1. Accountability and Practices of
Today’s Audit Committee in Enhancing
Good Corporate Governance
Best Practices for
Corporate Governance & Board Effectiveness
31 August -1 September 2009 swissôtel Nai Lert Park Bangkok
By
Pairat Srivilairit, CIA, CISA, CBA, CCSA, CFSA, CISSP, CFE
Tuesday, 1 September 2009, 13.15 –14.15 hrs
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 1
2. About Speaker
Mr Pairat Srivilairit received a bachelor of engineering from Chulalongkorn
University and a MBA from Thammasat University. He is a certified internal
auditor (CIA), certified information systems auditor (CISA), certified bank
auditor (CBA), holder of certification in control self-assessment (CCSA), certified financial service
auditor (CFSA), certified information systems security professional (CISSP), and a certified fraud
examiner (CFE).
He is chairman of the Bank and Financial Institution Internal Auditors Club (BFIA) and past director
of ISACA Bangkok chapter. He is also a member of The Institute of Internal Auditors (IIA), The
Association of Certified Fraud Examiners (ACFE), The Information Systems Audit and Control
Association (ISACA), The International Information Systems Security Certification Consortium
(ISC)² and The Institute of Internal Auditors of Thailand (IIAT).
He is a known lecturer on operational auditing and information system auditing courses at IIAT and
ISACA Bangkok Chapter. He is also a special lecturer of the IIA’s Internal Auditing Education
Partnership Program (IAEP) at Chulalongkorn University, and served as a member of the IIAT’s
editors committee in publishing the Thai version of IIA standards, and the book on internal auditing
procedure which was published with the support from the Stock Exchange of Thailand (SET). He
also represented IIAT speaking to students at several universities to disseminate the internal
auditing profession.
Mr Pairat Srivilairit is associated with finance and banking industry for over 18 years with rich
experiences in the area of management consulting, planning, research, investment,
operation and audit. He is now with TISCO Bank Public Company Limited as head of
internal audit and secretary to the audit committee.
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 2
3. Outline
Accountability and Practices of Today’s Audit
Committee in Enhancing Good Corporate
Governance:
(60 min)
Latest development on Audit Committee mandates
Critical roles & responsibilities at the present
Recommended tools & mechanism for Committee to
effectively discharge their roles and responsibilities
Exploring how IA can excellently work with Committee
Effectiveness & efficiency of Internal Audit functions
Summary
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 3
4. Board’s Roles in Governance
“Governance is the system by which organizations are
directed and controlled. It includes the rules and
procedures for making decisions on corporate affairs to
ensure success while maintaining the right balance with
the stakeholders’ interest.”
Board’s Dual Roles in corporate governance
– Advisor to management
– Fiduciary to shareholders
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 4
5. The Bad News
Capital markets expect more from Audit Committee
oversight role in every areas that demand transparency.
– Oversee process that produces reliable, transparent
and objective financial information
– Ensure the company has effective internal controls
– Retain and compensate external auditors
– Oversee risk management
– Compliance with laws and regulations affecting the
company
– Oversight of management.
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 5
6. Financial Accuracy
Understand financial statements / accounting policies
Assess quality of earnings, not just reliability
Healthy skepticism / ask probing questions
Comfortable with treatment of unusual / complex issues
Understand significant changes / auditors’ concerns
Consider risk of fraud ― it is never zero
Revenue recognition Provisions
Expense classification Areas of judgement
Accounting for business Suspense / Clearing
combinations accounts
Review adequacy and consistency of disclosures
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 6
7. Internal Control
Assess if management provide enough tone at the top
Ensure staff have capabilities
Strong culture of integrity “do the right thing”
Understand if audit plans address high-risk areas
• Management override Poor culture
• Outside service providers Recurring control weaknesses
• Information technology Payment systems
• Mergers and acquisitions Segregation of duties
Understand control weaknesses, correction plan,
and their impacts on financial reporting
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 7
8. External Auditor
Auditors should report directly to the committee
Audit Committees have a role in
– Selecting, or reappointing, external auditors
– Evaluating auditors’ performance
– Ensuring auditors’ independence
Candid and ongoing communications are vital
Timely and robust dialogue on complex issues is
essential
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 8
9. Risk Management
Understand how processes are tailored to meet
company’s specific needs
Ensure processes are ongoing, with appropriate staffing
Meet periodically with Chief Risk Officer
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 9
10. Compliance and Ethics
Review and approve code of conduct
Ensure staff receive and understand the code
Management exhibits ethical behavior
Understand program for monitoring code compliance
Review reported violations and follow-up actions
Whistleblower / complaint hotlines
Review reported complaints / ensure actions taken are
timely, consistent, and appropriate
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 10
11. Oversight of Management
Noses In. Fingers Out.
