Audit and Risk Committee
The Committee's members include:
- Fran Raymond – Committee Chair
- Tony Hof – Member
- Peter Dunlop – Member
Audit and Risk Committee Charter
The Accountable Authority of the Productivity Commission (PC), the PC Chair, has established an Audit and Risk Committee (ARC) in compliance with section 45 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and PGPA Rule section 17 Audit Committees for Commonwealth Entities.
This Charter defines the role, authority, responsibilities and functions of the ARC. It been developed in accordance with the PGPA Act, PGPA Rule, and ‘A guide for non-corporate Commonwealth entities on the role of audit committees’ issued by the Department of Finance in September 2021.
Role
The ARC’s role is to provide independent advice and assurance to the Accountable Authority on the PC’s financial and performance reporting responsibilities, risk oversight and management, and system of internal control.
The ARC is not responsible for the executive management of these functions. The ARC will engage with management in a constructive and professional manner in discharging its advisory responsibilities and formulating its advice to the Accountable Authority.
The ARC will be assisted by the entity’s contracted internal auditors who will deliver an internal audit program in line with the ARC’s guidance and subject to approval by the Head of Office or delegate.
Functions1
Financial reporting [PGPA Rule 17(2)(a)]
To fulfil its responsibilities in respect of the financial reporting function the ARC will:
- review the financial statements and provide advice to Accountable Authority; (including recommending their signing). In particular, the ARC will review:
- the PC’s compliance with accounting standards, including an assessment of the appropriateness of accounting policies and disclosures
- areas of significant judgement and financial statement balances that require estimation
- any significant changes to accounting policies and practices (by May each year)
- significant or unusual transactions, not covered by b) or c) above
- sign-off by entity management in relation to the quality of the financial statements, internal controls and compliance
- at least annually and following material changes, provide written statements to the Accountable Authority on the appropriateness of the entity’s financial reporting, performance reporting, system of risk oversight and management, and system of internal control, including specific areas of concern and recommendations for improvement
- review information prepared for Finance for the Australian Government consolidated financial statements, including the supplementary reporting package, and advise on compliance with PGPA Act, PGPA Rule, Accounting Standards and supporting guidance
- whether appropriate management action has been taken in response to any issues raised by the ANAO, including financial statement adjustments or revised disclosures.
- act as a forum for communication between PC management and the ANAO
- review the processes in place designed to ensure that financial information included in the PC annual report is consistent with the signed financial statements
- discuss with the ANAO the auditor’s judgments about the adequacy of the PC’s accounting policies and the quality of the entity’s processes for the preparation of the PC’s financial statements.
Performance reporting [PGPA Rule 17(2)(b)]
To fulfil its responsibilities in respect of the performance reporting function the ARC will review the proposed reporting of the PC’s performance to satisfy itself that:
- the Portfolio Budget Statements and corporate plan include details of how performance will be measured and assessed
- the approach to measuring performance throughout the financial year against the performance measures included in its Portfolio Budget Statements and Corporate Plan is sound, and has taken into account guidance issued by the Department of Finance
- there are sound processes in place for the preparation of the annual Performance Statement and the inclusion of the Statement in the annual report
- the proposed Performance Statement is consistent with financial information, including the financial statements, that is proposed to be included in the annual report
- provide advice on the appropriateness of the Annual Performance Statements and performance reporting overall
- will periodically review selected key performance measures on a rotating basis to assess their validity, reliability and completeness, and advise the Accountable Authority on any issues identified and opportunities for improvement.
Note: the requirement for entities to prepare performance.
Note: the requirement for entities to prepare performance statements in accordance with section 39 of the PGPA Act applied from 2015–16.
Systems of risk oversight and management [PGPA Rule 17(2)(c)]
To fulfil its responsibilities in respect of the risk oversight and management function the ARC will:
- review whether management has in place a current and sound enterprise risk management framework and associated procedures for effective identification and management of the PC’s business and financial risks
- review the enterprise risk management framework and the associated system of internal controls supporting the identification and management of the entity’s risks, including emerging risks and those related to significant projects and program implementation activities, in accordance with the Commonwealth Risk Management Policy
- satisfy itself that the entity has an effective risk management capability, and that key roles, responsibilities and authorities for risk management are clearly defined and appropriately managed.
