7 minute read
Corporate Governance
Audit and Risk Committee
Over the course of 2022, the Committee has continued to build on the strong foundations set in 2021 to ensure that it continues to provide the support to the Board that is required, and to also ensure that the Committee is fulfilling its role in the review of the integrity of the Group’s financial reporting, monitoring the effectiveness of the Group’s risk management and internal controls framework, and its effective oversight of the Group’s outsourced internal audit function and its external auditor. As normal, the composition of the Committee has been reviewed to ensure that its skill sets are appropriate to the Group. In order to ensure a smooth transition of the Chair of the Audit & Risk Committee on Mark’s retirement, we have appointed Louise Easterbrook to the Committee during 2022, who will take over the Chair position for the Committee with effect from the AGM, which is due to be held on 25 April 2023. This year, the Committee has focused on improving the qualitative reporting into the Committee to enhancing regular monitoring of the Group’s transformation of its IT infrastructure and applications and associated risks, with a special focus over the course of 2022 of monitoring the implementation of an ERP system. The Committee has also strengthened the Group’s internal audit function through outsourcing the core competencies to PwC, the benefits of which have already been seen by the Committee and the Group.
The assurance framework required by the Committee is provided by complementary contributions from management reports, internal and external audit reports and risk management and compliance reports. However, as chair of the Committee, Mark has also held regular meetings with the Company’s internal and external auditors, the chief financial officer, senior members of the Group finance department, and other senior executives to ensure an understanding of key issues relevant to the Group.
That said, during the year, the Committee continued its key financial oversight role for the Board, outlined in its terms of reference, to reassure the shareholder that its interests are properly protected in respect of the Group’s financial management and reporting.
During 2022, the Committee has:
• continued to scrutinise the activities, performance, independence and effectiveness of the external auditors;
• supported the Board with its ongoing monitoring and evaluation of the effectiveness of the Group’s risk management and internal controls systems;
• in consultation with the Group’s internal auditors (an outsourced function provided by PwC), determined the focus of the Group’s internal audit activity, monitored its effectiveness, reviewed its findings and verified that recommendations were being appropriately implemented. Over the course of 2022, internal audits were carried out into the ERP implementation programme, the Group’s purchasing cards and on-island billing.
All of these audits detailed areas for improvement and work has either already been completed or is in progress to make the suggested improvement.
The fact that three audits were completed over the course of 2022, which have already led to improvements to internal controls, clearly shows that the decision to outsource the internal audit function to PwC has been extremely beneficial. It has provided the Group with access to resources at PwC, which have a large range of skillsets and expertise to enable the audits to be carried out in good time;
• continued to monitor the integrity of the Group’s financial statements and satisfy itself that any significant financial judgements made by management are sound. Our report details the significant financial judgements on p61.
Mark will be available at the Annual General Meeting to answer any questions about the work of the Committee during the year and its focus going forward.
Committee Composition
The membership of the Committee, together with appointment date, is set out below:
Member Audit and Risk Committee member since
Mark Shuttleworth (Chair)
Joe Moynihan
Angus Flett
Louise Easterbrook
1 September 2020
7 September 2018
26 April 2021
1 November 2022
As mentioned previously, the composition of the Committee changed during the period with the appointment of Louise Easterbrook to the Committee.
The Committee members were selected for their range of financial and commercial expertise, necessary to fulfil the Committee’s duties. The Board considers that as a chartered accountant, the Committee Chair, Mark Shuttleworth, has recent and relevant financial experience. Attendance by members at the Committee meetings is shown on page 26. Meetings are attended, by invitation, by the chief financial officer, the Head of Risk, the company secretary, the deputy company secretary, and the Group’s external auditors. In addition, the Group’s internal auditors are invited to attend appropriate sections of the meetings. At the end of each meeting, a private session is held by the Committee with representatives of both the external and internal auditors, which is not attended by management.
The Committee’s Work
The Committee works to a structured programme of activities, developed from its terms of reference, with agendas for the four scheduled meetings of the Committee during 2022 organised to coincide with key events in the annual reporting cycle. The Chair of the Committee reports, at each subsequent Board meeting, on the business of the Committee meeting and recommendations made by the Committee. The main matters that the Committee considered during the year are described on the next page.
