The primary objectives of the Audit and Risk Committee are to:
1.1 Assist the Board in discharging its responsibilities by oversight and review of:
- Financial reporting
- Risk management
- Debt structure and debt instruments
- Accounting policies
- The evaluation of all major capital expenditure proposals
- Business ethics, policies and practices
- Internal controls
- Compliance with taxation and other applicable laws and regulations
- Integrity and performance of the internal audit function
- Corporate governance.
1.2 Provide a forum for communication between the Board, Senior Management and both the internal and external auditors.
The Committee is authorised, within the scope of its responsibilities, to:
2.1 Seek information it requires from any Corporation employee or contractor, the external Auditor and/or any external party.
2.2 Obtain outside legal or other professional advice at the Corporation’s expense, and initiate special investigations as deemed necessary.
3.1 The Committee shall comprise no less than three and no more than four non-executive directors of the Board. In addition, an independent representative of the firm appointed as Internal Auditor of the Corporation shall attend each meeting of the Committee as advisor to the Committee.
3.2 Members shall be appointed by the Board for an initial period of four years, after which Members may be eligible for extension or reappointment for a further four years, after assessing performance. The Board shall appoint one of its members as chairperson of the Committee, however the Chairman of the Board shall not be appointed chairperson of the Committee.
3.3 Members shall be appointed on the basis of their requisite business and financial skills.
3.4 Regular attendees to Committee meetings shall be the Chief Financial Officer, and the Company Secretary who shall be the minute secretary of the Committee.
3.5 The Committee may invite various parties to attend its meetings depending on the meeting agendas and these parties would include the Chief Executive Officer, external auditors, the manager responsible for risk management, the manager responsible for internal audit, and other members of the executive team.
3.6 Any Director who is not a member of the Committee will have the right to attend any meeting of the Committee.
4.1 The Committee shall meet at least four times a year and such additional meetings as the Chairperson shall decide in order to fulfil its duties.
4.2 A quorum shall consist of two Committee members.
4.3 All decisions of the Committee shall be determined on the basis of a majority vote of members. In any instances of a tied vote, the matter shall be referred to the Board.
4.4 When the Committee must reach a decision between meeting dates, this decision may be made by circular resolution. In carrying out a vote by circular resolution, the Chairperson of the Committee has an obligation to attempt to contact all Committee members. A circular resolution will be taken to be carried only when the majority of Committee members vote in the affirmative.
4.5 Prior to each meeting the Committee may convene privately without any members of Management in attendance, for meetings with:
- the External Auditor
- the Internal Auditor
- the Chief Financial Officer
- the Company Secretary
5.1 The Company Secretary shall be responsible for:
- Preparing the agenda for each meeting, for approval by the Chairperson of the Committee;
- Distributing the papers for each meeting;
- Keeping minutes of all meetings of the Committee. Once the minutes of each meeting have been reviewed by the Chairperson of the
- Committee, they shall be routinely submitted to the Board for information;
- Notifying all employee of the Port Authority, and the auditors and other external parties who are required to attend any meeting for specific agenda items.
5.2 The Chief Financial Officer will be responsible for:
Reviewing the agenda for each meeting, for approval by the Chairperson of the Committee;
Providing approval for all papers required for each meeting.
6.1 The Committee shall consider any matters relating to the financial affairs and risk management issues of Port Authority that it determines to be desirable. In addition, the Committee shall examine any other matters referred to it by the Board.
6.2 The Committee shall evaluate the priorities determined by Management in the draft Enterprise Risk Management Plan (ERMP) and seek a reassessment or modification of those priorities to complete a final ERMP. The Committee will recommend the final ERMP to be adopted by the Board showing both Management’s priorities for risk mitigation actions, or with different priorities as determined by the Committee.
6.3 On the basis of the ERMP adopted by the Board, the Committee shall establish an Annual Work Plan that defines the activities and timeframes for items to be considered by the Committee. The Annual Work Plan shall be part of a three year Internal Audit program and it shall incorporate:
- A review at each quarterly Audit & Risk Committee meeting of Management’s performance in taking action to mitigate risks identified in the ERMP;
- The timetable necessary to complete the Corporation’s Annual Financial Report and to meet the requirements of the external auditors;
- The Annual Internal Audit Plan which shall incorporate regular reports on areas selected for investigation consistent with the three-year Internal Audit Program approved by the Committee;
- The Corporation’s Fraud & Corruption Policy which shall address fraud identification, and its control and investigation. Where amendments to the Policy are identified, the Committee will make recommendations to the Board in that regard;
- The adequacy and cost of insurance cover.
