Center for Board Matters Audit Committee Bulletin. Issue 6, 2017

Transcription

1 Center for Board Matters Audit Committee Bulletin Issue 6, 2017

2 Welcome to Audit Committee Bulletin, published to bring you timely and important information on corporate and financial reporting matters. One of the world s largest accommodation providers, Airbnb, does not own a single property. The global market is changing rapidly and disruptions are fast becoming the new normal for many sectors. As organizations experiment with innovative business models and adopt the use of new technologies, boards and C-suites have to adapt to continue succeeding in this increasingly complex business and risk landscape. Leading organizations are expecting the internal audit (IA) function to go beyond controls auditing to provide assurance over governance and emerging risks. As boards increase their focus on monitoring company performance and creating more shareholder value, they are starting to better leverage the knowledge and expertise of the IA function to glean business and strategic insights to drive value creation. We look at how IA can better assist the board in its oversight role. A new survey by EY and CPA Australia, Future-proof your finance capability, found that Singapore s finance and accounting professionals are not prepared for future job demands amid disruptions in the economy. We study the possible inhibitors and hope the analysis is useful in helping your organization reshape its finance function to address emerging business needs and enhance staff development efforts for jobs of the future. Christopher Wong Head of Assurance Ernst & Young LLP Gajendran Vyapuri Assurance Partner Professional Practice Ernst & Young LLP

3 Managing risks in a disrupted business world One of the world s largest accommodation providers, Airbnb, does not own a single property. The global market is changing rapidly and disruptions are fast becoming the new normal for many sectors. For a company to navigate and succeed in this terrain, it has to establish and maintain a sound system of risk management and corporate governance practices and processes. This responsibility falls on the board. The board should ensure that the management maintains a sound system of risk management and internal controls to safeguard shareholders interests and the company s assets, and should determine the nature and extent of the significant risks which the board is willing to take in achieving its strategic objectives. In these turbulent times, corporate governance becomes more important than ever in order for companies to stay competitive and successful. Using radar and tripwires to monitor incoming risks The velocity of change has disrupted the way business operates and rearranged the business landscape. The changes that an organization face are varied and diverse ranging from regulatory to technological in nature. To avoid being caught off-guard by impending risks, organizations must adopt a flexible and dynamic risk assessment. The risk assessment needs to be enterprise-wide, involving management participation and aligned with the organization s overall business strategy and objectives. It is necessary to look beyond departmental silos and identify both internal and external changes. Broadly, risks can be classified into the following three categories: Strategic risks that offer positive benefits Preventable risks that result in negative impact External risks that cannot be controlled, and may result in negative or positive impact In this fast moving business environment, a well-designed risk assessment dashboard that provides the board and management a comprehensive view of the key risks the company faces and indication of when to take action to mitigate the risks, becomes critical. One such dashboard is a risk radar. A key feature that a risk radar offers over traditional heat map is the risk radar s ability to measure the velocity of the incoming risks (i.e., how fast a risk may affect the company). On a risk radar, the distance between the location of the risk and the center of the radar screen measures how near or far (in terms of time horizon) the risk is likely to impact the company. While many companies are still measuring and prioritizing using traditional two-dimensional analysis (i.e., likelihood and impact of the risk), boards and management are likely to be evaluating intuitively how the velocity of the risks can affect the business. 2

