Brian May, chair of the audit committee
Much of the work of the committee is necessarily targeted at the regulated activities of UUW, which represent over 98 per cent of group revenues.
- Brian May has chaired the committee since July 2013. He is a serving finance director of a FTSE 100 company and chartered accountant and is considered by the board to have recent and relevant financial experience
- Other regular attendees at meetings include the Chairman, the CEO, the CFO, the company secretary, the head of audit and risk, the group controller, and representatives from the external auditor KPMG LLP (KPMG)
- KPMG and the head of audit and risk both have time with the committee to raise freely any concerns they may have without management being present
- The committee is authorised to seek independent advice as it sees fit, but has not done so during the year
Terms of reference – corporate.unitedutilities.com/corporate-governance
FRC Audit Quality Inspection Report 2015 – frc.org.uk/Our-Work/Publications/Audit-Quality-Review/Audit-Quality-Inspections-Annual-Report-2014-15.pdf
Audit committee members
Brian May (chair)
Dr Catherine Bell
board of directors' biographies
This year we are reporting fully against the 2014 Code, and the terms of reference of the committee have been amended accordingly. Both the Code and the Competition and Market Authority's Statutory Audit Services Order (the Order)* cites the responsibility for the process and implementation of auditor appointment to rest with the audit committee and that FTSE 350 companies should put the external audit contract out to tender at least every 10 years.
Notwithstanding the mandatory 10 year rule, the Order requires that a company, that has not competitively tendered its audit services contract in the previous five years, should explain in the fifth (and subsequent years) why this is in the best interests of the company's shareholders. A tender process for statutory audit services was last conducted in 2011, resulting in a change of auditor. KPMG commenced their appointment as auditor and presented their first report to shareholders for the year ended 31 March 2012. The committee has reviewed the auditor appointment, as the 2016 year end audit has been KPMG's fifth consecutive year in office as statutory auditor. The committee concluded that it was in the best interests of shareholders not to competitively tender the statutory audit at this time given the satisfactory performance of KPMG throughout their current tenure, and the need for the auditor to be familiar with the business throughout the period leading up to the next price review in 2019. Furthermore, given 2015/16 is KPMG's fifth year as auditor, the lead audit partner will rotate for the year ended 31 March 2017. In accordance with the Order, the matter will be kept under review and reported upon annually, but it is the current intention that a competitive tender would next be conducted for the financial year ended 31 March 2022. United Utilities has complied fully with the provisions of the Order for the year ended 31 March 2016. Further information can be found below.
Although audit committees have specific responsibilities rooted in reviewing the group's financial statements and reviewing the internal assurance work and external audit of those financial statements, the committee also reviews the internal control and risk management processes, leaving the review of the significant risks to be undertaken by the board. During the year, the board engaged an independent review of the business risk management framework which was considered to be satisfactory but recommended a number of actions to enhance the process (see Corporate governance report continued - code principles). A long-term viability statement was first published in our 2015 annual report; the processes of assurance supporting our 2016 statement have been considered and enhanced.
Much of the work of the committee is necessarily targeted at the regulated activities of UUW, which represent over 98 per cent of group revenues and is a reflection of our commitment to safeguarding the interests of our customers.
We express our thanks to Catherine Bell, who is stepping down from the board and the committee at the AGM, for her valuable contribution, and look forward to working with Alison Goligher when she takes up her appointment and joins the committee.
We have again worked to enhance this report and make it more informative for the reader and we continue to be committed to providing meaningful disclosure of the committee's activities. As chair of the audit committee, I am committed to ensuring that the committee's agenda is kept under review and keeps abreast of relevant developments.
The following report was approved by the committee at its meeting held on 18 May 2016.
Chair of the audit committee
*The Statutory Audit Services for Large Companies Market Investigation (Mandatory Use of Competitive Tender Processes and Audit Committee Responsibilities) Order 2014.
