Abstract
Purpose
This paper aims to focus on the relationship between audit committees, external auditors and internal control systems (ICS) and strives to point out mutual influences between the instances to provide an integrated perspective for firms’ multilateral monitoring mechanisms. Furthermore, this study emphasizes the incorporation of sustainability and fraud considerations into the traditional roles of audit committees and auditors.
Design/methodology/approach
This structured literature review is based on 71 empirical-quantitative studies published in high-quality journals between 2005 and 2022. Considering the classification of ICS into ICS quality and internal audit function, the studies are analyzed with regard to audit committees’ and external auditors’ characteristics, divided into incentives and competencies, as well as their mutual relationships.
Findings
This study highlights a dynamic trilateral network of relationships between monitoring authorities and primarily shows that audit committees equipped with adequate competencies generate a substitutive effect for external auditors by reducing their efforts, whereas ICS quality serves as a possible mediator in this network of relationships. The establishment of an integrative three-party coalition of competent and adequately incentivized monitoring parties is essential to guarantee sufficient and appropriate ICS and overall corporate governance quality.
Practical implications
The findings should prompt legislators and firms to ensure a deeper collaboration between audit committees, internal auditors and external auditors to generate synergy effects and economies of scale within the integrative monitoring process. Legislators should develop stricter requirements for competencies of audit committees and auditors. These should include a holistic triad of sustainability, fraud and digital expertise as well as mandatory forensic procedures performed by all monitoring bodies.
Originality/value
The authors contribute to prior research by highlighting the importance of an integrative three-party coalition of monitoring authorities to ensure corporate governance quality and to generate synergy effects within a dynamic multilateral monitoring process. Furthermore, the authors offer cutting-edge implications by stressing the need for consideration of sustainability and fraud aspects in the traditional work and profiles of audit committees and auditors.
Keywords
Citation
Wehrhahn, C. and Velte, P. (2024), "The relationship between audit committees, external auditors, and internal control systems: a literature review and a research agenda", Journal of Financial Reporting and Accounting, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/JFRA-05-2024-0312
Publisher
:Emerald Publishing Limited
Copyright © 2024, Christoph Wehrhahn and Patrick Velte.
License
Published by Emerald Publishing Limited. This article is published under the Creative Commons Attribution (CC BY 4.0) licence. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial & non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this licence may be seen at http://creativecommons.org/licences/by/4.0/legalcode
1. Introduction
Multiple financial scandals in the past decades (e.g. Enron or Wirecard) have led to damaged public trust in firms, their monitoring mechanisms and the corresponding monitoring bodies (Rezaee, 2005). Because of the Enron scandal, the US regulator set international standards with the implementation of the Sarbanes-Oxley Act (SOX, 2002), establishing disclosure and auditing requirements regarding internal control systems (ICS) of US-listed firms; this law was a catalyst for other international legislators (DeFond and Francis, 2005). Within the adequate monitoring of ICS, audit committees and auditors play a significant role by ensuring financial reporting quality (Li and Liu, 2024) and consequently by preventing potential misconduct and corporate scandals. Due to this increased relevance, we focus our literature review on audit committees and auditors and analyze the effects of their individual characteristics on ICS quality and vice versa. This research focus is of great importance, as existing literature and legislation mainly relates solely to the bilateral cooperation between audit committees and external auditors (Inaam and Khamoussi, 2016). The role of internal auditors within this relationship is often considered subordinately or merely within a bilateral relation (Kotb et al., 2020).
Using principal agent theory (PAT) (Jensen and Meckling, 1976; Ross, 1973) and considering described gaps within existing literature, we aim to reveal mutual influences between audit committees, external auditors and ICS to provide an integrated perspective for firms’ multilateral monitoring mechanisms. In addition, we strive for insights with regard to incorporating sustainability and fraud considerations into the traditional roles of audit committees and auditors. Consequently, we derived the following research questions (RQs):
What influence do audit committees’ competencies and incentives have on ICS quality?
What influence does ICS quality has on audit committees’ competencies and incentives?
What influence do external auditors’ competencies and incentives have on ICS quality?
What influence does ICS quality has on external auditors’ competencies and incentives?
In contrast to prior literature, we make the following main contributions to prior research. First, to guarantee an adequate comparability, we rely on post-SOX empirical-quantitative research on the relationship between audit committees, external auditors and ICS quality, stressing the need for a specific literature review of these multilateral relationships. Placing the focus on the post-SOX era is important, because this law generated fundamental corporate governance regulations for the auditing parties and necessitated mandatory disclosure of internal control weaknesses (SOX, 2002). Second, we show a clear structure of included variables for each monitoring institution and illustrate their mutual relations. This is of great importance because the existing post-SOX literature and legislation mainly pertain solely to a bilateral cooperation (mainly between the audit committee and the external auditor; Malik, 2014) without any integration of the ICS. Third, we develop an integrative research framework to stress synergies between audit committees, external auditors and ICS to generate efficiency and effectiveness benefits. We list and structure the various audit committee, auditor and ICS variables and deduce limitations and recommendations for future research to guide researchers for innovative designs.
Our review of 71 empirical quantitative studies stresses a dominance of US studies and relies on established processes (Denyer et al., 2008). We highlight a dynamic trilateral network of relationships between the monitoring authorities and primarily indicate that the audit committee’s incentives and particularly their competencies have a positive effect on ICS quality. Within the category of competencies, the audit committee’s expertise, experience and size represent the primary influence factors (Weickgenannt et al., 2021). Moreover, an increased ICS quality clearly affects the external auditor’s competencies and particularly their incentives, leading to decreases in audit fees, audit delay, auditor rotation and improved auditor reporting (Hogan and Wilkins, 2008). Consequently, an audit committee equipped with high competencies generates, over the path of ICS quality, positive effects for external audits. In addition, also other directions of effects within the focused monitoring triangle are possible, even though they indicate not as homogeneous findings as previously mentioned direction. For instance, likewise experienced (Bedard et al., 2009) and competent (Haislip et al., 2016) external auditors can affect ICS quality and thereon create relieving effects for audit committees. The results of our research make a practical contribution to the prior literature as they can raise the firms’ awareness of the economic benefits of specific competence staffing and of appropriate incentives of the monitoring bodies. This refers not only to the parties’ capabilities with regard to the monitoring of financial reporting but also to the incorporation of sustainability and fraud considerations within their traditional roles. Furthermore, our findings should motivate legislators, firms and monitoring bodies to increase the collaborative behavior of audit committees, external auditors and the ICS to generate synergy effects and economies of scale within the monitoring process.
We structured our literature review as follows: First, we present an agency-theoretical, a normative and a research framework (Section 2). Second, we explain the main steps of our data selection process (Section 3) and proceed to highlight the findings and key results of our literature review (Section 4). Then, we discuss limitations and recommendations for future research (Section 5) and end with a summary of our literature review (Section 6).
2. Theoretical basis and research framework
As most included studies focused on the PAT (Jensen and Meckling, 1976; Ross, 1973), we also relied on this theoretical framework (Goh, 2009; Hoitash et al., 2009; Mitra et al., 2015; Khlif and Samaha, 2016; Pérez-Cornejo et al., 2019; Eulaiwi et al., 2022). According to the PAT, both audit committees and external auditors represent monitoring and bonding parties (Chow and Rice, 1982). Both authorities reduce conflicts of interest and asymmetric information between management and investors that would otherwise result in moral hazards and self-serving activities (Jensen and Meckling, 1976). To reduce such agency conflicts, ICS including the internal audit function support boards of directors (Cohen et al., 2004). Although management is obliged to ensure appropriate ICS, these systems are supervised and influenced by internal auditors, audit committees and external auditors. According to the double-tier PAT (Tirole, 1986) audit committees as agents of shareholders are responsible for supervising the executive directors. Thus, audit committees are also interested in sufficient ICS, as they contain monitoring activities and value drivers for the top management itself (Zahra et al., 2007). To appropriately monitor existing ICS, the audit committee needs to be equipped with adequate competencies. Competencies such as the audit committee’s expertise, experience and size enhance ICS quality (Hoitash et al., 2009) and contribute to reducing agency conflicts. Although the external auditor is a gatekeeper for shareholders (Kraakman, 1986), this party also supports the audit committee, e.g. relating to financial reporting. As an agent for shareholders and the audit committee, the external auditor’s competencies and incentives also influence ICS and vice versa. Due to mutual relations between the instances, they can affect each other such that high-quality ICS influenced by the audit committee may lead to better efficiency and effectiveness of external audits. Consequently, audit committees, internal auditors and external auditors are economically acting agents (Antle, 1982). They may violate the independence rules by forming a coalition with the board of directors, leading to disadvantages for the shareholders. Consequently, further principal agent conflicts between the parties arise and a mutual multi-stage monitoring becomes necessary to reduce those conflicts, leading to possible doubled work and inefficiencies within the monitoring and auditing process.
