Presentation on theme: "Presentation by Ebrahim Sidat 1 CONFERENCE ON BANK’S CORPORATE GOVERNANCE THE ROLE OF AUDIT COMMITTEE IN GOOD CORPORATE GOVERNANCE Presentation by EBRAHIM."— Presentation transcript:
Presentation by Ebrahim Sidat 1 CONFERENCE ON BANK’S CORPORATE GOVERNANCE THE ROLE OF AUDIT COMMITTEE IN GOOD CORPORATE GOVERNANCE Presentation by EBRAHIM SIDAT COUNTRY MANAGING PARTNER/CEO F ORD R HODES S IDAT H YDER & C o. A Member of Ernst & Young International Karachi, May 29, 2006 Organized by State Bank of Pakistan Pakistan Institute of Corporate Governance and International Finance Corporation 1
Presentation by Ebrahim Sidat 2 PRESENTATION HIGHLIGHTS Underlying objectives of Corporate Governance Certain imperatives for the Board of Directors SBP Prudential Regulation – G1 Conceptual role of Audit Committee Audit Committee – Certain mandatory provisions under the SECP’s Code of Corporate Governance Functions of Audit Committee Audit Committee’s role as envisaged by the Basel Committee principles on bank’s internal controls Role of Audit Committee under the UK- CCCG Certain fundamental matters on which Audit Committee should focus Potential benefits of an effective Audit Committee Guidelines for judging effectiveness of Audit Committee Touchstone to judge quality of internal control Board’s obligation to review internal control is not a regulatory imposition but indeed a business imperative Risk based principles to assess internal control Risk management – a comprehensive dimension of Corporate Governance Overview of SBP’s guidelines on risk management Risk identification – a fundamental business imperative Guidelines on significant risk indicators Audit Committee - how to judge its effectiveness
Presentation by Ebrahim Sidat 3 TRANSPARENCY - ACCOUNTABILITY - FAIRNESS - RESPONSIBILITY. It is not intended to create regulatory imposition or intervention. The fundamental objective is to encourage and enforce self- regulation, with the ultimate goal of : being more responsive to the dictates of transparent and ethical behaviour promoting growth of the enterprise, its profitability and maximize shareholder-value, having regard to the interest of all stakeholders achieving strategic goals being socially responsible UNDERLYING OBJECTIVES OF CORPORATE GOVERNANCE
Presentation by Ebrahim Sidat 4 CERTAIN IMPERATIVES FOR THE BOARD OF DIRECTORS Formulate corporate strategy. Adopt a set of significant policies. Identify and prioritise risks. Institute risk-management policies and control strategies Ensure to have in place sound and effective internal control framework. Attach a high priority to status of compliance with ethical standards and best practices of corporate governance.
Presentation by Ebrahim Sidat 5 SBP PRUDENTIAL REGULATION (PR) G-I Responsibilities of the Board inter-alia include: Governance and oversight role related to: Financial and Management Information Systems (MIS) Internal Control Internal Audit Compliance Risk Management Credit (Advances) including write-offs, recovery, re-scheduling/ re-structuring of debt Treasury Management Investments
Presentation by Ebrahim Sidat 6 SBP Prudential Regulation (PR) G-I Fixed assets – acquisition and disposal. Donations and charities. Prevention of frauds and forgeries. Compliance programme. KYC and anti-money laundering measures.
Presentation by Ebrahim Sidat 7 CONCEPTUAL ROLE OF AUDIT COMMITTEE CORPORATE GOVERNANCE COMPACT INTERNAL AUDIT EXTERNAL AUDIT AUDIT COMMITTEE BOARD OF DIRECTORS TO OVERSEE & REPORT TO BODNOT TO MANAGE TO SUPPORT/ADVISE MANAGEMENTNOT TO STIFLE OPERATIONAL PERFORMANCE TO HAVE MEANINGFUL, RELEVANT AND TRANSPARENT INFORMATION NOT TO HAVE INFORMATION OVERLOAD TO THINK, JUDGE AND ACT ON SIGNIFICANT GOVERNANCE/RISK ISSUES NOT TO BE TOO PROCESS - DRIVEN TO ENSURE CONFORMANCE FOR GOVERNANCE AND BETTER PERFORMANCE NOT TO BE INDIFFERENT TO RESULTS
Presentation by Ebrahim Sidat 8 AUDIT COMMITTEE (AC) – CERTAIN MANDATORY PROVISIONS UNDER THE SECP’s CODE OF CORPORATE GOVERNANCE AC to perform duties as per terms of reference listed in paragraph (xxxiii) of CCG. AC shall have at least 3 members including the chairperson. Majority of the members of the AC shall be non-executive directors. Chairperson shall preferably be a non-executive director. Names of the members of AC shall be disclosed in the annual report.
