What do audit committees do? Transparency and impression management

Marking a significant step aimed at making governance more transparent the UK requires audit committees (ACs) to publish a report on their activities. Although regulators continue to emphasise the roles of ACs, there is limited evidence on what the AC does in practice. This paper provides evidence on the nature of AC actions as reported in AC reports relating to external audit, internal audit and financial reporting. We use summative content analysis to analyze AC reports of UK FTSE 350 firms and find that AC actions mainly entail reviewing processes and reports and there is limited incidence of them reporting that they have undertaken investigations into auditing and reporting issues. Moreover, what is reported is mainly general and descriptive of process. Our findings highlight the importance of AC reports providing meaningful information rather than engaging in symbolism. ACs can use their reports to signal their substantive monitoring and how they have contributed to improving auditing and reporting quality. The findings also suggest that future research examining the reviewing, investigating and outsourcing activities of boards and ACs can contribute to a better understanding of the governance process and outcomes.


Introduction
Marking a significant step aimed at making governance more transparent in the UK audit committees (ACs) are required to publish a report on their oversight activities. In other countries ACs are not required to publish a report similar to ACs in the UK (FRC, 2016) and thus the UK offers a unique research opportunity to investigate the AC's oversight. This paper examines AC reported actions relating to their oversight of external audit, internal audit, and financial reporting. Our paper focuses attention on the black box of the AC process through an exploration of what ACs reveal in their reports.
Our paper adds to existing research in several ways. First, there is limited research on what the AC does (see Turley & Zaman, 2007;Compernolle, 2018). Our paper is located within a broader concern with AC practice and disclosures. Echoing earlier calls by Gendron and Bédard (2006) and Turley and Zaman (2007), Compernolle (2018) encourages further research into AC practice. Indeed, examining what ACs say they did in their reports is consistent with the growing emphasis both in regulatory initiatives and in AC research. To shed additional light on their monitoring role, we consider AC actions in the form of reviewing, investigating, and outsourcing to address issues within their purview. To the best of our knowledge, this is the first paper to provide evidence based on AC reports on what ACs do in practice.
Second, given the limited attention given to examining what ACs actually do in practice, our examination adds to research that mainly pertains to examining the relationship between AC characteristics (e.g., AC size, independence, expertise) and consequences (e.g., audit fees, opinion, earnings management). We add to the small number of studies that are attentive to the black box of AC process by examining AC actions and move away from a focus on characteristics and effects to a focus on black box of AC activities, i.e., what ACs publicly report they have done. As such our paper complements recent interview-based evidence on AC process and monitoring (Compernolle, 2018, Dobija, 2015, Fontaine et al., 2016, and Khemakhem & Fontaine, 2019. Third, our paper is based on the UK context which offers a rare opportunity to explore what ACs report they do. Our research recognises that expectations concerning transparency of governance has heightened ACCA (2014). The UK provides a meaningful and useful context for our study of AC reports. Much of the previous research on ACs is carried out in the US setting (Garcia-Blandon et al., 2018). Compared to US regulations that are relatively rigid, the UK provides a softer, comply or explain regulative approach which should encourage transparency of governance practices (FRC, 2012).
Our analysis of AC reports suggests that what ACs reveal is largely descriptive and generic. Often ACs report they have reviewed aspects related to auditing, control and reporting. We find some evidence of ACs outsourcing, i.e., seeking input from outside professional experts, and undertaking investigations into matters as part of their governance role. Future research can extend our findings by investigating what drives AC decisions to outsource and/or to undertake further investigations and how that affects auditing and reporting quality. Our research also suggests the need for both ACs and users of their reports to be cognizant of the potential for AC disclosures to be used to inform or obfuscate readers about the corporate governance process.
The remainder of the paper is organized as follows. In Sect. 2 we provide an overview of the AC literature. Section 3 outlines our research approach while in Sect. 4 we provide an analysis and discussion of our findings. Section 5 provides a summary as well as suggestions for future research.

Prior literature and theoretical framework
This section of the paper first provides an outline review of the literature on ACs to position our contribution to it. Section 2.2 provides the theoretical framework underpinning our investigation of reporting on AC activities which focuses on impression management and transparency.

Literature on audit committees
ACs were initially very rare but regulatory initiatives and corporate governance codes have encouraged, if not mandated, their adoption (see Al-Shaer & Zaman, 2018;Carcello et al., 2002a;Collier & Zaman, 2005;Zaman et al., 2011). Not surprisingly overtime the literature on ACs has become extensive. Various papers provide a synthesis of the literature (see Broye & Johannes, 2021;Chen & Komal, 2018;Ghafran and O'Sullivan, 2013;Pomeroy & Thornton, 2008;Samaha et al., 2015;Turley & Zaman, 2004;Wu et al., 2012). Researchers have examined AC contributions to improving auditing and financial reporting. 1 Recent AC studies focus on how the characteristics of ACs affect internal auditing and financial reporting (see for example, Cohen et al., 2013;He et al., 2017;Martinov-Bennie et al., 2015;Mat Zain et al., 2015;Sarens et al., 2013;Shepardson, 2019). Another emerging stream of research examines the role of ACs in sustainability reporting (seeAl-Shaer & Zaman, 2018;Trotman & Trotman, 2013). Some researchers shed light on the relationship between ACs and voluntary disclosures (see Al-Shaer et al., 2017;Li et al., 2012;Samaha et al., 2015). For instance, Mangena and Tauringana (2008) investigate the impact of AC characteristics on the level of disclosures in interim financial reports. They find negative impact of equity ownership of AC members, and positive impact of financial expertise of AC members on interim financial disclosures.
The literature on ACs is mostly focused on the input-output relationships with limited attention to the black box of ACs. Recognising this, similar to Gendron and Bédard (2006) and Turley and Zaman (2007), Compernolle (2018) encourages 1 3 further research on AC practice. Our focus on AC reporting provides exploratory evidence on what ACs disclose in their reports about what they have done. This contrasts with studies that focus on examining the association between board and AC characteristics on voluntary disclosures and outcomes. We complement research based on interview and case studies (see for example Compernolle, 2018;Dobija, 2015;Dobija, 2015;Dobija, 2015;Gendron & Bédard, 2006;Fontaine, 2019 andZaman, 2007) to explore what ACs do using the disclosures in their annual reports. Our focus thus resonates with calls for research on ACs to better understand the role they perform (Khemakhem & Fontaine, 2019;Martinov-Bennie et al., 2015;Mat Zain et al., 2015;Salleh & Stewart, 2012).