These agency-theoretical assumptions have also been included in several regulatory reform initiatives of corporate governance during the past decades. Fundamental regulations according to the SOX 2002 should strengthen corporate governance quality and include regulations for audit committees (e.g. SOX Section 301, 2002) and external auditors (e.g. SOX Section 204, 2002). Among other rules, the SOX requires listed corporations to disclose whether audit committees have at least one financial expert (Bilal et al., 2018) and to include fully independent members. The SOX also extended the setup and monitoring requirements for ICS, leading to extended audit requirements for external auditors [e.g. SOX Section 404(b), 2002].
On this theoretical and normative basis, we develop a research framework to structure the main characteristics of audit committees, ICS and external auditors (Figure 1). For the structure of the characteristics, we rely on the existing framework for external auditors by DeFond and Zhang (2014) and adapted the framework for all parties by dividing the research proxies into incentives and competencies. We structure the ICS variables into disclosure of internal control weaknesses, remediation of internal control weaknesses and others. Similar to other studies (Chalmers et al., 2019), we interpret the ICS quality of firms with disclosed internal control weaknesses as low. However, successful remediations of internal control weaknesses indicate high ICS quality. Due to our expanded view of ICS and in contrast to ICS in a narrow sense, we included the very few studies dealing with enterprise risk management (ERM) systems and compliance management systems as “other proxies”. Only very few quantitative studies exist on the influence of internal auditor characteristics on ICS quality and vice versa (Mazza and Azzali, 2015). This is mainly because the internal audit function is often seen as a part of ICS (Eulerich et al., 2015) due to its involvement in designing, implementing and executing the internal controls. For this reason, we included the internal audit function in the ICS within our framework.
3. Research methods
We conduct a systematic literature review of empirical articles examining the relationship between audit committees, external auditors and ICS. To perform our systematic review, we relied on established processes (Denyer and Tranfield, 2009; Denyer et al., 2008; Seuring and Müller, 2008) and followed a structured approach (e.g. similar to Elmarzouky et al., 2024; Ashrafi et al., 2020; Tseng et al., 2020) (Figure 2).
3.1 Search method and criteria for including studies
First, we clarified our research objective to set criteria for including studies in the review. Compared to prior literature reviews in ICS research (Cohen et al., 2004; Schneider et al., 2009; Asare et al., 2013; Chalmers et al., 2019), this review focuses on the relationship between audit committees, external auditors and ICS. Second, we identified the core theory (PAT) in the research field based on our knowledge of previous studies. Third, we searched within international databases instead of predefining journals: Google Scholar, Web of Science and Social Science Research Network. Due to described criteria for including studies, our search string encompassed the following relevant keywords: “internal control(s)”, “risk management”, “risk management system”, “internal audit function”, “internal audit(s)”, “audit committee(s)”, “external audit(s)”, “audit(s)”, “corporate governance” and related terms.
3.2 Criteria for excluding studies and final sample selection
As a fourth step, we set the exclusion criteria. We did not restrict the country of origin of the studies but focused on publications that have at least one year of their sample period after the implementation of the SOX rules on audit committees, external auditors and ICS. Despite significant studies within pre-SOX period (Krishnan, 2005), a focus on post-SOX period is important because there is a lack of comparability between pre- and post-SOX studies due to the substantial regulatory changes in 2002 including fundamental reforms for the audit parties and mandatory disclosure of internal control weaknesses. We limited the search to quantitative empirical studies as the dominant research method and our focus on finding economic relations between individual variables. Besides a few experiments and partial use of surveys, most of included studies are archival based. Only studies that were published in English journals listed in two well-known journal rankings [“Academic Journal Guide 2021” or “Australian Business Deans Council (ABDC) 2022 list”] were considered. We focused on articles in which at least one dependent or independent variable is to be related to ICS quality together with either audit committees and external auditors and did not accept articles that included other variables. Fifth, we scanned the titles of the articles within a precursory analysis, and on this basis, we decided which abstracts to read. We excluded articles that matched our exclusion criteria. In a next step, we scanned the theory and method sections of the remaining articles and, again, eliminated studies that matched the exclusion criteria. The screening process resulted in a final sample of 71 studies. An overview of the final sample, organized by publication year, country and journal, can be found in Table 1. The dominance of the US setting should be noted. Sixth, we analyzed the studies according to the relevant variables and matched them to our previously developed framework. Significant findings, the corresponding influence direction and an integrative research perspective were the focus of this review. The separate process steps including the corresponding work performed are shown in Figure 2.
4. Findings
4.1 Influence of audit committees’ competencies and incentives on internal control systems quality (answering RQ1)
The studies indicate that both the audit committee’s incentives and in particular their competencies have a predominantly positive effect on ICS quality. Within the category of competences, audit committee’s expertise generates an especially positive impact on ICS quality. Financial expertise (Zhang et al., 2007 [1]) and also other types of expertise such as accounting expertise (Lisic et al., 2019), industry and legal expertise (Sterin, 2020) or information technology (IT) expertise (Ashraf et al., 2020) lead to higher ICS quality in form of a lower number or probability of internal control weakness disclosures or remediations of prior weaknesses. Furthermore, the audit committee’s experience (Weickgenannt et al., 2021), size (Munsif et al., 2013) and total quality as a measure of audit committee factors (Almaqoushi and Powell, 2021) improve ICS quality. Heterogeneous results exist for audit committee’s meeting frequency and diversity. Although some studies indicate a positive effect of a higher meeting frequency (Khlif and Samaha, 2016) on ICS quality, others show opposite results (Krishnan and Visvanathan, 2007). Furthermore, studies (Chen et al., 2016a, 2016b) stressed that a more diverse audit committee (e.g. higher proportion of females) leads to higher ICS quality. However, Ashfaq and Rui (2019) stressed a negative effect of audit committee diversity on internal control disclosure.
Within the category of incentives, we find many different factors on ICS quality. On the one hand, the audit committee’s independence improves ICS quality either through better remediation of prior internal control weaknesses (Goh, 2009) or through enhancing ERM system quality (Pérez-Cornejo et al., 2019). On the other hand, the independence of audit committee’s chair leads to either better (Ashfaq and Rui, 2019) or weaker (Michelon et al., 2015) internal control disclosures. Remediations of internal control weaknesses were also more likely if the chair of the board also serves on the audit committee (Johnstone et al., 2011). Multiple audit committee directorships (Cheng et al., 2019) and the fact that the corresponding audit committee membership is the largest (Khoo et al., 2020) improves ICS quality. Furthermore, social ties between the audit committee and the chief executive officer (Bruynseels and Cardinaels, 2014) as well as audit committee turnover (Johnstone et al., 2011) lead to higher ICS quality. Heterogenous results exist for the audit committee’s stock compensation and ownership. Although a greater percentage of audit committee shareholdings of firm stock is positively associated with the remediation of internal control weaknesses (Johnstone et al., 2011), audit committees with stock option plans are associated with internal control weaknesses (Cullinan et al., 2010) and thus weaker ICS quality. Moreover, results indicate that audit committee’s shareholding has a significant negative relationship with internal control disclosure (Ashfaq and Rui, 2019).
4.2 Influence of internal control systems quality on audit committees’ competencies and incentives (answering RQ2)
Results from the very few existing studies on the influence of ICS quality on audit committees indicate that low ICS quality leads to higher audit committee turnover (Johnstone et al., 2011). Furthermore, firms with a weak ICS quality show greater improvements in audit committee’s independence, accounting financial expertise and size compared to control firm without internal control weaknesses (Goh and Li, 2013).
