An effective audit committee sits at the heart of good corporate governance. As a committee of the board, it provides independent oversight of financial reporting, monitors internal control systems, and holds both management and the external auditor to account. When it works well, the audit committee protects stakeholders, strengthens audit quality, and reduces the risks facing the organisation.
This guide covers audit committee best practices for UK boards and audit committees, drawing on the UK Corporate Governance Code 2024, FRC guidance on audit committees, and what we see working in practice.
Roles and responsibilities of the audit committee
The audit committee is responsible for providing oversight and constructive challenge across several areas. Under the UK Corporate Governance Code, its core roles and responsibilities include:
- Monitoring the integrity of financial statements and ensuring they present a true and fair view
- Reviewing accounting policies, changes to accounting standards, and the judgements made by management
- Overseeing the external audit process, including auditor appointment, fees, and independence
- Monitoring the effectiveness of the internal audit function and internal and external assurance providers
- Reviewing the company’s risk management and internal control systems, including oversight of risks across the business
- Reviewing whistleblowing arrangements and reporting requirements
The committee needs a good understanding of the business to carry out these responsibilities effectively. Board members who sit on the committee should have the range of skills and knowledge needed to challenge management on significant accounting and reporting issues.
Composition: getting the right people
The audit committee should be composed entirely of independent non-executive directors. At least one committee member should have recent and relevant financial experience, and the committee as a whole needs competence relevant to the sector. The FRC recommends at least three members for premium listed companies.
Good practice suggests including:
- A chair with senior financial reporting or audit experience
- At least one member of the audit committee with deep sector knowledge
- Members who are genuinely independent and willing to challenge management
The audit committee chair should not also be the chair of the board. This is a basic corporate governance requirement under the governance code. Finding board members who combine independence, financial literacy, and sector knowledge is one of the hardest governance challenges, but it’s worth investing in. Performance measures for the committee should be reviewed annually.
The external audit and tendering
The relationship between the audit committee and external auditor is critical to audit quality. The committee should assess the effectiveness of the external audit each year and report on matters arising from the audit to the full board.
Good practice for working with the external auditor includes:
- Meeting privately with the external auditor at least once a year, without management present
- Reviewing the audit plan and ensuring it covers the right risk areas
- Challenging the auditor on their findings – don’t just accept the clean opinion
- Monitoring auditor independence, including non-audit services and partner rotation
- Using audit quality indicators to assess audit services delivered
On audit tendering, the committee should manage the tender process when rotation is due. A well-run tender ensures the company gets good value for money from its audit and assurance services. The 2024 code reinforces these requirements for premium listed companies, with mandatory tender at least every ten years.
Internal audit and internal control
The committee oversees the internal audit function (where one exists) and reviews internal control more broadly. The head of internal audit should report functionally to the audit committee, not to the CFO or CEO. This ensures internal audit operates at arm’s length from the management it reviews.
The committee should review the workplan, monitor follow-up on recommendations, and ensure that assurance resources are sufficient. For companies without a dedicated team, the committee should consider whether a function is needed and advise the board accordingly.
On risk management, look beyond financial controls. Cyber security, data protection, regulatory requirements, and supply chain risks all fall within the committee’s remit. The importance of risk management continues to grow as regulatory expectations increase. Understanding the company’s risk appetite helps the committee focus its scrutiny where it matters most.
Sustainability reporting and long-term value
Audit committees increasingly have responsibilities for governance of sustainability reporting. The committee should help them understand how climate and ESG disclosures are prepared, what external assurance is in place, and whether reporting meets current standards. This is a growing area where boards and audit committees need to engage with senior management and assurance providers to ensure credibility.
Meeting effectiveness and providing oversight
Committees that meet only three or four times a year need to use their time well. Practical steps include:
- Setting an annual calendar aligned with the financial reporting cycle
- Circulating papers at least a week before each meeting
- Allocating time for discussion, not just presentations
- Maintaining a rolling action log to track recommendations
- Conducting an annual review – including seeking audit committee chairs’ views on effectiveness
The committee chair plays a crucial role in managing the agenda and providing advice to the board. Effective oversight depends on the chair drawing out quieter members and ensuring difficult topics get proper airtime.
Reporting to stakeholders
The audit committee should report to the board after each meeting, highlighting significant issues and any concerns about financial reporting or audit quality. The committee’s responsibilities in relation to the annual report to ensure transparency include disclosures about director remuneration, audit fees, and significant judgements.
A clear, substantive committee report builds stakeholder confidence. Vague reporting that says nothing useful undermines the whole purpose. The best audit committees treat their annual report as a chance to demonstrate the value they add.
If your board is establishing or strengthening its audit committee, we can help with governance advice, external audit, and audit services that support effective oversight. Call us on 0161 832 4451 or request a callback.