Theoretical framework
Our focus on AC reports is related to the literature on governance and voluntary disclosure. ACs play a key role in fulfilling investors' information needs (Garcia-Blandon et al., 2018). Leung et al. (2015) note that voluntary narrative reporting may be part of a disclosure strategy used to provide useful incremental information or for impression management. Companies can adopt a substantive approach to disclosure which represents the outcome of a sense of accountability to stakeholders, driven by a genuine interest in enhancing transparency (Michelon et al., 2015).
AC disclosures however may be symbolic and not provide much meaningful information that benefits readers. Accounting research on impression management suggests that managers are opportunistic and selectively disclose information for self-interest and they might manipulate the content and presentation of information to distort readers' perceptions of performance (Boiral et al., 2020;Merkl-Davis et al., 2011). What ACs disclose in their reports may be thus selective and convey the governance process in the best possible light. Also, while the reports may not be brief, their content is likely to include narrative disclosures that provide limited insight into AC activities. The omission of narrative disclosures and information relevant to the evaluation of AC effectiveness can divert readers' attention from weaknesses in AC monitoring. AC reports thus have the potential to inform readers as well to obfuscate. Similar to voluntary sustainability reports (Diouf & Boiral, 2017) and narrative reports on business models (Melloni et al., 2016), AC reports may be a tool for social legitimation and impression management. The flexibility in narrative disclosures may be used to impress the readers favourably (Osma & Guillamón-Saorín, 2011) rather than providing substantive insight. AC reports may be merely symbolic and signal compliance with recommended practice.
Prior literature focuses on impression management and the role of effective corporate governance in reducing opportunistic disclosure practices (Mather & Ramsay, 2007;Melloni et al., 2016). Companies may use impression management and manipulate the reports, making them more generic, and incomplete, and distract the reader's attention from a negative event (Corazza et al., 2020). The intensity of engagement in symbolic compliance with regulation can vary depending on the institutional context and can change over time (Aerts & Yan, 2017). For instance, comparing disclosures in 2004/5 and 2011/12 Shrives and Brennan (2017) find some evidence that explanations for compliance with governance codes appear to be more symbolic than substantive.
Rather than making transparent the black box of AC practice companies may engage in impression management when reporting on AC actions. Similar to Leung et al. (2015), we use impression management to refer to the strategically selective disclosure of AC actions in annual reports in a manner that might distort stakeholder perceptions. Indeed, firms may conceal information and explanations to distract investors' attention away from a firm's weakness or negative news (Leung et al., 2015). AC reporting thus may rather be reflective of "exercise in institutionalising unaccountability" (Solomon et al., 2013) rather than making transparent what the AC does.
Our theoretical stance contrasts with the economic-based agency perspectives adopted in most AC research. A limited number of studies have adopted alternative theorisations and qualitative research methods to shed light on the role and consequences of AC practice (Beasley et al., 2009;Cohen et al., 2002;Gendron and Bédard, 2006;Roussy and Rodrigue, 2018;Salleh & Stewart, 2012;Turley & Zaman, 2007;. Gendron and Bédard (2006) observe that despite regulatory efforts aimed at making governance more transparent through the disclosure of input and process measures, the measures are fundamentally limited in signalling the nature of activities that surround AC meetings. In another study, Tremblay and Gendron (2011) examine AC operations in the post-Enron setting and observe that regulatory developments largely aimed at providing reassurance to the public rather than addressing underlying issues. Thus, rather than providing substantive insight into their activities, AC reports may be part of a disclosure strategy aimed at impression management and symbolism.