- satisfy itself that management has assessed the impact of the PC’s enterprise risk management framework on the entity’s control environment, and insurance arrangements
- review the process of developing and implementing the PC’s fraud control arrangements and satisfy itself that the PC has appropriate processes and systems in place to detect, capture and effectively respond to fraud risks
- review reports on fraud from management that outline any significant or systemic allegations of fraud, the status of any ongoing investigations and any changes to identified fraud risk in the PC.
System of internal control [PGAP Rule 17(2)(d)]
To fulfil its responsibilities in respect of the system of internal function the ARC will review and provide advice to management on their approach to maintaining effective controls in the following areas:
Internal control framework
- review whether management’s approach to maintaining an effective internal control framework, including in relation to functions performed by external parties such as contractors and advisers, is sound and effective
- review whether management has in place relevant policies and procedures, including Accountable Authority Instructions or their equivalent, and that these are periodically reviewed and updated
- satisfy itself that appropriate processes are in place to periodically (but not less than once per year) assess whether key policies and procedures comply with the Protective Security Policy Framework
- satisfy itself that management periodically assesses the adequacy of the PC’s information security infrastructure
- review systems of internal controls as a whole, with reference to any specific areas of concern or suggestions for improvement.
Delegations
- review whether appropriate policies and associated procedures are in place for the management and exercise of delegations and authorisations.
Business continuity management
- satisfy itself that a sound approach has been followed in establishing the PC’s business continuity planning arrangements, including whether business continuity and disaster recovery plans have been periodically updated and tested.
Ethical and lawful behaviour
- assess whether management has taken steps to embed a culture that promotes the proper use of Commonwealth resources and is committed to ethical and lawful behaviour.
Internal audit
- review the proposed internal audit coverage, ensure the coverage takes into account PC’s key risks, and recommend approval of the Annual Work Plan by the Head of Office
- review all audit reports and provide advice to the accountable authority on significant issues identified in audit reports and recommend action on significant issues raised, including identification and dissemination of good practice
- monitor management’s implementation of internal audit recommendations
- periodically review the performance of internal audit and provide advice to the Chair of the PC on the appointment of the internal auditor contractor
- advise the Chair of the PC on the adequacy of internal audit resources, or budget, to carry out its responsibilities, including completion of the approved internal audit work plan.
Legislative and policy compliance
- review the effectiveness of the system for monitoring the PC’s compliance with those laws, regulations and associated government policies with which the PC must comply
- determine whether management has appropriately considered legal and compliance risks as part of the entity’s enterprise risk management plan.
Authority
The ARC has no executive powers, except those expressly provided by Commonwealth legislation or delegated to it by the Accountable Authority. The Accountable Authority authorises the ARC, in accordance with its role and responsibilities, to:
- obtain any information it requires from any official or external party (subject to any legal obligation to protect information)
- discuss any matters with the ANAO, or other external parties (subject to confidentiality considerations)
- request any official, including the Accountable Authority, to attend a ARC meeting
- obtain legal or other professional advice (subject to the approval of the ARC Chair and appropriate financial delegation arrangements), as considered necessary for the proper discharge of its functions and responsibilities.
Membership and responsibilities
The Accountable Authority determines the composition of the ARC and appoints its members. When appointing members, the Accountable Authority will ensure that the collective qualifications, knowledge, skills and experience of the ARC’s members are suitable to enable the ARC to perform its functions in the context of the agency. At least one member will have accounting or related financial management experience with an understanding of accounting and auditing standards in a public sector environment.
ARC members, taken collectively, will have a broad range of skills and experience relevant to the operations of the PC and are expected to understand and observe the legal requirements of the PGPA Act 2013. The ARC will have a majority of independent members, as required by the PGPA Rule. Further, from 1 July 2021, all members of the ARC will be persons who are not officials of the PC; and the majority of members will be persons who are not officials of any Commonwealth entity.
The Accountable Authority, Head of Office, Assistant Commissioner Corporate, Director Finance and Office Services, Director, Digital Technologies (DT), or other management representatives may attend meetings as advisers or observers, as determined by the Chair, but will not be members of the ARC.
A representative(s) of the ANAO will be invited to attend meetings of the ARC, as an observer.
Members will be appointed for an initial period determined by the Accountable Authority and may be re-appointed for additional periods after a formal performance review.
