Audit Committee

Chairperson Richard J. Swift, Member Nancy-Ann DeParle, Member Jean-Pierre Millon, Member Alecia A. DeCoudreaux, Member Mary L. Schapiro

Download Audit Committee Charter

Committee Members

CVS HEALTH CORPORATION

A Delaware corporation
(the "Company")

Audit Committee Charter
Amended as of [March 2, 2017]

Audit Committee Charter Quicklinks

Link directly to the portion of the charter in which you are most interested. Or, print the whole document using the link above.

Purpose
Membership
Authority
Procedures
Responsibilities
Limitations Inherent in the Committee’s Role

Purpose

The Audit Committee (the “Committee”) is created by the Board of Directors of the Company to:

  • assist the Board in its oversight of:
    • the integrity of the financial statements of the Company;
    • the qualifications, independence and performance of the Company’s independent auditor;
    • the performance of the Company’s internal audit function;
    • the Company’s compliance program, including compliance with the Company’s Code of Conduct; and
    • compliance by the Company with legal and regulatory requirements; and
  • prepare the Audit Committee Report that the Securities and Exchange Commission (“SEC”) rules require to be included in the Company’s annual proxy statement.

Membership

To discharge its oversight responsibilities effectively, the Committee will maintain open lines of communication with the Company’s chief financial officer, chief internal auditor, chief compliance officer(s), and with the Company’s independent auditors, each of whom will have free and direct access to the Committee. Further, the Committee is authorized (without seeking Board approval) to retain special legal, accounting or other advisors.

Authority

To discharge its oversight responsibilities effectively, the Committee will maintain open lines of communication with the Company’s chief financial officer, chief internal auditor, and with the Company’s independent auditors, each of whom will have free and direct access to the Committee. Further, the Committee is authorized (without seeking Board approval) to retain special legal, accounting or other advisors.

The Committee shall have available appropriate funding from the Company as determined by the Committee for payment of:

  • compensation to any accounting firm engaged for the purpose of preparing or issuing an audit report or performing other audit, review or attest services for the Company;
  • compensation to any advisors employed by the Committee; and
  • ordinary administrative expenses of the Committee that are necessary or appropriate in carrying out its duties

The Committee may delegate its authority to subcommittees or the Chairman of the Committee when it deems appropriate and in the best interests of the Company.

Procedures

The Committee shall meet as often as it determines is appropriate to carry out its responsibilities under this charter, but not less frequently than quarterly.  The Chairman of the Committee, in consultation with the other committee members, shall determine the frequency and length of the committee meetings and shall set meeting agendas consistent with this charter.

The Committee shall meet separately, periodically, with management, with internal auditors or other personnel responsible for the internal audit function and with the independent auditor.

Responsibilities

In addition to any other responsibilities that may be assigned from time to time by the Board, the Committee is responsible for the following matters.

Independent Auditor

  • The Committee shall be directly responsible for the appointment, compensation, retention and oversight of the work of any accounting firm engaged for the purpose of preparing or issuing an audit report or performing other audit, review or attest services for the Company (subject, if applicable, to shareholder ratification).  Each such accounting firm shall report directly to the Committee.
  • The Committee shall pre-approve the audit services and non-audit services to be provided by the Company’s independent auditor pursuant to pre-approval policies and procedures established by the Committee. The pre-approval policies and procedure shall be periodically reviewed by the Committee. The Committee may delegate its authority to pre-approve services to one or more Committee members, provided that such designees present any such approvals to the full Committee at the next Committee meeting.
  • The Committee shall discuss with the independent auditor its responsibilities under generally accepted auditing standards, review and approve the scope and staffing of the independent auditor’s annual audit plan(s) and discuss any significant findings from the audit, including any problems or difficulties encountered.
  • The Committee shall evaluate the independent auditor’s qualifications, performance and independence, and shall present its conclusions with respect to the independent auditor to the full Board on at least an annual basis. As part of such evaluation, at least annually, the Committee shall:
    • obtain and review a report or reports from the Company’s independent auditor:
      • describing the independent auditor’s internal quality-control procedures;
      • describing any material issues raised by (i) the most recent internal quality-control review, or peer review, of the auditing firm, or (ii) any inquiry or investigation by governmental or professional authorities, within the preceding five years, regarding one or more independent audits carried out by the auditing firm; and any steps taken to deal with any such issues;
      • describing all relationships between the independent auditor and the Company consistent with the applicable requirements of the PCAOB regarding the independent auditor’s communications with the Committee concerning independence; and
      • assuring that Section 10A of the Securities Exchange Act of 1934 has not been implicated;
    • review and evaluate the lead partner of the independent auditor;
    • confirm, and evaluate the rotation of, the audit engagement team partners as required by law and consider whether rotation should occur more frequently, so as to assure continuing auditor independence;
    • consider whether the independent auditor should be rotated, so as to assure continuing auditor independence; and
    • obtain the opinion of management and the internal auditors of the independent auditor’s performance.
  • The Committee shall establish and periodically review the policies for the Company’s hiring of current or former employees of the independent auditor.