Setting and data
Our study is based on the UK context where the annual report of company is required to include a report describing the work of the AC. In the UK ACs function on a "comply or explain" basis which contrasts with the US mandatory approach adopted following the Enron collapse (see Abbasi et al., 2020;Al-Okaily & BenYoussef, 2020;Zaman et al., 2011). 2 The UK Corporate Governance Code (FRC, 2018, p. 10) requires boards to establish an AC "of independent non-executive directors, with a minimum membership of three, or in the case of smaller companies, two. The chair of the board should not be a member. The board should satisfy itself that at least one member has recent and relevant financial experience. The committee as a whole shall have competence relevant to the sector in which the company operates." Our study is based on AC reports of FTSE 350 firms listed on the London Stock Exchange during 2013 and 2014. The time period is appropriate as two years has lapsed since the issuance of the FRC's revised guidelines for ACs published in 2010 and means enough time has passed for companies to achieve compliance. Due to manual collection of data and associated costs as well as the exploratory nature of our research, the scope of our investigation is limited. The FTSE 350 firms represent highest market capitalization and are the center of attention for investors, regulators, and professional bodies. Table 1 represents sample construction process and industrial distribution. Panel A shows that the initial sample consists of 700 firmyear observations that is reduced by 52 observations due to unavailability of the AC reports. Thus, the final sample consists of 648 observations with available AC reports sourcing from annual reports of sample companies. Panel B of Table 1 provides the pattern of industry wise distribution of the sample. More than 32% observations in our sample are from financial industry. Among non-financial companies, industrials (19%) contain highest number of observations followed by consumer services (17%), consumer goods (8%), etc. Moreover, Panel B also shows average length of the AC reports measured as number of pages and words. On average, companies in the basic materials industry have the longest AC reports consisting an

Content analysis
We use summative content analysis technique to analyze AC reporting to shareholders (Hsieh & Shannon, 2005). Our use of AC reports is similar to prior research that relies on non-financial reporting disclosures such as board chair's statements (Clatworthy & Jones, 2006) and CEO's letters to shareholders (Yan et al., 2019). We did not assume a tabula rasa but used our review of AC reporting and FRC (2012) guidelines that describe the role and responsibilities of the AC and its expected response on significant issues. Summative content analysis is a suitable approach to classify codes into themes (Hsieh & Shannon, 2005). This approach also lowers concerns regarding trustworthiness due to greater credibility or internal consistency (Hsieh & Shannon, 2005).
Our summative content analysis of the AC reports to shareholders involved a number of key steps. The first step involved reading a random selection of twentyfive AC reports. The reading helped us to familiarize ourselves with the nature and content of AC reports. Second, we reviewed (i) prior literature on ACs pertaining particularly to their roles and responsibilities (see Collier & Zaman, 2005;Turley & Zaman, 2004, (ii) early surveys of AC responsibilities (Carcello et al., 2002a;DeZoort, 1997) and (iii) FRC Guidelines for ACs. In our third step, drawing on our reading of AC reports and review of the AC literature and FRC guidelines we developed key categories and themes. Our fourth step involved reading the AC reports of FTSE 100 companies. During this process, we developed the subthemes and finalized the keywords and codes (see Table 2) that we used in the analysis of the FTSE 350 companies 3 In the final and fifth step we used NVivo 11.0 software program on the FTSE 350 companies' AC reports to allow us to enter all codes, perform text searches, simplify coding links, and to search illustrations and intersections of codes during analysis (see Table 2).

Findings -what ACs say they do
This section first focuses on our findings relating to the areas of activity reported on in AC reports. Table 3 provides a summary overview of the areas of activity reviewed by ACs and reports the frequencies (% of observations) of AC reviewing activities. The content analysis of AC reports reveals that reviewing is the most common form of AC action to provide assurance on corporate governance mechanisms. We find areas most reviewed include financial statements (99.69%), internal  audit function (85.65%), potential threats to audit effectiveness (85.80%) and the external audit process (86.42%). Whereas the least reviewed areas referred to in AC reports are fraud and crime (27.01%), going concern (31.02%), revenue recognition (43.67%) and whistleblowing (43.67%). Moreover, Table 4 provides industry wise summary of ACs reviewing activities. It shows that the AC reviewing activities vary among different industry sectors. In undertaking the review, ACs seek to confirm the completeness, correctness, and truthfulness of the information provided or tasks completed by the management. In sensitive cases, such as valuations, ACs conduct in-depth reviews by probing management about the tasks they have performed to ensure objectives have been achieved. 4 Overall, the findings indicate that the reviewing process of ACs is consistent with regulatory guidelines (FRC, 2012). We have organized the following sub-sections according to the key areas of AC responsibilities: i.e., in Sect. 4.1 we consider AC review of financial reporting, in Sect. 4.2 we focus on AC reporting relating to internal auditing and in Sect. 4.3 on issues relating to external auditing. In Sect. 4.4 we consider AC reporting that extends to undertaking further investigation and/or outsourcing, i.e., seeking external advice or consultation on significant issues they have reviewed. We provide quotations from AC reports as an illustration.

Financial reporting
The reported oversight and monitoring relating to financial reporting largely focus on ensuring the integrity of financial statements and overseeing processes relating to fraud prevention and whistleblowing. Aspects of AC activity reported include review of financial statements, revenue recognition, going concern, accounting policies, judgements and estimates, valuation and impairment, compliance, fraud and crime, and whistleblowing. We consider each of these in the subsections below.

Financial statements
Assurance on financial statements is an area of key focus of ACs to strengthen the integrity of overall financial reporting process. Accordingly, Table 4 shows least industry wise variations in reviewing of financial statements (σ = 1.31%). AC actions in reviewing this area mainly relate to recognition of assets and liabilities, nonstandard accounting entries, complex transactions, and ensuring overall accuracy and completeness thereof. Risks of material misstatements or restatements are also reported as the part of AC reviewing process. This suggests that although ACs are not involved in preparing the financial statements, they have a key role in ensuring the transparency and integrity of corporate reporting. However, to effectively review the financial statements and to constructively probe the management, it is necessary for the AC members to have an understanding of accounting concepts (PWC, 2011).