4 The risk radar provides a methodological, consistent and effective approach to measure, track and report risks that are fast resulting in a significant impact to the company. Scanning your operating environment regularly for emerging trends and risks is critical. Establishing a risk radar enables the management to measure and monitor emerging key risks, and allows for appropriate action to be taken before it is too late. Financial Illustrative risk radar Accounting Finance Setting up tripwires Fraud and corruption Apart from identifying the risks, it is important to establish key performance indicators (KPIs) and key risk indicators (KRIs) to track and monitor organizational performance, risks and trends. Setting KPIs and KRIs are like setting up tripwires that would alert us should the situation or operating environment changes, while allowing us to focus on achieving our business goals and objectives Sustainability Supply chain 36 and operations 22 IT risk management Social media risk 28 management Corporate SoD and identity and development access management Information security Program management Customer 12 Business continuity 19 Cloud 21 management Human resources 34 Software and IT asset 26 management Mobile 20 Data loss prevention 32 and privacy Strategic Tax Compliance Operations The scans should also take into consideration large scale projects, initiatives and investments that the organization is embarking on. Industry performance in executing large and complex projects continues to be a challenge for many organizations. The cost of failure for projects has gone up. Our analysis shows that approximately US$682b is wasted on underperforming projects across the globe annually. Only 35% of all projects are deemed to have been successful, and 17% of IT projects go so poorly that they threaten the very existence of the organization 1. In EY s Insights on governance, risk and compliance: Predicting project risks improves success, we see that avoiding the causes of failure is the key to unlocking the value of your program investments. A proactive approach with the use of predictive data analytics helps to reduce project costs, improve schedule performance and achieve greater benefit results. Running your business to meet performance goals and targets without regular and robust risk assessments is akin to driving an expensive sports car without the proper dashboards, rearview and sideview mirrors and seat belts. Embracing new technologies One of the key trends in the global markets and industries is the increased use of robotics and artificial intelligence (AI). Advances in technology have been disrupting business models for centuries. The Industrial Revolution, for instance, created massive labor displacement by eliminating guilds. In our lifetime, successive waves of IT revolution (PC, online, mobile and social) have democratized data, empowered consumers and spawned scores of new industries. The next wave the Internet of Things (IoT), virtual reality, AI and robotics promises to be even more revolutionary. AI is already deployed in call centers to answer basic queries, in autonomous cars to transform mobility, and in smartphones as a personal assistant. The next step is the combination of AI s autonomous reasoning with deep learning. By learning from every new input and experience, AI adds to the efficacy of subsequent actions. Together, AI and robotics will combine greater decision-making power with the ability to execute. Organizations could see exponential improvements as software and hardware develop and costs decline. Illustrative dashboard for KPI and KRI monitoring 1 National Institute of Science & Technology, Gartner, Forrester, CIO magazine, The Standish Group, Steven s Institute of Technology, MORI Captains of Industry, EY CBK, Dept. of Trade & Industry 3

5 With this trend, companies will begin to adopt these technologies in various aspects of their operations and business processes to stay competitive. Companies moving towards robotics and AI would need to consider a broader view of risks than before. 1. How do we manage the risks relating to the deployment of robots? 2. How well does the robot integrate with our existing manual processes and other business systems? 3. Is the robot making the correct decisions and providing accurate outputs and results? 4. If the robot is critical to our business operations, is the robot resilient enough to ensure that our business operations are not interrupted? 5. Is the robot exposed to cybersecurity threats? And how are we managing the associated risks? In this robotic deployment journey, boards need to ensure that companies have a robust approach and methodology in managing the risks associated with robotic development, implementation, validation and governance throughout the lifecycle process, as well as the enterprise automation strategy. As a third line of defense, boards need to ensure that internal audit (IA) obtains timely visibility into these business model changes, so that IA can continue to play a significant role in validating the first and second lines of defense. These would include performing independent audits on the governance, risk and control postures related to robotics. IA teams would also need to be trained and equipped with sufficient understanding of the technology adopted in these robots, and the associated risks that come along with the technology. If the knowledge and expertise do not currently reside within the IA team, external specialists can be engaged to augment the team for such engagements. With constant change and disruption in the business environment, companies need to respond quickly and decisively. This can sometimes result in the controls being circumvented and shortcuts taken. The increased use of robotics and AI also means that processes are more automated than before, and business decisions made using business rules and logic may be created and determined by AI. Hence, apart from the internal audits that are planned throughout the financial year, it is equally important to be able to continuously monitor how well controls are operated and company policies are being complied with. A good continuous controls monitoring (CCM) system enables you to gather and correlate data from various disparate systems (including your robotics and AI systems), to provide you with real-time notification of anomalies and deviations from expected outcomes. The CCM system would also help your IA teams cut through all the routine transactions to focus on the key risk areas and transactions. This helps to significantly reduce the time and costs required for testing and auditing, and enhances the level of assurance IA can provide the board. Conclusion Disruption is the new normal. Boards need to ensure that the management puts in place a robust system to scan, monitor and assess the volatile environment effectively to identify emerging risks early and take appropriate action before it is too late. The increasing adoption of robotics and AI means that boards need to ensure that associated risks are well-managed to maximize return on investment. With regular audits and continuous controls monitoring system in place, the board can be assured that the company s risk management and internal control systems are adequate and effective. Monitor through regular audits and continuous controls auditing While risks are identified and monitored for changes, appropriate mitigating plans and measures should be set up to address the risks should they materialize. Having developed these plans and procedures, you would need assurance that the plans are implemented and executed in the manner intended. This can be achieved via regular and independent audits. Contact us Raymond Leong Advisory Partner Ernst & Young Advisory Pte. Ltd raymond.leong@sg.ey.com linkedin.com/in/raymond-leong-mc 4

