“What we think, or what we know, or what we believe is, in the end, of little consequence. The only consequence is what we do.”
REPORT OF THE AUDIT AND RISK COMMITTEE
Mr Salim Young – Chairman of the Audit and Risk Committee
The audit and risk committee has a formal audit and risk charter with formal rules governing the services provided by the external auditors in terms of systems and processes. The charter was amended in terms of regulatory requirements and adopted during the year under review.
The volatile macroeconomic environment and increasing environmental and regulatory requirements continue to impact the Group.
In dealing with the challenges, the committee reviewed all significant risks and assessed the adequacy of control and the combined assurance delivered over the identified risks. It monitored the effectiveness of the control environment through reviewing reports from management, the external auditors and internal audit and ensured the quality of financial reporting by reviewing the 2017 interim financial results and the 2017 annual financial statements.
The committee reviewed the impact of the Company’s medium- to long-term strategy against pertinent factors and conducted reviews of technology and communication, including cybersecurity and compliance governance to ensure that risk management was applied appropriately.
The committee reviewed the following:
- The quality and integrity of the integrated report, including the financial statements and public announcements in respect of the financial results
- The appointment, remuneration, performance and independence of the external audit and the audit process, including the approval of non-audit services by the external auditor
- The effectiveness of risk management and controls
- The effectiveness of the internal audit function
- Internal financial controls and systems
- Sustainability issues
- Technology and information governance
- Compliance governance.
For the purposes of determining the effectiveness of management systems and internal controls during the year, the committee reviewed the internal and external audit scope, plans and findings, as well as management reports.
The committee closely monitored the Group’s Vision 2020 Vision strategic goals against targets set, continued to monitor key risks identified and their mitigation and how subsidiaries are performing to achieve the Group’s strategy.
The membership of the committee in terms of skills and experience is strong. The varied experience of the committee members provides insight and perspective in terms of decisions and considerations.
The committee has fulfilled its statutory duties in terms of section 94(7) of the Companies Act and King IVTM compliance. The committee has complied with its legal and regulatory responsibilities for the 2017 financial year. (King IVTM – Principles 10, 11, 12, 13 and 15)
Role OF THE AUDIT AND RISK COMMITTEE
The committee has an independent role with accountability to the Board and shareholders. The committee’s role is to assist the Board in carrying out its duties relating to accounting policies, internal controls, financial reporting practices and identification of significant risk exposure.
The main purpose of the audit and risk committee is to ensure the integrity of the financial statements and to oversee the effectiveness of the internal financial controls and the external and internal audit functions.
The audit and risk committee undertook a full review of the cost and scope of the audit function performed by the independent auditors of the Group. The committee recommended to the Board that the current auditors, Grant Thornton Cape Inc., be re‑appointed as the Group’s auditors. The audit budget was approved based on the value proposition. There were no non-audit services delivered during the audit. In terms of the Companies Act, the committee confirms that the same individual/audit partner has not served as the designated auditor of the Company for more than five consecutive financial years.
The Group has internal controls and systems designed to provide assurance as to the reliability and integrity of the financial statements. The system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Group’s business objectives. It can only provide reasonable and not absolute assurance against material misstatement or loss and to safeguard, verify and maintain accountability adequately for its assets. (King IVTM – Principles 2, 4, 10, 11, 12, 13 and 15)
The external and internal auditors had unrestricted access to the audit and risk committee and attended all the audit and risk committee meetings by invitation during the year ended 31 August 2017. Detailed reports were presented by the internal and external auditors. The chairman of the audit and risk committee reported on the findings at the Board meetings.
The external auditors can communicate with the chairman of the audit and risk committee and all its members throughout the year. The chairman of the committee is also available at the annual general meeting to answer questions about the committee’s activities.
For the period under review, the committee is satisfied that is has fulfilled all its statutory duties assigned by the Board.
FEEDBACK FROM THE AUDIT AND RISK COMMITTEE
In the conduct of its duties and in accordance with section 94 of the Companies Act, the committee reports as follows:
- Oversaw the development and implementation of the Group risk plan and strategy to ensure that the Group manages its risks in an optimal manner
- Approved, reviewed and evaluated the adequacy and efficiency of the risk policies, procedures and controls applied in the day-to-day management of the business
- The scope, independence and objectivity of the external auditors were reviewed
- The committee considered and determined the terms of engagement and fees of the external auditors
- The audit firm, Grant Thornton Cape Inc. and audit partner are, in the committee’s opinion, independent of the Company and have been proposed to the shareholders for approval to be the Group’s auditors for the 2018 financial year
- The appointment of the external auditor complied with the Companies Act and with all other legislation relating to the appointment of external auditors
- The committee reviewed and approved the fees proposed by the external auditors
- The nature and extent of non-audit services provided by the external auditors were reviewed to ensure that the fees for such services do not become so significant as to call their independence into question
- There were no non-audit services during the year under review
- Obtained assurance from the external auditors that adequate accounting records are being maintained
- Evaluated the independence, effectiveness and performance of the internal auditor and compliance with its charter
- Reviewed the annual financial statements, interim reports, results announcements, trading statements and similar documents
- Recommended to the Board the interim and preliminary announcements of results and reports to shareholders, the annual financial statements and integrated report having regarded all factors and risks that may impact on the integrity of the integrated report, including factors that may predispose management to present a misleading picture, significant judgments and reporting decisions made, monitoring of enforcement actions by a regulatory body, any evidence that brings into question previously published information, forward-looking statements or information
- Reviewed the disclosure of sustainability issues in the integrated report
- Considered concerns regarding accounting practices and internal audit matters
- The appropriateness of the expertise and experience of the financial management team was reviewed and reported to be adequate
(King IVTM – Principles 2, 4, 5, 10, 11, 12, 13, 15 and 16)
RISK MANAGEMENT PROCESS
A key component of the audit and risk committee was to review the top eight risks that the AEEI Group faces in order to respond to new and emerging risks and to ensure alignment with regulatory changes as well as best practice. In doing so, the committee took into account stakeholder needs, corporate governance principles, risk trends, global trends and external dynamics. Refer to the full risk management report.
