Audit and Risk Committee
The Committee's members include:
- Paul Lindwall – Committee Chair
- Michael Everett – Member
- Dennis Miyeli – Member
The Committee's Charter
The Chair of the Productivity Commission has established an Audit and Risk Committee in compliance with section 45 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and PGPA Rule section 17 Audit Committees for Commonwealth Entities.
The committee's role is to provide independent assurance to the Chair of the Productivity Commission (as the 'accountable authority' under the PGPA Act) on the Productivity Commission's financial and performance reporting responsibilities, risk oversight and management, and system of internal control.
The committee is not responsible for the executive management of these functions. The committee will engage with management in a constructive and professional manner in discharging its advisory responsibilities and formulating its advice to the Commission's Chair.
Members of the committee are expected to understand and observe the legal requirements of the PGPA Act and rules. Members are also expected to:
- act in the best interests of the entity as a whole
- apply good analytical skills, objectivity and good judgment
- express opinions constructively and openly, raise issues that relate to the committee's responsibilities and pursue independent lines of enquiry
- contribute the time required to meet their responsibilities.
Committee members must not use or disclose information obtained by the committee except in meeting the committee's responsibilities, or unless expressly agreed by the Commission's Chair.
The committee will be assisted by the entity's contracted internal auditors who will deliver an internal audit program in line with the Audit and Risk Committee's guidance and subject to approval by the Head of Office or delegate.
The Chair of the Productivity Commission authorises the committee, in accordance with its role and responsibilities, to:
- obtain any information it requires from any official or external party (subject to any legal obligation to protect information)
- discuss any matters with the Australian National Audit Office (ANAO), or other external parties (subject to confidentiality considerations)
- request the attendance of any official, including the Chair of the Commission, at committee meetings
- obtain legal or other professional advice, as considered necessary to fulfil its role, at the Commission's expense, subject to approval by the Chair of the Commission or delegate.
The Audit and Risk Committee comprises at least three members, appointed by the Chair of the Productivity Commission, who will also appoint the Chair of the committee. The committee will have a majority of independent members, as required by the PGPA Rule.
The Commission's Chair, Head of Office, Assistant Commissioner Corporate, Director Finance, Director ICT, or other management representatives may attend meetings as advisers or observers, as determined by the Chair, but will not be members of the committee.
A representative(s) of the ANAO will be invited to attend meetings of the committee, as an observer.
Committee members, taken collectively, will have a broad range of skills and experience relevant to the operations of the Productivity Commission. At least one member of the committee will have accounting or related financial management experience, with an understanding of accounting and auditing standards in a public sector environment.
Committee members will be appointed for periods determined by the Commission's Chair. A term of appointment will typically be three years, but the Chair may seek to appoint a member for a shorter term, and re-appoint for up to two further terms (taking account of the assessment arrangements referred to later in this Charter).
PGPA Act Rule section 17 states that the functions of an audit committee must include reviewing the appropriateness of the accountable authority's: financial reporting; performance reporting; system of risk oversight and management; and system of internal control. As such these functions are mandatory.
- To fulfil its responsibilities in respect of the financial reporting function the Committee will:
- review the financial statements and provide advice to the Chair of the Productivity
Commission (including recommending their signing). In particular, the committee will
- a) the Commission's compliance with accounting standards, including an assessment of the appropriateness of accounting policies and disclosures
- b) areas of significant judgement and financial statement balances that require estimation
- c) any significant changes to accounting policies and practices (by May each year)
- d) significant or unusual transactions, not covered by b) or c) above
- e) sign-off by entity management in relation to the quality of the financial statements, internal controls and compliance
- f) whether appropriate management action has been taken in response to any issues raised by the ANAO, including financial statement adjustments or revised disclosures.
- act as a forum for communication between Commission management and the ANAO
- review the processes in place designed to ensure that financial information included in the Commission annual report is consistent with the signed financial statements
- discuss with the ANAO the auditor's judgments about the adequacy of the Commission's accounting policies and the quality of the entity's processes for the preparation of the Commission's financial statements.
- review the financial statements and provide advice to the Chair of the Productivity Commission (including recommending their signing). In particular, the committee will review:
- To fulfil its responsibilities in respect of the performance reporting function the Committee will review the proposed reporting of the Productivity Commission's performance to satisfy itself that:
- the Portfolio Budget Statements and corporate plan include details of how performance will be measured and assessed
- the approach to measuring performance throughout the financial year against the performance measures included in its Portfolio Budget Statements and Corporate Plan is sound, and has taken into account guidance issued by the Department of Finance
- there are sound processes in place for the preparation of the annual Performance Statement and the inclusion of the Statement in the annual report
- the proposed Performance Statement is consistent with financial information, including the financial statements, that is proposed to be included in the annual report.
Note: the requirement for entities to prepare performance statements in accordance with section 39 of the PGPA Act applied from 2015-16.
Systems of risk oversight and management
- To fulfil its responsibilities in respect of the risk oversight and management function the Committee
- review whether management has in place a current and sound enterprise risk management framework and associated procedures for effective identification and management of the Commission's business and financial risks
- satisfy itself that a sound approach has been followed in managing the Commission's major risks including those associated with individual projects, program implementation, and activities
- satisfy itself that management has assessed the impact of the Commission's enterprise risk management framework on the entity's control environment, and insurance arrangements
- review the process of developing and implementing the Commission's fraud control arrangements and satisfy itself that the Commission has appropriate processes and systems in place to detect, capture and effectively respond to fraud risks
- review reports on fraud from management that outline any significant or systemic allegations of fraud, the status of any ongoing investigations and any changes to identified fraud risk in the Commission.
