ROBSON LEE on Revised Edition of Guidebook for Audit Committees in Singapore

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Director independence

·       Case study on evaluating director independence revised to include additional factors and scenarios

E.g.

Ø  Multiple directorships: factors to consider include (a) potential conflicts of interests; (b) the nature and level of commitment of other directorships; and (c) whether directorship is held in competitor firms.

Ø  Provision of services to the company: factors to consider include (a) the extent of the director’s ownership and involvement in the service provider; and (b) the amount of fees paid for the service.

Ø  Director as single largest minority shareholder: factors to consider include the (a) extent of his influence; and (b) the significance of his economic interest in the company.

·       Case study evaluating the suitability of partner / director of ex-auditing firm being an AC member added

Ø  Former partner/director of the company’s existing auditing firm: should not (a) act as an AC member within 12 months from his cessation; and (b) as long as he retains financial interest in the auditing firm.

Ø  Existing partner/director of the company’s ex-auditing firm: should not act as an AC member even after 12 months from cessation. Candidate may be in a position of conflict if concerns relating to financial statements reviewed by the ex-auditing firm arise.

·      Guidelines 2.3, 2.4 and 2.9 of the Code

2.

Disclosure requirements

·       Board of directors (Board) to disclose the key terms of reference of the AC

·        Updated sample terms of reference

Ø  Expanded responsibilities of the AC: to include (a) conducting internal quality assurance reviews (QAR); (b) conducting independent validation of the QAR; (c) reviewing assurances by the Chief Executive Officer (CEO) and Chief Financial Officer (CFO); and (d) monitoring levels of compliance.

·       Board to explain the role and authority of the AC

·      Guideline 12.1 of the Code

3.

Qualifications of AC members

·       At least two AC members, including the AC Chairman, to have recent and relevant accounting or related financial management expertise

·       Guideline 12.2 of the Code

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Interested person transactions (IPTs)

·       Revised case studies on the review and evaluation of IPTs

Ø  Review of transactions: transactions not classified as an IPT may pose risks similar to an IPT. Such transactions should be placed before the AC. The AC should review to ensure that the transactions are at arm’s length and not prejudicial to the company’s interest.

·       Enhanced guidance on aggregating IPTs, assessing IPT value etc.

Ø  Aggregating IPTs: when considering whether IPTs should be aggregated, the AC should consider (a) the nominal value of each transaction; and (b) the similarity in the economic and commercial substance of the transactions.

Where IPTs are conducted over multiple instances, the AC should determine if they are commercially and substantially connected.

Ø  Assessing value of IPTs: the AC should consider (a) the commercial merits of the transaction; (b) other relevant comparables; (c) the independent valuation report; and (d) whether an IFA should be engaged.

·        Revised IPT procedures and policies

Ø  New policies for oversight of IPTs: the Company should establish an IPT oversight framework. A register of interested persons, Entity-at-Risk (EAR) and IPTs should be maintained. Periodic reporting to the AC on IPTs should also be made.

·     Chapter 9 of the Listing Manual

2.

Training

·      Company should provide and fund training for directors

·       AC members should attend technical and professional development courses

·       AC Chairman should:

(a)  monitor the training needs of AC members; and

(b) consider relevant courses for AC members to attend.

·     Guidelines 1.6 and 12.1 of the Code

3.

Planning

·       Enhanced guidance on planning AC meeting agendas

Ø  Conducting efficient and effective meetings: AC members should (a) understand and appreciate agenda matters; (b) receive information and meeting materials; and (c) review and read all meeting materials ahead of AC meetings.

·       N/A

4.

Whistle-blowing policies (WBPs)

·       A company’s WBP and procedures should be disclosed in its annual report

·       AC should establish procedure for investigation and follow-up action

·     Guideline 12.7 of the Code

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Board Assurance Framework

·      AC should establish a Board Assurance Framework (BAF). This ensures the adequacy and effectiveness of the risk management and internal control systems.

·      Scope of the BAF includes risk management, internal controls and assurance systems

·      Guideline 12.4(b) of the Code

2.

Disclosures on risk management and internal controls

·      Guidance for the Board and the AC on disclosure of risk management and internal controls

Ø  Outcomes of assurance tests should be captured and reported.

Ø  Reports could include (a) risk profile updates; (b) risk mitigating action plans; (c) key risks and control indicators; and (d) risk and assurance maps.

·      Guidance on CEO and CFO certification and self-assessment process

Ø  The self-assessment process aims to increase awareness for risk and accountability for internal controls.

Ø  The self-assessment exercise should be performed annually.

Ø  AC should arrange for the CEO and CFO to sign an undertaking confirming their awareness.

·      Rule 1207(10) of the Listing Manual

·      Guideline 11.3(b) of the Code

3.

