ICSA CPD Event Directors’ Compliance Statement Audit CommitteesEU Audit Reform

20th June 2017

Speakers

Introduction Ruairí Cosgrove, President ICSA Ireland

Directors’ Compliance Statement

Ruairí Cosgrove

Audit Committees / EU Audit Reform

Andy Banks, Partner, PwC, Risk Assurance Services

Panel discussion Andy BanksTeresa McColgan, Tax Partner, PwCBarbara Kenny, Partner, William Fry Corporate Department

Closing Remarks Ruairí Cosgrove

ICSA CPD Event

PwC

2

1. Directors’ Compliance StatementRuairí Cosgrove

ICSA CPD Event

PwC

PwC

Directors’ compliance statement - outline

Compliance Statement

Acknowledgement

Confirmation

Include in Directors’ Report

Responsibility for compliance

Three “things specified” - comply or explain

Applies to all company directors

ICSA CPD Event

4

PwC

Measures to demonstrate compliance

Three measures identified to demonstrate compliance with “relevant obligations” as follows:

1. preparation of “Compliance Policy”

2. implementation of structures which in the directors’ opinion are designed to secure material compliance

3. review during the relevant financial year of the structures put in place

ICSA CPD Event

5

PwC

Stakeholders

ICSA CPD Event

Internal audit function Parent company Auditors Company secretary

The board and, in particular, non-executive directors (“NEDs”)

Service providers

Relevant sub-committee

6

PwC

Default

Implications:

Each Director guilty

Category 3 offence

Category 3 offence

• Class A fine: not exceeding €5k

• Imprisonment not exceeding 6 months

ICSA CPD Event

7

PwC

Timeline / Thresholds

Applies to financial statement periods commencing on or after 1st June 2015

Turnover exceeds €25m and Balance Sheet exceeds €12.5m

ICSA CPD Event

8

PwC

Scope

Irish companies

Covered:

• PLCs• Large companies:

• Private Limited Companies• DACs• Guarantee companies• S110 companies

Excluded:

• Small/medium companies• Unlimited companies• Investment companies

Relevant Obligations

• Companies Act

• “Tax law”:

• Customs Acts

• Excise duties statutes

• Tax Acts

• CGT Acts

• VAT Acts

• CAT Act

• SDCA

ICSA CPD Event

9

PwC

Company law scope of the compliance obligation

Category 1 offence under the Act

─ mainly relating to breach of obligations in relation to accounting records.

Category 2 offence under the Act

─ for example, breach of obligations in relation to financial assistance for acquisition of shares, loans to directors, loans to connected persons, acquisition of own shares, statutory financial statements, auditor’s right to information and issuance of shares.

Serious market abuse offence

─ that involves a serious breach of the Market Abuse (Directive 2003/6/EC) Regulations 2005 and the Market Abuse Rules issued by the Central Bank of Ireland in its capacity as the competent authority under the Regulations.

Serious prospectus offence

─ that involves a serious breach of the Prospectus (Directive 2003/71/EC) Regulations 2005 and the Prospectus Rules issued by the Central Bank of Ireland in its capacity as the competent authority under the Regulations.

The scope of the Directors’ acknowledgement and confirmations, under Section 225 of the Companies Act 2014, is limited to compliance with “relevant obligations”, which have been defined in the Act to include provisions which if breached trigger the following offences:

ICSA CPD Event

10

PwC

Questions directors need to be asking

• What are the obligations over which I must acknowledge responsibility for compliance ?

• What will provide me with sufficient comfort to allow me to sign the DCS ?

Scope

• Is there an existing policy which can be leveraged ?

• What is our policy with regard to tax / company law compliance ?

Tax policy

• Are there systems & controls in place to identify, manage and mitigate key risks ?

• Are these effective and have they been documented ?

Processes, systems

and

controls

• Have we the necessary resources and skillsets to carry out the required review ?

• Will we seek independent assurance over the operation of the controls to provide additional comfort ?

Monitoring & review

ICSA CPD Event

11

PwC

Directors’ Compliance Statements

Key points

What should have been done?

