Audit & Risk Committee report


Mark Morris (Chairman)
Chris Havemann
Ben Mingay

The Audit & Risk Committee is chaired by Mark Morris who has recent and relevant financial experience. He worked in audit, business advisory and corporate finance before becoming a plc Finance Director and previously chaired the Audit Committee of LSL Property Services plc.

The internal and external auditors, the Chief Financial Officer, the Chief Executive Officer and the Chairman are invited, but are not entitled, to attend all meetings. Where appropriate, other Executive Directors and managers also attend meetings at the Chairman’s invitation. The external and internal auditors are provided with the opportunity to raise any matters or concerns that they may have, in the absence of the Executive Directors, whether at Committee meetings or, more informally, outside of them.


The primary responsibilities of the Committee are to:

  • monitor, on behalf of the Board, compliance with and the effectiveness of, the Company’s accounting and internal control systems
  • agree audit strategy
  • monitor the scope and results of the Company’s annual external audit
  • review the independence and objectivity of its auditors
  • review the preliminary and interim results and financial statements before they are presented to the Board
  • approve and monitor the internal audit plan
  • review the appropriateness of the internal audit function.
  • receive reports from the Company’s internal and external auditors
  • make recommendations to the Board on accounting policies
  • make recommendations to the Board for a resolution to be put to the shareholders for their approval in general meeting for the appointment of the external auditor, the approval of its remuneration and its terms of engagement
  • receive reports from the Group Risk Committee
  • advise the Board on the Group’s overall risk appetite, tolerance and strategy
  • advise the Board on current risk exposures and future risk strategy
  • review and approve the means by which the Group and its regulated subsidiary undertakings seek to comply with their respective regulatory obligations
  • review the adequacy and security of the Company’s arrangements for its employees to raise concerns, in confidence, about possible wrongdoing in financial reporting or other matters.

Summary of meetings in the year

The Committee usually meets three times in the year and did so in FY17. During the year the agenda has included the following items:

  • Half year results
  • Full year results
  • Principal judgemental accounting matters
  • External audit plans and reports
  • Internal audit plans and reports
  • Risk assessments and reports
  • Updates on regulatory compliance activity
  • Updates on certain key risks, in particular, information security
  • Whistleblower reports
  • Internal audit effectiveness and independence
  • External audit effectiveness and independence.

The Committee meets privately, without any of the Executive Directors or management present, with the external and internal auditors after each Committee meeting.

The Chairman of the Committee provides an update in respect of the matters discussed to the Board after each Committee meeting and the minutes of meetings are circulated to the whole Board.

Significant issues related to the financial statements

The Committee assesses whether suitable accounting policies have been adopted and whether management has made appropriate estimates and judgements. Management prepares papers providing details on the key judgements and these are reviewed by the Committee.

The Committee also reviews reports from the external auditor on the half year and full year results, which provide an overview of the audit work undertaken and highlight any issues for discussion.

The significant issues considered in the year were:

  • revenue recognition, specifically the timing of when to recognise revenue so that sufficient revenue is deferred to cover future obligations
  • the carrying value of intangible assets (specifically acquisition intangible assets) and goodwill arising on the purchase of businesses and books of policies and customers
  • accounting in respect of new customers acquired through the Endesa, Suez and Enel ‘Sales Through Service’ channels
  • accounting for the acquisition of USP, including the value of the acquisition intangible and deferred tax assets to recognise.

The Committee addressed these matters using reports presented by management which set out the basis for the assumptions used. All of the issues were also discussed with the external auditor and its views were taken into account. The Committee is satisfied that the judgements made are reasonable and appropriate disclosures have been included in the accounts.

External auditor

The Committee is responsible for assessing the effectiveness of the external audit process, for monitoring the independence and objectivity of the external auditor and for making recommendations to the Board in relation to the appointment of the external auditor. The Committee is also responsible for developing and implementing the Group’s policy on the provision of non-audit services by the external auditor.

