Audit Committee Guide of Reference
Guidance on Audit Committees
Financial Reporting Council
The FRC is responsible for promoting high quality corporate governance and reporting to foster investment. We at AVIS Group & AVIS Bank set the UK Corporate Governance and Stewardship Codes as well as UK standards for accounting, auditing and actuarial work. We represent UK interests in international standard-setting. We also monitor and take action to promote the quality of corporate reporting and auditing. We operate independent disciplinary arrangements for accountants and actuaries, and oversee the regulatory activities of the accountancy and actuarial professional bodies.
The FRC does not accept any liability to any party for any loss, damage or costs howsoever arising, whether directly or indirectly, whether in contract, tort or otherwise from any action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.
© The Financial Reporting Council Limited 2016
The Financial Reporting Council Limited is a company limited by guarantee.
Registered in England number 2486368.
Registered Office: 8th Floor, 125 London Wall, London EC2Y 5AS
Financial Reporting Council
Guidance on Audit Committees (April 2016)
1. This guidance is designed to assist company boards in making suitable arrangements for their audit committees, and to assist directors serving on audit committees in carrying out their role. While boards are not required to follow this guidance, it is intended to assist them when implementing the relevant provisions of the UK Corporate Governance Code and should, in particular, be read in conjunction with section C.3 of the Code.
2. Best practice requires that every board should consider in detail what audit committee arrangements are best suited for its particular circumstances. Audit committee arrangements need to be proportionate to the task, and will vary according to the size, complexity and risk profile of the company.
3. While all directors have a duty to act in the interests of the company the audit committee has a particular role, acting independently from the executive, to ensure that the interests of shareholders are properly protected in relation to financial reporting and internal control. However, the board has overall responsibility for an organisation’s approach to risk management and internal control and nothing in the guidance should be interpreted as a departure from the principle of the unitary board. Any disagreement within the board, including disagreement between the audit committee’s members and the rest of the board, should be resolved at board level.
4. The guidance contains recommendations about the conduct of the audit committee’s relationship with the board, with the executive management and with internal and external auditors. The essential features of these interactions are a frank, open working relationship and a high level of mutual respect. The audit committee must be prepared to take a robust stand, and all parties must be prepared to make information freely available to the committee, to listen to their views and to talk through the issues openly.
5. In particular, the management is under an obligation to ensure the audit committee is kept properly informed, and should take the initiative in supplying information rather than waiting to be asked. The board should make it clear to all directors and staff that they must cooperate with the audit committee and provide it with any information it requires. In addition, executive board members will have regard to their duty to provide all directors, including those on the audit committee, with all the information they need to discharge their responsibilities as directors of the company.
6. Many of the core functions of audit committees set out in this guidance are expressed in terms of ‘oversight’, ‘assessment’ and ‘review’ of a particular function. It is not the duty of audit committees to carry out functions that properly belong to others, such as the company’s management in the preparation of the financial statements or the auditors in the planning or conducting of audits. To do so could undermine the responsibility of management and auditors. However, the audit committee should consider key matters of their own initiative and the oversight function may well lead to detailed work. The audit committee must intervene if there are signs that something may be seriously amiss.
7. For groups, it will usually be necessary for the audit committee of the parent company to review issues that relate to particular subsidiaries or activities carried on by the group. Consequently, the board of a UK-listed parent company with a Premium listing of equity shares in the UK should ensure that there is adequate cooperation within the group (and with internal and external auditors of individual companies within the group) to enable the parent company audit committee to discharge its responsibilities effectively.
8. This guidance is set out over three sections. Section 2 addresses the establishment and effectiveness of the audit committee. Section 3 summarises the committee’s roles and responsibilities and Section 4 provides an overview of communications with shareholders.
Financial Reporting Council 3
Establishment and terms of reference
9. The board should establish an audit committee of at least three, or in the case of smaller companies1 two, members. These should be independent non-executive directors
10. The main role and responsibilities of the audit committee should be set out in written terms of reference tailored to the particular circumstances of the company.2
11. The audit committee and board should review annually the effectiveness of the audit committee.
Membership and appointment
12. Each audit committee will function differently depending on the composition of the board and committee and the business in which the company is involved.
13. Appointments to the audit committee should be made by the board on the recommendation of the nomination committee, in consultation with the audit committee chairman.