6.4 The Internal Audit Program shall be agreed with the Internal Auditor at the time of their appointment and shall cover the three year period of their appointment. The Internal Audit program shall be dissected into three Annual Work Plans which will include, but not be limited to the following audit activities:
- Expenditure control;
- Project management;
- IT, including information security;
- Revenue collection;
- The exposure of Port Authority to fraud and corruption
The activities of the Committee may include, but shall not be limited to the following:
7.1 External Auditors
- To discuss with the external auditor before the audit commences the nature and scope of the audit;
- To discuss the issues and/or reservations arising from the interim and final audits, and any matters the auditor may wish to discuss;
- To consider the external auditor’s management letter and management’s response.
7.2 Financial Control and Reporting
To examine the Annual Report before submission to the Board, focusing particularly on:
- changes in accounting policies and practices
- major judgmental areas
- asset valuation
- significant adjustments resulting from the audit
- compliance with accounting standards
- compliance with Government and legal requirements
- reports prepared by management for release to the stakeholders
Oversight and review major risks to which Port Authority is exposed and verify that the internal control systems are adequate and functioning effectively;
Review with management and/or the internal auditors the policies covering the control of Port Authority's assets and information systems, the staffing of the key functions and the plans for enhancement of operations
7.3 Internal Audit
- To appoint the Internal Auditor on the basis of a three year period which may be extended at the discretion of the Committee;
- To consider the internal audit Annual Work Plan and ensure that the internal audit function is adequately resourced and has appropriate standing within Port Authority;
- To promote co-ordination between management and internal and external auditors;
- To review any significant matters reported by the internal auditors and ascertain whether management’s response is adequate;
- To ensure that the internal auditors are independent of the activities that they audit.
7.4 Risk Management
- To appoint a party independent to the Internal Auditor as facilitator to the ERMP which shall be conducted on an annual basis;
- To evaluate the priorities determined by Management in identifying, assessing and prioritising risks;
- To evaluate the risk mitigation strategies defined and implemented by Management.
- To evaluate the performance of Port Authority’s broker and to appoint the insurance broker recognising the recommendations of Management;
- To evaluate the adequacy and cost of insurance cover across the organisation and make recommendations to the Board in that regard;
- To monitor all major insurance claims made by Port Authority.
7.6 Legal Compliance
- To review all significant transactions that do not form part of Port Authority's normal business;
- To consider compliance with any regulatory or statutory requirements;
- To review any current and pending litigation which has some financial risk exposure for Port Authority.
7.7 Compliance with Port Authority Code of Conduct
- To discuss and review with management, its philosophy with respect to business ethics and corporate conduct, its written code of conduct and program it has to monitor compliance with that code;
- To consider significant cases of employee conflict of interest, misconduct or fraud
- To evaluate Port Authority's exposure to fraud and corruption;
- To request and review special audits or investigations as may be necessary;
- To consider other matters, as referred to the Committee by the Board.
8.1 The Committee will regularly, but at least once a year, report to the Board on its operation, performance and activities during the year.
The report should include:
- A summary of the work the Committee performed to fully discharge its responsibilities during the preceding year;
- A summary of the Port Authority's progress in addressing the findings and recommendations made in internal and external reports;
- An overall assessment of Port Authority's risk, control and compliance framework, including details of any significant emerging risks or legislative changes impacting Port Authority;
- Details of meetings, including the number of meetings held during the relevant period, and the number of meetings each member attended;
- A self-assessment of the performance of the Committee against and compliance with the NSW Treasury Commercial Policy Framework: Guidelines for Boards of Government Businesses (tpp 09-02).
8.2 The Committee shall
- Record proceedings of each meeting and circulate them to the Board;
- Prepare a report to the Board summarising work performed by the Committee to fully discharge its duties;
- Ensure that the Charter of the Audit & Risk Committee is posted on Port Authority’s website.
8.3 Port Authority Annual Report should include a statement describing the responsibilities and activities of the Committee.