A compliance policy prepared

A register of “relevant obligations” developed (compliance universe) mapped to current company activities

Processes and controls designed as effective to ensure “material compliance” with the relevant obligations

Directors and control operators aware of these new requirements -procedures demonstrated and evidenced

Assessment of the assurance process (internal audit, other assurance provider), if any, which exists to provide comfort that processes and controls are operating effectively

A review scheduled to confirm operating effectiveness – can be external or internal audit

Processes implemented to keep current

ICSA CPD Event

12

PwC

Directors’ Compliance Statement – what we are seeing

Company Law approach

• Defined schedule of company law provisions

Observations

• No new standard of compliance

• No ODCE guidance• Tailored response

required• Auditors’ position

Tax approach

• Risk based approach• Needs business and

tax knowledge

Concerns

• Lack of engagement• Board awareness?• Resources

Surprises

• Investment required • Assumptions re.

outsourced arrangements

• Compliance fatigue• Tax function not

consulted

Benefits

• Tax recognised as a governance issue

• Risk identification and management

• Revenue audit “ready”

ICSA CPD Event

PwC 13

PwC

Guidelines for a compliance policy statement

Purpose / Objectives

• Define objectives • How objectives

will be achieved

Context

• Overall governance framework

• DCS • Other

Scope

• Entities / jurisdictions

• Legislation / obligations

Responsibilities & ownership

• Directors • Management• Other

Body of policy

• How objectives will be achieved

• Measure effectiveness

Monitoring & escalation

ICSA CPD Event

PwC 14

PwC

Directors’ Compliance Statements – what is being stated in the Directors’ Report

1. Directors are stating that they acknowledge that they have responsibility for compliance and that they have complied with the three requirements of DCS

2. Directors are stating that the company has complied with elements 1 and 2 of the DCS requirements, that an informal review has been completed in 2016 and that a formal review of the structures in place will be undertaken in 2017

3. Directors are stating that they are aware of the requirement but due to proximity of the financial year end to the commencement date of section 225, the DCS has not been finalised.

It is too early to say whether statements 2. and 3. will bring additional focus onto the company from the Revenue Commissioners, lenders or investors

ICSA CPD Event

15

PwC

Directors’ Compliance Statements – closing comments

• The majority of companies in scope are stating in their Directors’ Report that they have complied

• Directors of companies which explained rather than compiled for the first year should ensure that all three elements of DCS are completed for future years

• Too early to say what the impact of not fully complying will be

• Companies which outsource a number of key functions need to ensure that the service level agreements they have in place are sufficient to give them comfort to sign off on DCS

• The DCS policy should be a ‘living’ document which is reviewed regularly

ICSA CPD Event

16

2. Audit CommitteesAndy Banks

ICSA CPD Event

PwC

PwC

Role of a Board

18

“Every organisation should be headed by an effective board which is collectively responsible for the long-term success of the organisation.”

UK Corporate Governance Code

ICSA CPD Event

• Significant audit findings/recommendations• Reviewing the performance of external

auditors

Audit Committee – Roles and Responsibility

• Appropriateness of accounting policies• Disclosure of requirements• Annual report & Financial Statements

Regulatory, Compliance and Ethical Matters

• Effectiveness of system for ensuring compliance with laws and regulations

• Code of conduct/ethics• Whistleblowing

Communicating and Reporting

• Relations with management• Updates and recommendations to the full board• Reports to board and shareholders

Maintaining and Measuring Effectiveness

• Training needs• Maintaining financial literacy• Annual performance evaluation of audit committee

External Audit

• Appointment and remuneration• Scope of work• Independence requirements

Internal Audit

• Charter, authority and resources• Scope of work• Internal Audit effectiveness• Responses to internal audit recommendations

Risk Management and Internal Control

• Understanding of key risk areas• Effectiveness of controls• Fraud risk

Financial Reporting

Au

dit

Co

mm

itte

e A

re

as

of

Fo

cu

s

• Significant audit findings/recommendations

• Reviewing the performance of external auditors

ICSA CPD Event

PwC19

PwC

CA 2014 – Section 167

ICSA CPD Event

Companies which have turnover exceeding €50m and a balance sheet total exceeding €25m must establish an audit committee or explain why they have not

This audit committee must have an independent director who is competent in accounting and auditing

There is no test specified regarding the merit of the reason not to establish an audit committee

20

It is too early to say whether explaining rather than complying will have a negative impact