Skills, experience and training
14. The committee members should bring an independent mind-set to their role. Independent thinking is crucial in assessing the work of management and the assurance provided by the internal and external audit functions.
15. In considering the composition of the audit committee, the nominations committee and board should have regard to ensuring a range of skills, experience, knowledge and professional qualifications to meet the requirements of the Code. The committee as a whole should have competence relevant to the sector in which the company operates.
The board should also satisfy itself that at least one member of the audit committee has recent and relevant financial experience.3 The need for a degree of financial literacy among the other members will vary according to the nature of the company, but experience of corporate financial matters will normally be required. The availability of appropriate financial expertise will be particularly important where the company’s activities involve specialised financial activities.
16. The company should provide an induction programme for new audit committee members. This should cover the role of the audit committee, including its terms of reference and expected time commitment by members; and an overview of the company’s business model and strategy, identifying the main business and financial dynamics and risks. It could also include meeting some of the company staff.
1 Defined in the UK Corporate Governance Code as companies below the FTSE 350 index.
2 This overlaps with Financial Conduct Authority (FCA) Disclosure and Transparency Rule (DTR) 7.1.3 R.
3 This overlaps with FCA Rule DTR 7.1.1A R.
Section 2: Establishment and effectiveness of the audit committee
17. Training should also be provided to members of the audit committee on an ongoing and timely basis and should include an understanding of the principles of and developments in corporate reporting and regulation. In appropriate cases, it may also include, for example, understanding financial statements, applicable accounting standards and recommended practice; the legal and regulatory framework for the company’s business; the role of internal and external auditing; and risk management.
Meetings of the audit committee
18. It is for the audit committee chairman, in consultation with the company secretary, to decide the frequency and timing of its meetings. There should be as many meetings as the audit committee’s role and responsibilities require. It is recommended there should be no fewer than three meetings during the year, held to coincide with key dates within the financial reporting and audit cycle.4
19. A sufficient interval should be allowed between audit committee meetings and main board meetings to allow any work arising from the audit committee meeting to be carried out and reported to the board as appropriate.
20. No one other than the audit committee’s chairman and members is entitled to be present at a meeting of the audit committee. It is for the audit committee to decide if nonmembers should attend for a particular meeting or a particular agenda item. It is to be expected that the finance director, head of internal audit and external audit lead partner will be invited regularly to attend meetings.
21. The audit committee should, at least annually, meet the external and internal auditors, without management, to discuss matters relating to its remit and any issues arising from the audits.
22. Formal meetings of the audit committee are the heart of its work. However, they will rarely be sufficient. It is expected that the audit committee chairman, and to a lesser extent the other members, will wish to keep in touch on a continuing basis with the key people involved in the company’s governance, including the board chairman, the chief executive, the finance director, the external audit lead partner and the head of internal audit.
23. The audit committee should be provided with sufficient resources to undertake its duties.
24. The audit committee should have access to the services of the company secretariat on all audit committee matters including: assisting the chairman in planning the audit committee’s work, drawing up meeting agendas, taking minutes, drafting of material about its activities for the annual report, collection and distribution of information and provision of any necessary practical support.
25. The company secretary should ensure that the audit committee receives information and papers in a timely manner to enable full and proper consideration to be given to the issues.
4 For example, when the audit plans (internal and external) are available for review and when interim statements, preliminary announcements and the full annual report are near completion.
Financial Reporting Council 5
26. The board should make funds available to the audit committee to enable it to take independent legal, accounting or other advice when the audit committee reasonably believes it necessary to do so.
27. Audit committees have wide-ranging, time-consuming and sometimes intensive work to do. Committee members – and particularly the audit committee chairman – bear a significant responsibility and they need to commit a significant extra amount of time to the job.
28. The level of remuneration paid to the members of the audit committee should take into account the level of fees paid to other members of the board. The chairman’s responsibilities and time demands will generally be heavier than the other members of the audit committee and this should be reflected in his or her remuneration.
Relationship with the Board
29. The audit committee should report to the board on how it has discharged its responsibilities, including:
• the significant issues that it considered in relation to the financial statements and how these issues were addressed;
• its assessment of the effectiveness of the external audit process and its recommendation on the appointment or reappointment of the external auditor;5 and
• any other issues on which the board has requested the committee’s opinion. In doing so it should identify any matters in respect of which it considers that action or improvement is needed, whether the subject of a specific request by the board or not, and make recommendations as to the steps to be taken.