The Committee has agreed and implemented a procedure for reviewing and assessing its own effectiveness and that of the internal and external audit process. The Committee reviews the performance of the external auditor annually.

Deloitte LLP has been the Group’s auditor since 2002, although the lead audit partner rotates every five years.

During the year the external auditor presented its transparency report to the Committee, which is intended to demonstrate the steps it takes to ensure audit quality with reference to the Audit Quality Framework issued by the Professional Oversight Board of the Financial Reporting Council. The Committee also considered whether the auditor’s understanding of the Group’s business and its understanding of the sectors in which the Group operates, including the regulatory landscape, was appropriate to the Group’s needs. It also assessed the performance of the audit, the auditor’s conduct of its relationship with the Group and the requirements of the Group’s financial control process. On this basis, the Committee concluded that the needs of the Group would not be best served by putting the external audit out to tender at this time. The Committee has therefore recommended to the Board that the re-appointment of Deloitte LLP should be proposed at the forthcoming Annual General Meeting.

The Committee has noted the recent changes to EU audit legislation and the UK adoption of this legislation, which will require mandatory rotation for auditors of public interest entities at least every 20 years with a mandatory tender process being undertaken at the 10 year point. The transitional rules for this new legislation mean that the Group would be required to change its auditor after 2024. A recommended course of action will be proposed to the Board in due course. The Committee has not identified any factors which might restrict its choice of external auditor.

The Committee has implemented a policy relating to the use of the external auditors for non-audit services and monitors fees paid in respect of such services. This policy provides that the total fees payable to the auditor for non-audit related work in any financial year should not normally be more than 100% of the total fees payable in respect of audit and compliance services. In addition, any proposed spend over a predetermined limit must be approved by the Committee.

The policy has been updated in respect of FY18 and beyond to comply with EU audit regulation reforms.

The fees payable to the auditor for non-audit related work (excluding audit-related assurance services) totalled £366,000 and the fees payable in respect of audit and auditrelated assurance services totalled £704,000. Further detail on the fees paid is provided in Note 6.

In accordance with International Standards on Auditing (UK & Ireland) 260 and Ethical Statement 1 issued by the Accounting Practices Board, and as a matter of best practice, the external auditor has confirmed its independence as auditor of the Company.

Risk management and internal control

As stated in the Corporate Governance report, the Board has overall responsibility for the Group’s system of internal control and for reviewing its effectiveness. The Audit & Risk Committee supports the Board by advising on the Group’s overall risk appetite, tolerance and strategy, current risk exposures and future risk strategy. The Committee reviews risk registers produced by the management of each business and the plc function at each of its meetings. On a periodic basis, it also reviews action plans in respect of significant risks.

The Committee also monitors, on behalf of the Board, the effectiveness of the Company’s accounting and internal control systems. In fulfilling this responsibility, the Committee receives reports from management and the internal and external auditors.

Further details in respect of risk management and controls are set out in the Corporate Governance report.

Internal audit

The Committee considers and approves the internal audit plan which is based on an assessment of the key risks faced by the Group. Progress in respect of the plan is monitored throughout the year and care is taken to ensure that the internal audit function has sufficient resource to complete the plan. The audit plan may be reviewed during the year as a result of the ongoing assessment of the key risks or in response to the needs of the Group.

The Assurance & Risk Director reports ultimately to the Chairman of the Committee although he reports on a day-to-day basis to the Chief Financial Officer. He attends all meetings of the Committee and reports regularly to the Group Risk Committee. A report on completed internal audits is presented to the Committee and, where appropriate, action plans are reviewed. In addition, all grade 1 audit reports are circulated to the Committee as soon as they are finalised so any issues can be addressed in a timely manner.

During the year, an external review of the effectiveness of the internal audit function was completed by PwC. The review concluded that the function was operating effectively but a number of improvement recommendations were made which will be implemented over the coming year.

On behalf of the Audit & Risk Committee

Mark Morris
Chairman of the Audit & Risk Committee
23 May 2017