Communicate openly / challenge as appropriate
Balance advising with fiduciary duty role
Strong, open two-way communications
Management should seek committee’s input in advance
of key decisions
Evaluate management’s performance and assess bench
strength
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 11
12. Life Challenges
How the Audit Committee meets increasing
accountability and regulatory and statutory mandates
– Have clear vision of what should be doing
– Have the right directors on the Committee
– Have effective structure to let them do work
– Have a committee mandate - not a one time activity
– Receive pertinent information and timely briefings
– Have access to right people at the right time
– Ensure time is well spent and activities are focused
– Ensure the Committee’s voice to be heard
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 12
13. Members’ Attributes
Good understanding of the business—including
company’s products, services, and industry
Willingness to dedicate substantial time and energy
Other relevant attributes
– Extremely high level of integrity
– Healthy skepticism and courage to challenge
– Inquisitiveness and independent judgment
Good financial knowledge
Regular training / orientation
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 13
14. Meeting-Planning Tips
Strategies to cope with expanded workload
and ensure good steering of agenda.
– Use a schedule planner over the year
– Balance workload across meetings
– Meet in person at least 4 times a year, 2-4 hrs each
– Detailed, written agenda and briefing materials
submitted at least 10 days in advance
– Expect chairperson to facilitate discussion, encourage
meaningful participation, hold pre-meetings to explore
issues, and ensure the right people attend
– Ensure accurate minutes are kept to summarize
meeting discussions and capture follow-up
actions for accountability
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 14
15. Participants
Should allow frank discussion of confidential matters
Both internal audit director and external auditors typically
attend every meeting
Management’s participation is important
Ask CEO / CFO to be on call during the meeting
Avoid schedule multiple board committee meetings
concurrently
Meet privately with IA director, external auditors, finance
management, and others, as warranted
Guard against too many observers
May engage outside specialist as necessary
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 15
16. Committee Evaluation
Evaluate committee performance regularly
by comparing activities against
• Charter
• Board approved mandate
• Regulatory requirements
• Leading practices
Assess committee dynamics, not only on what the
committee does, but also on how effectively it functions
Should be robust— no “check the box”
Obtain feedback from board, management, internal
audit, general counsel, and external auditors
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 16
17. Use of Internal Audit
Internal audit must have appropriate statue in the
company, by
– Dual reporting relationship to AC and CEO
– Ensuring IA’s continual access to committee
– Committee play key role in selection, evaluation,
compensation, succession of IA director
– Review and approve IA charter and plans
– Monitor plans / approve major changes
– Understand audit results / focus on findings and
follow-up action
– Ensure IA has budget and resources needed
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 17
18. Increase IA’s Effectiveness
Open communication with management and committee
Ask stakeholders’ feedbacks
Strategy linked to objectives / stakeholder’s value
Focus more on risk / governance
Systematically-prioritized and adaptable plan
Reduce routine and low value-added activities
Automate fraud detection / shorten reporting cycle
Attract and retain top talents
Third party expert / IT audit
Adherence to auditing standards and ethics
Strengthen business knowledge and computer skills
Play risk and governance educator role
Quality assurance review
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 18
19. Summary
Accountability and Practices of Today’s Audit Committee in
Enhancing Good Corporate Governance:
New requirements for accountability present a unique
opportunity for audit committee and internal auditors to
add value to organization.
Audit committees must understand internal audit’s role if
they are to work effectively and share a healthy
interdependence.
The internal auditors provide objective assessment on
the state of the organization’s risk, control, governance,
and monitoring activities to the audit committee.
Audit committees provide validation and oversight
to the internal auditing activities.
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 19
20. Q&A
PAIRAT SRIVILAIRIT
CIA, CISA, CBA, CCSA, CFSA, CISSP, CFE
Internal Audit Department
TISCO Bank Public Company Limited
Mobile : +668 1903 1457
Office : +66 2633 7821
Email : pairat@tisco.co.th
Accountability and Practices of Today’s Audit Committee in Enhancing Good Corporate Governance
Pairat Srivilairit pairat@tisco.co.th 20