- Members, including the Chair, will ordinarily be appointed for three-year terms, with staggered starting dates to ensure a rotation of members over time, and will generally serve no more than two terms. This helps introduce new skills and new perspectives to the deliberations of the ARC. Shorter-term appointments may be made at the discretion of the Accountable Authority.
The membership of the ARC, and attendance by non-members at ARC meetings, is shown in Attachment A.
Responsibilities of the Audit and Risk Committee Chair
The ARC Chair will:
- ensure the ARC is run effectively and inclusively, in line with an agreed agenda, to deal with the business at hand - having regard to the requirements under the PGPA Act, PGPA Rule, and guidance from the Department of Finance
- help frame the issues for discussion and deliberation, and seek to engage all members in discussions
- ensure decisions and actions arising from meetings are clearly articulated
- ensure that minutes are kept and records maintained (delegated to secretariat)
- provide leadership and determine the culture and behaviour of the ARC
- engage with the Accountable Authority as appropriate on outcomes and decisions from the ARC.
The ARC Chair is accountable for the effective operation of the ARC and any advice provided to the Accountable Authority.
Responsibilities of members
Members of the ARC are expected to:
- understand the ARC’s role and responsibilities, be familiar with the ARC’s relationship with management and the internal and external auditors, as well as have a sound knowledge of the entity’s operations and the environment in which it operates
- contribute the time needed to study and understand the papers provided, apply good analytical skills, objectivity and good judgement; and express opinions frankly, ask questions that go to the fundamental core of the issue and pursue independent lines of enquiry
- bring their own expertise and experience to the ARC to enable completion of activities in an efficient and effective manner
- conduct an annual self-assessment against this Charter and report improvement actions to the Accountable Authority.
ARC members are accountable for assisting the ARC Chair by participating constructively in discussions, providing feedback, proactively identifying issues and proposing solutions for their resolution.
ARC members must not use or disclose information obtained by the ARC except in meeting the ARC’s responsibilities, or unless expressly agreed by the Accountable Authority.
ARC members will be afforded access to all information necessary to enable the ARC to effectively carry out its role. In exercising this access, members must comply with the Privacy Act 1988 and all applicable confidentiality and secure information-handling requirements.
ARC members are entitled to request further information from management as required, including requests for the ARC to engage with agency officials. The ARC will make such requests through the Head of Office.
New ARC members will participate in a formal induction program, including an agreed agenda, a reading pack (incorporating this Charter), and mentoring by the Chair, to support them in fulfilling their responsibilities. Members will also undertake ongoing professional development to maintain relevant skills and knowledge.
Engagement with the ANAO
In undertaking its role, the ARC will engage with the ANAO, as the entity’s external auditor, in relation to the ANAO’s financial statement and performance audit coverage. In particular, the ARC will:
- provide input on planned ANAO financial statement and performance audit coverage
- review entity specific and relevant cross-entity external performance audit reports and monitor management’s response and implementation of audit recommendations
- provide advice to the Accountable Authority on action to be taken on significant issues raised in relevant ANAO reports or better practice guides
- may hold closed sessions at least annually with Internal Audit and with the ANAO and may request pre meeting briefings from management on significant issues.
Sub-committees
If required, the Committee may establish subcommittees with defined scopes and reporting obligations. The Committee will appoint a current member to chair such sub-committees.
The responsibilities, membership and reporting arrangements for each sub-committee shall be documented and approved by the Committee.
Conflicts of interest
Each year, members of the ARC will provide written declarations, through the Chair of the Committee, to the Accountable Authority declaring any material personal interests they may have in relation to their responsibilities. External members should consider past employment, consultancy arrangements and related party issues in making these declarations and the Accountable Authority in consultation with the ARC Chair, should be satisfied that there are sufficient processes in place to manage any real or perceived conflict.
At the beginning of each ARC meeting, members are required to declare any material personal interests that may apply to specific matters on the meeting agenda. Where required by the Chair, the member will be excused from the meeting or from the ARC’s consideration of the relevant agenda item(s).
The Chair is also responsible for deciding, in consultation with the PC Chair where appropriate, if he/she should excuse themselves from the meeting or from the ARC’s consideration of the relevant agenda item(s). Details of material personal interests declared by the Chair and other members, and actions taken, will be appropriately recorded in the minutes.