Internal Auditors

  • At least annually, the Committee shall evaluate the performance, responsibilities, budget and staffing of the Company’s internal audit function and review the internal audit plan. Such evaluation shall include a review of the responsibilities, budget and staffing of the Company’s internal audit function with the independent auditor.
  • At least annually, the Committee shall review the annual internal audit plan with the senior officer or officers responsible for the internal audit function of the Company. The review shall focus on the scope and effectiveness of internal audit activities and the department’s capability to fulfill its objectives.
  • At least annually, the Committee shall review significant findings by the internal audit staff and management’s responses to such findings and instances of remedial action not being taken by management within appropriate timeframes in response to any such findings, if any.
  • At least annually, the Committee shall evaluate the performance of the senior officer or officers responsible for the internal audit function of the Company, and make recommendations to the Board and management regarding the responsibilities, retention or termination of such officer or officers.
  • At least annually, the Committee shall review the annual report from the internal auditors covering the internal auditor’s review of the officers’ and directors’ travel and entertainment expenses, including use of Company aircraft and the policy related thereto.
  • At least quarterly, the Committee shall meet separately with the senior officer or officers responsible for the internal audit function.

Financial Statements; Disclosure and Other Risk Management and Compliance Matters

  • As appropriate, the Committee shall meet to review and discuss with management, the internal auditors and the independent auditor, in separate meetings, if the Committee deems it necessary:
    • the annual audited financial statements, including the Company’s specific disclosures under “Management’s Discussion and Analysis of Financial Condition and Results of Operations”, prior to the filing of the Company’s Form 10-K;
    • the quarterly financial statements, including the Company’s specific disclosures under “Management’s Discussion and Analysis of Financial Condition and Results of Operations”, prior to the filing of the Company’s Form 10-Q;
    • analyses or other written communications prepared by management and/or the independent auditor setting forth significant judgments made in connection with the preparation of the financial statements, including analyses of the effects of alternative GAAP methods on the financial statements and estimates made by management having a material impact on the financial statements;
    • the critical accounting policies and practices of the Company;
    • off-balance sheet transactions and structures;
    • any major issues regarding accounting principles and financial statement presentations, including any significant changes in the Company’s selection or application of accounting principles;
    • significant variations in financial information between reporting periods; and
    • the effect of regulatory and accounting initiatives or actions applicable to the Company (including any SEC investigations or proceedings).
  • The Committee shall review, in conjunction with management, the Company’s policies generally with respect to the Company’s earnings press releases and with respect to financial information and earnings guidance provided to analysts and rating agencies, including in each case the type of information to be disclosed and type of presentation to be made and paying particular attention to the use of non-GAAP financial information.
  • The Chairman of the Committee may review any of the Company’s financial information and earnings guidance provided to analysts and ratings agencies and any of the Company’s other financial disclosures, such as earnings press releases, as the Chairman deems appropriate.
  • The Committee shall review, in conjunction with its review of the Company's quarterly financial statements, the Company's stock repurchase programs, and shall evaluate such programs to determine whether it should recommend to the Board any modifications to such programs.
  • The Committee shall, in conjunction with the Chief Executive Officer (“CEO”) and Chief Financial Officer (“CFO”) of the Company, at least annually review and approve the Company’s disclosure controls and procedures and also review the Company's internal controls over financial reporting. The review of internal controls over financial reporting shall include whether there are any significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to affect the Company’s ability to record, process, summarize and report financial information and any fraud involving management or other employees with a significant role in internal control over financial reporting. The Committee shall also review any special audit steps adopted in light of material control deficiencies.
  • The Committee shall review potential conflicts of interest involving directors and shall determine whether such director or directors may vote on any issue as to which there may be a conflict.
  • The Committee shall periodically review the Company’s Related Person Transaction policy and shall review all related person transactions and determine whether such transactions are appropriate for the Company to undertake. If so, the Committee is authorized to approve such transactions in accordance with the Company’s Related Person Transaction Policy.