Main responsibilities of the committee
- Make a recommendation to the board for the appointment or reappointment of the auditor, and to be responsible for the tender of the audit from time to time and to agree the fees paid to the auditor
- Establish policies for the provision of any non-audit services by the auditor
- Review the scope and the results of the annual audit and report to the board on the effectiveness of the audit process and how the independence and objectivity of the auditor has been safeguarded
- Review the half-year and annual financial statements and any announcements relating to financial performance, including reporting to the board on the significant issues considered by the committee in relation to the financial statements and how these were addressed
- Review the scope, remit and effectiveness of the internal audit function and the group's internal control and risk management systems
- Review the group's procedures for whistleblowing, reporting fraud and other inappropriate behaviour and to receive reports relating thereto
- Report to the board on how it has discharged its responsibilities
What has been on the committee's agenda during the year
The committee has an extensive agenda of items of business which it deals with in conjunction with senior management, the auditor, the internal audit function and the financial reporting team. There were four scheduled meetings of the committee during the year. Items of business considered by the committee during the year included:
- considering the issues and findings brought to the committee's attention by the internal audit team and satisfying itself that management has resolved or is in the process of resolving any outstanding issues or concerns;
- reviewing the assurance work undertaken by internal audit relating to: the content of the regulatory business plan and the processes supporting the preparation of the plan; and the annual regulatory reports;
- reviewing the reports from the financial reporting team on the financial statements, including the UUW financial statements and other regulatory reports, and considering matters such as the accounting judgements and policies being applied;
- reviewing the proposed audit strategy for the 2015/16 statutory audit, including the level of materiality applied by KPMG, audit reports from KPMG on the financial statements and tasking management to resolve any issues relating to internal controls and risk management systems;
- reviewing the going concern and longer term viability assessments prior to making its recommendations to the board and the assurance provided in undertaking the viability assessment;
- an annual review and approval of the policy on non-audit services provided by the auditor including the continued use during 2015/16 of Makinson Cowell (a subsidiary of KPMG) and the services provided by other accounting firms to the group during the year;
- reviewing the need for, and timing of, the tender for statutory audit services;
- monitoring incidents of whistleblowing and fraud reporting;
- biannual oversight and monitoring of the group's compliance with the Bribery Act which the board reviews annually;
- overseeing and approving the strategic internal audit planning approach and reviewing reports on the work of the internal audit function from the head of audit and risk. A new system of grading for internal audit reports was introduced during the year;
- an externally facilitated review of the business risk management framework was commissioned by the board in response to the Lancashire water quality incident;
- reviewing the requirements and implications for United Utilities of the European Union Audit Directive and Audit Regulation as published in May 2014 and due to come into force in the UK from 17 June 2016;
- reviewing the quality and effectiveness of internal audit; and
- reviewing the committee's terms of reference and the conclusions of the committee's annual evaluation. The internally facilitated evaluation was undertaken as part of the overall board evaluation. The review explored: time management and the composition of the committee; the committee's processes and support; and the agenda and work of the committee. It was concluded that the committee was effective.
How we assessed whether 'the annual report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the company's position and performance, business model and strategy'
The committee, further to the board's request, has reviewed the annual report and financial statements with the intention of providing advice to the board on whether, as required by the Code, 'the annual report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the company's position and performance, business model and strategy'.
To make this assessment, all members of the committee received copies of the annual report and financial statements to review during the drafting process to ensure that the key messages being followed in the annual report were aligned with the company's position, performance and strategy being pursued; and that the narrative sections of the annual report were consistent with the financial statements. The significant issues considered by the committee in relation to the financial statements were consistent with those identified by the external auditor in their report.
The visual presentation of the company's business model has been reformatted to make it more understandable for the reader and there are clear linkages to the company's strategic objectives throughout the document.
The committee concluded that the key performance indicators (KPIs) included in the strategic report were, amongst others, those used by management and reflected the measures to be monitored by Ofwat during the 2015–20 period.
In addition, the committee was satisfied that all the key events and issues which had been reported to the board in the CEO's monthly report during the year, both good and bad, had been adequately referenced or reflected within the annual report.
How we assessed the effectiveness of the external audit process
The committee, on behalf of the board, is responsible for the relationship with the external auditor, and part of that role is to examine the effectiveness of the audit process.
Audit quality is a key requirement. Prior to the statutory audit, at the half-year, KPMG presented the strategy and scope of the audit for the financial year, highlighting any areas requiring special consideration. KPMG then reported against this audit scope at subsequent committee meetings.
On completion of the audit at the full-year, all members of the committee, as well as key members of the senior management team and those who regularly provide input into the audit committee or have regular contact with the auditor, were required to complete a questionnaire seeking their views on how well KPMG performed the year-end audit. Views of the respondents were sought in respect of: the robustness of the audit process; the quality of the delivery of the audit; the expertise of the audit team conducting the audit and that the degree of professional scepticism applied by the auditor was appropriate; the appropriateness of the communication between the committee and the auditor in terms of technical issues; the quality of the service they gave; and their views on the quality of the interaction between the audit partners, audit manager and the company. The feedback was collated and presented to the committee's meeting in November 2015, at which the conclusions were discussed and any opportunities for improvement brought to the attention of the external auditor.
Private meetings are held at each committee meeting between the audit committee and the representatives of the external auditor without management being present in order to encourage open and transparent feedback by both parties.
The committee concluded that the overall external audit process and services provided by KPMG were satisfactory and effective.
How we assessed the independence of our external auditor
There are two aspects to auditor independence that the committee monitors.
First, in accordance with the Auditing Practices Board Ethical Standards, KPMG has to implement rules and requirements such that none of its employees working on our audit can hold any shares in United Utilities Group PLC. KPMG is also required to tell us about any significant facts and matters that may reasonably be thought to bear on its independence or on the objectivity of the lead partner and the audit team. The lead partner must change every five years and the quality review partner, who reviews the judgements of the audit team actually doing the audit, rotates every seven years along with the key audit partner.