Revenue recognition
ACs report that proper revenue recognition is important for the integrity of financial reporting. We find the review of revenue recognition practices is more common in the telecommunication industry (Table 4). ACs mainly review management reports in relation to recognition process and policies, judgments and estimates, impact of rebates, chargebacks, cash discounts and returns. Some ACs report on probing management (in addition to a regular review) for the justification of the exclusion of certain items from underlying earnings or estimates used. Moreover, ACs routinely report about the commentary received from the external auditors, and the validation of supplier terms by independent teams. Overall, ACs ensure the appropriateness of revenue recognition polices and also that all the material sources of revenues have been covered.
"We understand, from management, the processes and controls over the contracts written through binding authorities and other third parties including the estimation of premium income (EPI) in relation to such contracts. We reviewed the historic accuracy of EPI against actual premium income and found this to be satisfactory. In relation to multi-year contracts, we ascertained that gross premium written has been recognised appropriately. We agreed with management's position that no provision be made for loss of income." (Amlin PLC 2014 Audit Committee Report).

Going concern
Following the FRC (2012) guidance, ACs are expected to deal with the matters in relation to board's going concern assessments and be satisfied about the basis used for the preparation of financial statements. As shown in Table 4, review of going concern assessments greatly varies among industrial groups. For instance, 71% ACs report on reviewing going concern in the utilities industry, compared to only 20% in the consumer services industry. AC actions relating to going concern generally include reviewing the assessment process, funding position, and appropriateness of assumptions used by the management. Sometimes, AC action involves reviewing the going concern process with sensitivity analyses and stress testing of liquidity positions and financing options. After its review, AC recommends to the board the adoption of going concern statement for inclusion in annual report. However, as emerging literature highlights that narrative disclosure characteristics have a critical role in bankruptcy predictions (e.g. Cecchini et al., 2010) and issuance of going concern audit opinions (e.g. Hossain et al., 2020), the ACs should also ensure the appropriateness of narrative disclosures regarding going concern issues and managerial discussion material uncertainties in other parts of annual reporting.
"In advance of the consideration by the Board on going concern, the Audit Committee reviewed the 2015 budget and longer-term plans and considered any reasonably likely scenarios that may occur. The Committee is satisfied that, at the time of approving the financial statements, it is appropriate to adopt the going concern basis in preparing the financial statements of both the Group and the parent Company. This view was supported by a sensitivity analysis and stress tests undertaken at the year-end which showed that some extreme assumptions would have to be made before there is negative impact." (ARM Holdings PLC 2014 Audit Committee Report).

Accounting policies, judgement and estimates
We find that around 62% (Tables 3 and 4) ACs in our sample pay attention to and report their actions on managing critical accounting policies, judgements and estimates. As reported in Table 4, this activity is more common in utilities (79%), and consumer goods (71%) industries, and less common in technology (55%) and health care (42%) industries. This is a critical area because changes in accounting policies, judgements and estimates can have material impact on financial reports. In reviewing the process, ACs assure themselves about the appropriateness, consistency and quality, and make recommendations to the board. They also consider and approve any change in accounting policies resulting from the application of accounting standards. ACs also consider whether the accounting policies implemented by the management are prudent or aggressive. Few ACs in our sample also take into account whether the accounting policies, judgements and estimates are consistent with corporate strategy.
"The Audit Committee reviews, at least quarterly, the Company's significant accounting matters and, where appropriate, challenges management's decisions before approving the accounting policies applied." (AstraZeneca PLC 2014 Audit Committee Report).

Valuation and impairment
This is a frequent area of AC reporting, especially among firms in telecommunication and basic materials industries. This is also a critical area of the AC focus because the processes and methods of valuation and impairment can directly impact on the numbers reported in financial statements. AC actions under this category provide assurance on valuation and impairment issues such as their assumptions, methods, impacts, and reporting. ACs extensively report that they satisfy themselves as to the governance underpinning the valuation and impairment processes of assets and liabilities. AC actions mainly involve review of assumptions and valuation techniques. Accordingly, they make recommendations to the board on the efficacy of the methods used by the management. The actions taken under reviews mostly involve monitoring of the judgements such as discount rates that properly reflect the current market assessments, inflation rates, growth rates, cash flow forecasting and budgeting, performance assumptions, actuarial assumptions (in case of liabilities) and sensitivity analyses.
"The Committee assessed the particular assumptions proposed to be used by management and their impact on scheme assets and liabilities in the context of assumptions being used in respect of the same factors by other companies and the pensions industry more widely." (Babcock International Group PLC 2014 Audit and Risk Committee Report).
In relation to impairment of goodwill and assets, for example: "The Committee challenged the assumptions, particularly the discount rate and growth factors, used in the discounted cash flow calculations for each cash generating unit, the sensitivity analysis applied, and the projected future cash flows used to support the carrying values of the goodwill and intangibles and tangible assets." (Bodycote PLC 2014 Audit Committee Report).