Presentation by Ebrahim Sidat 9 AC shall appoint secretary of the committee. CFO, head of internal audit and the external auditor’s representative to attend quarterly meeting with AC. Separate meeting of AC with auditors and head of internal audit and others atleast once a year. AC’s recommendations to normally prevail over BOD in relevant matters. Audit Committee (AC) – Certain mandatory provisions under the SECP’S Code of Corporate Governance
Presentation by Ebrahim Sidat 10 FUNCTIONS OF AUDIT COMMITTEE (as stipulated in SBP’s Handbook of Corporate Governance) a)Determination of appropriate measures to safeguard the bank’s assets. b)Review of preliminary announcements of results prior to publication. c)Review of quarterly, half-yearly and annual financial statements, prior to their approval by the Board of Directors, focusing on: major judgmental areas; significant adjustments resulting from the audit; the going-concern assumption; any changes in accounting policies and practices;
Presentation by Ebrahim Sidat 11 Functions of Audit Committee (as stipulated in SBP’s Handbook of Corporate Governance) Compliance with applicable accounting standards; and Compliance with listing regulations and other statutory and regulatory requirements. d)Facilitating the external audit and discussion with external auditors of major observations arising from interim and final audits and any matter that the auditors may wish to highlight (in the absence of management, where necessary). e)Review of management letter issued by external auditors and management’s response thereto. f)Ensuring coordination between the internal and external auditors.
Presentation by Ebrahim Sidat 12 Functions of Audit Committee (as stipulated in SBP’s Handbook of Corporate Governance) g)Review of the scope and extent of internal audit and ensuring that the internal audit function has adequate resources and is appropriately placed within the bank. h)Consideration of major findings of internal investigations and management’s response thereto. i)Ascertaining that the internal control system including financial and operational controls, accounting system and reporting structure are adequate and effective. j)Review of the statement on internal control systems prior to endorsement by the Board of Directors.
Presentation by Ebrahim Sidat 13 Functions of Audit Committee (as stipulated in SBP’s Handbook of Corporate Governance) k)Instituting special projects, value for money studies or other investigations on any matter specified by the Board of Directors, in consultation with the Chief executive and to consider remittance of any matter to the external auditors or to any other external body. l)Determination of compliance with relevant statutory requirements. m)Monitoring compliance with the best practices of corporate governance and identification of significant violations thereof. n)Consideration of any other issue or matter as may be assigned by the Board of Directors.
Presentation by Ebrahim Sidat 14 AUDIT COMMITTEE’S (AC) ROLE AS ENVISAGED BY THE BASEL COMMITTEE PRINCIPLES ON BANK’S INTERNAL CONTROLS Principle 19 AC assists Board of Directors’ task to ensure the existence and maintenance of adequate system of internal controls. AC reinforces internal control system, internal and external audits. AC should have a proper written charter. AC should have at least 3 members of the Board who are not current or former members of senior management. AC should have at least one member having a background in financial reporting, accounting or auditing. AC should approve (“confirm”) the internal audit charter, the audit plan and the resources required.
Presentation by Ebrahim Sidat 15 ROLE OF AUDIT COMMITTEE (as set out in UK Combined Code of Corporate Governance) To monitor integrity of the financial statements. To review the company’s internal financial controls (and its risk management systems). To monitor and review the effectiveness of internal audit. To recommend (to the board) appointment of the external auditor, and approve their remuneration and terms of engagement. To review and monitor the external auditor’s independence, objectivity and the effectiveness of the audit process. To develop and implement policy on using the external auditor to render non-audit services. To institute whistle-blowing arrangements.