System of internal control
- To fulfil its responsibilities in respect of the system of internal function the Committee will:
Internal control framework
- review whether management's approach to maintaining an effective internal control framework, including in relation to functions performed by external parties such as cohtractors and advisers, is sound and effective
- review whether management has in place relevant policies and procedures, including Accountable Authority Instructions or their equivalent, and that these are periodically reviewed and updated
- satisfy itself that appropriate processes are in place to periodically (but not less than once per year) assess whether key policies and procedures are complied with
- satisfy itself that management periodically assesses the adequacy of the Commission's information security infrastructure.
- review whether appropriate policies and associated procedures are in place for the management and exercise of delegations and authorisations.
Business continuity management
- satisfy itself that a sound approach has been followed in establishing the Commission's business continuity planning arrangements, including whether business continuity and disaster recovery plans have been periodically updated and tested.
Ethical and lawful behaviour
- assess whether management has taken steps to embed a culture that promotes the proper use of Commonwealth resources and is committed to ethical and lawful behaviour.
- review the proposed internal audit coverage, ensure the coverage takes into account Commission's key risks, and recommend approval of the Annual Work Plan by the Head of Office
- review all audit reports and provide advice to the accountable authority on significant issues identified in audit reports and recommend action on significant issues raised, including identification and dissemination of good practice
- monitor management's implementation of internal audit recommendations
- periodically review the performance of internal audit and provide advice to the Chair of the Commission on the appointment of the internal auditor contractor
- advise the Chair of the Commission on the adequacy of internal audit resources, or budget, to carry out its responsibilities, including completion of the approved internal audit work plan.
Legislative and policy compliance
- review the effectiveness of the system for monitoring the Commission's compliance with those laws, regulations and associated government policies with which the Commission must comply
- determine whether management has appropriately considered legal and compliance risks as part of the entity's enterprise risk management plan.
Engagement with the ANAO
In undertaking its role, the committee will engage with the ANAO, as the entity's external auditor, in relation to the ANAO's financial statement and performance audit coverage. In particular, the committee will:
- provide input on planned ANAO financial statement and performance audit coverage
- review entity specific and relevant cross-entity external performance audit reports and monitor management's response and implementation of audit recommendations
- provide advice to the Chair of the Commission on action to be taken on significant issues raised in relevant ANAO reports or better practice guides
- meet privately with the ANAO when considered necessary.
The committee will, as often as necessary, and at least once a year, report to the Chair of the Commission on its operation and activities during the year and confirm that all functions outlined in this charter have been satisfactorily addressed.
The committee may, at any time, report to the Chair of the Commission any other matter it deems of sufficient importance to do so. In addition, at any time an individual committee member may request a meeting with the Chair of the Commission.
The committee will meet at least four times per year. One or more special meetings may be held to review the Commission's annual financial statements and performance statements or to meet other specific responsibilities of the committee.
The Chair is required to call a meeting if asked to do so by the Chair of the Commission, and decide if a meeting is required if requested by another member, internal audit or the ANAO.
Annual Work Plan
The committee will develop a forward meeting schedule that includes the dates, location, and proposed agenda items for each meeting for the forthcoming year, and that covers all the functions outlined in this charter.
A quorum will consist of a majority of committee members. A quorum will include at least one external member. The quorum must be in place at all times during the meeting.
The Head of Office, in consultation with the committee, will appoint a person to provide secretariat support to the committee. The secretariat will:
- ensure the agenda for each meeting is approved by the Chair of the committee; the agenda and supporting papers are circulated, at least one week before the meeting
- ensure the minutes of the meetings are prepared and maintained.
Minutes must be reviewed by the Chair of the committee and circulated in a timely manner to each member and committee advisers and observers, as appropriate.
Conflicts of interest
Once each year, members of the committee will provide written declarations, through the Chair of the committee, to the Chair of the Commission declaring any material personal interests they may have in relation to their responsibilities.
External members should consider past employment, consultancy arrangements and related party issues in making these declarations and the Chair in consultation with the Audit and Risk Committee Chair, should be satisfied that there are sufficient processes in place to manage any real or perceived conflict.
At the beginning of each committee meeting, members are required to declare any material personal interests that may apply to specific matters on the meeting agenda. Where required by the Chair, the member will be excused from the meeting or from the committee's consideration of the relevant agenda item(s).
The Chair is also responsible for deciding, in consultation with the Chair where appropriate, if he/she should excuse themselves from the meeting or from the committee's consideration of the relevant agenda item(s). Details of material personal interests declared by the Chair and other members, and actions taken, will be appropriately recorded in the minutes.
New members will receive relevant information and briefings on their appointment to assist them to meet their committee responsibilities.
The Chair of the committee, in consultation with the Commission's Chair, will undertake a review of the performance of the committee at least once every two years. The review will be conducted on a self-assessment basis.
The Chair of the committee will provide advice to the Chair of the Commission on an external member's performance where an extension of the member's tenure is being considered.
Review of charter
The committee will review this charter as required, and advise the Chair of the Commission of any substantive recommended changes for approval.
Date 23 November 2018