Outline and explain the need for the legal and professional framework including:

i) public oversight of audit and assurance practice

ii) the role of audit committees and impact on audit and assurance practice.

BASIC PRINCIPLES OF CORPORATE GOVERNANCE – A REMINDER

Corporate governance is the system by which organisations are directed and controlled. It encompasses
the relationship between the board of directors, shareholders and other stakeholders, and the effects
on corporate strategy and performance. Corporate governance is important because it looks at how
these decision makers act, how they can or should be monitored, and how they can be held to account
for their decisions and actions.

The published audited financial statements and related information are therefore of key importance.
They will usually be the main information set to which shareholders and other stakeholders have access
and this is why having credible financial statements supported by the auditor’s opinion is crucial.

Many regulatory authorities, including the UK, use a code of best practice, often termed a ‘comply or
explain’ approach to corporate governance. Under this approach the regulatory authority issues a set of
principles with which company directors of listed companies are expected to comply. In many
jurisdictions disclosures are required in the financial statements to demonstrate compliance. Non-
compliance is not expected, but in its event, the facts of the non-compliance must be clearly disclosed
and explained.

In some jurisdictions, such as the US, a more prescriptive approach is used, whereby corporate
governance requirements are set by legislation. Both the principles and the legislative approaches are
broadly similar in the matters they address. They both deal with the importance of the board of
directors having a balanced structure, emphasising the need for non-executive directors, and for robust
procedures in relation to the appointment of board members, and their remuneration. They both
describe the merits of audit committees and the need to monitor the effectiveness of internal controls.
They both demand disclosure about these and other matters in the annual report.

THE MAIN PRINCIPLES OF THE UK CORPORATE GOVERNANCE CODE

The content of the UK and Singapore Corporate Governance Codes are very similar and for the purpose
of this article the principles and provisions of the UK Code will be used to highlight some of the key
areas that the board should consider when assessing their system of corporate governance.

The Code comprises five sections, each containing main principles:

LEADERSHIP

Every company should be headed by an effective board which is collectively responsible for the long-
term success of the company, and should lead and control the company’s operations.

There should be a clear division of responsibilities at the head of the company, which will ensure a
balance of power and authority, such that no one individual has unfettered powers of decision.
Non-executive directors should constructively challenge and help develop proposals on strategy. The
board should include a balance of executive and non-executive directors such that no individual or small
group of individuals can dominate the board’s decision taking.

EFFECTIVENESS

The board and its committees should have the appropriate balance of skills, experience, independence
and knowledge of the company to enable them to discharge their respective duties and responsibilities
effectively.

There should be a formal, rigorous and transparent procedure for the appointment of new directors to
the board. All directors should receive induction on joining the board and should regularly update and
refresh their skills and knowledge.

All directors should be submitted for re-election at regular intervals, subject to continued satisfactory
performance.

ACCOUNTABILITY

The board should present a balanced and understandable assessment of the company’s position and
prospects. For UK companies, this is also required by the Companies Act 2006, which requires that the
directors disclose a business review as part of the directors’ report to be included in the financial
statements.

The board should maintain sound risk management and internal control systems. The board should
establish formal and transparent arrangements for considering how they should apply the corporate
reporting and risk management and internal control principles and for maintaining an appropriate
relationship with the company’s auditor.

REMUNERATION

Levels of remuneration should be sufficient to attract, retain and motivate directors of the quality
required to run the company successfully, but a company should avoid paying more than is necessary
for this purpose. A significant proportion of executive directors’ remuneration should be structured so
as to link rewards to corporate and individual performance.

RELATIONS WITH SHAREHOLDERS

There should be a dialogue with shareholders based on the mutual understanding of objectives. The
board as a whole has responsibility for ensuring that a satisfactory dialogue with shareholders takes
place. The board should use the Annual General Meeting to communicate with investors and to
encourage their participation.
THE ROLE OF AUDIT COMMITTEES

The audit committee is such an important part of corporate governance that it is the subject of its own
guidance document in the UK, the Financial Reporting Council’s Guidance on Audit Committees. The
audit committee should be made up of at least three independent non-executive directors, one of
whom should have recent and relevant financial experience. The committee has many roles, including
several that are specifically related to the external auditor, which are discussed below.

REVIEW OF PUBLISHED FINANCIAL INFORMATION

The audit committee should monitor the integrity of the company’s financial statements and any formal
announcements relating to the company’s performance. Significant financial reporting judgements
should be specifically reviewed. This means that committee members should scrutinise all published
financial information, and question and be ready to challenge the finance director and external auditors
on any contentious matters arising.

SYSTEMS AND CONTROLS

The audit committee members have responsibility to review the company’s internal financial controls
and systems, and the risk management systems, unless there is a separate risk committee.

Most large companies have an internal audit function, in which case the audit committee should extend
its monitoring role to include that function, including the evaluation of the effectiveness of that
function.

Where there is no internal audit function, the audit committee should consider annually whether there
is a need for internal audit and make a recommendation to the board, and the reasons for the absence
of such a function should be explained in the relevant section of the annual report.

FRAUD PREVENTION AND DETECTION

Finally, the audit committee plays a part in fraud prevention and detection in that whistleblowing
arrangements should be made so that staff of the company may raise concerns about possible
improprieties in respect of financial reporting matters.