4.3 Influence of external auditors’ competencies and incentives on internal control systems quality (answering RQ3)
The findings of relevant research papers show predominantly heterogenous results on the effect of external auditor’s competencies and incentives on ICS quality. Within the category of competencies, auditor’s size, expertise and experience has been researched most frequently. Although some studies indicate that a larger audit firm size leads to greater material weakness disclosure (Bedard et al., 2009), other studies show the opposite effect (López et al., 2013). Furthermore, there is evidence that audits performed by Big 4 audit firms lead to higher internal control quality (Khlif and Samaha, 2016) but also to a lower likelihood of internal control weakness remediation (Chan et al., 2009) and higher compliance costs (Krishnan et al., 2008). Regarding external auditor’s expertise and experience, industry expertise (Stephens, 2011) and auditor’s section 404 experience (Bedard et al., 2009) lead to greater material weaknesses disclosure. This effect demonstrates that specialized and experienced auditors are more likely to identify internal control weaknesses. In addition, auditor’s IT expertise (Haislip et al., 2016) implicates a greater likelihood of material weakness remediation.
Regarding the incentives of external auditors, the effect of (non) audit fees as well as auditor tenure and rotation on ICS quality was studied most frequently. Although unexpected audit fees are significantly associated with material internal control weaknesses (Albring et al., 2018), firms with increased nonaudit fees due to purchased tax nonaudit services have an improved internal control quality (De Simone et al., 2015). Furthermore, higher auditor independence is also a determinant of internal control weaknesses (Zhang et al., 2007 [2]) or early warning of internal control deficiencies (Hermanson and Ye, 2009).
Within the category tenure and rotation, existing research indicates that firms with a longer client-auditor tenure have lower incidence of internal control weaknesses (Chen et al., 2016a, 2016b), whereas more auditor changes characterize firms that report internal control weaknesses (Krishnan and Visvanathan, 2007). Moreover, firms engaging new auditors are more likely to remediate their internal control weaknesses effectively (Liu and Huang, 2020) or are more likely to receive an improved report of internal control over financial reporting (Ettredge et al., 2011).
4.4 Influence of internal control systems quality on external auditors’ competencies and incentives (answering RQ4)
Prior research results on the effects of ICS quality on the external auditor’s incentives and competencies are rather homogeneous. This mainly relates to the influence on the external auditor’s incentives. The most frequently researched categories within auditor’s incentives are (lack of) audit fees, the auditor–client relationship, tenure and rotation. Auditor independence, which is included in the (lack of) audit fee category, has also been researched in some studies but only in terms of the influence of external auditors on ICS. Results indicate that a higher ICS quality significantly reduces audit fees (Hoitash et al., 2008; Lu et al., 2011). Higher ICS quality also leads to reduced audit hours or audit delays (Gontara et al., 2023 [3]) and thus improves the auditor–client relationship. Furthermore, high ICS quality extends audit tenure or reduces auditor rotation (Ettredge et al., 2011).
Within the category of competencies, high ICS quality through fewer internal control weaknesses generates a positive effect on auditor reporting by decreasing the likelihood for modified audit opinions (Elder et al., 2009) or going-concern audit opinions (Jiang et al., 2010). Moreover, higher ICS quality reduces the effort of external auditors by decreasing the extent of evidence necessary for testing the operating effectiveness of compensation controls or the level of precision needed in a compensation control to prevent or detect potential material misstatements (Gramling et al., 2010).
4.5 Concluding remarks on the interplay of audit committees, internal control systems and external auditors
In summary, the audit committee’s characteristics have, over the path of ICS quality, an indirect effect on the external auditor’s characteristics and vice versa. Consequently, predominantly audit committees with high competencies generate a positive effect on external audits by reducing audit fees, audit delays and auditor rotation. This substitutive impact (Malik, 2014) of an adequately equipped and well-incentivized audit committee can relieve external auditors by reducing their effort, whereas the ICS serves as a possible mediator in this network of relationships. However, the relieving effect will become apparent with a time lag, particularly after first-time adoption. Due to dynamic relationships within this triangle of monitoring authorities (Figure 3), also other directions of effects are possible, even though they show not as homogeneous results as previously mentioned direction. For instance, likewise experienced and competent auditors can achieve relieving effects for audit committees via improved ICS quality. These reflections indicate that firms should be interested in equipping their audit committees and auditors with comprehensive competences (e.g. financial expertise) to reduce agency conflicts and generate benefits.
In this respect, audit committees will coordinate (Jun Lin et al., 2008) the monitoring activities of internal and external auditors more closely to generate advantages for all three instances. A cooperation of these monitoring parties promoted by audit committees (Velte, 2017) to make use of synergy effects (e.g. by mutual relief through competence sharing or shared efforts within separate audit procedures) and economies of scale requires sufficient and appropriate competencies and incentives of the involved parties. Due to the interdependences of competencies and incentives (DeFond and Zhang, 2014) of these parties, the connectivity is important to achieve such added value within this multilateral relationship. The establishment of an intensive three-party coalition could achieve a doubled support by external and internal auditors for the audit committee (Cohen et al., 2004; Cohen et al., 2010) that could lead to improved corporate governance quality and reduced agency problems.
4.6 Findings’ connection to a research agenda
As evident from the findings presented in Sections 4.1–4.5, the results of the included studies predominantly focus on the traditional role of the entities responsible for monitoring financial reporting. However, this reveals significant research gaps concerning nonfinancial reporting, particularly regarding the integration of sustainability and fraud considerations within the interrelationships of the involved parties. For instance, similar to financial expertise (Zhang et al., 2007), the presence of sustainability expertise within the audit committee could possibly enhance the quality of an ICS that incorporates sustainability aspects. This, in turn, could lead to benefits such as reduced audit fees (Krishnan et al., 2008 regarding audit fees for financial reporting) for with respect to external audit of the sustainability report. Moreover, corresponding monitoring authorities frequently encounter challenges related to (management) fraud, which must be addressed to ensure the integrity and quality of nonfinancial reporting. In alignment with the practices of authorities with specialized IT expertise (Ashraf et al., 2020), e.g. enhancing the forensic accounting education of involved parties could lead to improvements in the quality ICS, thereby benefiting the overall monitoring process.
5. Limitations and recommendations for future research
Based on this review, several limitations and recommendations for further research can be formulated. Recommendations cover both content and methodology to encourage future researchers to rely on a developed research framework and gather more comprehensive results concerning the integrative influence of monitoring authorities on ICS and vice versa. In the following, we concentrate on sustainability and fraud aspects and the need for more moderator and mediator analyses as major identified research gaps in our literature review.
5.1 Sustainability aspects
The historical duty of audit committees is to supervise the financial reporting process, including the related ICS and the cooperation with external auditors (Klein, 2002). However, in addition to financial risks, environmental and social risks also have a great impact on ICS and vice versa (Su et al., 2022) and affect the corresponding monitoring bodies. Already existing frameworks and regulations (e.g. sustainability reporting standards by the Global Reporting Initiative [GRI] or the Nonfinancial Reporting Directive [NFRD] issued by the EU) motivate the involvement of all three parties in corporate sustainability issues. As audit committees need to supervise not only financial but also corporate social responsibility (CSR) reporting, they should closely interact with internal and external auditors. Both internal and external auditors support the ensuring of the related sustainability data but also need to be coordinated and monitored by audit committees. Furthermore, new global sustainability reporting standards by the International Sustainability Standards Board (ISSB) stress the responsibilities of the monitoring institutions. These new standards mainly rely on the environmental, social and governance (ESG) concept and thus require specific disclosure on the interaction between audit committees, ICS and external auditors due to corporate environmental and social goals. In addition, region-specific regulators also implement stricter sustainability reporting rules (e.g. the EU Corporate Sustainability Reporting Directive [CSRD] or the US climate disclosure rules developed by the Securities and Exchange Commission). We also stress the increased regulations due to corporate sustainability due diligence related to sustainable value chains of the firms in many countries recently. The ICS must include these requirements for an adequate and sustainable supply chain management.