AC’s oversight function

·      Enhanced guidance on establishing a board risk committee (BRC) and AC-BRC interactions

Ø  The Board may establish a BRC to oversee risk management and internal controls.

Ø  The AC and BRC should (a) liaise closely; (b) plan their work based on the same risk framework; and (c) circulate and share information on a regular basis.

·       At least one AC member should have experience in overseeing risk management and internal controls

·        AC should:

(a)     review and report on adequacy and effectiveness of risk management and internal controls;

(b)    ensure that the company has a culture promoting ethical behaviour; and

(c)     assess if management sets the right tone supporting risk-conscious attitudes.

·      Guideline 11.4 of the Code

4.

Risk tolerance

·      Enhanced guidance on determining risk tolerance limits and risk policies

Ø  AC should ensure that the company’s level of risk tolerance has been defined.

Ø  The risk management policy should (a) describe the tolerance for various classes of risk; and (b) the level of risk which can be taken without endangering the organisation.

·      Guideline 11.1 of the Code

5.

Assessing robustness of risk management and internal control systems

·      Guidance on how the AC can identify and evaluate weaknesses in risk management and internal control systems

Ø  AC should ensure that Management (a) identifies control deficiencies; (b) evaluates the severity of control deficiencies; and (c) meets disclosure obligations.

·      N/A

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Role of the IA

·       AC has a duty to review and report on the adequacy and effectiveness of risk management and internal control systems

·        IA should include assisting the AC in discharging its duties in this respect

·      Guidelines 11.3 and 12.4 of the Code

·       Rule 1207(10) of the Listing Manual

2.

Establishing the IA function

·       AC should approve the hiring, removal, evaluation and compensation of the head of the IA

·       AC should lead the selection and approval process for outsourcing of the IA function

·       IA function should be staffed with qualified and experienced persons.

·      Guidelines 13.1 and 13.3 of the Code

3.

Interaction with the IA

·        IA should have unfettered access to the AC

·       Updated guidelines for the conduct of private sessions with the IA

Ø  AC should meet with the Head of IA to (a) collect feedback on internal controls; and (b) evaluate the Management’s attitude towards risk management.

·       N/A

4.

IA Performance Assessment

·      Guidance on performance metrics for assessment of IA performance

Ø  AC should evaluate the performance and effectiveness of the IA function annually.

Ø  Assessment should be broad-based and include aspects such as (a) risk management; (b) proficiency of the IA staff; and (c) the effectiveness of the audit process.

·       N/A

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Assurances from CEO / CFO

·      CEO / CFO should provide assurances regarding the integrity of financial statements

Ø  AC should (a) carry out due diligence when reviewing such assurances; and (b) require a presentation from management, if necessary.

·      Guideline 11.3(a) of the Code

2.

Interaction with regulators

·      Guidance on conducting key management interviews and corresponding with regulators

Ø  AC should (a) understand how judgements and estimates are made; (b) note audit adjustments made in financial reports; and (c) assess the completeness and clarity of financial statements.

·       N/A

3.

Assessment of financials

·      Checklist for assessment of financial statement judgments and estimates

Ø  AC should consider (a) the use of fair values and estimates in the financial statements; (b) the impact of changes in accounting requirements; and (c) if sufficient review of the fair values and estimates has been undertaken.

·       N/A

Areas of change

Key changes and recommendations

Reference to new or updated regulations / guidelines

1.

Interaction with external auditors

·      Guidance on private sessions between the AC and external auditors, including:

(a)   AC should meet with external auditors without the presence of management at least annually;

(b)   New checklist of queries which the AC may raise during such sessions;

(c)   AC should have a good understanding of the scope of the external auditor’s work;

(d)   AC should obtain copies of external auditors’ engagement letter and audit plan; and

(e)   AC should consider process by which external auditors identify key financial risks.

·      Guideline 11.3 of the Code

2.

Evaluation of external auditors’ independence

·      Guidance on assessing auditor independence, including:

(a)     review of substantial non-audit services provided by external auditors;

(b)    review fees and expenses paid to external auditors; and

(c)     evaluate and determine if the external auditor’s independence may be impaired.

·       Fees paid to external auditors to be disclosed in annual report

·      Guideline 12.6 of the Code

3.

Oversight of ACs of the company’s listed subsidiaries

·       Guidance on best practices for the effective oversight of ACs of the company’s listed subsidiaries 

Ø  The AC of the listed parent company has oversight responsibility over the AC of the listed subsidiary.

Ø  The AC of the listed parent company should (a) review minutes from the listed subsidiary AC meetings; (b) request and review the letter of assurance/report from the listed subsidiary AC; and (c) arrange meetings and discussions with the listed subsidiary AC.

·       Rules 716(1) - (2) of the Listing Manual