Audit & sustainability committee report
FOR THE YEAR ENDED 30 JUNE 2016
The committee assists the Board to fulfil its supervisory role to ensure the integrity of financial reporting in terms of accounting standards and the Listings Requirements of the JSE Limited. It does so by evaluating the findings of the internal and external auditors, remedial actions taken and the adequacy and effectiveness of the system of internal financial controls required to form the basis for the preparation of reliable financial statements. The committee operates under a terms of reference which was reviewed and approved by the Board during the year.
The committee chairman reports on committee deliberations and decisions at the Board meeting immediately following each committee meeting. The internal and external auditors have unrestricted access to the committee chairman. The independence of the external auditor is regularly reviewed and all non-audit related services are pre-approved and notified.
The committee reviews the quality and effectiveness of the external audit process. The committee is satisfied that the external auditor is independent and has nominated Deloitte & Touche for reelection at the forthcoming annual general meeting of shareholders. Deloitte & Touche is a properly accredited auditing firm with Tony Zoghby as the individual registered auditor for the current year and from next year, due to partner rotation, Graeme Berry will be the individual registered auditor for 2017.
Dave Barber serves as chairman of the committee, with Suresh Kana, Michael McMahon and Royden Vice as members, all of whom are suitably skilled and experienced to discharge their responsibilities in compliance with the Companies Act of South Africa. Keith Spence joined the committee on 24 February 2016, however, his appointment is still subject to shareholder approval.
The Group chairman, Group chief executive, Group financial director, Group commercial executive, chief audit executive and the external auditors all attend meetings by invitation. The chairman of the committee also serves on the risk management committee. This ensures that overlapping responsibilities are appropriately addressed.
TERMS OF REFERENCE
The committee's responsibilities include:
- Assisting the Board to fulfil its responsibility with regard to financial and auditing oversight including internal financial controls;
- Monitoring and reviewing the Group's accounting policies, disclosures and financial information issued to stakeholders;
- Making recommendations to the Board to ensure compliance with International Financial Reporting Standards;
- Discussing and agreeing the scope, nature and priority of the external and internal audits including the reviewing of the quality and effectiveness of the external audit process;
- Nominating an independent auditor for shareholder approval, terms of audit engagement, determining external auditor fees, the nature and extent of non-audit related services and pre-approving contracts for non-audit related services;
- Reviewing fraud and information technology risk as they relate to financial reporting;
- Receiving and dealing appropriately with any complaints relating to either accounting practices and internal audit or to the content or auditing of entities in the Group's annual financial statements or related matters;
- Reviewing the annual integrated report and recommending approval to the Board;
- Reviewing price sensitive information such as trading statements; and
- Performing functions required of an audit committee on behalf of subsidiaries incorporated in the Republic of South Africa.
The committee evaluated its performance and effectiveness by way of self-assessment questionnaires. Based on the results, the committee believes that it functions effectively and has complied with its terms of reference in all material respects.
In addition to the duties set out in the terms of reference, the
committee performed the required statutory functions in terms of
Section 94(7) of the Companies Act of
FINANCIAL DIRECTOR AND FINANCE FUNCTION
The committee considered and satisfied itself of the appropriateness of the expertise, experience and performance of the Group financial director during the year. The committee also considered and satisfied itself of the appropriateness of the expertise and adequacy of resources of the finance function as well as the experience of senior members of management responsible for the finance function.
The Group internal audit function was established to assist the Board and executive management with the achievement of their objectives and has remained a vital part of the Group's governance and combined assurance structures. Internal audit is an independent assurance provider on the adequacy and effectiveness of the Group's governance, risk management and control structures, systems and processes. The centralised function operates in terms of a formal mandate, in conformance with the International Professional Practices Framework for Internal Audit. Internal audit assurance can only be reasonable and not absolute and does not supersede the Board’s and management’s responsibility for the ownership, design, implementation, monitoring and reporting of governance, risk management and internal controls.
The chief audit executive leads the internal audit function which covers the global operations and are resourced with both internal employees and resources obtained from KPMG. It assists the Board and management in maintaining an effective internal control environment by evaluating those controls continuously, using a risk-based approach, to determine whether they are adequately designed, operating efficiently and effectively, and to recommend improvements. The internal audit assurance consists of independent evaluations of the adequacy and effectiveness of risk management, internal controls, financial reporting mechanisms and records, information systems and operations, safeguarding of assets (including fraud prevention) and adherence to laws and regulations. It includes a review of strategic risk mitigations, a risk-based review of major projects, key business processes and systems, the Group’s sustainability information, IT governance and IT general controls. An integrated assurance model was applied to ensure a coordinated approach to all assurance activities, appropriate to address the significant risks facing the Group.