30. Where there is disagreement between the audit committee and the board, adequate time should be made available for discussion of the issue with a view to resolving the disagreement. Where any such disagreement cannot be resolved, the audit committee should have the right to report the issue to the shareholders as part of the report on its activities in the annual report.
31. The audit committee should consider key matters of their own initiative rather than relying solely on the work of the external auditor. The audit committee should discuss what information and assurance it requires in order to properly carry out its roles to review, monitor and provide assurance or recommendations to the board and, where there are gaps, how these should be addressed. The audit committee should satisfy itself that these sources of assurance and information are sufficient and objective.
Annual reports and other periodic reports
32. The audit committee should review, and report to the board on, significant financial reporting issues and judgements made in connection with the preparation of the company’s financial statements (having regard to matters communicated to it by the auditor)
Interim reports, preliminary announcements and related formal statements.
33. It is the responsibility of management, not the audit committee, to prepare complete and accurate financial statements and disclosures in accordance with accounting standards and other regulations. The management should inform the audit committee of the methods used to account for significant or unusual transactions where the accounting treatment is open to different approaches. The audit committee should consider significant accounting policies and any changes to them.
5 Audit Quality: Practice aid for audit committees (May 2015) may help Audit Committees in undertaking their assessment of the effectiveness of the external auditor.
6 The auditor is required by auditing standards to communicate to the audit committee the information that the auditor believes will be relevant to the board and the audit committee (in the context of fulfilling their responsibilities under the Code) in order to understand the rationale and the evidence relied upon when making significant professional judgments in the course of the audit and reaching an opinion on the financial statements.
Section 3: Role and responsibilities
Financial Reporting Council 7
34. Taking into account the external auditor’s view on the financial statements, the audit committee should consider whether the company has adopted appropriate accounting policies and, where necessary, made appropriate estimates and judgements. The audit committee should review the clarity and completeness of disclosures in the financial statements and consider whether the disclosures made are set properly in context.
35. Where, following its review, the audit committee is not satisfied with any aspect of the proposed financial reporting by the company, it shall report its views to the board.
36. The audit committee should review related information presented with the financial
statements, including the strategic report, and corporate governance statements relating to the audit and to risk management.
37. Where requested by the board, the audit committee should review the content of the annual report and accounts and advise the board on whether, taken as a whole, it is fair, balanced and understandable to inform the board’s statement on these matters required under Section C.1.1 of the UK Corporate Governance Code.7 To assist the board to make that statement, any review would need to assess whether other information presented in the annual report is consistent with the financial statements.
38. Where board approval is required for other statements containing financial information (for example significant financial returns to regulators and release of price sensitive information), whenever practicable the audit committee should review such statements first (without being inconsistent with any requirement for prompt reporting under the Listing Rules or Disclosure and Transparency Rules).
Internal control and risk management systems
39. The board has ultimate responsibility for an organisation’s risk management and internal
control systems, but the board may delegate to the audit committee some functions to
assist the board in meeting this responsibility.
40. The audit committee should review the company’s internal financial controls, that is, the systems established to identify, assess, manage and monitor financial risks, as part of their expected roles and responsibilities in the Code.8
41. The company’s management has day-to-day responsibility for the risk management and internal control systems, including the financial controls, and these should form an integral part of the company’s day-to-day business processes. If oversight of the function is so delegated, the audit committee should consider what role it can play in promoting sound risk management and internal control systems, including operational and compliance controls, and review these systems. If the function has been delegated to the audit committee it should receive reports from management on the effectiveness of the systems they have established and the conclusions of any testing carried out by internal or external auditors.
7 In addition, the auditor is required by auditing standards to report, in their report on the financial statements, if. the board’s statement in the annual report is inconsistent with the knowledge acquired by the auditor in the course of performing the audit.
8 Guidance on Risk Management, Internal Control and Related Financial and Business Reporting (September 2014) provides further guidance.
42. The audit committee should consider the level of assurance it is getting on the risk management and internal control systems, including internal financial controls, and whether this is enough to help the board in satisfying itself that they are operating effectively.