Compliance
Compliance with UK regulatory, professional, and ethical standards is a major area of AC review. This activity is common in all the industrial groups except telecommunications industry where only 29% (Table 4) ACs report their review on compliance issue. AC reporting consists of actions taken to build assurance on the overall compliance function of firms. In the reviewing process, ACs ensure that appropriate compliance policies and procedures are observed. Most importantly, ACs confirm that the financial statements have been prepared and the clarity of disclosures are consistent with financial reporting standards and other financial and governance requirements. For instance, ACs frequently report that they have reviewed financial reporting obligations, tax contingencies, treasury policies, listing requirements, and compliance with anti-corruption policies. The least reviewed areas reported under AC review action include compliance in business ethics, customer due diligence, industry competition, data protection laws, and administrative settlements. Overall, ACs seek to ensure appropriate compliance culture is observed throughout the firm through examination of management's regulatory filing obligations.
"During the year, the Audit Committee reviewed and evaluated the clarity of disclosures and compliance with financial reporting standards and relevant financial and governance reporting requirements." (Compass Group PLC 2013 Audit Committee Report).

Fraud and crime
ACs play an active role in the detection and prevention of fraud and crime. However, as reported in Table 4, AC review of fraud and crime issues is less common in the financial (17%) and oil and gas (13%) sectors. The main functions of ACs are to ensure that the firm is running a successful fraud and crime prevention program, that there are sufficient controls in place to detect and identify the potential impact of suspected issues, and appropriate actions are executed against known perpetrators. ACs report actions taken related to fraud and crime. Generally, ACs gain understanding of fraud risks that could affect the organization, evaluate the fraud and crime controls, ensure a culture of accountability and integrity, and monitor fraud related regulatory issues in relation to the financial reporting such as revenue protection and misappropriation of assets. Particularly, in assessing the effectiveness of policies and procedures on fraud and crime matters ACs review anti-bribery, money laundering and anti-corruption policies involving feedbacks from the management to ensure minimum procedures are being followed and new training necessary to strengthen the policy implementation are undertaken.

Whistleblowing
Corporate governance codes require ACs of FTSE350 companies to oversee and monitor the whistleblowing processes (FRC, 2016). Compared to other industries, this activity is less common in financials industry. Whistleblowing is generally referred to as a "speaking up policy" that encourages employees, managers, customers, and other stakeholders of the organization to raise concerns in utmost confidentiality on "wrongdoings", malpractices or possible improprieties in the matters of financial reporting. The overall focus of ACs is on providing assurance that appropriate arrangements or controls are in place to run whistleblowing processes adequately and effectively. In reviewing whistleblowing processes, ACs review policies, procedures and effectiveness of the whistleblowing arrangements to raise and handle accusations. ACs also review whistleblowing processes to ensure they are consistent with best practice. In cases where the whistleblowing service have been outsourced, ACs receive reports from the service providers and review them to satisfy themselves that the procedures are properly followed, and appropriate actions have been taken on any independent issues raised during the period. ACs need to develop a safe channel (whistleblower protection mechanisms) through which employees and other parties who are aware of any malpractice can communicate their concerns.
"The Committee reviewed the effectiveness of the Group's whistleblowing procedure and approved the introduction, in 2014, of a third party-hosted whistleblowing reporting line in support of the procedure to facilitate anonymous reporting." (Croda PLC 2013 Audit Committee Report, p. 46).

Internal audit function
ACs are responsible for overseeing the internal audit function. As shown in Table 4, AC review of this function is most common among industrials businesses (95%) and least common among health care businesses (69%). ACs review the internal audit charter, mandate and performance and assist the board in ensuring adequacy of internal audit plans and resources. ACs mostly report their actions as reviewing to ensure the adequacy and effectiveness of the organizational internal audit program. They play an oversight role for the internal audit function by reviewing the policies and procedures together with reports, findings, resource allocation, and monitoring of action plans. Some ACs also report on meeting the head of internal audit to privately discuss matters related to internal auditors and operational issues. The overall purpose of the AC is to increase the quality of internal audit through reviewing its objectives, reporting channels, accountability, authority, compliance with regulatory standards, independence and objectivity.
"The Audit committee is required to assist the board to fulfil its responsibilities relating to the adequacy of the resourcing and plans of internal audit.
To fulfil these duties, the committee reviewed: internal audit's reporting lines and access to the committee and all members of the board; internal audit's plans and its achievement of the planned activity; the results of key audits and other significant findings, the adequacy of management's response and the timeliness of resolution; statistics on staff numbers, qualifications and experience and timeliness of reporting; the level and nature of non-audit activity performed by internal audit; and changes since the last annual assessment in the nature and extent of significant financial risks and the group's ability to respond to changes in its business and the external environment." (Associated British Foods PLC 2013 Audit Committee Report, p. 54).

Internal financial controls
ACs consider functions relating to internal controls and provide reasonable assurance to the board that they are adequately and effectively sustained throughout the organization. Internal controls are generally supported and monitored by the internal audit function. Although internal financial control is a frequent area of AC review, we find this activity is less common in consumer goods and technology companies compared to other industrial groups. To build assurance, ACs undertake routine reviews of the report generated by the management at various levels. They regularly discuss management actions relating to internal controls with the senior management including head of the audit, the head of the risk, and the chief financial officer. ACs ensure that the policies and procedures of internal controls function are consistent with the code of business ethics and relevant regulatory compliance. 5 Some ACs also report on reviewing the risks related to the potential override of internal financial controls by the management. Overall, ACs ensure that a robust internal financial control system is in place to efficiently support the business operations.

"As part of the Board's process for reviewing the effectiveness of the system of internal control, it delegates the following matters to the Audit Committee to be carried out during the year: review of external and internal audit work plans; consideration of reports from management, internal audit and external audit on the system of internal control and any significant control weaknesses; and discussions with management on the actions taken on problem areas identified by Board members, in internal audit reports or in external audit management letters."
(ALENT PLC 2013 Audit Committee Report, p. 64).