Financial Reporting and Significant Judgements
The Committee monitors the integrity of the financial statements of the Company and reports to the Board on significant financial reporting issues and judgements. Throughout the year, the Committee reviews and challenges the application of significant accounting policies, the methods used to account for significant or unusual transactions and whether the Company has adopted appropriate accounting policies and made appropriate estimates and judgements, taking into account the views of the external auditors. At the end of the reporting year, the Committee reviews the financial statements and the completeness of its disclosures, going concern assumption and the suitability of any key assumption. In consultation with the external auditors, the Committee considers whether they can advise the Board that the financial statements give a true and fair view of the Company’s position and financial performance.
Risk Management and Internal Control
The Board recognises that the successful management of risk as part of our everyday activities is essential to support the achievement of our strategic objectives. Through delegation by the Board, the Committee is responsible for reviewing and monitoring the effectiveness of the Group’s risk management systems and internal control. Operation of the Group’s Risk Management Framework, which is designed to support consistent and effective management of risk throughout the Group, is overseen by an oversight structure which includes the Committee. During 2022, the Committee made improvements to the risk reporting provided by management, so that the Committee’s oversight of risk was improved. This included asking for the report to show accountability in terms of risk ownership and clear target dates to bring risks within appetite.
The Board has an ongoing process to identify, evaluate and manage the significant risks faced by the Group. This was in place throughout the year and up to the date of the approval of the annual report. This process is regularly reviewed by the Board. Management is responsible for the identification, evaluation and management of these risks together with the design, operation and monitoring of associated controls to manage risks to an acceptable level.
The Committee considered, discussed and made decisions in relation to a range of risk and internal control-related matters during the course of the year, the most significant of which are outlined below:
• reviewed, and recommended to the Board for approval, changes to the Committee’s terms of reference and calendar of duties;
• reviewed the quarterly Group Risk Report on the ‘top risks’ facing the Group, the relative assessment of impact and likelihood, actions underway or taken to deliver target risk ratings and escalating to the Board for discussion as a whole where appropriate;
• approved the annual internal audit plan, outlining those areas to be covered by the work of internal audit during 2022/2023 and monitored the progress against the plan at each meeting. This included updates on progress to deliver management actions relating to internal audit actions. The Committee also received and approved changes to the plan during the year;
• monitored the risks and associated controls over the financial reporting processes, including the process by which the Group’s financial statements are prepared for publication;
• reviewed reports from the external auditors on any issues identified during the course of its work, including a report on control weaknesses identified; and
• reviewed, and recommended for approval, the Group’s risk management disclosures for inclusion within the annual report and accounts.
Oversight of the External Audit
The Committee’s oversight of the external auditors includes reviewing and approving the annual audit plan. In reviewing the plan, the Committee discusses and challenges the auditors’ assessment of materiality and financial reporting risk areas most likely to give rise to material error.
KPMG reported to the Board and confirmed its independence in accordance with ethical standards and that it had maintained appropriate internal safeguards to ensure its independence and objectivity. Assignments awarded to KPMG have been, and are, subject to controls by management that have been agreed by the Committee to monitor and maintain the objectivity and independence of the external auditors.
To further safeguard the objectivity and independence of the external auditors, the Committee has a formal policy governing the engagement of the external auditors to provide non-audit services, providing details of prohibited, audit-related and permitted services. The policy requires approval by the chief financial officer of any work undertaken by KPMG and mandates Committee approval, prior to the commencement of work, of all non-audit assignments.
The total audit fees paid to KPMG for the year relating to the Group audit was £311,735.
Amounts paid to KPMG were reported to and considered by the Committee.
The assessment of the effectiveness and performance of our external auditors is continually and formally considered by the Committee. Feedback was sought from other members of the Group finance team, divisional management and the Group chief risk and compliance officer. The feedback from this process was considered by the Committee. Following robust debate and challenge, action plans were developed in relation to better communication during the audit cycle between KPMG and the Group’s divisional teams. In its evaluation of the external audit function, the Committee concluded that it was satisfied with the work of KPMG and that KPMG continued to be effective, objective, and independent.
External Audit Partner Rotation
During 2022 KPMG Channel Islands Limited replaced KPMG LLP as auditor. As a result of this change a new audit partner was appointed for the 2022 financial year.