43. If risk management and internal control responsibilities are delegated to different committees the board should consider the impact of splitting those responsibilities.
44. Except to the extent that this is expressly dealt with by the board or risk committee, the audit committee should review and recommend to the board the disclosures included in the annual report in relation to internal control, risk management and the viability statement.
The internal audit process
45. The need for an internal audit function will vary depending on company specific factors including the scale, diversity and complexity of the company’s activities and the number of employees, as well as cost-benefit considerations. Senior management and the board may desire objective assurance and advice on risk and control. An adequately resourced internal audit function (or its equivalent where, for example, a third party is contracted to perform some or all of the work concerned) may provide such assurance and advice.
46. The audit committee should regularly review the need for establishing an internal audit function. When undertaking its assessment of the need for an internal audit function, the audit committee should also consider whether there are any trends or current factors relevant to the company’s activities, markets or other aspects of its external environment that have increased, or are expected to increase, the risks faced by the company. Such an increase in risk may also arise from internal factors such as organisational restructuring or from changes in reporting processes or underlying information systems. Other matters to be taken into account may include adverse trends evident from the monitoring of internal control systems or an increased incidence of unexpected occurrences.
47. In the absence of an internal audit function, other processes may need to be applied to provide assurance to management, the audit committee and the board that the system of internal control is functioning as intended. In these circumstances, the audit committee will need to assess whether such processes provide sufficient and objective assurance.
48. Where there is an internal audit function, the audit committee should review and approve its role and mandate; approve the annual internal audit plan; and monitor and review the effectiveness of its work. The audit committee should review and annually approve the internal audit charter to ensure that it is appropriate to the current needs of the organisation.
49. The audit committee should ensure that the internal audit plan is aligned to the key risks of the business. The audit committee should pay particular attention to the areas in which work of the risk, compliance, finance, internal audit and external audit functions may be aligned or overlapping and oversee these relationships to ensure they are coordinated and operating effectively to avoid duplication.
50. The audit committee should ensure that there is open communication between the different functions and that the internal audit function evaluates the effectiveness of the risk, compliance and finance functions as part of its internal audit plan.
Financial Reporting Council 9
51. The audit committee should ensure that the function has unrestricted scope, the
necessary resources and access to information to enable it to fulfil its mandate, and is
equipped to perform in accordance with appropriate professional standards for internal
52. The audit committee should approve the appointment or termination of appointment of the head of internal audit. Internal audit should have access to the audit committee and board chairman where necessary and the audit committee should ensure internal audit has a reporting line which enables it to be independent of the executive and so able to exercise independent judgement.
53. In undertaking a review of effectiveness of the internal audit function the audit committee should confirm that it is satisfied that the quality, experience and expertise of the function is appropriate for the business. The audit committee should also consider the actions management has taken to implement the recommendations of the function and whether these properly support the effective working of the internal audit function.
54. In its annual assessment of the effectiveness of the internal audit function the audit committee should:
• meet with the head of internal audit without the presence of management to discuss
the effectiveness of the function;
• review and assess the annual internal audit work plan;
• receive a report on the results of the internal auditors’ work; and
• monitor and assess the role and effectiveness of the internal audit function in the overall context of the company’s risk management system.
55. The audit committee may also wish to consider whether an independent, third party review of internal audit effectiveness and processes is appropriate.
56. If the external auditor is being considered to undertake aspects of the internal audit function,10 the audit committee should consider the effect this may have on the effectiveness of the company’s overall arrangements for internal control, the effect on the objectivity and independence of the external auditor and the internal audit function and investor perceptions in this regard. Investor perceptions are likely to be influenced by:
• the reporting in the annual report on the nature and extent of the work being performed by the external auditor; and
• whether, in the absence of internal audit work, the audit committee is wholly reliant on the views of the external auditor about the effectiveness of its system of controls relating to core activities and significant locations.
9 Guidance can be found in the Chartered Institute of Internal Auditors’ Code of Ethics and the International
Standards for the Professional Practice of Internal Auditing.
