AUDIT COMMITTEES. Fulfilling annual reporting requirements

Transcription

1 AUDIT COMMITTEES Fulfilling annual reporting requirements

2 AUDIT COMMITTEES: FULFILLING ANNUAL REPORTING REQUIREMENTS Colleges are operating in an environment where there is increased emphasis on effective governance and sustainability, allied to the greater freedoms and flexibilities afforded under the Education Act Naturally, with greater freedom, comes greater accountability. This paper identifies those core requirements of the audit committee annual report as well as those matters that audit committees should cover in order for the annual report to be of real value. Colleges are accountable to a range of stakeholders including learners and local communities as well as government and funding bodies. As colleges seek to navigate their way through a number of uncertainties, the board more than ever, is looking to the audit committee to provide assurance with regards to risk management, internal control, governance and the college s use of resources (value for money), but also to provide advice and insight. Under the Joint Audit Code of Practice (JACOP), there is a requirement for the audit committee to produce an annual report, which is submitted to the corporation prior to the statement of corporate governance and internal control being signed. The audit committee is responsible for providing insight to the corporation on the adequacy and effectiveness of the college corporation s assurance framework. Whilst the requirement within JACOP for the audit committee to produce an annual report is a key part in ensuring effective governance, the development of a thorough, complete and truly representative audit committee annual report is simply good practice. JACOP states the audit committee must: Assess and provide the corporation with an opinion on the adequacy and effectiveness of the college corporation s assurance arrangements, framework of governance, risk management and control processes for the effective and efficient use of resources, solvency of the institution and the safeguarding of its assets. The audit committee annual report: summarises the committee s activities relating to the financial year under review, not only those activities undertaken in-year; includes the committee s opinion on the adequacy and effectiveness of the college s framework of governance, risk and control and how the college has secured value for money; and underpins the board s own opinions in the statement of corporate governance and internal control in the annual accounts. In line with the requirements of the accounts direction, English colleges are required to submit the audit committee annual report to the relevant funding body. To comply with JACOP, there are a number of core elements that must be included within the audit committee annual report. Below we cover those core requirements and provide insight into what we consider to be good practice, drawing on our extensive work with the sector and our understanding of the core issues faced by further education colleges at this time. 2

3 The effective audit committee annual report In compiling the annual report, the audit committee must be mindful of the need to summarise its activities effectively, in relation to the year under review, and report any significant issues. Key sections of the audit committee annual report Introduction Terms of reference Oversight of external assurance providers Meeting attendance Risk and internal control Other committee activities In compiling the audit committee annual report consider: has the report been written in clear language? does it cover all of the areas required? has the audit committee gathered enough evidence and assurance throughout the year to support the opinions given? and has the committee considered FE Commissioner and funding body reports and guidance and how they may apply to their college? Committee self-assessment Committee opinion to the board As a key advisor to the board it is imperative that the annual report takes what can be complex information and summarises this into digestible, clear language. It is vital that the board and governors understand the information they are being given. As a basis, the content of the annual report must be both accurate and reliable as well as providing the right amount of detail. Valuable audit committee annual reports cover those core requirements as laid out in JACOP, but then go further by: examining the value obtained from assurance providers; identifying the focus of auditors within the year and how their work aligns to the priorities and risks of the college; providing a summary of the evidence received throughout the year which underpins the committee s opinion; and in the spirit of openness and transparency, identifying the key activities and committee agenda for the forthcoming year. 3

