As securities regulators contemplate how to proceed with controversial internal-control reporting proposals, it turns out that issuers aren’t doing a particularly good job of complying with the modest corporate governance rules that are already in place.

The Canadian Securities Administrators has reviewed issuers’ compliance with the new audit committee rules and proclaimed their overall level of compliance “unacceptable.”

The rules, which took effect in most jurisdictions in 2004 and were amended in mid-2005, set out independence and competence requirements for audit committee members. They require that committees follow written charters that set out members’ responsibilities and impose disclosure requirements.

The Canadian rules mimic similar ones developed in the U.S. in response to corporate scandals. They are designed to encourage issuers to “establish and maintain strong, effective and independent audit committees,” with the ultimate goal of improving financial reporting and thereby enhancing investor confidence.

If the early results are anything to go by, issuers are doing a fine job of creating independent committees, but they are failing to ensure that the committees are also strong and effective.

In mid-2005, the CSA announced it would undertake a review of issuers’ compliance with the audit committee rules. The review involved a sample of 95 issuers of various sizes from different industries located in a number of jurisdictions. It included 40 senior Toronto Stock Exchange issuers, 23 smaller TSX issuers, 30 TSX Venture Exchange-listed issuers and two issuers that aren’t listed on either market.

Charters lacking

Of the firms in the sample, the regulators found that compliance with the independence and competence requirements was very good among TSX-listed issuers. (TSXV issuers aren’t required to meet these standards.)

Many firms, however, were not fully compliant with requirements regarding the responsibilities of audit committees. In other words, the committees aren’t doing the job the way the regulators believe it has to be done.

The review found that 36% of issuers were not in complete compliance with the rules’ committee responsibility requirements, in that many audit committees’ charters don’t impose all the tasks on the committee prescribed in the rules.

The larger TSX-listed issuers were slightly worse than the TSXV issuers in setting the full list of tasks for their audit committees. The CSA says 37% of TSX-listed issuers were not in full compliance, vs 34% of TSXV companies.

Flipping around the numbers, the CSA declared in its report on the review: “In our view, a 64% overall compliance level is inadequate.”

The CSA also concluded that the relatively poor level of compliance is apparently because “many issuers were either unaware of the provisions of the instrument or were at least unaware of its transition provisions.”

The CSA found that all sorts of items were left out of various firms’ audit committee charters. The most common omission was the responsibility to establish procedures for the handling of complaints and employee concerns about accounting or auditing matters. There were also omissions in the responsibility to review and approve the issuer’s policies for hiring partners and employees away from their auditors, both current and former.

Among the 23 smaller TSX issuers, the CSA found that five were not requiring their audit committee to oversee the work of the external auditor. Six firms were not demanding that the committee review the issuer’s financial statements, management discussion or quarterly and annual earnings press releases before they were issued. A further six firms were not asking the audit committee to satisfy itself that the review procedures for other financial information were adequate. Four venture issuers didn’t have an audit committee charter at all.

The CSA says several of the firms argued that their charters are in compliance despite the fact that specific elements were missing, because the responsibilities were nevertheless implied by other language in the charters.

Others insisted that the decision to assume certain responsibilities was left up to the discretion of their audit committees.

Neither position is acceptable to the CSA. It insists that compliance with the rule requires that all of the committees’ responsibilities must be clearly set out in a charter. Firms are not allowed to pick and choose which responsibilities they are going to take on.

With audit committees facing these increased demands, the direct costs of corporate governance are going up. In early January, executive search firm Spencer Stuart reported that fees for audit committee chairs were up about 10% in 2005, and that they have doubled over the past five years.

@page_break@While issuers were found to be doing a pretty poor job of investing their audit committees with the full set of required duties, the CSA found that compliance with the independence and financial literacy requirements was much better. Almost all, 92% of larger TSX issuers and 83% of smaller TSX issuers were found to have a fully independent committee.

Independent members

TSXV issuers are not required to comply with the independence requirements, and most of them do not. Yet the CSA found that about 31% of TSXV firms have fully independent audit committees, even though it isn’t required. The CSA says 41% have one non-independent director on the committee and 28% have more than one non-independent committee member.

In addition to the independence requirements, audit committee members at TSX-listed issuers also must be “financially literate.” Compliance here was good. The CSA didn’t find any committee member that doesn’t meet this test, even among the TSXV issuers.

Again, the CSA suggests, the firms that were found not to be in compliance with the independence requirements apparently didn’t understand the rule or they thought they had some discretion in the matter.

In each case in which a committee member was deemed not independent, it was because he or she receives indirect compensation from the issuer — generally because of being partners in a firm that receives fees from the issuer, such as law, accounting or consulting firms.

In one instance, the CSA reports, the firm recognized that a committee member didn’t meet the technical definition of independence in the rule, but decided that the director should nevertheless be considered independent. The CSA stresses that boards don’t have the discretion to make that determination.

The failure of issuers to ensure audit committee independence echoes some of the ongoing problems that audit firms have had in meeting the obligations imposed on them as part of the same effort to shore up investor confidence by ensuring auditor independence.

In a report issued this past December, the Canadian Public Accountability Board noted that audit firms have some work to do in ensuring that their partners and senior employees are sufficiently independent of their audit clients. It found that compliance with internal independence requirements among the audit firms was “startlingly poor” and deemed this “unacceptable.”

In cases in which the CSA found deficiencies with issuers’ audit committees, it reported that either the companies corrected them right away or pledged to do so. Nevertheless, the level of non-compliance with the rules has to worry the regulators. Not only does it deem overall compliance to be “unacceptable,” it added: “We were particularly concerned to learn that even the largest issuers, exempt TSX issuers, were not fully compliant.”

The CSA reiterated that it expects issuers to comply fully with the rules, and noted that it intends to conduct additional compliance reviews of issuers in the near future: “We will actively follow up on deficiencies identified in those reviews and will pursue appropriate remedies where we deem it appropriate.”

Beyond any future compliance or enforcement activity that could arise out of issuers’ failure to adhere to the rules, the bigger issue is how this “unacceptable” performance may impact the CSA in its deliberations over additional corporate governance rules.

It is still contemplating internal-controls reporting rules, for example. Many issuers have been harshly critical of the proposed rules, pleading that if the regulators insist on introducing them, the Canadian version should at least be more flexible than the U.S. rules.

Perhaps the fact that so many firms — in particular, so many senior firms — have failed to comply fully with the first set of corporate governance rules will give regulators pause for thought as they decide whether to implement a more flexible version of internal-controls reporting rules in Canada. IE