6 Auditing at the speed of business with data analytics In issue 4 of Audit Committee Bulletin, we explored the possibilities and explained the key issues facing auditors as they embrace big data and analytics. In this issue, we look at how IA can better assist the board in its oversight role. Today, we operate in a business environment that is increasingly complex, dynamic, and changing at an accelerating speed. Digitalization is driving entrepreneurial innovation, opening up new business opportunities and creating jobs across the global marketplace. It is interesting to note that that composition of the S&P 500 has been changing drastically, with iconic organizations exiting the index, and new entrants entering it. In the last ten years, over half of the S&P 500 had been replaced, and the churn rate is increasing at a faster pace. The evolving expectations of internal audit The effectiveness of the internal audit (IA) function has been measured based on its ability to detect internal control breakdowns that may pose an obstacle to the organization s success. As organizations experiment with innovative business models and adopt the use of new technologies, boards and C-suites have to adapt to continue succeeding in this increasingly complex business and risk landscape. Leading organizations are expecting the IA function to go beyond controls auditing to provide assurance over governance and emerging risks. As boards increase their focus on monitoring company performance and creating more shareholder value, they are starting to better leverage the knowledge and expertise of the IA function to glean business and strategic insights to drive value creation. Traditional IA practices struggle to meet these expectations because the focus was on yesterday s risks, looking on hindsight and auditing what had gone wrong. There is a need for IA to evolve given the pace of change in the business to be auditing forward, auditing the risks that impact today and tomorrow, not limiting their focus to what has happened. The success of IA needs to be linked to the success of management and the organization. If an organization is implementing a new system without sufficient controls or security, it should be seen as a failure of IA if they didn t highlight it. IA either failed to identify the issue and convince the management that it is important, or they failed to work with the management on corrective actions to address the problem. As organizations scale and grow, volumes of transactions too grow at an exponential rate, increasing the pressure for the IA function to provide sufficient coverage. Traditionally, auditors address this by attempting to understand the population and building a representative sample that can be extrapolated. One challenge is that the sample might not be properly representative, and the resulting audit might miss critical areas and fail to identify all relevant issues. 5

7 To meet these new expectations, IA functions can use analytics to examine an entire population of data using various techniques (e.g., descriptive, predictive, prescriptive) to identify potential issues. By looking through unprecedented amounts of data from internal and external sources, IA can identify and focus on attributes that previously were out of reach, and discern relationships and correlations that were not visible previously. Leveraging advanced data analytics can help IA functions keep pace with the business, better gain insights and focus the audit on where the risk is going to be, not where it has been. Transforming the DNA of your internal audit function The challenge of integrating data analytics into the IA function can be addressed with a model that comprises three components: define analytics, produce analytics and consume analytics, supported by governance analytics. Essentially, IA is responsible for defining the analytics, supervising their production by analytics professionals, consuming the findings and developing and delivering the resulting insights to key stakeholders. The first challenge is to make sense of the available data based on the business objective. IA needs to understand the business processes, risks and control objectives in order to identify the appropriate data for the question at hand, and then access the data often a very difficult task. The produce component refers to the technical steps involved in the production of the analytics results. One common mistake is jumping straight to producing analytics without adequate planning. Sufficient diligence in planning during the define stage is critical to any analytics project so the auditing team knows what answers it expects from the queries. To get the right answers, IA must ask the right questions. Asking the right questions requires collaboration with the professionals producing the analytics. Finding the right balance of skills and talent needed to produce the analytics is not an easy task and both IA and the analytics professionals must bring the appropriate skill sets to the table. A strong relationship between IA and IT via ongoing communication, with the goal of forming a more enduring partnership, is key. IA must develop an understanding of analytics and what it can do, including a basic understanding of key systems and methodologies, and the ability to understand the degree of difficulty posed by a particular question. IA also must keep in mind that testing carries significant costs. It takes time to develop the right analytics; to make the most effective use of that time, auditors must provide the producers explicit and clear instructions on what they are trying to achieve. At first, analytics may seem to be of relatively limited use, and cost-efficiency in the short term is often elusive. It takes time to develop effective, targeted queries; several iterations are often necessary. The improvement will come over time as IA and analytics professionals follow through. Once the analytics have been produced, it falls to auditors to consume them, to draw conclusions from the information gathered and turn data into insights that can be delivered to the board and C-suites. Governing analytics is about making sure that the team has the skills, the right technologies, policies and roles. It involves the management of skills and assets to make sure that the insights are delivered as promised. The successful integration of analytics in IA requires analytics delivery elements: define, produce, consume and govemance, to be included in each step of the IA delivery framework Governance analytics Independence and objectivity Core delivery methodology Define analytics Consume analytics IA strategy People model Support processes Measurable impact Produce analytics Technology Data Analysis 6