Presentation by Ebrahim Sidat 16 CERTAIN FUNDAMENTAL MATTERS ON WHICH AUDIT COMMITTEE (AC) SHOULD FOCUS Ensure completeness, accuracy and fairness of financial statements, directors’ report and other corporate disclosures. Assess conceptual validity and practical application of significant accounting policies. Carry out independent assessment of judgmental issues and accounting estimates made by management. Seek assurance from management about completeness and fairness of corporate disclosures, both financial and non-financial. Enquire about material unusual transactions, events, contracts, arrangements, adjustments, related party transactions, departure from established norms/practices and such other significant issues.
Presentation by Ebrahim Sidat 17 Certain fundamental matters on which AC should focus Review periodically internal control and risk management procedures. Be alert to any indications or signals of impropriety or questionable conduct or deficient regulatory compliance by causing to introduce “red flags” and the mitigating controls. Address promptly all significant complaints by ensuring to have in place effective “whistle-blowing” procedures.
Presentation by Ebrahim Sidat 18 POTENTIAL BENEFITS OF AN EFFECTIVE AUDIT COMMITTEE (AC) Review of periodical and annual financial statements substantially enhances standard of financial reporting. An environment of discipline, risk management awareness and control mitigates potential risk of fraud and irregularities. NEDs bring to bear independent judgment on all significant matters. Financial reporting line head is provided a forum to raise and moot issues of concern which might otherwise be difficult. Head of internal audit and external auditors have an effective, prompt and independent line of communication on matters deemed critical or significant and for issue resolution. Public confidence and credibility in the transparency and objectivity of financial reporting process is enhanced and reinforced.
Presentation by Ebrahim Sidat 19 GUIDELINES FOR JUDGING EFFECTIVENESS OF AUDIT COMMITTEE (AC) Composition of AC. Competence of AC members, in particular NEDs. AC Chairman’s commitment and proficiency. Conduct and duration of AC proceedings and its documentation. Quality of information and its timely dissemination. Follow-up on preceding actions and decisions. Level and frequency of inter-action with other players.
Presentation by Ebrahim Sidat 20 TOUCHSTONE TO JUDGE QUALITY OF INTERNAL CONTROL Whether for purposes of risk management, it is: sound enough in design and effective enough in implementation to safeguard the shareholders’ investment and the Company’s assets Whether there is a system in place to reviewing and monitoring regularly the internal control system to respond to continually evolving risks and exposures
Presentation by Ebrahim Sidat 21 What the Board is expected to do to discharge its obligations in the context of internal control Recognize that reviewing the effectiveness of internal control is an inherent part of the board’s responsibilities How should the board discharge this obligation? –Ask discerning and relevant questions from management –Evaluate management’s information and assurance on the soundness and implementation of internal control –Receive from management at regular intervals, reports on risk management and internal controls embracing “all controls” to mean: –Internal financial controls –Operational controls –Compliance controls BOARD’S OBLIGATION TO REVIEW INTERNAL CONTROL IS NOT A REGULATORY IMPOSITION BUT INDEED A BUSINESS IMPERATIVE
Presentation by Ebrahim Sidat 22 RISK BASED PRINCIPLES TO ASSESS INTERNAL CONTROL (IC) IC should emerge as a reflection of the “tone at the top”. IC is a means to an end and not an end in itself. Risk orientation should be the fundamental premises of all ICs. IC be embedded in the business processes to pursue bank’s objectives and indeed become its culture. IC should remain relevant over time and keep pace with emerging changes and developments. IC system and procedures should be organization – specific. IC should facilitate and promote operational effectiveness and efficiency. IC should justify cost-benefit consideration without compromising. overall objectives. IC does not eliminate need for sound and astute business judgment. IC reduces but cannot eliminate possibility of poor judgment in decision-making. IC provides reasonable but not absolute assurance on various aspects of business.