10 Public Interest Entities may not engage their external auditors to carry out internal audit work.
The external audit process11
57. The audit committee is the body responsible for overseeing the company’s relations with the external auditor.
Appointment and tendering
58. The audit committee should have primary responsibility for the appointment of the auditor. This includes negotiating the fee and scope of the audit, initiating a tender process, influencing the appointment of an engagement partner and making formal recommendations to the board on the appointment, reappointment and removal of the external auditors.
59. The audit committee should be responsible for the selection procedure for the appointment of audit firms. When considering the selection of possible new appointees as external auditors, it should oversee the selection process, and ensure that all tendering firms have such access as is necessary to information and individuals during the duration of the tendering process.
60. The audit committee should annually assess, and report to the board on, the qualification, expertise and resources, and independence of the external auditors and the effectiveness of the audit process, with a recommendation on whether to propose to the shareholders that the external auditor be reappointed.12 The assessment should cover all aspects of the audit service provided by the audit firm, and include obtaining a report on the audit firm’s own internal quality control procedures and consideration of audit firms’ annual transparency reports.
61. If the external auditor resigns, the audit committee should investigate the issues giving rise to such resignation and consider whether any action is required.
62. The audit committee should evaluate the risks to the quality and effectiveness of the financial reporting process, especially in light of the auditor’s communications with the audit committee.
Terms and Remuneration
63. The audit committee should approve the terms of engagement and the remuneration to be paid to the external auditor in respect of audit services provided.
64. The audit committee should review and agree the engagement letter issued by the external auditor at the start of each audit, ensuring that it has been updated to reflect changes in circumstances arising since the previous year. The scope of the external audit should be reviewed by the audit committee with the auditor. If the audit committee is not satisfied as to its adequacy it should arrange for additional work to be undertaken.
65. The audit committee should satisfy itself that the level of fee payable in respect of the audit services provided is appropriate and that an effective, high quality, audit can be conducted for such a fee.
11 This section overlaps with Parts 3, 4 and 5 of The Statutory Audit Services for Large Companies Market
Investigation (Mandatory Use of Competitive Tender Processes and Audit Committee Responsibilities) Order
2014 and the requirements of Chapter 2 of Part 16 of the Companies Act 2006 as inserted by the Statutory
Auditors and Third Country Auditors Regulations 2016 on the appointment of auditors to public companies that are Public Interest Entities. Audit Committees will be provided with information in accordance with the International Standards for Auditors that may overlap with topics covered in this section.
12 Audit Quality: Practice aid for audit committees (May 2015) may help in assessing effectiveness.
Financial Reporting Council 11
Independence, including the provision of non-audit services
66. The audit committee should assess the independence and objectivity of the external auditor annually, taking into consideration relevant UK law, regulation, the Ethical Standard and other professional requirements. The audit committee should consider the annual disclosure from the statutory auditor and discuss with the auditor the threats to
their independence and the safeguards applied to mitigate those threats. This assessment should involve a consideration of all relationships between the company and the audit firm, including throughout the group and with the audit firm’s network firms, and any safeguards established by the external auditor. The audit committee should consider whether, taken as a whole and having regard to the views, as appropriate, of the external auditor, management and internal audit, those relationships appear to impair the auditor’s independence and objectivity.
67. The audit committee should monitor the external audit firm’s compliance with the Ethical Standard, the level of fees that the company pays in proportion to the overall fee income of the firm, or relevant part of it,13 and other related regulatory requirements.14
68. The audit committee should seek annually from the audit firm information about policies and processes for maintaining independence and monitoring compliance with relevant requirements, including those regarding the rotation of audit partners and staff.15
69. The audit committee should agree with the board the company’s policy for the employment of former employees of the external auditor, taking into account the Ethical Standard and legal requirements and paying particular attention to the policy regarding former employees of the audit firm who were part of the audit team and moved directly to the company. The audit committee should monitor application of the policy, including the number of former employees of the external auditor currently employed in senior positions in the company, and consider whether in the light of this there has been any impairment, or appearance of impairment, of the auditor’s independence and objectivity in respect of the audit and consider the committee’s own safeguards around independence in its review of effectiveness.
70. The normal rotation period for the audit engagement partner and key audit partners is five years, but a degree of flexibility over the timing of rotation is possible for instance: where the audit committee decides that it is necessary to safeguard the quality of the audit without compromising the independence and objectivity of the external auditor. In such circumstances, the audit engagement partner may continue in this position for an additional period of up to two years, so that no longer than seven years in total is spent in this position.16 The audit committee should disclose this fact and the reasons for it to the shareholders as early as practicable.
