2024 Audit Committee Transparency Barometer
Now in its eleventh year of publication, the Audit Committee Transparency Barometer, released by the Center for Audit Quality (CAQ) continues to provide investors with distinctive insight into the disclosures made by audit committees in proxy statements each year since 2014.
Compiled and published in partnership with Ideagen Audit Analytics, the Barometer measures year-over-year comparison of disclosures for S&P 500, S&P MidCap and S&P SmallCap companies in certain key areas, including audit committee duties and composition, auditor evaluation/oversight, audit firm and lead partner selection, auditor compensation, cybersecurity, ESG and board member expertise.
This year, the Barometer acknowledges the progress that audit committees have made since 2014 in providing better and more thorough disclosures, while also highlighting areas where these can improve. The Barometer continues to provide encouragement and examples, so audit committees can grow beyond stagnant and boilerplate disclosures to provide investors and stakeholders with updated and robust information. Additionally, a new question was added this year which expands upon board composition, specifically, if the board discloses a skills matrix (Q13).
Oversight of the external auditor
At the core of the audit committee’s responsibilities is the oversight of the external auditor. Audit committees can create a clear connection between their direct oversight and overall audit quality by the robustness of their disclosures. Since 2014, there have been increases in disclosures regarding certain areas of external auditor oversight. However, some of these increases have begun to plateau in recent years, indicating that not enough companies are utilizing disclosures to their advantage. By disclosing the depths of their responsibilities and actions in proxy statements, audit committees can tell their story to investors and shareholders, give real insight into how they are fulfilling their oversight responsibilities and explain year-over-year changes.
There continues to be room for improvement regarding external auditor oversight in four areas specifically:
Q1 - Is there disclosure related to a discussion of Audit Committee considerations in appointing or (re)appointing the external auditor?
In 2024, we observed an increase of only one percentage point in the S&P 500 and the S&P MidCap, and three percentage points in the SmallCap from 2023. Disclosures for Q1 have been on the rise since collection started in 2014, however now we are seeing more of a plateau in recent years.
Q2 – Is there disclosure of the length of time the auditor has been engaged?
In 2024, we observed no change in the 500, an increase of one percentage point in the MidCap and two percentage points in the SmallCap from 2023. While there is a higher rate of disclosure overall since 2014, there is also a clear plateau.
Q2.1 – Is there disclosure related to a discussion about how the audit committee considers length of tenure?
This question is an extension of Q2. With its counterpart having a high rate of disclosure it would be expected for there to be a higher rate of disclosure for Q2.1, however that is not the case. The disclosure rate for Q2 is approximately nine times higher than the disclosure rate of Q2.1.
In 2024, we observed an increase of two percentage points in the Q2.1 disclosure rate for the 500, and one percentage point in the MidCap and SmallCap from 2023.
Q3 – Is there a disclosure related to a discussion of audit fees and its connection to audit quality?
In 2024, we observed no measurable increases in the 500, MidCap or SmallCap from 2023. Unlike Q1 and Q2 above, Q3 has seen a primary decrease in disclosure since 2014 with currently no new disclosures being added in 2024.
With such room for improvement, audit committees should take the opportunity to enhance their disclosures with more detailed information regarding how they carry out their responsibilities and oversight of the external auditor.
Expanding oversight responsibilities: Cybersecurity & ESG
Audit committees’ responsibilities continue to grow and have far surpassed oversight over the external auditor and overseeing financial reporting. With the constantly evolving landscapes of cybersecurity and ESG, we continue to see the audit committee absorb more oversight roles in these areas.
Cybersecurity
Since 2016, we have watched positive trends emerge in both the audit committee’s oversight of cybersecurity and the existence of a cybersecurity expert on the board of directors.
Q9 – Is it disclosed that the board of directors have a cybersecurity expert?
In the S&P 1500, the disclosure rate increased from 5% in 2016 to 46% in 2024, a 41 percentage point increase.
Q10 – Is it disclosed that the audit committee is responsible for cybersecurity risk oversight?
In the S&P 1500, the disclosure rate increased 49 percentage points from 7% in 2016, to 56% in 2024.
ESG
In 2022, a new question was introduced regarding whether the board of directors has an ESG or sustainability expert (Q11) and if it is disclosed that the audit committee is responsible for ESG oversight (Q12). While this data has only been tracked for a few years, there is a clear year-over-year increase. This upward trend demonstrates that audit committees continue to expand their oversight beyond the external auditor, and into new and emerging areas of risk.
Q11 – Is it disclosed that the board of directors has an ESG or sustainability expert?
In the S&P 1500, the disclosure rate increased from 27% in 2022 to 49% in 2024, a 22 percentage point increase.
Q12 – Is it disclosed that the audit committee is responsible for ESG oversight?
In the S&P 500, the disclosure rate increased 11 percentage points from 12% in 2022, to 23% in 2024.
With the SEC’s new Cybersecurity Disclosure Rule becoming effective in 2024 and the stay on the Climate Disclosure Rule, cybersecurity and ESG will continue to be hot topics in proxy statements. With these risk areas being more scrutinized and more transparency being required, audit committees and boards will have ample opportunity to increase their proxy disclosures surrounding these topics.
New for 2024: A look at the skills matrix
Year after year, we are seeing how audit committees and boards of directors continue to be challenged with new areas of risk oversight and responsibilities. This year, we wanted to get a pulse on how the board of directors are highlighting and presenting the skills and areas of expertise of their board members. Thus, question 13 (Q13) was added: Is it disclosed that the board of directors has a skills matrix?
A skills matrix can provide valuable information regarding qualifications and key expertise that board members individually possess and give a “big picture” regarding the board’s collective skills. In some cases, this also presents the board with the opportunity to highlight gaps in skills or qualifications, or areas where they can improve skill coverage. Overall, we found that 85% of the S&P 500, 75% of the S&P MidCap and 62% of the S&P SmallCap disclosed a skills matrix for their board of directors in their 2024 proxy statements.
While many companies in the S&P index are disclosing a skills matrix, there is still room for improvement. Additionally, companies that are disclosing a skills matrix can seek to add more information to their matrix, including a wider variety of skills, industry specific skills and/or level of expertise in specific skills. The Barometer highlights a leading example of a skills matrix on pages 27-28.
Conclusion
The Barometer continues to be a tool to demonstrate how audit committees can better enhance their disclosures. By going above and beyond common boilerplate disclosures, audit committees can showcase their skillsets, responsibilities and areas of oversight. While there have been increased disclosure rates since 2014, there is continual room for improvement regarding audit committee duties and composition, auditor evaluation and oversight, cybersecurity, ESG and the skills of the board.