended to include financial, strategic, compliance and operational risks for the entire organization. It is important to remember that the audit committee's objective is to determine whether there is a well – established and strong system of internal control in place to identify and manage risks, rather than act as an executive function.
Internal audit evaluates management activities and internal controls, giving the audit committee an objective assessment of whether a central bank's process are operating effectively. To ensure proper authority and accountability, it is fundamental that there is a clear line of reporting in place to the audit committee and that the audit committee maintains an open relationship with internal audit. Further, it is important that the internal audit function has adequate resources, practices objectivity, is technically competent, and carries a high degree of professionalism to fulfil its mandate.
Legislation often requires an independent external audit of a central bank's financial statements. Effective two-way communication with the external auditor can provide the audit committee with useful insights that are relevant to its role and help enhance and safeguard the auditor's independence. Assessing the effectiveness of the external audit process can help to optimize the external auditor's performance and encourages good communication between the external auditor and the audit committee.
We hope that you find this publication useful as you look to enhance the effectiveness of financial oversight in your organization.