The Board has established a committee to be known as the Audit Committee (the Committee), which is a committee of the Board of Directors (the Board) from which it derives its authority and to which it is accountable.
The Committee is authorised by the Board to:
- investigate any activity within its Terms of Reference;
- seek any information it requires from any employee. All employees are directed to co-operate with any reasonable request made by the Committee;
- commission internal investigations as it considers appropriate; and
- obtain outside expert advice and support including legal advice and to secure the attendance of outsiders with relevant experience and expertise if it considers this necessary.
The main functions and responsibilities of the Committee are to assist the Board in fulfilling its oversight responsibilities with specific regard to:
- monitoring the integrity of interim and annual financial statements and formal announcements relating to financial performance, including Summary Financial Statements, focusing particularly on significant financial reporting judgments and ensuring the financial statements overall are fair, balanced and understandable and that the interests of the Society’s members are properly protected;
- reviewing the effectiveness of systems of internal controls and the risk management systems and ensuring that the interests of the Society’s members are properly protected;
- scrutinising the activities and performance of the Internal Audit function;
- monitoring the independence and objectivity of the External Auditor and the effectiveness of the audit process;
- recommending the appointment and approving the remuneration and terms of engagement of the External Auditors; and
- overseeing the Society’s whistleblowing arrangements.
In carrying out its duties, the Committee should consider key matters of its own initiative rather than relying solely on the work of the External Auditor. It must satisfy itself that the sources of assurance and information it has used to carry out its roles to review, monitor and provide assurance or recommendations to the Board are sufficient and objective.
Meetings and membership
The Committee will be chaired by a Non-Executive Director (other than the Board Chair) as appointed from time to time by the Board on the recommendation of the Nominations & Governance Committee. If the Chair is absent at any meeting, the other Committee Members present will elect one of their number to chair the meeting.
The Committee will comprise the Audit Committee Chair, the Board Risk Committee chair and at least one other Member who will be appointed from the Non-Executive Directors (except for the Chair of the Board) on the recommendation of the Nominations & Governance Committee in consultation with the Audit Committee Chair. The Committee may operate with a vacancy. At least one member of the Committee should have recent and relevant financial experience with a professional qualification from one of the professional accountancy bodies. The Committee as a whole should have competence relevant to the financial services sector.
Only Members of the Committee have the right to attend meetings. However the Chief Executive, Chief Financial Officer, Chief Risk Officer, the External Audit Partner and the Chief Internal Auditor shall normally attend meetings in their entirety. Other Board Members, including the Chair, shall also have a right of attendance. Other senior managers may attend at the invitation of the Chair of the Committee, but only for the duration of their presentation. At least once a year the Committee shall meet with the External Auditors and, separately, with the Chief Internal Auditor without the Executive Directors present to discuss matters relating to their remit and any issues arising from the audit work they have undertaken.
Meetings shall be held not less than four times a year. Any Committee Member, the External Audit Partner or the Chief Internal Auditor may direct the Secretary to convene a meeting. Outside of the formal meeting programme, the Chair of the Committee shall maintain a dialogue with key individuals involved in the Society’s governance, including the Chair of the Board, the Chief Executive, the Chief Financial Officer and the Chief Internal Auditor.
Meetings of the Committee will be quorate if there are present at least two Members of the Committee.
The General Counsel & Secretary or their nominee shall be the Secretary of the Committee, except at such times when private discussion takes place between the Committee and External Auditors.
The Secretary of the Committee shall draft the agenda for each meeting and provide this to the Chair of the Committee for approval in advance of the meeting. The Secretary of the Committee shall collate the papers and issue them to all attendees at least seven days prior to the meeting. Meetings may be held in person or by telephone.
Formal minutes of the meetings of the Committee will be taken and circulated to Members of the Committee. The Committee shall report to the Board on how it has discharged its responsibilities. Accordingly, minutes of Committee meetings will be submitted to the Board in the month following each meeting. In addition, the Chair of the Committee will verbally report to the Board after each meeting of the Committee. The Chair of the Committee or another of its Members will be available at the Society’s AGM to answer questions from Society Members on matters falling within the Committee’s remit.
The Committee shall carry out the following duties for the Society and its subsidiaries:
1. The Committee shall:
i) review and challenge where necessary the accuracy and integrity of the interim and annual financial statements, and Summary Financial Statement prior to Board approval, focusing particularly on:
- the application of significant accounting policies and practices and any changes to them;
- significant financial reporting issues, estimates and judgments;
- significant adjustments resulting from the audit;
- risks to audit quality;
- the going concern basis of accounting and an assessment of long-term viability;
- the effectiveness of risk management arrangements, taking into account a report from the Chief Risk Officer; and
- compliance with accounting standards and other relevant regulatory and legal requirements, taking into account the views of the External Auditor.
ii) where practicable and consistent with prompt reporting requirements under applicable law or regulation, review and challenge where necessary the accuracy and integrity of any other formal announcements relating to financial performance of the Society;
iii) review and challenge where appropriate Pillar 3 risk disclosures;
iv) consider and advise the Board whether the Annual Report & Accounts, when taken as a whole, is fair, balanced and understandable and provide the information necessary for members to assess the Society’s business model, strategy and performance;
v) in compiling such report for the Annual Report & Accounts, include an explanation of the significant issues that the Committee considered in relation to the financial statements and how these issues were addressed and all other information requirements set out in the Corporate Governance Code;
vi) approve a report of its activities for inclusion in the Annual Report & Accounts which shall include reference to:
- its view of the effectiveness of the Internal Audit function;
- an explanation of how it assessed the effectiveness of the external audit process and the approach taken to the appointment or reappointment of the External Auditor;
- details of the length of tenure of the existing External Auditor; and
- In the event the External Auditor undertakes non-audit services for the Society, arrangements to safeguard the objectivity and independence of the External Auditor.
