Catch up here on our latest, news, events and publications
Non-financial reporting: building trust with internal audit
Internal audit can help organisations build trust with key stakeholders by assuring the quality of the information in their non-financial reports, according to new guidance published by ECIIA – the European Confederation of Institutes of Internal Auditing.
The paper says companies that adopt an integrated approach to assess their financial, environmental, social and other activities will benefit most.
“Internal audit has a crucial role to play in this respect,” Thijs Smit, ECIIA President, says. “That is because it is in a unique position to provide a helicopter view of an organisation and help develop a forward-thinking strategy on these issues.”
The paper demonstrates how internal audit provides assurance over both financial and non-financial information. That includes assurance on the systems, policies and controls supporting the production of such information – specifically in the areas of sustainability activities and reporting, and non-financial communication.
As a result, internal audit can assure boards on the quality of information contained in reports on non-financial issues and build trust with key stakeholders.
All large companies will need to report on the non-financial aspects of their operations under the Directive, which has been voted on by the European Parliament and will be implemented into national laws by 2017. The European Commission is organising workshops in those countries for the transposition of the Directive into national laws.
ECIIA Activity report: deepening governance community in Europe
ECIIA worked hard in 2016 to deepen its links with both the broader European governance community and its member institutes, according to its most recent Activity Report.
The Confederation strengthened its co-operation with rule-setters at the European Banking Authority, the European Central Bank and the European Commission through a series of consultations on internal audit guidance.
“We have played a very active part in promoting the value of internal audit in corporate governance structures this year,” Henrik Stein, ECIIA President, says. “That has included participating on working groups on non-financial reporting, for example, and making sure internal auditors’ voices are heard in important consultations.”
In addition, ECIIA strengthened its relationships with other professional bodies. That has included co-hosting events with the European Confederation of Directors’ Associations and the Federation of European Risk Management Associations.
“It is very important that the bodies involved in European corporate governance understand one another and share best practice and thought leadership,” Stein says. “I’m happy to say that collaboration between the different groups is growing stronger by the year.”
The Board and member representatives reformed the ECIIA’s Governance model, producing new Articles of Associations, which were approved at the Extraordinary General Assembly in October. In addition, two extended Board meetings with ECIIA member Chief Executive Officers helped reinforce the strong bonds between all parties.
The European Confederation of Institutes of Internal Auditing strengthened its governance structure by creating both an audit committee and nomination committee at it General Assembly in Stockholm, Sweden this month.
“Our organisation promotes good governance through internal audit,” Henrik Stein, who continues as ECIIA President, says, “so it is entirely appropriate that we continue to improve our own structures to ensure we are well placed to continue our leadership role in this area.”
The ECIIA’s board approved new articles of association and internal regulations at the meeting. It also elected three new members to its management board: Verra Marmalidou, President of IIA Greece and Deputy Director of Internal Audit at NBG Group; Tomás Pivonka, Chairman of the Board at IIA Czech Republic and Chief Audit Executive at the European energy company CEZ; and, Gabriell Rudolf von Rohr, Chairman of the Board of IIA Switzerland and Director of Cantonal Financial Control in Solothurn. Martin Stevens stepped down from the Board at the end of his mandate.
ECIIA Board members elected to the audit committee comprise Nobert Wagner (Chief Executive Officer, IIA Austria), Hans Nieuwlands (Chief Executive Officer, IIA Netherlands, continues for two years in this role following his election in 2015), Linda Lundin (Chief Executive Officer, IIA Sweden).
ECIIA Board members elected to the nomination committee comprise ECIIA President Henrik Stein, Melvyn Neate from IIA UK and Ireland, and Ellen Brataas, Chief Executive Officer, IIA Norway.
Non-financial reporting proposals move a step closer
The European Commission’s DG FISMA has provided greater clarity over the likely content of its proposed guidelines on non-financial reporting, following meetings with ECIIA in September.