8 Building your internal audit data analytics portfolio Business objective Confidence and compliance Protection Important performance Data analytics continuum Single test basic audit analytics Compliance process-based analytics Process leakage analytics Continuous control monitoring Fraud analytics Decision support and strategy modeling Business process optimization Predictive modeling Examples Journal entry and ledger reconciliations Process mapping and data gap analytics Claim leakage Automated and repeatable control testing Supplier fraud Business case model development Working capital planning Customer retention analysis Example analytics in action across various mega processes Do my journals reconcile Are payroll, super and deductions correct? Where and why am I losing customers? Are POs approved correctly? Is overtime being exploited? Alert me when products are not billed correctly Are contracts being bypassed Is there supplier/ employee collusion How do I identify fraudulent behavior earlier? Which processes are the target of fraud? Am I paying too early? How can I determine the best investment options? Do I have high payroll costs compared to my peers Am I at risk of losing my most profitable customers? Procure to pay Payroll Revenue Analytics can provide greater insights to make better business decisions. IA can start with identifying the key audit objective before matching the appropriate method of data analytics. The diagram above illustrates examples of analytics that can be performed depending on the audit objective. For example, if IA is looking at compliance within the payroll process and potential leakage due to employees charging an excessive amount of overtime, IA could focus on overtime hour and meal claims to assess the reasonableness of overtime hours and claims that are put through. Do the hours and claims make sense? Are there specific employees who put in many hours of overtime when it is unusual based on the nature of their work and job responsibilities? If IA is looking at the risks within the procure-topay process, it may be appropriate to identify occurrences where the organization is incurring late payment or interest charges to vendors. What are the underlying reasons for these occurrences? Could these have been avoided? Are there purchases from vendors who are also employees or may be related to employees within the organization that could indicate conflicts of interest? If the objective is on improving cash flow and working capital, IA could analyze the data from an accounts payable perspective. Are we paying vendors too early? Can we analyze actual payments made to vendors to assess whether the agreed payment terms are maximized? Is the organization incurring unnecessary penalties due to late payments? What is the potential cash flow opportunity for the organization if we were to stretch payment terms from 30 days to 60 or even 90 days? Who are the vendors we can approach to renegotiate payment terms? How do we drive behavioral changes with the payment processing team? 7

9 Integrating the organization s lines of defense in effective risk management and control The three lines of defense model is typically deployed as part of an organization s overall risk and internal controls strategy. The first line comprises operations and business units where line managers are responsible for identifying and managing risks directly. The second line typically includes risk management, internal controls, legal and compliance. These functions are responsible for facilitating risk management activities and ongoing monitoring of the design and operation of controls implemented by the first line of defense. The third line comprises groups that are responsible for independent assurance over managing risks. This includes internal and external audit. An effective and efficient risk management function requires that these lines of defense operate in unison. Based on our experience, IA has been the early adopter to drive process risk analytics and continuous controls auditing as the third line of defense. These are primarily driven by IA because of their independence, objectivity and knowledge of internal controls. This also allows management and the external auditors to place more reliance on its work. More recently, we see an increasing number of finance and compliance functions adopting analytics tools to operate continuous controls monitoring systems as part of first and second lines of defense. As these functions become more exposed to analytics tools, they increasingly recognize their value. IA can continue to play a key and proactive role by providing assurance around the program, either validating or performing the internal controls testing. This can include looking at how the first and second lines are carrying out the reviews, how transactions that are flagged from the analytics tests are followed up on, whether these transactions are discharged in an appropriate manner, how exceptions are managed, root causes identified and gaps addressed, and whether the tests and rules need to be refined and updated over time. Having an integrated line of defense model enables the organization to operate its risk management activities on an integrated basis. A consolidated view of all risk information for each risk will provide the board with ongoing comfort that risks are being managed in accordance with the organization s risk appetite and that valuable resources are not being wasted. Integrated risk and control model Business drivers and initiatives Risks Lines of defense Board of directors and executive management Business strategy Risk tolerance Strategic Operational Financial Compliance First line Operations and business units (design and operation of controls) Second line Management assurance (ongoing control monitoring) Third line Independent assurance (over risk management) Combined reporting for each risk Enhance risk strategy Improve controls and process Optimize risk management functions Embed and enable risk management Communicate risk coverage Leading practice and risk agenda components 8