Due to these regulatory initiatives, ICS and the cooperation of audit committees and auditors need to be expanded in several respects. First, ICS need to be expanded to include advanced ESG matters. Second, it needs to be ensured that the contents of ESG reports are correctly disclosed and linked with management systems. Third, as CSR assurance is not automatically linked to professional accountants, the pros and cons of selecting the existing financial auditor for CSR assurance have to be evaluated (Cohen and Simnett, 2015). For these reasons, advanced requirements for the incentives and competency profiles of audit committees and internal and external auditors do exist. Although top management must ensure the appropriateness of ICS, the internal audit function (De Simone et al., 2021) has a major impact on realizing a sufficient quality of ICS. An effective internal audit function needs to be equipped with extended competencies (e.g., sustainability expertise) and increased resources to fulfill a pivotal function within the process of increased ESG requirements (Aureli et al., 2020).
Although few research results (Oussii and Boulila Taktak, 2018) indicate that expertise within the internal audit function generates a positive effect on ICS quality, we still know very little about the internal audit function and ESG aspects (Tumwebaze et al., 2022). Furthermore, a few research results show that audit committee characteristics contribute to ensuring high sustainability (Zaman et al., 2021). Among others, the audit committee’s sustainability expertise has a positive impact on the readability of integrated reports as an interaction of material financial and ESG information (Velte, 2018). Further results indicate that specific auditor characteristics (e.g. size and audit fees) have a positive influence on CSR disclosure (e.g. Pucheta-Martínez et al., 2019) and that clients’ CSR involvement can have different effects on the quality of internal control audit opinions (Blanco et al., 2024). However, we know very little about the impact of sustainability expertise within audit committees as well as audit teams on ICS quality, particularly regarding the described ICS sustainability expansion. Such increased expertise is needed to fulfil existing and upcoming corporate sustainability requirements and thus can improve ICS quality, e.g. to ensure the appropriate content of mandatory CSR disclosures and related management processes.
Overall, we recommend innovative research designs that emphasize an integrated perspective by considering both ICS, including internal auditors, as well as audit committee and external auditor factors with a focus on prior (e.g. GRI or EU NFRD) and new requirements for sustainability reporting (e.g. EU CSRD or ISSB). This design should include mixed research methods. Following other authors that used qualitative methods in audit committee and audit research (Rakipi and D’Onza, 2024), the required data can be collected through questionnaires or interviews. The experts should report on how they deal with upcoming sustainability regulations and what consequences they expect in comparison to existing requirements. Possible consequences could comprise aspects such as changes in personnel profiles and equipment, employee training or legal responsibility. The types of the individual’s expertise (financial, industrial and sustainability), their independence and the type of relationship with each other auditing parties (complementary or substitutive) should also be considered within this exploration. The collected data or parts of it could be transformed into quantitative data and evaluated with regression analyses (Ackermann, 2017). In this way, future researchers may find new results concerning how monitoring authorities can relieve each other with a view to advanced ESG requirements within high-quality ICS and a sufficiently lean auditing process.
5.2 Fraud aspects
The ESG concept assumes sufficient corporate governance mechanisms, as governance (G) constitutes the basis for successful future environmental (E) and social (S) strategies. However, corresponding monitoring authorities are often confronted with (management) fraud issues that must be prevented to provide sufficient ESG quality. Although little research stresses the impact of audit committees or auditors on fraud events (Khoufi and Khoufi, 2018), there is a strong need for a more detailed analysis of fraud events (often used as a dummy variable), not only related to external auditors (Trompeter et al., 2013) but also in combination with audit committees and the internal audit function (Velte, 2023b). This is of great importance because all auditing parties are responsible for fraud prevention and have also been involved in cases of top management fraud (Zahra et al., 2007).
In this regard, we recommend future researchers to focus on digitalization and big data techniques (e.g. artificial intelligence, data mining or other advanced data analytics) within monitoring and auditing activities of audit committees and internal and external auditors to find new insights for a more efficient and effective (top management) fraud prevention. Although Eilifsen et al. (2020) stressed that the use of audit data analytics is still relatively limited in practice, these techniques are important within fraud detection because they enable the authorities to recognize critical contents (e.g. critical posting combinations) in an efficient way. Authorities equipped with IT expertise (Ashraf et al., 2020) can use these advantages even better and may increase overall monitoring quality. In addition, we encourage researchers to address the forensic accounting education (Tiwari and Debnath, 2017) of the involved auditing parties.
Yet, it is challenging to find sufficient fraud measures in archival research because fraud events are rather rare in firms’ practice (Velte, 2023a). Although alternative measures such as the presence of fraud charges under regulatory interventions (Karpoff et al., 2017) are limited due to a low number of applied studies, future researchers should use alternate methods to generate findings, e.g. the use of automatized textual analyses with Python. Similar to the abovementioned sustainability issues, we recommend researchers lean on existing studies of fraud detection and prevention techniques (Eilifsen et al., 2020) and collect qualitative data via questionnaires or interviews with experts. The participants should report about their individual forensic accounting knowledge (inclusive IT expertise), their self-used fraud preventing and detecting methods and the proportion of digitalization and big data techniques within these methods. Furthermore, they should estimate both their own perceptions of responsibility within fraud prevention and detection as well as the perceptions of responsibility of other auditing parties. Information deficits that could arise though bias problems should always be considered within the evaluation of collected data. These variables should be included into quantitative designs to analyze potential determinants or consequences of those corporate governance factors. On this way, future researchers could elaborate the intersections of the auditing body’s knowledge, methods, tools and perceptions for a collaborative and efficient fraud prevention in terms of high-quality ICS.
5.3 Mediator and moderator analyses
Finally, we stress the need for more moderator and mediator analyses. As audit committees and external auditors represent interdependent monitoring authorities, it would be of great interest to analyze the impacts of various mediator or moderator variables on ICS quality (inclusive sustainability aspects). For example, audit fees or auditor size can cause a moderating or mediating effect on the audit committee’s positive influence on ICS quality. On the other hand, an audit committee’s characteristics such as independence or expertise could also represent moderators or mediators for the interaction of external auditors and ICS quality. Within the review we note very few studies that include such analyses. For example, Ashfaq and Rui (2019) included audit firm size as a moderator on the interrelation between audit committee quality and ICS, whereas Li and Li (2020) used audit committee tenure or gender diversity as moderating variables. Michelon et al. (2015) included the regulatory environment as a moderator, whereas Lisic et al. (2016) examined the moderating effect of chief executive officer power within their research on audit committee effectiveness and ICS quality. Eulaiwi et al. (2022) implemented the existence of lawsuits or anti-fraud policies as moderator variables within an examination of the effect of whistleblower governance on audit fees. Pérez-Cornejo et al. (2019) represents the only study in our review with a mediator variable; the authors analyzed the mediating effect of ERM system quality on the relationship between audit committee characteristics and corporate reputation. Due to this lack of studies, we encourage future researchers to include additional moderator and mediator variables within the research on the multilateral relationships of the three auditing parties. These variables should comprehend the individual competencies or incentives of the parties.
6. Discussion
6.1 Summary
We conducted a systematic literature review of 71 empirical-quantitative studies on the link between audit committees, external auditors and ICS based on an agency theoretical framework. Although PAT assumes that audit committees and external auditors represent monitoring and binding authorities (Chow and Rice, 1982) to reduce agency conflicts, ICS including the internal audit function also represent a significant factor. The characteristics of those monitoring bodies are of great importance to prevent such conflicts within a mutual multi-stage monitoring process. Our motivation to conduct this literature review on these monitoring authorities was to develop an integrative research framework and demonstrate the need for collaboration between the instances to increase overall corporate governance quality through synergies within a multilateral monitoring process. Furthermore, we aimed to sensitize incorporating sustainability and fraud considerations into the traditional roles of audit committees and auditors. We developed a research framework referring to DeFond and Zhang (2014) and divided the characteristics of the monitoring bodies into incentives and competencies. We included the internal audit function as part of the ICS in line with prior research and analyzed the influence of the audit committee’s and external auditor’s incentives and competencies on ICS quality and vice versa.