PwC

Audit Committee - what we are seeing in the marketplace

22

ICSA CPD Event

Some (larger) organisations have combined Audit & Risk Committee

1

CAC should have members drawn from outside the Board & be empowered to co-opt members to provide specialist skills / or procure skills required

2

Chairperson of the Board may be a member of the AC - but may not chair it

3

Roles and responsibilities should be set out in writtencharter

4

PwC

ICSA CPD Event

At least one member should have recent, relevant financial expertise5

Formal letter of appointment required; duration of appointment should be clearly set out (3 year term, to a max of 6)

6

Formal induction process (incl. tailored training) for new Committee members

7

Annual report of AC to Board to include opinion on adequacy of RM & IC systems, incl. adequacy of sources of assurance

8

Illustrative AC work programme established annually9

Continued

22

3. EU Audit Reform

ICSA CPD Event

PwC

PwC

Heat map on Mandatory Firm Rotation globally

No requirements considered implemented Repealed/suspended

24

ICSA CPD Event

PwC

Published in the Official Journal on 27 May 2014

PIE definition

1. Who is affected and when?

Timing

Member States option to

broaden list Ireland has

not added any

• Entities that are both governed by the laws of an EU Member State and listed on a regulated market

• Credit institutions

• Insurance companies

Entry into force: 16 June 2014

Application: from the first financial year starting on or after 17 June 2016 (except for the transition provisions for rotation which apply from 16 June 2014)

25

ICSA CPD Event

PwC

For ≥ 20 years (Art.41.1)

For 11-19 years (Art.41.2)

For < 11 years(Art. 41.3)

Auditor has been in place:

Transition period: 9 years Rotation - no renewal of the existing engagement

Possible extension by max. 10 years after a tender **

TranPer

Transition period: 6 years

Rotation - no renewal of the existing engagement

Possible extension by max. 10 years after a tender **

*

Rotation

Entry into force: 16 June 2014

New stat. auditor

* Effect from the first financial year starting on or after 17 June 2016 / ** Assumes adoption of max. 10 years extension as Member State option / *** Subject to position in 2026 / No graphic illustration of the 14-year extension option for joint audits nor for multi-annual engagements

New statutory auditor

New statutory auditor

New statutory auditor

Possible extension by max. 10 years after a tender **

Applicability: 17 June 2016 *

2018 2020 2022 2024 2026 2028 2030 2032 2034 2036 2038 2040 2042

2. What will change?Mandatory audit firm rotation – illustration of transition

2044

Tender process

New s. a.

Rotation

Rotation – no renewal of the existing engagement

Possible extension by max. 10 years after a tender **

From 17 June 2003 to 16 June 2006

Tender process Tender process

Tender process Tender process Tender process

Tender process Tender process Tender Pro

From 17 June 2006 to 16 June 2016

Rotation – change or retender as maximum tenure is reached from the first year of engagement **

Tender process Tender process Tender process

Rotation or extension subject to member state options ***

New statutory auditor New statutory auditor

2046

TP

TP

26

ICSA CPD Event

PwC

Implementation of the EU Audit LegislationState of play of the transposition into local law

ICSA CPD Event

27

PwC

Mandatory firm rotation modificationsInitial engagement period and one-off extension

ICSA CPD Event

28

PwC

MFR Observations

• Important that the board of all group companies are aware of the implications of MFR

• The time and effort involved in tendering and appointing new auditors should not be underestimated

• Having multiple auditors in a group is very challenging

• Some Irish companies which have securities listed on the ISE are moving to the Global Exchange Market to avoid MFR

ICSA CPD Event

29

Panel discussion

Led by Ruairí Cosgrove

Panel Teresa McColganPartner, PwC Tax

Barbara Kenny, Partner, William Fry, Corporate Department

Andy Banks, Partner, PwC, Risk Assurance Services

ICSA CPD Event

PwC 30

PwC

Closing remarks – Ruairí Cosgrove

ICSA CPD Event

31

PwC

This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.

PwC firms help organisations and individuals create the value they’re looking for. We’re a network of firms in 158 countries with close to 169,000 people who are committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and find out more by visiting us at www.pwc.com

© 2017 PricewaterhouseCoopers. All rights reserved. PwC refers to the Irish member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.

ICSA CPD Event

32