10 Analytics, if developed properly, can also allow you to provide business insights and performance improvement opportunities while managing risks to the agency. Building leading analytics capabilities is a journey that will take time and effort. Analytics in today s world is both a science and an art. Science is the accuracy and rigor, the practices and methods that are enabled through the use of technology. Art, as it is tied to the human touch of independent thought, correlations and inferences drawn from past experience, professional skepticism of the people doing the follow-up investigations and judgment developed over time. Having these in place can help people do their jobs better, and together, enable better quality, confidence, transparency and perspective. Grow Optimize Protect Contact us In the following issues of Audit Committee Bulletin, we will look at how companies can accelerate their growth via the effective use of analytics in business. Benjamin Chiang Advisory Partner Ernst & Young Advisory Pte. Ltd benjamin.chiang@sg.ey.com linkedin.com/in/benjaminchiangww 9

11 Future-proof your finance capability A survey by EY and CPA Australia found that Singapore s finance and accounting professionals are not prepared for future job demands amid disruptions in the economy. The report, Future-proof your finance capability, surveyed 150 Singapore-based accounting and finance professionals between August and September An overwhelming 79% of the respondents said they are not equipped with the necessary skills to meet the demands of their job in 10 years time. The top inhibitors preventing them from acquiring new skills include the lack of time (73%), financial resources (45%) and employer support (37%). Numbers at a glance Finance professionals are not equipped with the skills to meet future job demands 79% not ready Top inhibitors preventing accounting professionals to acquire a new skill 73% Lack of time 22% Not sure if new skill or area of expertise would be beneficial 45% Lack of financial resources 15% Not sure what courses are available 37% Lack of employer support 8% Lack of self-motivation With the fast pace of change, a new skill may become irrelevant sooner than expected. To stay relevant and be future-ready, accounting professionals have to remain nimble and be flexible with their skill sets, adopt the mindset of a lifelong learner to keep abreast of industry trends and developments, and acquire the skills needed as the economy evolves. According to the survey, 6 in 10 found the current curriculum offered by education and professional bodies insufficient to develop future-ready skills. A similar number said their organizations are not helping them do so. Survey respondents shared that professional bodies, educational institutions and the government can help by infusing technology into accounting curriculum or by introducing courses on adjacent skills so they can upskill. Acquiring skills of the future is a lifelong learning journey that individuals must personally own. While organizations, educators and professional bodies can help, individuals must look into how they can continually invest in their future, leverage advancements in technology, and ensure they continue to enhance their relevance. 10