Our review of US-dominated studies primarily highlights that specific audit committee’s incentives and competencies cause a positive effect on ICS quality. This mainly relates to audit committee expertise, experience and size (Hoitash et al., 2009; Goh, 2009). In turn, ICS quality affects the external auditor’s competencies and particularly their incentives and leads to decreased audit fees, audit delay, auditor rotation and improved auditor reporting (Elder et al., 2009). Consequently, audit committees equipped with high competencies (e.g. financial expertise or IT expertise) generate, over the path of ICS, a substitutive effect for external auditors by reducing their efforts, whereas ICS serve as a possible mediator. Furthermore, multiple other directions of effects within the dynamic trilateral network of relationships exist, even though they show not as homogeneous results as previously mentioned direction.
Based on the results of the literature review, we stressed the limitations of prior research and developed useful recommendations for future research. In this context, we included both content-specific and methodological suggestions. Our recommendations focused on sustainability and fraud issues within a holistic research approach by integrating all three monitoring bodies due to increased corporate sustainability regulations from an international perspective. This relates to both sustainability reporting and sustainable supply chain management duties. We recommend data collection via questionnaires or interviews considering the types of individual’s expertise, the type of relationship (complementary or substitutive) and individual’s self-assessment as well as the assessment by the other auditing parties and the integration in future quantitative research. Furthermore, we stress the need for more mediator and moderator analyses (Islam et al., 2023) to explore the interrelations between audit committees, internal auditors, ICS and external auditors.
Finally, we stress the limitations of this analysis. First, narrative literature reviews are limited in contrast to meta-analyses. As meta-analyses intend to measure the overall statistical significance of specific relationships based on multiple single-study results (Greenberg, 1992), we focused our review on a narrative analysis of underlying results mainly due to overly heterogeneous proxies within the included studies. Future researchers should conduct quantitative meta-analyses on specific relationships (e.g. the impact of audit committees on ICS) within our research framework. Second, almost all included studies represent single-country studies with regional samples (primarily USA), leading to a limited transferability to other regimes.
6.2 Practical implications
The study has main implications for legislators and standard setters as well as practitioners (similar to other studies, Elmarzouky et al., 2023). The results indicate that competently equipped and usefully incentivized audit committees and auditors lead to higher ICS quality and that ICS quality leads to better audit efficiency. Thus, practitioners should strive to consider these findings by ensuring adequate competencies (e.g. financial, sustainability and IT expertise) and incentives (e.g. independence) for those auditing bodies. Although it is useful to include advanced expertise requirements for audit committees and external auditors, legislators should develop extended demands for competencies of the audit committee and internal auditors. The advanced requirements should include a holistic triad of sustainability, fraud and IT expertise, because these combined competencies are needed to realize the going-concern principle of the firm and stay innovative. All parties’ efforts should encompass comprehensive ESG as well as fraud detection training and the further development of current staff (e.g. internal auditors as noted by Christ et al., 2021). In addition, they should consider recruiting new personnel with specialized sustainability competencies, such as biologists or climate scientists. Internal and external auditors might also consider using specialized software tools for auditing nonfinancial reporting or conducting forensic investigations. This could be particularly relevant for the oversight of management systems (ICS, risk management system, compliance management system), as these systems play a crucial role in ensuring the quality of both financial and nonfinancial reporting.
Legislators and standard setters might consider requiring the presence of sustainability expertise within each of the three parties. Within audit committees, this could be achieved by integrating a sustainability expert, analogous to the inclusion of financial experts (Velte, 2023c). External auditors may need to broaden the scope of their examinations to encompass sustainability-related aspects as they need to fulfil extended requirements within auditing the new sustainability report according to CSRD. Given that internal auditing remains relatively unregulated globally, legislators should consider mandating certification programs focused on sustainability for internal auditors. Policymakers may also discuss mandatory forensic audit procedures performed by external and internal auditors that could also be monitored by audit committees or adopt more restrictive standards to improve the International Standards on Auditing with a focus on fraud prevention (e.g. Elmarzouky et al., 2022 with a focus on key audit matters). Moreover, it should be kept in mind that the connectivity of both competencies and incentives is of great importance to achieve required firm improvements. Overall, regulators should recognize audit committees, internal auditors and external auditors as a three-party coalition of good corporate governance and should boost their practical cooperation in financial and ESG topics.
6.3 Theoretical implications
Potential theoretical development could involve a shift in research focus from shareholders (PAT) to other stakeholders (stakeholder-agency theory, as proposed by Hill and Jones in 1992). Given that a company has implicit obligations toward its stakeholders and society, management and all relevant oversight authorities should be motivated to implement and assess CSR structures and processes within the management framework, including high-quality ICS (Dowling and Pfeffer, 1975). In this context, stakeholders demand robust financial and non-financial reporting, as well as an associated ICS (Fiandrino et al., 2022) that are subject to oversight by the three independent parties. The implementation of a comprehensive financial and nonfinancial reporting framework, alongside effective fraud detection and prevention mechanisms, is anticipated to enhance overall financial and nonfinancial performance, thereby improving the firm’s reputation. Stakeholders further expect that monitoring bodies are equipped with adequate expertise, such as financial, sustainability, IT and fraud-prevention knowledge, along with appropriate incentives. Incorporating stakeholder interests into the job profiles and composition criteria of these oversight bodies may lead to increased stakeholder satisfaction.
Furthermore, the behavioral agency theory, based on the work of Wiseman and Gomez-Mejia (1998) and developed by Pepper and Gore (2015) could offer a theoretical development. As an extension of traditional agency theory, behavioral agency theory further considers psychological and behavioral factors, such as loss aversion (Wiseman and Gomez-Mejia, 1998) and perceived justice (Bosse and Phillips, 2016), that influence the behavior of agents. All three parties are individually motivated by a combination of economic incentives (e.g. audit fees for external auditors or budget for internal auditors), psychological factors (e.g. each party tries to minimize its own effort while searching for individual benefits) and social influences (e.g. social ties between audit committee members and external auditors due to prior careers). These factors can lead to behavioral risks that impair the effectiveness of appropriate monitoring. Due to these risks, open communication and a clear separation of responsibilities between the three parties are necessary to minimize misconduct or conflicts of interest. An understanding of behavioral incentives could help to develop measures that promote more objective and independent monitoring.
Figures
Figure 1.
Research framework
Figure 2.
Data selection process
Figure 3.
Main findings
Count of cited published papers
| Panel A: by publication year | |
| Total 71: | 2022: 1 |
| 2021: 4 | |
| 2020: 5 | |
| 2019: 6 | |
| 2018: 8 | |
| 2017: 3 | |
| 2016: 5 | |
| 2015: 5 | |
| 2014: 2 | |
| 2013: 3 | |
| 2012: 2 | |
| 2011: 6 | |
| 2010: 4 | |
| 2009: 7 | |
| 2008: 5 | |
| 2007: 2 | |
| 2006: 2 | |
| 2005: 1 | |
| Panel B: by region: | |
| Total 71: | Cross-country setting: 2 USA: 52 |
| Other regimes: 17 | |
| Panel C: by journal: | |
| Total 71: | Abacus: 1 |
| Accounting & Finance: 2 | |
| Accounting Forum: 1 | |
| Accounting Horizons: 4 | |
| Advances in Accounting: 2 | |
| Asia-Pacific Journal of Accounting & Economics: 2 | |
| Auditing: A Journal of Practice & Theory: 10 | |
| Contemporary Accounting Research: 8 | |
| European Management Journal: 1 | |
| Finance Research Letters: 1 | |
| International Business Review: 1 | |
| International Journal of Accounting: 1 | |
| International Journal of Accounting and Information Management: 1 | |
| International Journal of Accounting Information Systems: 1 | |
| International Journal of Auditing: 7 | |
| Journal of Accounting and Public Policy: 1 | |
| Journal of Accounting, Auditing & Finance: 3 | |
| Journal of Applied Accounting Research: 1 | |
| Journal of Business Finance & Accounting: 1 | |
| Journal of Cleaner Production: 1 | |
| Journal of Contemporary Accounting & Economics: 3 | |
| Journal of Financial Reporting and Accounting: 1 | |
| Journal of Public Budgeting, Accounting & Financial Management: 1 | |
| Managerial Auditing Journal: 6 | |
| Research in Accounting Regulation: 1 | |
| The Accounting Review: 8 | |
| The European Journal of Finance: 1 | |
Source: Authors’ own creation
Notes
Most cited article with regard to the influence of audit committees on ICS quality (and vice versa): Zhang et al., 2007 (1,245 citations); least cited article with regard to the influence of audit committees on ICS quality (and vice versa): Sterin, 2020 (17 citations) (updated on August 15, 2024).