Internal controls and risk management systems
2. The Committee shall:
i) review annually reports from the Internal Audit function regarding its assessment of the adequacy and effectiveness of the Society’s systems of business and financial control and risk management systems, including the effectiveness of the Enterprise-wide Risk Management Framework;
ii) review and approve the statements to be included in the Annual Report & Accounts concerning internal control and risk management systems, and report the outcome of the review to the Board via the Committee’s report on the financial statements; and
iii) consider the findings of internal investigations, together with management’s response, that it has commissioned and any others that it reasonably considers relevant to its work.
3. The Committee shall:
i) approve the appointment of the Chief Internal Auditor, after considering recommendations from the Chief Executive, and review any matters arising from the resignation or dismissal of the Chief Internal Auditor;
ii) review and approve the Internal Audit function’s role and mandate, having regard to the complementary roles of the Internal Audit function and the external auditors, ensuring it is appropriate for the needs of the organisation;
iii) ensure that the Internal Audit function has adequate skills and resources, is sufficiently independent, and has appropriate standing within the Society to fulfill its remit including monitoring;
iv) ensure that the Chief Internal Auditor has direct access to the Board Chair, an independent reporting line to the Committee Chair and is accountable to the Committee;
v) review and approve the Internal Audit Annual Plan (the Plan) to ensure it is aligned to key risks of the organisation, and monitor the performance of the Internal Audit function in the delivery of its work against the Plan;
vi) receive reports from the Chief Internal Auditor, together with findings and recommendations for improvement on work carried out (and ensure the Board is made aware of significant issues);
vii) monitor and review management’s responsiveness to the Internal Audit function’s findings and recommendations; and
viii) monitor and assess the role and effectiveness of the Internal Audit function in the overall context of the Society’s risk management framework, consistent with the Compliance and Internal Audit Part of the PRA Rulebook.
4. The Committee shall:
i) consider and recommend to the Board the appointment, reappointment and removal of the External Auditor;
ii) if the External Auditor resigns, investigate the issues leading to the resignation and decide whether any action is required;
iii) oversee the selection process for the appointment of a new External Auditor, ensuring that the Society complies with the EU Audit Reform Directive and Regulation on mandatory firm rotation and other applicable legislation and codes of practice;
iv) assess annually the qualification, expertise and resources of the External Auditors, and the effectiveness of the external audit process, which shall include a report from the External Auditor on their own internal quality procedures;
v) approve the External Auditor’s remuneration, including both fees for audit and non-audit services, and ensuring that the level of fees is appropriate to enable an effective and high-quality audit to be conducted;
vi) approve the terms of engagement, including any engagement letter issued at the start of each audit and the scope of the audit;
vii) review and approve the annual audit plan and ensure it is consistent with the scope of the audit engagement, having regard to the seniority, expertise and experience of the audit team;
viii) review the findings of the audit with the External Auditor including a discussion about any major issues which arose during the audit, how risks to audit quality were addressed, key accounting and audit judgements, the External Auditor’s view of their interactions with senior management, levels of errors identified in the audit, and the effectiveness of the audit process overall;
ix) assess annually the independence and objectivity of the External Auditor, taking into account relevant UK professional and regulatory requirements and the Society’s relationship with the External Auditor as a whole, including any threats to its independence and safeguards to mitigate those threats including the provision of any non-audit services;
x) satisfy itself that there are no relationships (e.g. family, employment, investment, financial or business) between the auditor and the Society (other than in the ordinary course of business) which could adversely affect the auditor’s independence and objectivity;
xi) monitor the External Auditor’s compliance with relevant ethical and professional guidance on the rotation of audit partner, the level of fees paid by the Society compared to the overall fee income of the firm and other related requirements;
xii) review the External Auditor’s management recommendations;
xiii) seek to ensure coordination of the external audit with the activities of the Internal Audit function;
xiv) review audit representation letters and management letters and the responses of management to matters raised by the external auditor;
xv) agree and monitor the Society’s policies on:
- the employment of former employees of the external audit firm; and
- the engagement of the External Auditor to supply non-audit services, including the approval of non-audit services.
Whistleblowing, fraud and bribery
5. The Committee shall:
i) oversee the arrangements by which the Society’s staff may raise concerns, in confidence, about possible wrongdoing in financial reporting or other matters (whistleblowing);
ii) ensure that any such whistleblowing matter is properly investigated as required under the Society’s Whistleblowing Policy and relevant regulatory requirements;
iii) receive a report from the Whistleblowing Champion (as that term is defined in the Whistleblowing Policy) annually prior to such report being provided to the Board; and
iv) review the Society’s procedures for detecting fraud and its systems and controls for the prevention of bribery, including instances of non-compliance.
6. The Committee shall:
i) consider other topics, as defined and delegated by the Board;
ii) report to the Board on how it has discharged its responsibilities including its review of the Society’s Annual Report & Accounts and other financial statements as well as information presented with the financial statements such as the business review and corporate governance statements relating to audit and risk management;
iii) in relation to the financial statements, report on the significant issues that it considered and how they were addressed and its assessment of the effectiveness of the external audit process;
iv) receive training relevant to its activities both in the form of an induction programme for new members and on an ongoing basis;
v) work and liaise with all other Board Committees, taking particular account of the impact of risk management and internal controls matters being delegated to different committees; and
vi) The Committee shall undertake an annual assessment of its effectiveness and report the output of its assessment to the Board.