71. The audit committee should develop and recommend to the board the company’s policy in relation to the provision of non-audit services17 by the auditor,18 taking into account the Ethical Standard and legal requirements, and keep the policy under review.
13 Where the audit firm’s profits are not shared on a firm-wide basis, the relevant part of the firm is that by reference to which the audit engagement partner’s profit share is calculated.
14 The Audit Committee should pay special attention to instances where the amount of work done for the entity by the auditor may impair its independence and objectivity as required by the Ethical Standard 4.42-4.43.
15 The International Standard on Auditing (UK) 260 (Revised June 2016) ‘Communication with those charged with Governance’ requires reporting on compliance with relevant ethical requirements regarding independence.
16 This overlaps with the Ethical Standard 3.15.
17 Non-audit services are any services other than statutory audit services. Section 5 of the Ethical Standard outlines those services which are considered prohibited non-audit services for public interest entities.
18 The audit committee should have regard to non-audit services provided by the audit firm and any of its network firms to any parents, subsidiaries or material affiliates to the company.
72. The audit committee is responsible for approving non-audit services. The committee’s objective should be to ensure that the provision of such services does not impair the external auditor’s independence or objectivity. In the context of non-audit services that are not prohibited by law, the audit committee should apply judgement concerning the provision of such services, including assessing:
• threats to independence and objectivity resulting from the provision of such services and any safeguards in place to eliminate or reduce these threats to a level where they would not compromise the auditor’s independence and objectivity;
• the nature of the non-audit services;
• whether the skills and experience of the audit firm make it the most suitable supplier of the non audit service;
• the fees incurred, or to be incurred, for non-audit services both for individual services and in aggregate, relative to the audit fee, including special terms and conditions (for example contingent fee arrangements); and
• the criteria which govern the compensation of the individuals performing the audit.
73. The audit committee should set and apply a formal policy specifying the types of nonaudit service for which use of the external auditor is pre-approved. Such approval should only be in place for matters that are clearly trivial. Reporting of the use of non-audit services should include those subject to pre-approval.
74. The audit committee needs to set a policy for how it will assess whether non-audit services have a direct or material effect on the audited financial statements, how it will assess and explain the estimation of the effect on the financial statements and how it will consider the external auditors’ independence.
Annual audit cycle
75. At the start of each annual audit cycle, the audit committee should ensure that appropriate plans are in place for the audit. The committee should consider whether the auditor’s overall work plan, including planned levels of materiality and proposed resources to execute the audit plan, appears consistent with the scope of the audit engagement, having regard also to the seniority, expertise and experience of the audit team.19
76. The audit committee may also wish to hold an initial discussion without the auditor to consider factors that could affect audit quality and discuss these with the auditor. The audit committee should review with the external auditors, in a timely manner, the findings of their work and the auditor’s report. In the course of its review, the audit committee should:
• discuss with the external auditor major issues that arose during the course of the audit and have subsequently been resolved and those issues that have been left unresolved;
• ask the auditor to explain how they addressed the risks to audit quality identified
19 Further suggestions for the planning stage of the external audit are at Page 9 of the Audit Quality: Practice aid for audit committees (May 2015). Financial Reporting Council 13
• weigh the evidence they have received in relation to each of the areas of significant judgment and review key accounting and audit judgements;
• ask the auditor for their perception of their interactions with senior management and other members of the finance team; and
• review levels of errors identified during the audit, obtaining explanations from management and, where necessary, the external auditors as to why certain errors might remain unadjusted.20
77. The audit committee should review and monitor management’s responsiveness to the external auditor’s findings and recommendations. The audit committee should also review the audit representation letters before signature and give particular consideration to matters where representation has been requested that relate to non-standard issues.21 The audit committee should consider whether the information provided is complete and appropriate based on its own knowledge.