Most cited article with regard to the influence of external auditors on ICS quality (and vice versa): Zhang et al., 2007 (1,245 citations); least cited article with regard to the influence of external auditors on ICS quality (and vice versa): Eulaiwi et al., 2022 (six citations) (updated on August 15, 2024).
Not included due to defined exclusion criteria (see Section 3).
References
Ackermann, C. (2017), “A mixed methodology to view internal audits internal control functioning”, Corporate Ownership and Control, Vol. 14 No. 2, pp. 302-311.
Albring, S.M., Elder, R.J. and Xu, X. (2018), “Unexpected fees and the prediction of material weaknesses in internal control over financial reporting”, Journal of Accounting, Auditing and Finance, Vol. 33 No. 4, pp. 485-505.
Almaqoushi, W. and Powell, R. (2021), “Audit committee quality indices, reporting quality and firm value”, Journal of Business Finance and Accounting, Vol. 48 Nos 1/2, pp. 185-229.
Antle, R. (1982), “The auditor as an economic agent”, Journal of Accounting Research, Vol. 20 No. 2, pp. 503-527.
Asare, S.K., Fitzgerald, B.C., Graham, L.E., Joe, J.R., Negangard, E.M. and Wolfe, C.J. (2013), “Auditors’ internal control over financial reporting decisions: analysis, synthesis, and research directions”, AUDITING: A Journal of Practice and Theory, Vol. 32 No. Supplement 1, pp. 131-166.
Ashfaq, K. and Rui, Z. (2019), “The effect of board and audit committee effectiveness on internal control disclosure under different regulatory environments in South Asia”, Journal of Financial Reporting and Accounting, Vol. 17 No. 2, pp. 170-200.
Ashraf, M., Michas, P.N. and Russomanno, D. (2020), “The impact of audit committee information technology expertise on the reliability and timeliness of financial reporting”, The Accounting Review, Vol. 95 No. 5, pp. 23-56.
Ashrafi, M., Walker, T.R., Magnan, G.M., Adams, M. and Acciaro, M. (2020), “A review of corporate sustainability drivers in Maritime ports: a multi-stakeholder perspective”, Maritime Policy and Management, Vol. 47 No. 8, pp. 1027-1044.
Aureli, S., Del Baldo, M., Lombardi, R. and Nappo, F. (2020), “Nonfinancial reporting regulation and challenges in sustainability disclosure and corporate governance practices”, Business Strategy and the Environment, Vol. 29 No. 6, pp. 2392-2403.
Bedard, J.C., Hoitash, R. and Hoitash, U. (2009), “Evidence from the United States on the effect of auditor involvement in assessing internal control over financial reporting”, International Journal of Auditing, Vol. 13 No. 2, pp. 105-125.
Bilal, B., Chen, S. and Komal, B. (2018), “Audit committee financial expertise and earnings quality: a meta-analysis”, Journal of Business Research, Vol. 84, pp. 253-270.
Blanco, B., Guillamón‐Saorín, E. and Guiral, A. (2024), “The two sides of corporate social responsibility and the quality of internal control audit opinions”, International Journal of Auditing, Vol. 28 No. 1, pp. 226-250.
Bosse, D.A. and Phillips, R.A. (2016), “Agency theory and bounded self-interest”, Academy of Management Review, Vol. 41 No. 2, pp. 276-297.
Bruynseels, L. and Cardinaels, E. (2014), “The audit committee: management watchdog or personal friend of the CEO?” The Accounting Review, Vol. 89 No. 1, pp. 113-145.
Chalmers, K., Hay, D. and Khlif, H. (2019), “Internal control in accounting research: a review”, Journal of Accounting Literature, Vol. 42 No. 1, pp. 80-103.
Chan, K., Kleinman, G. and Lee, P. (2009), “The impact of Sarbanes‐Oxley on internal control remediation”, International Journal of Accounting and Information Management, Vol. 17 No. 1, pp. 53-65.
Chen, Y., Eshleman, J.D. and Soileau, J.S. (2016a), “Board gender diversity and internal control weaknesses”, Advances in Accounting, Vol. 33, pp. 11-19.
Chen, Y., Gul, F.A., Truong, C. and Veeraraghavan, M. (2016b), “Auditor client specific knowledge and internal control weakness: some evidence on the role of auditor tenure and geographic distance”, Journal of Contemporary Accounting and Economics, Vol. 12 No. 2, pp. 121-140.
Cheng, S., Felix, R. and Indjejikian, R. (2019), “Spillover effects of internal control weakness disclosures: the role of audit committees and board connections”, Contemporary Accounting Research, Vol. 36 No. 2, pp. 934-957.
Chow, C.W. and Rice, S.T. (1982), “Qualified audit opinions and auditor switching”, The Accounting Review, Vol. 57 No. 2, pp. 326-335.
Christ, M.H., Eulerich, M., Krane, R. and Wood, D.A. (2021), “New frontiers for internal audit research”, Accounting Perspectives, Vol. 20 No. 4, pp. 449-475.
Cohen, J. and Simnett, R. (2015), “CSR and assurance services: a research agenda”, AUDITING: A Journal of Practice and Theory, Vol. 34 No. 1, pp. 59-74.
Cohen, J., Krishnamoorthy, G. and Wright, A. (2004), “The corporate governance mosaic and financial reporting quality”, Journal of Accounting Literature, pp. 87-152.
Cohen, J., Krishnamoorthy, G. and Wright, A. (2010), “Corporate governance in the post-Sarbanes-Oxley era: auditors’ experiences*”, Contemporary Accounting Research, Vol. 27 No. 3, pp. 751-786.
Cullinan, C.P., Du, H. and Jiang, W. (2010), “Is compensating audit committee members with stock options associated with the likelihood of internal control weaknesses?” International Journal of Auditing, Vol. 14 No. 3, pp. 256-273.
De Simone, S., D’Onza, G. and Sarens, G. (2021), “Correlates of internal audit function involvement in sustainability audits”, Journal of Management and Governance, Vol. 25 No. 2, pp. 561-591.
De Simone, L., Ege, M.S. and Stomberg, B. (2015), “Internal control quality: the role of auditor-provided tax services”, The Accounting Review, Vol. 90 No. 4, pp. 1469-1496.
DeFond, M. and Francis, J.R. (2005), “Audit research after Sarbanes-Oxley”, AUDITING: A Journal of Practice and Theory, Vol. 24 No. 1, pp. 5-30.
DeFond, M. and Zhang, J. (2014), “A review of archival auditing research”, Journal of Accounting and Economics, Vol. 58 Nos 2/3, pp. 275-326.
Denyer, D. and Tranfield, D. (2009), “Producing a systematic review”, in Buchanan, D.A. and Bryman, A. (Eds), The Sage Handbook of Organizational Research Methods, Sage Publication Ltd, London, pp. 671-689.
Denyer, D., Tranfield, D. and van Aken, J.E. (2008), “Developing design propositions through research synthesis”, Organization Studies, Vol. 29 No. 3, pp. 393-413.
Dowling, J. and Pfeffer, J. (1975), “Organizational legitimacy: social values and organizational behavior”, The Pacific Sociological Review, Vol. 18 No. 1, pp. 122-136.
Eilifsen, A., Kinserdal, F., Messier, W.F. and McKee, T.E. (2020), “An exploratory study into the use of audit data analytics on audit engagements”, Accounting Horizons, Vol. 34 No. 4, pp. 75-103.
Elder, R., Zhang, Y., Zhou, J. and Zhou, N. (2009), “Internal control weaknesses and client risk management”, Journal of Accounting, Auditing and Finance, Vol. 24 No. 4, pp. 543-579.
Elmarzouky, M., Hussainey, K. and Abdelfattah, T. (2022), “Do key audit matters signal corporate bankruptcy?” Journal of Accounting and Management Information Systems, Vol. 21 No. 3.
