“Sustainability is the issue of the day and will impact reporting for sure in terms of IFRS and the promotion of a sustainable economy,” John Berrigan, deputy director general of DG Fisma, said. The European Corporate Reporting Lab was created this year to help to identify best practices for non-financial reporting, he said.
Berrigan added that the review would look at making corporate reporting more efficient and that technology would be a key driver for creating better access to a wide range of stakeholders.
These themes were picked up in a panel discussion at the event.Oliver Boutellis-Taft, CEO Accountancy Europe, Marina Brogi, Professor in the department of management at Sapienza University of Rome, Karim Hajjar, CFO at the materials company Solvay and V. Willems of SG SME Unitedsaid that while reform was needed, any changes should not endanger what had already been achieved.
They also noted that the difference between financial and non-financial reporting information was not as clear cut as it used to be, which made the case for integrated thinking and reporting stronger. A further panel discussion explored the opportunities that digitalisation could bring to corporate reporting.
“Management needs to put a system in pace to create such non-financial data,” the panel concluded. “These processes can be checked by the auditors and the audit regulators need to ensure it can be measured.”
Internal auditors have a clear role to play in providing assurance that the data collated by such systems is comprehensive and accurate.
“An organisation’s ability to report effectively on the social, economic and environmental impacts is dependent on its management system’s reliability,” Farid Aractingi ECIIA President said. “Internal audit is in a unique position to provide assurance those systems are delivering information that both the organisation and its various stakeholders can have confidence in.”
The European Commission (EC) is planning to update its non-binding guidance on how to implement the Non-Financial Reporting Directive and set out proposals for consultation in June 2020. The directive, which affects about 6000 companies in Europe, sets out how organisations can effectively communicate the environmental, social and ethical impacts of their behaviour to stakeholders.
Delegates heard how businesses in different countries had sought to implement the directive. In Germany, for example, companies had used a broad variety of formats to report non-financial data. In addition, 81% of companies had their statements audited with limited assurance, with only half publishing an audit certificate in this area, according to a recent study. A separate study examining 80 companies based in France, Germany and the UK, suggested that while almost all reported on their non-financial reporting policies, there was a lack of connection between the policies and outcomes, key performance indicators and risk .
Finally, the EC presented the results of its own initial consultation on how the directive is being implemented. “Some factors are affecting the effectiveness of the directive include the flexibility of the framework, the materiality definition and the assurance process of the information,” according to Tom Dodd, the B3 policy case officer for corporate transparency.
“While the implementation of the directive is still in its early phases across Europe, it is already clear that companies are struggling with the providing assurance that the data that goes into their non-financial reports is robust and reliable,” Farid Aractingi, ECIIA President, says. “That is clearly an area that internal auditors can help with because of their unique oversight role in their organisations.”
ECIIA has already advocated to DG FISMA that businesses adopt the three lines of defence model of corporate governance. Under the model, the first and second lines of defence are responsible for internal controls and risk management, while internal audit provides independent assurance that those systems are well-designed and functioning properly. “The model puts internal auditors in an ideal position to assist companies in ensuring accuracy in non-financial reporting,” Aractingi says.
Internal auditors playing greater role in insurance regulation
Insurance regulators and supervisors across Europe are increasingly looking to internal auditors to help their organisations achieve the necessary compliance requirements, according to a recent meeting of ECIIA’s insurance committee in Stockholm, Sweden.
While trends in supervision and regulation differ across Europe, many authorities are looking for insurers to strengthen their risk-based approach to compliance. Businesses are also expected to be more forward-looking in their risk analyses.
In some European jurisdictions, supervisory bodies are relying more on internal audit reports than in others. That has led to some regions considering tougher sanctions against internal audit functions if they fail to produce audit reports that are robust and accurate, and it emphasizes the need to define the relation between internal auditors and the supervisory bodies.
The committee identified emerging trends in artificial intelligence, business continuity, data science, IT security, liquid assets, money laundering and outsourcing.
“Clearly, internal auditors in the insurance sector have an increasingly important role to play in helping their organisations satisfy regulatory and supervisory requirements,” ECIIA insurance committee Hervé Gloaguen says. “Our committee is working on a publication that outlines these shifting priorities to keep our members up to date with recent developments.”
Since statutory auditors in Europe – with the exception of those in Italy and the UK – do not check the content of non-financial reporting, directors may be unaware that they are revealing competitive information. Since an estimated 80% of companies’ value is now intangible, such disclosure could have serious consequences.
“Getting the balance right on disclosure should boost competitive advantage rather than erode it,” Farid Aractingi, ECIIA President says. “There is clearly a potential gap in companies’ control systems that internal auditors are ideally placed to fill.”
Internal auditors have a unique oversight position as the third line of defence in organisations. That means they are ideally placed to help co-ordinate and provide assurance on the quality and relevance of information in non-financial reports.
The pressure on increased non-financial disclosure has been seen as part of a societal shift as stakeholders expect organisations to adopt more ethical and responsible strategies. Corporate governance has been responding to these shifts in expectations by expanding its remit to look at the environment, social justice issues and culture.
Boards need to be courageous if they are to rise to the challenge that these pressures.
ECIIA hosts the first European Forum for Internal Audit, Banking, Regulation and Supervision
ECIIA launched the inaugural meeting of the European Forum for Internal Audit, Banking, Regulation and Supervision in Frankfurt am Main between November 20 to 21, 2017.
“Good governance requires an effective and independent risk management function, including strong compliance and internal audit operations,” said Pentti Hakkarainen, Executive Director of the European Banking Authority, in a keynote speech at the event. “Internal audit needs sufficient standing, they must be independent from the other functions, and they require direct access to the board.”
Hakkarainen added that internal audit ensures that internal processes and risk management are functioning effectively. But while compliance was important, internal audit should aim at improving their institutions’ governance and business conduct. “Effective internal audits ensure sound governance and reduce operational risks,” he said.
“Supervisors and Internal auditors must work together for mutual benefit,” Henrik Stein, Chairman of ECIIA’s Banking Committee, said in his keynote speech. “Internal auditors should remain independent – including from supervisors.”
Stein stress the importance of independent, value-adding internal audit in order to achieve a safe and sound banking sector. Thierry Thouvenot, ECIIA Vice Chairman, said that further positive co-operation and more open communication across the industry creating a level playing field for banks, more trust in the sector and higher international standards in his closing remarks at the conference.
Representatives from EBA, ECB and 80 chief audit executives attended from SSM supervised banks.