4 How the audit committee has fulfilled its established terms of reference The annual report should provide a summary of the audit committee s remit; committees should consider including their full terms of reference as an appendix to their annual report thus providing clarity of purpose without breaking up the core content of the report. Membership throughout the year under review should be summarised with the number and dates of meetings clearly recorded in addition to the attendance ratios (eg four out of five committee meetings attended) of all committee members. It is also good practice to make reference to other individuals who, throughout the year, may have attended committee meetings but who are not committee members. Depending on the code adopted, and if within the remit of the committee to do so, an assessment of the corporation s compliance with the Code of Good Governance for English Colleges, in regards to assurance matters, or the relevant aspects of The UK Corporate Governance Code should be made. The outcomes of the assessment should be incorporated within the committee s annual report. We would advise audit committees to clearly set out their assurances with regards to fraud, irregularity and whistleblowing as from our experience not all committees adequately cover these areas despite them being integral to the safeguarding of assets. With regards to fraud, irregularity and whistleblowing the audit committee annual report should: make reference to the committee s role in overseeing the college s policies and explain any investigations undertaken and their outcome; make reference to the outcomes of any fraud related proactive reviews; and report any concerns or material instances of fraud or irregularity. With greater emphasis on colleges to self-assess arrangements for the effective and efficient use of resources some colleges may have been formalising structures and processes in this area in recent times. It is good practice for the audit committee to reflect upon this as part of their annual reporting process. A substantial number of colleges are facing financial difficulties, brought about by reduced funding and the wider economic climate in recent years. There is now an increased regulatory focus on value for money and the audit committee must clearly demonstrate the college s efficient and effective use of resources. While colleges have been required to ensure the proper use of public funds for some time, the requirement for an opinion in relation to value for money is relatively new and thus audit committees may still be considering where they obtain assurance from. Value for money (VfM): key sources of assurance College s VfM strategy. Reports of the VfM group / committee. Review of any VfM key performance indicators (KPIs) and progress against those KPIs. Reports from any internal VfM reviews. Reports of assurance providers, such as internal audit, who may have reviewed VfM within the college. Any VfM related benchmarking activity with peer organisations. Review of any cost saving plans. The committee s own assessment of its effectiveness Evidence of a thorough committee self-assessment is a key part of the annual report; performance should be assessed in relation to the agreed terms of reference. As part of the self-assessment process, the audit committee should determine whether its terms of reference remain appropriate and whether it has fulfilled its responsibilities. The self-assessment should also consider whether committee business has focused on all required elements. There are checklists for audit committees to utilise as part of the self-assessment process, however in documenting the review as part of the annual reporting requirement, committees should: make reference to the existence of any learning and development plans for members; summarise any member training undertaken, which ensure members stay abreast of any changes in the regulatory or legislative landscape; and consider key outcomes achieved during the year. The collective skill mix should be considered and any skill gaps identified. The self-reflecting audit committee should be asking, are we undertaking our responsibilities and obligations appropriately, and in a manner that provides effective insight to the board? 4

5 Significant internal control issues arising from the work of auditors and assurance providers It is important for the audit committee to understand the assurance that the board and committee require. Linked to this, the audit committee annual report should provide: a summary of any work undertaken by internal audit and should highlight any high risk areas and control weaknesses identified within their reports. (Note, your internal auditor s annual report to the board should itself be providing guidance on which areas, if any, they believe would be relevant here), including whether internal audit has provided a qualified or unqualified opinion with regards to governance, risk and internal control frameworks; a summary of the financial statement auditor s management letter, so that any major issues identified by external audit are reported. This should include whether external audit has provided a qualified or unqualified opinion with regards to the accounts; reference to the reporting accountant s regularity report including whether the reporting accountant has concluded that nothing has come to their attention to suggest that expenditure had not been applied to the purposes intended. The 2015 JACOP contains a change in the reporting required and in noting this change from a regularity audit opinion to an accountant s report, the audit committee annual report, should draw out the conclusions of the reporting accountant and comment on the assurance given; and a summary of any other assurance providers findings considered during the year. The audit committee must have a clear understanding of where the college is getting its assurances from and it is good practice for those sources of assurance to be referenced within the committee annual report. As part of this process, the committee should make use of any assurance mapping exercises that may have been undertaken. A board assurance framework will provide an evidence base which the college can use to underpin its annual statement of corporate governance and internal control. Key sources of assurance Discussions with management and departmental heads. Performance, compliance, budget and management reports. Self-assessment return. Other committee reports. Outcomes of any benchmarking activity with other colleges. Ofsted reports. Internal audit reports. External audit reports. Other sources of third party assurances. Through an embedded board assurance framework colleges are able to consider whether services are efficient and effective, whether there are any assurance gaps, whether assurance is duplicated and so there is further scope for efficiency gains, as well as identifying whether existing controls are failing and therefore risks more likely to occur. Most audit committees have a mechanism in place for tracking outstanding management recommendations/ actions and this process could be referenced within the annual report as it is a useful source of assurance on how identified risks are being managed. In terms of recommendation tracking, the audit committee should have oversight of: those recommendations made; those actions that are in progress but not complete; and those recommendations that have been actioned and therefore closed down. The annual report should make reference to the committee s role in monitoring outstanding actions in terms of both severity and timescales. Where outstanding actions represent a significant risk, the committee should be making the board aware of this. The board can then determine whether further action is required. 5