Risk management
In the absence of a standalone board-level risk committee, the AC is responsible for reviewing the effectiveness of risk management processes (FRC, 2012). Table 4 shows that except the oil and gas industry (71%), AC reporting on reviewing risk management activities is more than 80% in all the other industrial groups. ACs play a key oversight role in corporate risk management, especially those relating to effectiveness and quality of the financial reporting processes. We find ACs review policies, procedures and controls on risk management and make recommendations to the board. They monitor operational effectiveness of risk management processes and ensure that key risks are properly identified, assessed and reported. AC review includes the development and the output of risk registers, risk assurance matrices and risk heat-map. ACs also conduct in-depth review of business risk appetite and risk tolerance levels and make recommendations to the board. Furthermore, in reviewing non-financial risk management, ACs generally evaluate the management's assessments of ethical and reputational risks, risk of earnings manipulations, and technology risks. In most cases, we find ACs challenge the management on the relative priority of risks and consider the potential impact of the key risks and ensure that controls are in place to mitigate their impact. Overall, ACs aim to ensure that risk management processes are effective and consistent with organizational objectives and strategy, resulting in higher value to the shareholders.
"Reviewed the risk management activities undertaken in order to identify, measure and assess the Group's significant risks; reviewed and challenged the Group's significant risks identified by management in the Group risk map, and reviewed the effectiveness of the Group risk management framework as described…, and reports arising out of the risk management process; and monitored the Group's significant insurance arrangements and reviewed the Group's insurance broking arrangements." (Kazakhmys PLC 2013 Audit Committee Report, p. 69).

Appointments
Overview of the issues related to external auditor appointments is also a core area of AC focus. ACs review and make recommendations to the board on the appointment, reappointment, rotation, and removal of the auditors. They also investigate the risks associated with the withdrawal of the auditor from the market. AC recommendations What do audit committees do? Transparency and impression… on the appointment usually depend upon the quality control reports, level of business understanding, and the objectivity of the external auditor. ACs also review and agree the terms of reference, areas of responsibility, related duties and extent of audit as described in the auditor's engagement letter and determine the appropriateness of the remuneration of the external auditors in accordance with the authority given by the shareholders. In addition, some ACs report they review the reputation and standing of the external auditor.
"The Audit and Risk Committee reviewed each of these individual appointments on their merits, prior to PricewaterhouseCoopers being engaged. The process involved considering management's assessment of: which accounting firms had the appropriate experience and expertise to undertake the work; whether there were any conflicts of interest for PricewaterhouseCoopers LLP; whether the conflicts of interest that existed for other potential firms, who were either advising other parties to the transactions or were auditors of the other company, could be appropriately managed; and the quantum of non-audit fees in the context of the overall audit fee and relative significance to Pricewater-houseCoopers in the context of its total client fees." (London Stock Exchange Group PLC 2013 Audit and Risk Committee Report, p. 59).

Process of external audit
ACs are responsible for overseeing the activities and robustness of the process of the external audit in order to ensure that high standards have been maintained. Table 4 shows that expect telecommunication companies more than 70% ACs in other industries report on reviewing the process of external audit. We find ACs in our sample frequently report their activities and actions concerning the nature and scope of the audit and quality control procedures adopted by external auditors. A frequently reported area in AC reports relates to the materiality approach used by external auditors. ACs report that they review and discuss the materiality threshold used to ensure that it is consistent with the overall audit plan and regulatory guidelines and listing rules.
"Throughout the year the Committee receives reports from the auditors on their plans and the progress and results of their work. The Committee considers carefully the scope of planned work and the assessment of risk and materiality on which it is based. In particular the Committee reviews the audit fee arrangements to ensure that there is an appropriate balance between the scope of work and the cost of assurance. The Committee's aim is to support a robust and effective audit and strong reporting lines to the Committee." (ITV PLC 2013 Audit Committee Report, p. 80). Table 4 shows variations in the AC review of external audit effectiveness. Around 93% ACs of utility companies report their review of this activity compared to only 57% in telecommunication companies. ACs evaluate the performance of external auditors annually usually through survey, to get feedback from key stakeholders at various levels of the organization, covering areas such as audit quality, understanding of the business, and audit approach. In addition, ACs also review whether the external auditors have accomplished the agreed audit plan. In case of inconsistencies, ACs investigate variations. As part of the review process, ACs also consider reports on significant issues emerging during the course of the audit, performance evaluation of audit teams from independent businesses, and external audit quality reports such as reports from the FRC's Audit Quality Review Team. Furthermore, ACs assess the professionalism and competence of external auditors in handling significant accounting and auditing judgement and in building proper communication between the AC, the management, and the external audit team.

Audit effectiveness
"The Audit Committee considers and reviews the effectiveness of the external audit on an annual basis, reporting its findings to the Board as part of its recommendation. This process is supported by the completion of questionnaires by the Committee which include consideration of the audit partner, the approach, communication and reporting. The results of the questionnaires are reported to and discussed by the Committee. The Committee also considered the scope and planning of the external financial audit and assessed the effectiveness of the audit process, including a report on the audit firm's own internal quality control procedures. Additionally, the Committee received and reviewed the Financial Reporting Council's Annual Audit Quality Inspections Report. After taking into account the above factors, the Committee concluded that the external auditor remains effective." (Laird PLC 2013 Audit Committee Report, p. 62).