The annual plan is based on an assessment of risk areas internal audit and management identify, as well as focus areas highlighted by the audit committee and management. The plan also considers work performed by other assurance providers in the Group. The annual audit plan is updated as appropriate to ensure it remains responsive to changes in the business. A comprehensive report on internal audit findings is presented to the audit committee quarterly. Follow-up audits are conducted in areas where major internal control weaknesses are found. The audit committee approved internal audit’s risk-based audit plan for financial year 2017. The internal audit function reports directly to the audit committee and their mandate in relation to the internal audit function is to:
- Approve the appointment, performance and dismissal of the chief audit executive;
- Review and recommend to the Board for final approval, the internal audit charter including, inter alia, the purpose, authority and responsibility of the internal audit activity;
- Review the internal audit program, coordination between the internal and external auditors and the resourcing and standing within the Company of the internal audit function;
- Monitor and evaluate the performance of the internal audit function in terms of agreed goals and objectives;
- Receive confirmation that Group internal audit is in general conformance with the IIA’s International Standards for the Professional Practice of Internal Auditing; and
- Ensure that the chief audit executive has unrestricted access to the chairman of the audit committee.
An internal audit charter, reviewed by the committee and approved by the Board, formally defines the purpose, authority and responsibility of the internal audit function.
The charter gives the chief audit executive direct access to the chief executive officer, Group financial director, chairman of the audit committee and chairman of the Board.
INTERNAL FINANCIAL CONTROLS
The internal audit plan works on a multi-year programme and based on the work completed in 2016, which included the design and effectiveness of internal control, considering information and explanations provided by management, the results of the external audit, except for a few specific control weaknesses noted, in all material respects, the Group’s system of financial controls provides a reasonable basis for the preparation of reliable annual financial statements.
In the prior year in one platform a new ERP system implementation took place and as all controls were not yet in place, additional testing was required to ensure the accuracy of the annual financial statements. The auditors are currently satisfied that there are sufficient controls in place in the new system, however, as the controls were not in place for the entire year additional audit work was performed in 2016.
AUDIT AND ADMINISTRATION
Financial leadership in Murray & Roberts caters for growth in the business, including ongoing employment and redeployment of senior financial executives. The Group financial director and lead external audit partner attend selected contract and subsidiary reviews throughout the year. Audit close-out meetings are held between external auditors and operational management at year end. A detailed audit summary memorandum is prepared for all Group operating entities and a consolidated report is presented to the committee. There are agreed procedures for the committee to seek professional independent advice at the Company's expense.
During the year under review, external service providers were appointed to provide assurance on the sustainability information. The committee recommended the annual integrated report and the Group's annual financial statements for Board approval. It is satisfied that they comply with International Financial Reporting Standards on a going concern basis following an assessment of solvency and liquidity requirements.
In preparation of the annual financial statements the Group has taken into consideration the feedback included in the Report Back on Proactive Monitoring of Financial Statements in 2015 provided by the JSE.
Group assurance activities are embedded, sound and are continuously reviewed and where required redirected to ensure appropriate and effective coverage of the Group’s operations, implementation of King III principles and recommendations, and sustainability assurance.
The Group’s commitment to continuous improvement in achieving acceptable levels of assurance is underscored by various policy frameworks that were developed and implemented, including a stakeholder management framework, regulatory compliance and information management frameworks. The Opportunity Management System was developed in-house and continues to be enhanced to highlight project risks entering the Group’s environment.
The multi-year rolling internal audit plan is designed to provide assurance that the major risks and key processes are effectively mitigated and managed, to recommend improvements and track the implementation of audit recommendations.
The Group Integrated Assurance Framework governs and coordinates the overall approach to Group risk management. This entails understanding, identifying, reporting, managing and mitigating Group risk, and includes the process of independently auditing Group policies, plans, procedures, practices, systems, controls and activities to ensure that the Group achieves the level of operational efficiency and compliance required by the Board.
The efforts of the various internal and external assurance providers are coordinated to ensure coverage of agreed risk areas and to minimise duplication and eliminate gaps.
24 August 2016