6 The audit committee s formal opinion With increased autonomy and accountability, coupled with pressing financial viability concerns, providing an opinion on the adequacy and effectiveness of the assurance arrangements, framework of governance, risk management and control processes and having regard to the effective and efficient use of resources, solvency of the institution and the safeguarding of its assets is a real challenge for the audit committee. The audit committee must consider each element, ensure it has all the evidence that it requires in order to make a sound judgement, discuss openly and frankly its thoughts, drawing on the information and assurances it has received throughout the year, including all relevant reports of external assurance providers, management reports and reports of other committees, and come to a collective view. If the annual report is to be of real value, its contents need to be conveyed with honesty and must clearly represent the views of the committee. For many colleges, the audit committee is faced with the difficult task of summarising any internal governance improvement, against a backdrop of an increasingly difficult operating environment. It is therefore important for the audit committee to deliver its messages with clarity, purpose and balance. For further information please contact: Lisa Randall M +44 (0) lisa.randall@rsmuk.com Stephanie Mason M +44 (0) stephanie.mason@rsmuk.com In forming its opinion, the audit committee must have a clear understanding of the college s overall financial position; it must also have a clear understanding of the college s risk profile and where improvements in internal control may be required. At this time, a significant proportion of colleges are facing difficulties in maintaining a going concern position, while some will have been given a qualified audit opinion and may be under the spotlight of the FE Commissioner. The audit committee annual report must then deliver some difficult messages as for some colleges the solvency of the institution and the safeguarding of its assets may be in question. The annual report and the committee s opinion must be articulated carefully, with the use of language given real thought by committee members. rsmuk.com The UK group of companies and LLPs trading as RSM is a member of the RSM network. RSM is the trading name used by the members of the RSM network. Each member of the RSM network is an independent accounting and consulting firm, each of which practices in its own right. The RSM network is not itself a separate legal entity of any description in any jurisdiction. The RSM network is administered by RSM International Limited, a company registered in England and Wales (company number ) whose registered office is at 50 Cannon Street, London EC4N 6JJ. The brand and trademark RSM and other intellectual property rights used by members of the network are owned by RSM International Association, an association governed by article 60 et seq of the Civil Code of Switzerland whose seat is in Zug. RSM UK Consulting LLP, RSM Corporate Finance LLP, RSM Restructuring Advisory LLP, RSM Risk Assurance Services LLP, RSM Tax and Advisory Services LLP, RSM UK Audit LLP and RSM UK Tax and Accounting Limited are not authorised under the Financial Services and Markets Act 2000 but we are able in certain circumstances to offer a limited range of investment services because we are members of the Institute of Chartered Accountants in England and Wales. We can provide these investment services if they are an incidental part of the professional services we have been engaged to provide. Baker Tilly Creditor Services LLP is authorised and regulated by the Financial Conduct Authority for credit-related regulated activities. RSM & Co (UK) Limited is authorised and regulated by the Financial Conduct Authority to conduct a range of investment business activities. Whilst every effort has been made to ensure accuracy, information contained in this communication may not be comprehensive and recipients should not act upon it without seeking professional advice RSM UK Group LLP, all rights reserved. 1770