Presentation by Ebrahim Sidat 23 RISK MANAGEMENT - A COMPREHENSIVE DIMENSION OF CORPORATE GOVERNANCE Risk management is a comprehensive concept. Risk is inherent in business and is an essential concomitant of profits. Business risk is both endemic and pervasive. Risk management should not be visualized only in the context of an adverse phenomenon, unfavourable happenings and circumstances. Missed opportunities and failure to cause to happen or exploit potential good events is also an integral part of risk management.
Presentation by Ebrahim Sidat 24 Control strategies manage and mitigate risks but cannot eliminate entirely. Risk taking in business need to be differentiated with recklessness, callousness, indifference and a cavalier attitude. Risk management inherently pre-supposes existence of an effective early warning mechanism. Risks upon identification need to be prioritized having regard to: 1.High impactHigh likelihood 2.High impactLow likelihood 3.Low impactHigh likelihood 4.Low impactLow likelihood Awareness of trigger events and their frequency in relation to each significant business risk is an essential element of risk management. Risk management - a comprehensive dimension of corporate governance
Presentation by Ebrahim Sidat 25 OVERVIEW OF SBP’S GUIDELINES ON RISK MANAGEMENT (BSD Circular No.7 of August 15, 2003) Risk Management encompasses risk identification, assessment, measurement, monitoring and mitigating / controlling all risks inherent in the business of banking. These are generally contemplated as under: CREDIT RISK MARKET RISK LIQUIDITY RISK OPERATIONAL RISK COMPLIANCE / REGULATORY RISK Directors’ Report Issued annually to specifically include under the heading “Risk Management Framework” the following: a)Overall plan to meet SBP guidelines on risk management b)Status and details of implementation / actions taken c)Indicative time frame for full compliance and implementation
Presentation by Ebrahim Sidat 26 RISK IDENTIFICATION - A FUNDAMENTAL BUSINESS IMPERATIVE Understand the company’s products and services. Know the market place and the company’s relative status and share therein. Identify success factors critical to the achievement of the company’s objectives. Obtain awareness on the overall organizational structure and delegation of authority and responsibility. Study control environment and risk assessment processes within the company. Acquaint with the contour of:
Presentation by Ebrahim Sidat 27 Risk Identification –Information and communication system –Monitoring and evaluation system to form a preliminary view of their soundness, reliability and effectiveness or otherwise Ascertain problems, impediments or near misses that may have happened or are potentially threatened to the detriment of business. Enquire on any fraud or probity issues (including conflict of interest) in the recent history of the bank. Apprise with the legal and regulatory environment in which the bank operates.
Presentation by Ebrahim Sidat 28 GUIDELINES ON SIGNIFICANT RISK INDICATORS Internal –Issues of integrity, ethics, propriety and probity –Defective HR policies and procedures and high personnel turnover –Improper reward and incentive system –Lack of qualified personnel at various levels –Improper delegation of authority and responsibility –Incompatibility in growth and the existing organization and infra- structure –Impairing of control processes (preventive and detective) resulting in a higher than reasonable incidence of loss of business, frauds, errors and irregularities
Presentation by Ebrahim Sidat 29 –Liquidity crises and impaired credit worthiness –Shrinking markets denominated by declining business and revenue and squeezing of spreads External –Threats posed by unfair competition in the market place and changing clients’ behavior –Technological threats posed by innovation –Litigation and underlying exposure –Health, safety and environmental issues –Regulatory and compliance exposure –Foreign currency risk and exposure –Changes in governmental policies (including political and economic) and legal and regulatory implications arising therefrom Significant Risk Indicators
Presentation by Ebrahim Sidat 30 AUDIT COMMITTEE (AC) HOW TO JUDGE ITS EFFECTIVENESS See whether AC is focussed on the “FIVE Cs” (Understand)Complexity of business and the underlying risk profile (Probe)Creativity - undue creativity in business structures, transactions, accounting, tax planning etc. is prone to dangerous consequences (Focus)Controls - focus on the importance of controls (Watch)Coziness - Board’s relationship with CEO and senior management, between the company and its external auditors. Is it too close to compromise objectivity and independence of thought (Analyse)Choices - CEO, CFO and other senior management exercise critical choices relevant to policies, estimates and judgements