Elmarzouky, M., Hussainey, K. and Abdelfattah, T. (2023), “The key audit matters and the audit cost: does governance matter?” International Journal of Accounting and Information Management, Vol. 31 No. 1, pp. 195-217.
Elmarzouky, M., Hussainey, K. and Abdelfattah, T. (2024), “Key audit matters: a systematic review”, International Journal of Accounting, Auditing and Performance Evaluation, Vol. 20 Nos 3/4, pp. 319-341.
Ettredge, M., Heintz, J., Li, C. and Scholz, S. (2011), “Auditor realignments accompanying implementation of SOX 404 ICFR reporting requirements”, Accounting Horizons, Vol. 25 No. 1, pp. 17-39.
Eulaiwi, B., Al‐Hadi, A., Duong, L., Clark, K., Taylor, G. and Perrin, B. (2022), “Audit pricing and corporate whistleblower governance: evidence from Australian financial firms”, Accounting and Finance, Vol. 62 No. 2, pp. 2339-2384.
Eulerich, M., Velte, P. and Theis, J. (2015), “Internal auditor’s contribution to good corporate governance: an empirical analysis for the one-tier governance system with a focus on the relationship between internal audit function and audit committee”, Corporate Ownership and Control, Vol. 13 No. 1, pp. 141-151.
Fiandrino, S., Di Gromis Trana, M., Tonelli, A. and Lucchese, A. (2022), “The multi-faceted dimensions for the disclosure quality of non-financial information in revising directive 2014/95/EU”, Journal of Applied Accounting Research, Vol. 23 No. 1, pp. 274-300.
Goh, B.W. (2009), “Audit committees, boards of directors, and remediation of material weaknesses in internal control”, Contemporary Accounting Research, Vol. 26 No. 2, pp. 549-579.
Goh, B.W. and Li, D. (2013), “The disciplining effect of the internal control provisions of the Sarbanes–Oxley Act on the governance structures of firms”, The International Journal of Accounting, Vol. 48 No. 2, pp. 248-278.
Gontara, H., Khelil, I. and Khlif, H. (2023), “The association between internal control quality and audit report lag in the French setting: the moderating effect of family directors”, Journal of Family Business Management, Vol. 13 No. 2, pp. 261-271.
Gramling, A.A., O’Donnell, E. and Vandervelde, S.D. (2010), “Audit partner evaluation of compensating controls: a focus on design effectiveness and extent of auditor testing”, AUDITING: a journal of practice and theory, Vol. 29 No. 2, pp. 175-187.
Greenberg, P.S. (1992), “The use of Meta-Analysis techniques in developing dissertion proposals: guidelines to aid supervising faculty”, Issues in Accounting Education, Vol. 7 No. 2, pp. 145-163.
Haislip, J.Z., Peters, G.F. and Richardson, V.J. (2016), “The effect of auditor IT expertise on internal controls”, International Journal of Accounting Information Systems, Vol. 20, pp. 1-15.
Hermanson, D.R. and Ye, Z. (. (2009), “Why do some accelerated filers with SOX section 404 material weaknesses provide early warning under section 302?” AUDITING: a journal of practice and theory, Vol. 28 No. 2, pp. 247-271.
Hogan, C.E. and Wilkins, M.S. (2008), “Evidence on the audit risk model: do auditors increase audit fees in the presence of internal control deficiencies?” Contemporary Accounting Research, Vol. 25 No. 1, pp. 219-242.
Hoitash, R., Hoitash, U. and Bedard, J.C. (2008), “Internal control quality and audit pricinng under the Sarbanes-Oxley act”, AUDITING: A Journal of Practice and Theory, Vol. 27 No. 1, pp. 105-126.
Hoitash, U., Hoitash, R. and Bedard, J.C. (2009), “Corporate governance and internal control over financial reporting: a comparison of regulatory regimes”, The Accounting Review, Vol. 84 No. 3, pp. 839-867.
Inaam, Z. and Khamoussi, H. (2016), “Audit committee effectiveness, audit quality and earnings management: a meta-analysis”, International Journal of Law and Management, Vol. 58 No. 2, pp. 179-196.
Islam, M., Slof, J. and Albitar, K. (2023), “The mediation effect of audit committee quality and internal audit function quality on the firm size–financial reporting quality nexus”, Journal of Applied Accounting Research, Vol. 24 No. 5, pp. 839-858.
Jensen, M.C. and Meckling, W.H. (1976), “Theory of the firm: managerial behavior, agency costs and ownership structure”, Journal of Financial Economics, Vol. 3 No. 4, pp. 305-360.
Jiang, W., Rupley, K.H. and Wu, J. (2010), “Internal control deficiencies and the issuance of going concern opinions”, Research in Accounting Regulation, Vol. 22 No. 1, pp. 40-46.
Johnstone, K., Li, C. and Rupley, K.H. (2011), “Changes in corporate governance associated with the revelation of internal control material weaknesses and their subsequent remediation*”, Contemporary Accounting Research, Vol. 28 No. 1, pp. 331-383.
Jun Lin, Z., Xiao, J.Z. and Tang, Q. (2008), “The roles, responsibilities and characteristics of audit committee in China”, Accounting, Auditing & Accountability Journal, Vol. 21 No. 5, pp. 721-751.
Karpoff, J.M., Koester, A., Lee, D.S. and Martin, G.S. (2017), “Proxies and databases in financial misconduct research”, The Accounting Review, Vol. 92 No. 6, pp. 129-163.
Khlif, H. and Samaha, K. (2016), “Audit committee activity and internal control quality in Egypt”, Managerial Auditing Journal, Vol. 31 No. 3, pp. 269-289.
Khoo, E.S., Lim, Y. and Monroe, G.S. (2020), “Audit committee members’ reputation incentives and their effectiveness in monitoring the financial reporting process”, Abacus, Vol. 56 No. 3, pp. 348-406.
Khoufi, N. and Khoufi, W. (2018), “An empirical analysis of the relation between corporate governance characteristics and the prevention of financial statement fraud”, International Journal of Management and Enterprise Development, Vol. 17 No. 4, p. 347.
Klein, A. (2002), “Audit committee, board of director characteristics, and earnings management”, Journal of Accounting and Economics, Vol. 33 No. 3, pp. 375-400.
Kotb, A., Elbardan, H. and Halabi, H. (2020), “Mapping of internal audit research: a post-Enron structured literature review”, Accounting, Auditing and Accountability Journal, Vol. 33 No. 8, pp. 1969-1996.
Kraakman, R.H. (1986), “Gatekeepers: the anatomy of a third-party enforcement strategy”, Journal of Law, Economics, and Organization, Vol. 2 No. 1, pp. 53-104.
Krishnan, J. (2005), “Audit committee quality and internal control: an empirical analysis”, The Accounting Review, Vol. 80 No. 2, pp. 649-675.
Krishnan, G.V. and Visvanathan, G. (2007), “Reporting internal control deficiencies in the post-Sarbanes-Oxley era: the role of auditors and corporate governance”, International Journal of Auditing, Vol. 11 No. 2, pp. 73-90.
Krishnan, J., Rama, D. and Zhang, Y. (2008), “Costs to comply with SOX section 404”, AUDITING: A Journal of Practice and Theory, Vol. 27 No. 1, pp. 169-186.
Li, X. and Li, Y. (2020), “Female independent directors and financial irregularities in Chinese listed firms: from the perspective of audit committee chairpersons”, Finance Research Letters, Vol. 32, p. 101320.
Li, X. and Liu, M. (2024), “Abnormal audit fees and financial reporting quality: a meta-analysis”, Journal of International Accounting, Auditing and Taxation, Vol. 55, p. 100622.
Lisic, L.L., Myers, L.A., Seidel, T.A. and Zhou, J. (2019), “Does audit committee accounting expertise help to promote audit quality? Evidence from auditor reporting of internal control weaknesses”, Contemporary Accounting Research, Vol. 36 No. 4, pp. 2521-2553.
Lisic, L.L., Neal, T.L., Zhang, I.X. and Zhang, Y. (2016), “CEO power, internal control quality, and audit committee effectiveness in substance versus in form”, Contemporary Accounting Research, Vol. 33 No. 3, pp. 1199-1237.