78. The audit committee should assess the effectiveness of the audit process. An assessment of external audit quality in the particular circumstances of the company requires consideration of mind-set and culture; skills, character and knowledge; quality control; and judgment, including the robustness and perceptiveness of the auditors in handling key judgements, responding to questions from the audit committee, and in their commentary where appropriate on the systems of internal control.22
79. In the course of its assessment of effectiveness, the audit committee should:
• ask the auditor to explain the risks to audit quality that they identified and how these have been addressed;
• discuss with the auditor the key audit firm and network level controls the auditor relied on to address the identified risks to audit quality and enquire about the findings from internal and external inspections of their audit and their audit firm;
• review whether the auditor has met the agreed audit plan and understand the reasons for any changes, including changes in perceived audit risks and the work undertaken by the external auditors to address those risks;
• obtain feedback about the conduct of the audit from key people involved, for example the finance director and the head of internal audit, including consideration of the external auditor’s reliance on internal audit; and
• review and monitor the content of the external auditor’s management letter, and other communications with the audit committee, in order to assess whether it is based on a good understanding of the company’s business and establish whether recommendations have been acted upon and, if not, the reasons why they have not been acted upon.
20 Audit Quality: Practice aid for audit committees (May 2015) may assist in assessing the external auditor.
21 Further guidance can be found in the International Standard on Auditing (UK) 580 ‘Written Representations’.
22 Audit Quality: Practice aid for audit committees (May 2015) provides further detail on assessment of external auditor quality.
80. The audit committee has a role in ensuring that shareholder interests are properly protected in relation to financial reporting and internal control. The committee should consider the clarity of its reporting and be prepared to meet investors. The annual report should include a separate section describing the work of the audit committee in discharging its responsibilities, signed by the chairman.
81. The audit committee section should include the following matters:
• a summary of the role and work of the audit committee;
• how the audit committee composition requirements have been addressed, and the names and qualifications of all members of the audit committee during the period, if not provided elsewhere;
• the number of audit committee meetings;
• how the audit committee’s performance evaluation has been conducted;
• an explanation of how the committee has assessed the effectiveness of the external audit process23 and of the approach taken to the appointment or reappointment of the external auditor; the length of tenure of the current audit firm; the current audit partner name, and for how long the partner has held the role; when a tender was last conducted; and advance notice of any retendering plans24;
• if the external auditor provides non-audit services, the committee’s policy for approval of non-audit services; how auditor objectivity and independence is safeguarded; the audit fees for the statutory audit of the company’s consolidated financial statements paid to the auditor and its network firms for audit related services and other non-audit services, including the ratio of audit to non-audit work; and for each significant engagement, or category of engagements, explain what the
services are and why the audit committee concluded that it was in the interests of the company to purchase them from the external auditor;
• an explanation of how the committee has assessed the effectiveness of internal audit and satisfied itself that the quality, experience and expertise of the function is appropriate for the business; and
• the significant issues that the committee considered, including:
issues in relation to the financial statements and how these were addressed, having regard to matters communicated to it by the auditors;25 the nature and extent of interaction (if any) with the FRC’s Corporate Reporting
Review team; and
23 Audit Quality: Practice aid for audit committees (May 2015) may assist in assessing effectiveness.
24 This overlaps with Part 4 of The Statutory Audit Services for Large Companies Market Investigation (Mandatory Use of Competitive Tender Processes and Audit Committee Responsibilities) Order 2014.
25 The auditor is required by auditing standards to report, in their report on the financial statements, if the section of the annual report describing the work of the audit committee does not appropriately address the matters communicated by the auditor to the audit committee.
Section 4: Communication with shareholders where a company’s audit has been reviewed by the FRC’s Audit Quality Review team, the Committee should discuss the findings with their auditors and consider whether any of those findings are significant and, if so, make disclosures about the findings and the actions they and the auditors plan to take. This discussion should not include disclosure of the audit quality category.
82. The committee needs to exercise judgement in deciding which of the issues it considered in relation to the financial statements were significant. The audit committee should aim to describe the significant issues in a concise and understandable form whilst reporting on the specific circumstances of the company.
83. When reporting on the significant issues, the audit committee would not be expected to disclose information which, in its opinion, would be prejudicial to the interests of the company (for example, because it related to impending developments or matters in the course of negotiation).
84. The section need not repeat information disclosed elsewhere in the annual report and accounts, but could provide signposts to that information.
85. The chairman of the audit committee should be present at the AGM to answer questions on the separate section of the annual report describing the audit committee’s activities and matters within the scope of the audit committee’s responsibilities.