As risk skyrockets, current and former CFOs are in demand for audit committees

Good morning. As audit committees confront a rapidly expanding risk landscape, their role in corporate governance is being reshaped. Boards have often turned to current and former CFOs as independent directors, particularly for audit committees, because of their ability to translate complex operational and financial realities into effective oversight.

For example, this month, J. Michael Hansen, former EVP and CFO of Cintas Corporation, was appointed to the audit committee at Paychex. In July, Britt Vitalone, EVP and CFO of McKesson Corporation, was appointed to the audit committee of Align Technology’s board of directors. And in November, Catherine Birkett, CFO of GoCardless, was named chair of the audit and risk committee at Twinkl.

I attended the launch event of the Institute of Internal Auditors’ (IIA) Global Audit Committee Center last week in Washington, D.C., which addressed the challenges and opportunities facing audit committees. The center is designed to be a resource to strengthen the alliance between audit committees of boards and internal audit in a fast-changing risk environment. It offers research, webinars, and events and will ultimately add formal training programs.

“The center has a very strong core belief—well-informed, engaged, and well-supported audit committees are essential to corporate governance,” said Anthony Pugliese, president and CEO of the IIA.

Pugliese emphasized that board audit committees need to turn to internal audit to truly understand what is happening inside an organization. The event drew members from across the U.S. and around the world, including Canada, Europe, Africa, Latin America, and the Middle East, with Abdullah Alshebeili, CEO of the Saudi Authority of Internal Auditors, in attendance.

CFOs, in particular, work with internal audit on risk assessment, internal controls, and audit readiness, and they share information on financial processes and control issues. Finance chiefs also communicate regularly with the board’s audit committee.

AI and analytics reshape how audit committees see risk

During a panel discussion at the event, Ann Cohen, CFO of the IIA, said audit committees are increasingly using AI and advanced technology to connect different types of risk—third-party, financial, operational, cyber, and regulatory. They are using analytics to surface anomalies and emerging risks earlier, support proactive oversight, and run “what if” analyses before risks materialize. “It allows us to be more responsive to risks and provide more robust assurance to stakeholders,” she said.

A major focus is “everyday AI,” said Sarah Francis of the EY Center for Board Matters. “I think audit committees are really also looking at, ‘How do we start to touch, feel, smell, and get used to the products that are out there?’” Directors, many of whom are active executives, are also thinking about how to deploy these tools effectively. “There have to be clear governance frameworks for AI and analytics,” she said, noting that prompts—and the people who craft them—matter. She highlighted the need for experts who can help frame broader questions around ethics within responsible AI frameworks.

Audit committees can and should engage with technology as they work toward a fully defined plan, commented Luke Whorton, executive search and leadership consultant at Spencer Stuart in the firm’s Financial Officer Practice. “How do you create a foundation, but one that’s agile and responsive, because it’s going to continue to change rapidly?” he asked.

“Audit committees need to be curious,” Cohen said. “They need to challenge management on their inputs, on their assumptions and their judgment, and on what they’ve embedded into their AI outputs.”

The committees that challenge assumptions and lean into technology, alongside strong partnerships with internal audit, could be well-positioned to safeguard trust in an uncertain world.

Sheryl Estrada
sheryl.estrada@fortune.com

This story was originally featured on Fortune.com