Officials at the directorate have confirmed non-financial reporting mechanisms should form part of the overall management reporting system, and that its scope should be similar to existing rules on financial disclosure. In addition, businesses will be encouraged to comment on the effectiveness of their corporate governance framework, and to publicly describe their principal risks and how they are being managed and mitigated.
“We have had constructive dialogue with officials at DG FISMA and emphasised the need for good risk management and internal controls,” ECIIA President Henrik Stein said. “Internal auditors have a critical role to play in the reliability of their organisation’s non-financial reporting because without timely and accurate information Boards and other stakeholders will be unable to depend on the reports’ contents.”
The directorate agreed that providing assurance on an organisation’s non-financial mechanisms was important, but has not specified the exact process for achieving that aim because, it said, that was beyond the scope of the current directive. Under the guidelines, external auditors will provide limited assurance by confirming that the organisation has prepared such a report.
“This is a great opportunity for internal auditors to provide leadership by helping the Board achieve the levels of assurance they need over their non-financial reporting systems,” Stein said.
The Directive should be finalised by end of December 2016 and the detailed guidance completed by end of December 2017.
Read more on the expected details of the directive here.
Internal audit’s central role in the future of corporate reporting
Internal audit has a central role to play in the future of corporate reporting as an adviser on, and a builder and consolidator of the reporting process itself, according to the ECIIA’s response to a consultation on the issue by the Federation of European Accountants (FEE).
“Internal audit adds value to corporate reporting by providing an informed and independent review on processes, risks and controls,” ECIIA President Henrik Stein said in the confederation’s formal response to FEE.
In the future, developing integrated thinking would be critical if organisations were to be able to present a coherent and comprehensive picture of their long-term strategy and performance, he said. This would require the creation of cross-functional teams, which would include all key areas within the organisation.
He said organisations needed to adopt clear and unambiguous assurance models to report effectively.
“It is necessary for internal and external assurance providers to form a common view on issues of relevance, materiality, accuracy and completeness,” he said. “Combined assurance is needed to achieve an informed view on whether reports are fair and balanced and also to improve efficiency.”
FEE has been consulting on how to evolve corporate reporting in a way that will keep pace with the developing economic reality and address the needs of a wider stakeholder audience.
Internal auditors can provide boards with help and assurance that the European Union’s new rules on tax reporting have been properly implemented in their enterprises, according to speakers at a recent co-hosted ECIIA event at the European Parliament on the issue.
“As the third line of defence in organisations, and depending on the maturity of the taxes processes, internal audit may provide assurance about tax reporting, or function as an adviser,” Silvio de Girolamo, Chief Audit Executive at Italy’s Autogrill, said at the breakfast meeting, which was organised by the confederation in conjunction with the Federation of Risk Management Associations.
He said internal auditors would be able to coordinate their work with chief risk officers and tax managers to ensure controls around tax reporting were complete and effective. This would also help minimise the duplication of the effort needed to comply with the new provisions.
Jonathan Blackhurst, Head of Risk Management at Capita (UK) told delegates that getting it right would be important because the rules would increase reputational risk. “It will be a challenge to determine whether or not the public will believe that you have paid enough tax or not, as figures can be sensationalised when taken out of context,” he said.
The idea behind so-called country-by-country reporting is to get citizens closer to businesses and to restore trust, Jean-Philippe Rabine, European Commission DG FISMA explained to attendees at the event. The rules are meant to ensure that profits earned in any one country are taxed at the local rate, rather than allowing companies to aggregate their profits across all of the European countries in which they operate and have them taxed in a jurisdiction of their choosing.
MEP Evelyn Regner, Shadow Rapporteur on the directive and MEP Jeppe Kofod also attended the meeting.
The European Commission is proposing a one-year implementation period for all member states and between half a year and one year for businesses. The first Country-by-Country Reporting can be expected by fiscal year 2018.
European Parliament Committee on Legal Affairs recently reported that the rules for country-by-country tax reporting had not been included in the transparency legislation intended for institutional investors and asset managers, but expects the matter to be resolved shortly.