Potential threats
The review of potential threats to external auditing process is also a frequent area of AC focus. As shown in Table 4, we find lower variations in AC reporting of reviewing this activity. In overseeing the integrity of the overall external audit process, addressing potential threats to audit quality is a core aspect of AC reviews. ACs mainly seek to ensure that there are sufficient safeguards to secure the objectivity and independence of the external auditors and satisfy themselves with policies and procedures for addressing them. To gain assurance on the potential threats relating to external auditors, ACs generally review changes in the audit plan and consider reports from the auditors describing the arrangements to manage any potential conflict of interests. Relating to potential threats, ACs also review issues such as auditors' self-interests relating to financial or other corporate matters and investigate any management threats particularly when the audit partner or a member of the audit team makes decisions on behalf of the management. ACs oversee the appointment of external auditors for non-audit services. In reviewing and approving the scope of such services, ACs confirm that the independence and objectivity of the external auditor is not impaired. They also review and make recommendations on the ratio of audit and non-audit fees and monitor the work of those activities in order to ensure they are performed within the policy guidelines.
"As part of this review the Committee reviewed the potential threats to auditor independence as a result of: auditor self-interests, being those areas where the auditor may have a financial or other interest in the Company; auditor self-review, being areas where the results of non-audit services are reflected in the amounts included or disclosed in the financial statements; management threats, which may occur if partners or employees of the auditor take decision on behalf of management; and Other threats, such as familiarity and intimidation." (NMC Health PLC 2014 Audit Committee Report, p. 58).

From reviewing to investigating and outsourcing
The analysis in the previous section showed that ACs mostly review aspects of financial reporting, internal audit and external audit. Though not as common as reviewing, we find on occasions AC action extends to undertaking further investigation and/or outsourcing, i.e. seeking external advice on issues. In this subsection we further explore these two aspects of AC practice. In Table 5 we report the frequencies (% of observations) of AC actions relating to investigating and outsourcing and find a broad range of issues are covered.

Investigating
As discussed earlier in Sect. 3, most of the AC actions relate to undertaking of review but we do find evidence of ACs undertaking further investigations and/or outsourcing issues externally. Investigate (Table 5) refers to whether the AC when reporting on its review of, for example, financial statements (Table 5), mentioned in the AC report that they undertook some form of investigation in addition to their review. This could also be referred to as a next level of AC action after an ordinary review. In undertaking investigations, ACs involve themselves in matters requiring greater scrutiny. Specifically, this includes thorough analysis, probing or challenging the management on the robustness of the assumptions taken, verification of the procedures, and proposing new solutions. The decision to investigate usually depends upon the severity of issue and its related outcomes. As Table 5 shows four areas of AC monitoring activity that are most investigated are risk management (33.95%), valuation and impairment (28.86%), effectiveness (28.55%), and financial statements (28.09%). Whereas the least four areas that were further investigated are potential threats to the external audit quality (2.31%), going concern (5.09%), fraud and crime (5.40%), and issues related to appointment of the external auditors (6.94%).
Where considered appropriate ACs investigate the issues by challenging the assumptions used in valuation and impairment, probing the management on the consistency of using assumptions, particularly if any change or irregularity is observed, analysing past transactions, self-assessment of the key indicators of valuation and impairment issues. In some cases, ACs report that they investigate issues by challenging and probing management decisions before approving the application of accounting policies, judgement and estimates. Moreover, AC investigations in this area sometimes relate to the adequacy, clarity and completeness of financial statements.
In relation to internal financial controls, for example, we find ACs conduct investigations into matters relating to serious deficiencies, significant weaknesses, and noncompliance issues in the design or operation of internal controls. They also investigate issues relating to improprieties in financial reporting, fraud or other business misconducts, and the response of the management on these issues. In some cases, ACs refer some specific issues that are outside their expertise for independent advice from the external auditors. In addressing potential threats to audit effectiveness, ACs also report that they investigate whether there is demonstrable efficiency, audit enhancement, or cost benefits resulting from hiring the external auditor for non-audit services.
Similarly, in monitoring the external audit process ACs also report that they investigate any audit problems and issues raised during the course of the audit and response of the management. This includes any restrictions on the auditor activities, access to the requested information, or any disagreement between the external auditor and the management.
"The effectiveness of the external audit process is first assessed by reviewing delivery and performance against the External Audit Plan for the year, which includes the reports and updates provided to the Committee. An annual assessment is then carried out by the Committee, taking into account the results of questionnaires completed by each of the divisions and Group management. These questionnaires cover a variety of topics including: the audit partners and team; the planning and execution of the audit approach; and insights and added value provided by the audit process. Feedback from the annual assessment was shared with the external auditor so that any areas for improvement could be followed up. The Committee concluded that the external audit process was effective overall." (First Group PLC 2014 Audit Committee Report, p. 64).
ACs also investigate the overall risk management. Some ACs report on the investigation of internal audit matters by probing management or collecting additional information anonymously through questionnaires from financial and operational managers. In doing so, they seek to investigate and scrutinize the effectiveness of internal controls and ensure that it is well coordinated throughout the organization. In relation to fraud and crime, for instance, we find in some cases ACs undertake indepth examination of these issues. They investigate matters when there is a chance of suspected financial crime, accounting irregularities, serious breach in business conduct, inappropriate use of confidential information, improper use of assets, or falsification of company records. In addition to the review, ACs also investigate matters mostly relating to disputes such as tax, dividend payments and other areas involving management judgements, contingencies and provisions involved.