Administrative arrangements
Meeting frequency
The ARC will meet at least four times per year. One or more special meetings may be held to review the PC’s annual financial statements and performance statements or to meet other specific responsibilities of the ARC.
The Chair is required to call a meeting if asked to do so by the Accountable Authority and decide if a meeting is required if requested by another member, internal audit or the ANAO.
Annual Work Plan
The ARC will develop a forward meeting schedule that includes the dates, location, and proposed agenda items for each meeting for the forthcoming year, and that covers all the functions outlined in this charter.
Quorum
A quorum will consist of a majority of ARC members (two). The quorum must be in place at all times during the meeting.
Secretariat
Secretariat services will be provided to the ARC as detailed at Attachment A.
Advice format and record retention
Records of the Committee’s activities, including agendas, supporting papers, minutes, formal opinion letters and correspondence, will be accurately prepared and retained by the Secretariat in accordance with the entity’s record-keeping policies, applicable Commonwealth record-keeping requirements, the Archives Act 1983, and section 37 of the Public Governance, Performance and Accountability Act 2013.
Reporting
The ARC will, as often as necessary, and at least once a year, report to the Accountable Authority on its operation and activities during the year and confirm that all functions outlined in this charter have been satisfactorily addressed.
The ARC may, at any time, report to the Accountable Authority any other matter it deems of sufficient importance to do so. In addition, at any time an individual ARC member may request a meeting with the Accountable Authority.
Review of functions
The Chair of the ARC, in consultation with the Accountable Authority, will undertake a review of the performance of the committee at least once every two years. The review will be conducted on a self-assessment basis, with appropriate input sought from Committee members, senior management, internal audit, external auditor, and any other relevant stakeholders.
The Chair of the ARC will provide advice to the Accountable Authority on an external member’s performance where an extension of the member’s tenure is being considered.
The ARC will review this charter every year, or as required, and advise the Accountable Authority of any substantive recommended changes for approval.
Approval Decision Authority
This Charter was approved by the PC Chair on:
[signature]
Signed: Danielle Wood
Chair, Productivity Commission
Date: 3 March 2026
Previous version dated: 6 March 2025
Footnotes
- PGPA Act Rule section 17 states that the functions of an audit committee must include reviewing the appropriateness of the accountable authority’s: financial reporting; performance reporting; system of risk oversight and management; and system of internal control. As such these functions are mandatory. Locate Footnote 1 above
Attachment A – Audit and Risk Committee Charter
Membership
| Name | Role | Term ending |
|---|---|---|
| Fran Raymond | Committee Chair (External, non-APS) | 23 April 2026 |
| Peter Dunlop | Independent member (External, non-APS) | 16 January 2027 |
| Tony Hof | Independent member (External, non-APS) | 31 March 2028 |
Attendance at Committee meetings
Any Management Committee member may attend any ARC meeting and will be provided with all relevant papers prior to the meeting.
The Head of Office, the Chief Finance Officer, the Director, Finance and Office Services, and the Director, Digital Technology or their delegates, are expected to attend ARC meetings to assist the Committee in its work.
Attendance at ARC meetings may also include other members of management as necessary, internal auditors, internal audit function staff, and ANAO representative(s).
Secretariat
Secretariat services will be provided by the Corporate Group. The secretariat will ensure the agenda for each meeting is approved by the ARC Chair; the agenda and supporting papers are circulated at least one week before the meeting; and ensure timely minutes of the meetings are prepared and maintained. Minutes must be reviewed by the ARC and circulated in a timely manner to each member and ARC advisers and observers, as appropriate.
Agenda
The meeting agenda and any papers will be emailed to members at least one week before a meeting unless circumstances require a shorter timeframe. The meeting agenda will include details of any conflicts of interest previously declared by ARC members.
The standing agenda will comprise:
| Agenda Item | Table heading |
|---|---|
| 1 | Welcome and apologies |
| 2 | Declaration of interests (where not previously declared) |
| 3 | Confirmation of previous minutes |
| 4 | Actions arising |
| 5 | Specific agenda items |
| 6 | Other business |
| 7 | Next meeting |
Minutes
The secretariat will be responsible for preparing the minutes of each meeting, circulating minutes for review, and maintaining the minutes of each meeting as a complete record in accordance with records management requirements.