EXTERNAL AUDITORS – GENERAL PRINCIPLES

The audit committee has specific responsibilities in respect of the external auditors, including
recommending the appointment, reappointment and removal of the external auditor, approving fees
paid for audit and non-audit services, and agreeing on the terms of engagement with the external
auditor. A point specific to the UK adapted paper is that following a revision to the UK Corporate
Governance Code in 2012, there is now a requirement for FTSE 350 companies to put the external audit
out to tender every 10 years.

One of the key issues is that the audit committee should annually assess the independence, objectivity
and effectiveness of the external audit process, considering of the ethical framework applicable in the
jurisdiction in which the organisation is operating. The audit committee should report annually to the
board on their assessment with a recommendation on whether to propose to the shareholders that the
external auditor be reappointed. The audit committee section of the annual report should also discuss
the annual assessment of the external audit process by the audit committee and also include
information on the length of tenure of the current audit firm, when a tender was last conducted, and
any contractual obligations that acted to restrict the audit committee’s choice of external auditors.

In relation to potential threats to objectivity, the audit committee should seek reassurance that the
auditors and their staff have no financial, business, employment or family and other personal
relationship with the company which could adversely affect the auditor’s independence and objectivity.
The audit committee should seek from the audit firm, on an annual basis, information about policies and
processes for maintaining independence and monitoring compliance with relevant requirements,
including current requirements regarding the rotation of audit partners and staff.

EXTERNAL AUDITORS – THE ANNUAL AUDIT CYCLE

The audit committee should be involved at all stages of the audit, to obtain comfort that a quality audit
will be performed. The Guidance on Audit Committee specifically requires the following to take place:

At the start of each annual audit cycle, the audit committee should ensure that appropriate plans are in
place for the audit. This includes consideration of planned levels of materiality, and the proposed
resources to execute the plan, having regard also to the seniority, expertise and experience of the audit
team. In practice this means that before any audit fieldwork takes place, the audit firm should meet with
the audit committee to discuss the audit strategy and audit plan, demonstrating that auditing standards
and quality control principles have been adhered to in their development.

The audit committee should review, with the external auditors, the findings of their work. In the course
of its review, the audit committee should discuss with the external auditor major issues that arose
during the course of the audit and have subsequently been resolved and those issues that have been left
unresolved; review key accounting and audit judgements; and review levels of errors identified during
the audit, obtaining explanations from management and, where necessary, the external auditors as to
why certain errors might remain unadjusted. The audit committee should review and monitor
management’s responsiveness to the external auditor’s findings and recommendations. Thus, all key
audit findings should be shared with the audit committee and discussed with them as the audit
progresses.

At the end of the annual audit cycle, the audit committee should assess the effectiveness of the audit
process, by:

 reviewing whether the auditor has met the agreed audit plan and understand the reasons for
any changes, including changes in perceived audit risks and the work undertaken by the external
auditors to address those risks

 considering the robustness and perceptiveness of the auditors in their handling of the key
accounting and audit judgements identified and in responding to questions from the audit
committee
  obtaining feedback about the conduct of the audit from key people involved, for example the
finance director and the head of internal audit

 reviewing and monitoring the content of the external auditor’s management letter (report to
those charged with governance), in order to assess whether it is based on a good understanding
of the company’s business and establish whether recommendations have been acted upon and,
if not, the reasons why they have not been acted upon, and

 reporting to the board on the effectiveness of the external audit process.

In summary, the audit committee carefully monitors the conduct of the audit, and plays an important
part in ensuring the quality and rigour of the external audit of the financial statements.

EXTERNAL AUDITORS – PROVISION OF NON-AUDIT SERVICES

Specifically, the audit committee should develop and implement a policy on the engagement of the
external auditor to supply non-audit services, taking into account the relevant ethical principles and
requirements. The audit committee’s objective should be to ensure that the provision of such services
does not impair the external auditor’s independence or objectivity. The audit committee should
consider:

 whether the skills and experience of the audit firm make it the most suitable supplier of the
non-audit service

 whether there are safeguards in place to eliminate or reduce to an acceptable level any threat
to objectivity and independence in the conduct of the audit resulting from the provision of such
services by the external auditor

 the nature of the non-audit services

 the fees incurred, or to be incurred, for non-audit services both for individual services and in
aggregate, relative to the audit fee, and

 the criteria which govern the compensation of the individuals performing the audit.

The audit committee should set and apply a formal policy specifying the types of non-audit service:

 for which the use of the external auditor is pre-approved (i.e. approval has been given in
advance as a matter of policy, rather than the specific approval of an engagement being sought
before it is contracted)

 from which specific approval from the audit committee is required before they are contracted,
and

 from which the external auditor is excluded.

One of the non-audit services specifically referred to in the Guidance on Audit Committees is the
provision of internal audit by the external auditor. If the external auditor is being considered to
undertake aspects of the internal audit function, the audit committee should consider the effect this
may have on the effectiveness of the company’s overall arrangements for internal control and investor
perceptions in this regard.

CONCLUSION

Candidates preparing to attempt P7 should be familiar with the corporate governance principles
outlined in this article, and they are encouraged to read the source documentation to obtain a full
understanding of general corporate governance principles and the role of audit committees in
particular. It is the impact of these matters on the audit process that is particularly important to
understand, and candidates should be ready to include points relating to corporate governance in their
answers where appropriate.