The audit and risk committee is responsible for reviewing the compliance with legal, regulatory, codes and other standards and continually monitors the implementation of the legal compliance processes. The audit and risk committee is satisfied that it has complied with all its legal, regulatory and other responsibilities during the year under review. (King IVTM – Principle 13)
GROUP INTERNAL AUDIT
The Group internal auditor performs an independent assurance function. The Group internal auditor had unrestricted access to the Group CEO, the Group CFO and the chairman of the audit and risk committee.
The primary objective of the Group internal auditor during the year was to provide independent objective assurance and consulting activity on the adequacy and effectiveness of the Group’s systems of governance, risk management and internal control and reports functionally to the audit and risk committee. The audit and risk committee monitored the effectiveness of the internal audit function in terms of its scope, independence skills, execution of its plan and overall performance.
The Group internal auditor recommended the annual audit plan for approval to the audit and risk committee. The audit and risk committee approved the formal internal audit plan, which included risk-based audits and improvements to Group’s governance and business processes for 2017.
The system of internal control is designed to ensure that significant risks are appropriately identified, managed and provide reasonable assurance that:
- operations are efficient and effective;
- Company assets and information are safeguarded; and
- applicable laws and regulations are complied with.
The Group internal auditor undertook the following during the year under review:
- Performed reviews on the Company’s governance processes and ethics
- Performed an objective evaluation of the internal control framework
- Systematically analysed and evaluated the business processes and associated controls
- Monitored and challenged, where appropriate, action taken by management with regard to adverse internal audit findings
- Provided a source of information on fraud, corruption, unethical behaviour and irregularities
- Followed a risk-based approach
Internal audits were performed at most subsidiaries during the year under review and no significant breakdowns in internal controls were identified. The internal audit takes a risk-based approach to audit planning. A formal report on the key findings of these audits was submitted to the audit and risk committee summarising the results of the internal audit activity and management’s progress in addressing the control measures. This enabled the audit and risk committee to ensure that action was taken to address areas of concern. The written internal audit assessment to the Board and audit and risk committee on the overall internal control environment confirmed that there were no material breakdowns in internal controls.
(King IVTM – Principles 11 and 15)
The chairman of the audit and risk committee reports to the Board on the activities of the committee at each Board meeting.
The scope, independence and objectivity of the external auditors, Grant Thornton Cape Inc., were reviewed. The committee considered the annual audit plan and related scope of work, determined the terms of engagement and fees of the external auditors. The audit firm, Grant Thornton Cape Inc. and audit partner are, in the committee’s opinion, independent of the Company.
Grant Thornton Cape Inc. provided an audit opinion in accordance with the Companies Act, the JSE Listings Requirements and King IVTM. Under company law, their responsibility is to the shareholders of the Group. In addition, they have professional responsibilities to report reportable irregularities, in terms of section 45(1) of the Auditing Profession Act, 2005.
The audit was conducted in accordance with International Standards on Auditing (ISA) and the auditors’ objective was to provide a comprehensive service to the Group.
The auditors have a statutory responsibility to report to the shareholders whether, in their opinion, the financial statements fairly present the financial position, results of operations and cash flow information of the Group, in conformity with IFRS and in the manner required by the Companies Act.
The audit involved performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depended on the auditors’ judgment, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditors considered internal control relevant to the Company’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control. The audit included evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements. (King IVTM – Principles 15 and 16)
As the auditors of a public interest Company, the same individual has not served as audit partner of the engagement for more than five consecutive financial years. Grant Thornton Cape Inc. has been the Company’s auditors for the past four years, with Imtiaaz Hashim serving as audit partner for the second year.
The external auditors liaised with the Group internal auditor and attended the audit and risk committee meetings by invitation. As the auditors of the Company, they attend every annual general meeting where the annual financial statements of the Company for the financial year are presented, in order to respond accordingly and to answer any questions relevant to the audit of the financial statements.
EXPERTISE AND EXPERIENCE OF THE CHIEF FINANCIAL OFFICER AND THE FINANCE FUNCTION
In terms of the JSE Listings Requirements, the audit and risk committee is satisfied that the CFO has the appropriate experience and expertise to meet the responsibilities of the position.
The audit and risk committee has considered the expertise of the finance department and is satisfied that the finance department has the appropriate expertise and is adequately resourced.