Liu, W.-P. and Huang, H.-W. (2020), “Auditor realignment, voluntary SOX 404 adoption, and internal control material weakness remediation: further evidence from U.S.-listed foreign firms”, International Business Review, Vol. 29 No. 5, p. 101712.
López, D.M., Rich, K.T. and Smith, P.C. (2013), “Auditor size and internal control reporting differences in nonprofit healthcare organizations”, Journal of Public Budgeting, Accounting and Financial Management, Vol. 25 No. 1, pp. 41-68.
Lu, H., Richardson, G. and Salterio, S. (2011), “Direct and indirect effects of internal control weaknesses on accrual quality: evidence from a unique Canadian Regulatory Setting”, Contemporary Accounting Research, Vol. 28 No. 2, pp. 675-707.
Malik, M. (2014), “Audit committee composition and effectiveness: a review of post-SOX literature”, Journal of Management Control, Vol. 25 No. 2, pp. 81-117.
Mazza, T. and Azzali, S. (2015), “Effects of internal audit quality on the severity and persistence of controls deficiencies”, International Journal of Auditing, Vol. 19 No. 3, pp. 148-165.
Michelon, G., Bozzolan, S. and Beretta, S. (2015), “Board monitoring and internal control system disclosure in different regulatory environments”, Journal of Applied Accounting Research, Vol. 16 No. 1, pp. 138-164.
Mitra, S., Song, H. and Yang, J.S. (2015), “The effect of auditing standard no. 5 on audit report lags”, Accounting Horizons, Vol. 29 No. 3, pp. 507-527.
Munsif, V., Raghunandan, K. and Rama, D.V. (2013), “Early warnings of internal control problems: additional evidence”, AUDITING: A Journal of Practice and Theory, Vol. 32 No. 2, pp. 171-188.
Oussii, A.A. and Boulila Taktak, N. (2018), “The impact of internal audit function characteristics on internal control quality”, Managerial Auditing Journal, Vol. 33 No. 5, pp. 450-469.
Pepper, A. and Gore, J. (2015), “Behavioral agency theory: new foundations for theorizing about executive compensation”, Journal of Management, Vol. 41 No. 4, pp. 1045-1068.
Pérez-Cornejo, C., Quevedo-Puente, E.D. and Delgado-García, J.B. (2019), “How to manage corporate reputation? The effect of enterprise risk management systems and audit committees on corporate reputation”, European Management Journal, Vol. 37 No. 4, pp. 505-515.
Pucheta-Martínez, M.C., Bel-Oms, I. and Rodrigues, L.L. (2019), “The engagement of auditors in the reporting of corporate social responsibility information”, Corporate Social Responsibility and Environmental Management, Vol. 26 No. 1, pp. 46-56.
Rakipi, R. and D’Onza, G. (2024), “The involvement of internal audit in environmental, social, and governance practices and risks: stakeholders’ salience and insights from audit committees and chief executive officers”, International Journal of Auditing, Vol. 28 No. 3, pp. 522-535.
Rezaee, Z. (2005), “Causes, consequences, and deterence of financial statement fraud”, Critical Perspectives on Accounting, Vol. 16 No. 3, pp. 277-298.
Ross, S.A. (1973), “The economic theory of agency: the principal’s problem”, The American Economic Review, Vol. 63 No. 2, pp. 134-139.
Schneider, A., Gramling, A.A., Hermanson, D.R. and Ye, Z.S. (2009), “A review of academic literature on internal control reporting under SOX”, Journal of Accounting Literature, Vol. 28, pp. 1-46.
Seuring, S. and Müller, M. (2008), “From a literature review to a conceptual framework for sustainable supply chain management”, Journal of Cleaner Production, Vol. 16 No. 15, pp. 1699-1710.
Stephens, N.M. (2011), “External auditor characteristics and internal control reporting under SOX section 302”, Managerial Auditing Journal, Vol. 26 No. 2, pp. 114-129.
Sterin, M. (2020), “The influence of audit committee expertise on firms’ internal controls: evidence from mergers and acquisitions”, Accounting Horizons, Vol. 34 No. 3, pp. 193-211.
Su, W., Zhang, L., Ge, C. and Chen, S. (2022), “Association between internal control and sustainability: a literature review based on the SOX act framework”, sustainability, vol”, Sustainability, Vol. 14 No. 15, p. 9706.
Tirole, J. (1986), “Hierarchies and bureaucracies: on the role of collusion in organizations”, Journal of Law, conomics, and Organization, Vol. 2 No. 2, pp. 181-214.
Tiwari, R.K. and Debnath, J. (2017), “Forensic accounting: a blend of knowledge”, Journal of Financial Regulation and Compliance, Vol. 25 No. 1, pp. 73-85.
Trompeter, G.M., Carpenter, T.D., Desai, N., Jones, K.L. and Riley, R.A. (2013), “A synthesis of fraud-related research”, AUDITING: A Journal of Practice and Theory, Vol. 32 No. Supplement 1, pp. 287-321.
Tseng, M.-L., Chang, C.-H., Lin, C.-W.R., Wu, K.-J., Chen, Q., Xia, L. and Xue, B. (2020), “Future trends and guidance for the triple bottom line and sustainability: a data driven bibliometric analysis”, Environmental Science and Pollution Research, Vol. 27 No. 27, pp. 33543-33567.
Tumwebaze, Z., Bananuka, J., Kaawaase, T.K., Bonareri, C.T. and Mutesasira, F. (2022), “Audit committee effectiveness, internal audit function and sustainability reporting practices”, Asian Journal of Accounting Research, Vol. 7 No. 2, pp. 163-181.
Velte, P. (2017), “The link between audit committees, corporate governance quality and firm performance: a literature review”, Corporate Ownership and Control, Vol. 14 No. 4, pp. 15-31.
Velte, P. (2018), “Is audit committee expertise connected with increased readability of integrated reports: evidence from EU companies”, Problems and Perspectives in Management, Vol. 16 No. 2, pp. 23-41.
Velte, P. (2023a), “The impact of external auditors on firms’ financial restatements: a review of archival studies and implications for future research”, Management Review Quarterly, Vol. 73 No. 3, pp. 959-985.
Velte, P. (2023b), “The link between corporate governance and corporate financial misconduct. A review of archival studies and implications for future research”, Management Review Quarterly, Vol. 73 No. 1, pp. 353-411.
Velte, P. (2023c), “Which attributes of audit committees are most beneficial for European companies? - Literature review and research recommendations”, Journal of Global Responsibility, Vol. 14 No. 4, pp. 403-430.
Weickgenannt, A.B., Hermanson, D.R. and Sharma, V.D. (2021), “How U.S. audit committees oversee internal control over financial reporting”, International Journal of Auditing, Vol. 25 No. 1, pp. 233-248.
Wiseman, R.N. and Gomez-Mejia, L.R. (1998), “A behavioral agency model of managerial risk taking”, The Academy of Management Review, Vol. 23 No. 1, pp. 133-153.
Zahra, S.A., Priem, R.L. and Rasheed, A.A. (2007), “Understanding the causes and effects of top management fraud”, Organizational Dynamics, Vol. 36 No. 2, pp. 122-139.
Zaman, R., Farooq, M.B., Khalid, F. and Mahmood, Z. (2021), “Examining the extent of and determinants for sustainability assurance quality: the role of audit committees”, Business Strategy and the Environment, Vol. 30 No. 7, pp. 2887-2906.
Zhang, Y., Zhou, J. and Zhou, N. (2007), “Audit committee quality, auditor independence, and internal control weaknesses”, Journal of Accounting and Public Policy, Vol. 26 No. 3, pp. 300-327.
Further reading
Buchanan, D.A. and Bryman, A. (Eds) (2009), The Sage Handbook of Organizational Research Methods, Sage Publications.
Hill, C.W.L. and Jones, T.M. (1992), “Stakeholder‐agency theory”, Journal of Management Studies, Vol. 29 No. 2, pp. 131-154.
Securities and Exchange Commission (2002), “Securities and Exchange Commission”, Sarbanes-Oxley Act, SOX.
Acknowledgements
All authors declare that they have no conflicts of interest.