Outsourcing
We find ACs sometimes outsource, i.e., seek external input on issues relating to financial reporting, internal audit and external auditing. The most common types of outsourced parties include external auditors, financial analysts, forensic accounting experts, standard setters, actuarial experts, investment and valuation professionals, taxation authorities, and legal advisors. Table 5 shows the incidence of AC reporting (for example Row 2, Table 5) that as part of their review of financial statements ACs outsourced (i.e., sought information and or advice on). The four areas of activity related to which outsourcing occurred most are valuation and impairment (37.81%), financial statements (37.50%), compliance (32.56%) and internal audit function (20.99%). The least outsourced areas relate to external auditing.
AC actions also involve assistance from the external auditors or third-party experts. The inputs from the external parties give independent opinion on the suitability of accounting policies, judgements and estimates that have been adopted by the management. Sometimes this involves the valuation of risky assets such as derivative instruments that are held at fair value. 6 Moreover, often ACs seek external 6 The valuation of these assets is highly judgemental because of the factors such as nonexistence of liquidity market, immature partnership between parties, and the growth of partnership in developing countries. Thus, the estimation of future cash flows is highly subjective. In this case, ACs thoroughly review the approach used by the management to value derivative instruments. ACs consider number of valuation techniques with current and estimated market values and incorporating various quantitative and qualitative factors. support. This includes the professional advice from the external auditors, valuers and independent actuaries on valuation models. In addition, ACs also outsource and seek external input in assessing material accounting issues, unusual cases of accounting treatments. Interestingly, ACs are sometimes involved in meetings with external parties such as accounting standard setters or external auditors. Moreover, to support its reviewing and investigating actions, ACs prefer outsourcing some issues and seek input mostly from external auditors. Some ACs also report that they have engaged with UK's fraud and corruption regulatory bodies to conduct learning sessions on specific issues.
"Following the discovery of accounting irregularities, the Committee maintained oversight of the internal and external investigations and ensured that the scope of the work and remediation was appropriate." (RSA Insurance Group PLC 2013 Audit Committee Report, p. 65).
Moreover, to support organizational compliance function, ACs also engage in discussions with legal experts to get advice on current legal, competition and regulatory matters. Finally, in relation to risk management to support its risk oversight function, ACs seek input from external parties such as an advisory agency, financial analyst firms, and external auditors. This outsourcing action of ACs in risk management is generally linked with seeking independent assurance on risk management process such as risk assessment frameworks or areas requiring specific expertise such as hiring financial consultants to conduct rigorous stress testing or sensitivity analyses of risks.

Findings and implications
This paper focuses on examining AC reported actions to provide complementary insight to the literature that has largely focused on the relationship between AC characteristics and outcomes related to auditing and financial reporting. Our analysis of AC reported actions shows that ACs mainly undertake reviews relating to financial reporting, internal audit and external audit. Most of the reported actions tend to be descriptive of the process followed by ACs in discharging their oversight role. This is consistent with the view of corporate behaviour that is compliant with legislation and/or recommended best practice. AC reporting can be viewed here as being largely symbolic as there is limited evidence of ACs taking the opportunity to voluntarily provide explanations, which are beyond boilerplate and descriptive, of their actions and how that impacted internally on processes, for example, and helped improve the quality of auditing and financial reporting. Interestingly, we also find ACs do undertake further investigations into matters and occasionally outsource, i.e., seek the external independent input on some issues.
Our findings have a number of implications for both future research as well as practice. Our paper finds that most AC reports tend to focus on reporting areas of financial reporting, auditing and internal controls they have reviewed. Although AC investigations and outsourcing are less predominant compared with regular AC reviews, our findings suggest outsourcing and investigations can affect both auditing and financial reporting quality. Our paper highlights the importance of understanding the black box of ACs and paying attention to variations in activity which could impact on the quality of AC monitoring. From a policy perspective, regulatory efforts aimed at improving AC effectiveness need to be attentive to the role of boards and subcommittees in reviewing, investigating, and outsourcing as part of their monitoring activity.
Also, policy guidelines and ACs should recognise the potential for the use of AC reports to provide meaningful substantive information rather than providing boilerplate statements which do not provide much insight to the governance process and shed light on the black box of AC activities. Rather than engaging in symbolism, ACs can use their reports to signal the substantive activities they have taken and how they have contributed to improving reporting quality.

Limitations and research opportunities
Our paper provides only exploratory evidence recognising that AC reporting to shareholders has not been subject of much research. We did not explore the impact of the reported actions internally within the companies nor, for example, on audit quality and financial reporting. Our paper does not focus on causality. Also, our research does not extend to exploring whether what ACs say they are doing in their reports differs from reality. First, future research can extend our paper by focusing on what is and is not disclosed in AC reports. Research into AC effects generally does not make a distinction between ACs reviewing, investigating, and outsourcing. Our findings suggest this could be a fruitful avenue for further research and help in better understanding AC effects on auditing and reporting quality. Also, using quantitative approach and covering a large sample and period future research can investigate the incentives for ACs to report and how both governance and institutional characteristics affect AC disclosures. Qualitative research on what drives AC decisions to either investigate matters further or to seek external input and outsource some work to other professionals with particular expertise can also complement our insights and add to the literature on ACs.