  • The Committee shall periodically review and approve and shall oversee compliance with the Company’s Code of Conduct and report on such compliance to the Board.  The Committee shall also review and consider any requests for waivers of the Company’s Code of Conduct for the Company’s directors, executive officers and other senior financial officers, and shall make a recommendation to the Board with respect to such request for a waiver.
  • The Committee shall review annually management’s plan for determining compliance with the Company’s Code of Conduct.
  • The Committee shall periodically, but not less than annually, review the Company’s Information Governance Framework, including the Company’s Privacy and Information Security Programs.
  • The Committee shall periodically, but not less than twice annually, review the cybersecurity aspects of the Company’s Information Security Program.
  • The Committee shall periodically, but not less than annually, review the Company’s Environmental, Health and Safety Program.
  • The Committee shall review significant cases of employee conflict of interest, misconduct, or fraud.
  • The Committee shall review and discuss with the independent auditor any audit problems or difficulties and management’s response thereto, including those matters required to be discussed with the Committee by the auditor pursuant to established auditing standards, such as:
    • any restrictions on the scope of the independent auditor’s activities or on access to requested information;
    • any accounting adjustments that were noted or proposed by the auditor but were “passed” (as immaterial or otherwise);
    • any communications between the audit team and the audit firm’s national office regarding auditing or accounting issues presented by the engagement;
    • any management or internal control letter issued, or proposed to be issued, by the auditor; and
    • any significant disagreements between management and the independent auditor.
  • In connection with its oversight responsibilities, the Committee shall be directly responsible for the resolution of disagreements between management and any auditor regarding the Company’s financial reporting.
  • The Committee shall review the Company’s policies and practices with respect to risk assessment and risk management, including discussing with management the Company’s major financial risk exposures and the steps that have been taken to monitor and control such exposures.
  • The Committee shall establish and periodically review the procedures for:
    • the receipt, retention and treatment of complaints received by the Company regarding accounting, internal accounting controls or auditing matters, and
    • the confidential, anonymous submission by employees of the Company of concerns regarding questionable accounting or auditing matters.
  • The Committee shall review any complaints regarding accounting, internal accounting controls or auditing matters received pursuant to such procedures.
  • The Committee shall prepare the Audit Committee Report that the SEC rules require to be included in the Company’s annual proxy statement.
  • The Committee shall review and approve the Company’s decision to enter into swap transactions that are not cleared and are not traded on a designated contract market or swap execution facility, including establishing policies governing the use of such swaps, as necessary and appropriate in compliance with the rules of the Commodity Futures Trading Commission.
  • As part of its oversight of the Company’s compliance program, the Committee shall review the Company’s compliance with laws and regulations, including major legal and regulatory matters, such as Federal health care program requirements.  In that regard, the Committee shall make a reasonable inquiry into the operations of CVS Health’s Compliance Program, including the performance of the Chief Compliance Officer of CVS Health, the Chief Compliance Officer, Government Programs and Settlements, and the Compliance Committee(s), to assess its effectiveness.  The Committee shall also review any major litigation or investigations that may have a material impact on the Company’s financial statements.  The Committee shall meet with the Chief Compliance Officer of CVS Health and the Chief Compliance Officer, Government Programs and Settlements no less than quarterly, and shall meet and discuss legal and regulatory matters with management and others as appropriate, including the General Counsel.

Reporting to the Board

  • The Committee shall report to the Board periodically. This report shall include a review of any issues that arise with respect to the quality or integrity of the Company’s financial statements, the Company’s compliance with legal or regulatory requirements, the independence and performance of the Company’s independent auditor, the performance of the internal audit function and any other matters that the Committee deems appropriate or is requested to be included by the Board.
  • At least annually, the Committee shall evaluate its own performance and report to the Board on such evaluation.
  • The Committee shall periodically review and assess the adequacy of this charter and recommend any proposed changes to the Board.

Limitations Inherent in the Committee’s Role

It is not the duty of the Committee to plan or conduct audits or to determine that the Company’s financial statements are complete and accurate and are in accordance with GAAP and applicable rules and regulations. This is the responsibility of management and the independent auditor. Furthermore, while the Committee is responsible for reviewing the Company’s policies and practices with respect to risk assessment and management, it is the responsibility of the CEO, CFO and senior management to determine the appropriate level of the Company’s exposure to risk.