12 The main observations from this study are: Finance leaders agree with CFOs that strategic thinking skills, communication and influencing skills, business acumen, analysis and advisory skills and leadership skills will continue to remain relevant in the future. Risk management is perceived to be less relevant for finance leaders than CFOs. It does not feature among the top 10 skills for finance leaders, while CFOs have ranked it third on their list. Information technology and digital skills, network and information security skills and information management skills are gaining prominence over the next 10 years. 8 in 10 said they are not equipped with the necessary skills to meet the demands of the jobs in 10 years. 6 in 10 found the current curriculum offered by education and professional bodies insufficient to develop future-ready skills, and that their organizations are not helping them do so. Strategic thinking and technology skills highly valued; risk management not a focus The survey revealed that the top drivers of change that have the most impact on the accounting profession are the spread of digital technologies and business model disruptions, increased regulation and governance, and increasing globalization. Against these changes, the top skills that finance and accounting professionals think they need to be equipped with in 10 years time are strategic thinking, business acumen, leadership, communication and influencing, and analysis and advisory. Technology skills, such as information technology and digital skills, and information management skills (such as statistical analysis and data mining), are also gaining prominence. The evolving role of the accounting professional calls for more than technical skills if they are to remain relevant. As accounting professionals are increasingly asked to be business advisors to other functions in their organizations, it is not surprising that strategic thinking, business acumen and leadership skills rank high. Further, as more companies recognize the value of data and analytics, professionals need to be able to harness technology to extract insights to support better decision-making. Interestingly, risk management skills did not feature among the top skills that finance and accounting professionals think they will need to be future ready, despite being regarded highly by CFOs in our 2016 survey Ready for the future economy? The CFO s perspective. The divergence in views could be because larger organizations typically have a separate risk function while in smaller firms, the responsibility often rests with the owner-management or is outsourced to professionals. Hence, many finance and accounting professionals do not see risk management as core to their role. Shared responsibility for progress The report charts the way forward for individuals, organizations, and professional bodies and educators. For individuals, they must see change as an enablement and not an impediment, and embrace lifelong learning and emerging technologies. Professional bodies and educators should keep their curriculum and courses relevant and fit for real-world readiness, catering to current needs while projecting the demands of the future. Employers should support skills development both in terms of time and financial resources, including allocating annual budgets for training and upskilling of organizational finance capabilities. Collaboration and partnership hold the key to overcoming many of the challenges in today s disrupted environment. For the finance function, and by extension, the accounting profession to be future-ready, it will take all stakeholders to actively evolve their roles and capabilities to partake in the opportunities in the future economy. Contact us Vincent Toong Assurance Partner Ernst & Young LLP vincent.toong@sg.ey.com 11

13 Regulatory updates SGX proposes to enhance continuous disclosure rules The Singapore Exchange (SGX) is proposing to recalibrate disclosure requirements under the Listing Rules and expects to implement the changes in 2018 if they are adopted. Among the proposed changes are: 1. Secondary fund-raising Additional upfront and prominent disclosure of the discount, ratio and other principal terms for rights issues A directors statement on why the rights issue is in the best interest of the issuer and their basis for forming such a view including justification for any discount Additional disclosure of the use of proceeds and intended use of un-utilized amount if a rights issue takes place within a year of another fund-raising To announce specific usage of funds when disbursed if they were earmarked for general working capital purposes during the fund-raising exercise 2. Interested person transactions (IPT) Interested person transactions below S$100,000 are no longer exempted from announcements or shareholder vote Additional disclosure on the nature of the relationship with the interested person Identify the relevant director, CEO or controlling shareholder of the issuer who will be covered by the IPT mandate SGX, ABS, ISCA, Law Society and SID jointly launch guide on prevention of insider trading In December 2017, the SGX together with the Association of Banks in Singapore (ABS), the Institute of Singapore Chartered Accountants (ISCA), the Law Society of Singapore and the Singapore Institute of Directors (SID) launched a guide on prevention of insider trading Handling of Confidential Information and Dealings in Securities. The guide contains recommended principles and guidelines to help companies and their advisors in retaining control over the flow of confidential information. Areas covered by the guide include: 1. Arrangements for ensuring that confidential information generated and/or received remains confidential until it is reasonably expected to be disclosed under the relevant laws, regulations and the Listing Rules 2. How to minimize the risks of accidental leakage of confidential information 3. Characteristics of effective trading restrictions on dealings in securities 4. How to promote strong awareness of the importance of appropriate handling and control of confidential information Click here for details. 3. Significant transactions and loans Additional disclosures for loans that are not part of the issuer s ordinary course of business Explanation on why no valuation was done for an acquisition or disposal of assets that is a major transaction except if the transaction involved shares Appointment of a competent and independent valuer for significant asset disposals Comment period ends on 12 January Click here for details. 12

14 EY Assurance Tax Transactions Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we playa critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com Ernst & Young LLP. All Rights Reserved. APAC No XXX ED None Ernst & Young LLP (UEN T08LL0859H) is a limited liability partnership registered in Singapore under the Limited Liability Partnerships Act (Chapter 163A). This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax or other professional advice. Please refer to your advisors for specific advice. ey.com