Secondly, the committee considers and approves all the fees that it pays for audit, audit-related and non-audit services from KPMG. KPMG is prohibited from providing certain services to the group, such as operational consulting, internal audit services and strategic planning support, as it is felt that these types of services could impede their independence. Furthermore, auditor independence is also safeguarded by limiting the value of non-audit services performed by the external auditor, which should not ordinarily exceed 100 per cent of the audit fee. The committee has discretion in exceptional circumstances or where a compelling commercial justification can be provided for this cap on non-audit fees to be exceeded. The CFO can pre-approve expenditure in respect of non-audit services, such as tax compliance work, of up to £100,000. Thereafter, any fees for non-audit services up to 100 per cent of the audit fee cap can be approved by the committee chair. Any such fees are reported to the committee for review.
For a number of years, the group has engaged the consultancy firm Makinson Cowell to provide it with investment research and advice. As reported in the 31 March 2014 annual report, Makinson Cowell was acquired by KPMG in June 2013; therefore, the fees paid to Makinson Cowell are included in the total of 'other non-audit services' paid to KPMG (see the bar chart below). As part of the annual review by the committee of the non-audit services policy the engagement of Makinson Cowell was considered. The committee took into account the board's satisfaction with the services provided by Makinson Cowell and concluded that it was appropriate for their services to be retained for the year ended 31 March 2016. The committee will review its policy and the content of the company's list of non-audit services that the statutory auditor is not able to provide when the outcome of the FRC's consultation on the implementation of the EU Audit Directive and Audit Regulation becomes available, which applies to financial years starting on or after 17 June 2016.
As part of UUW's licence conditions it is required to prepare audited regulatory accounts, which are derived from the statutory financial statements. Given the audit of the statutory financial statements is already undertaken by KPMG, there are efficiencies and cost savings if KPMG also audits the regulatory accounts. Fees paid to KPMG also include audit-related services in relation to UUW regulatory assurance work as shown in the bar chart below.
Taking into account our findings in relation to the effectiveness of the audit process and in relation to the independence of KPMG, the committee was satisfied that KPMG continues to be independent, and free from any conflicting interest with the group. As a result, the committee recommended to the board that KPMG be proposed for reappointment at the forthcoming AGM in July 2016. There are no contractual obligations that restrict the committee's choice of external auditor and no auditor liability agreement has been entered into.
Fees paid to KPMG (£'000)
- The fees paid to KPMG for statutory audit services were higher in 2015 than the prior year reflecting the additional work required due to the restatement of UUW's prior year financial statements on adoption of IFRS during 2014/15.
- The fees paid to KPMG for other non-audit services were higher in 2015 than the prior year reflecting the additional work that KPMG undertook relating to the price review submission. KPMG Consulting was identified as one of the few firms with the capability to undertake the work required within the extremely tight timescales required.
- The fees paid to KPMG for statutory audit-group and company fees were higher in 2016 than the prior year due to the additional work relating to the joint venture with Severn Trent.
- The fees paid to KPMG for regulatory reporting and assurance were higher in 2016 than the prior year reflecting the new regulatory reporting requirements of the 2015–20 period.
- The fees paid to KPMG for audit-related services in 2016 were higher than the prior year to reflect agreed upon procedures on the new Ofwat performance report.
The Order (see above) promotes audit tendering every five years through a 'comply or explain' requirement with mandatory tendering after 10 years. It is the responsibility of the committee to undertake such a review.
As part of its audit tender review, the committee took into consideration, amongst other things, audit quality, auditor independence, the cost of the audit and the likely cost and time involved in a tender process. It also reviewed when the most appropriate point in the regulatory cycle would be to conduct an audit tender, given the benefits of having an experienced audit team in place in the run-up to the next price determination.
The committee's view was that the quality of the audit received from KPMG was satisfactory. This view was informed by the review of the effectiveness of the external audit process (see above) and by reference to the FRC's May 2015 Audit Quality Inspection report of KPMG and its peers (see website address above). It was concluded that KPMG demonstrated an independent approach and operated in accordance with the Ethical Standards of the Auditing Practices Board ('APB ethical standards', see above). In accordance with APB ethical standards, the lead audit partner must change every five years. As a result, the lead audit partner will be replaced for the 2016/17 financial statements with a partner with relevant audit experience of other FTSE 100 utility companies. Furthermore, the committee agreed that the fee charged for auditing services was competitive and represented value for money, and that it would not be efficient use of the committee's time, nor associated cost to the company, to conduct a tender process for the audit services contract.
The committee concluded that it is the current intention that a competitive tender would next be conducted for the financial year ended 31 March 2022.
Significant issues considered by the committee in relation to the financial statements and how these were addressed
In relation to the group's financial statements, the committee reviewed the following principal areas of judgement (as noted in the accounting policies):
Capitalisation of fixed assets
Fixed assets represent a subjective area, particularly in relation to costs permitted for capitalisation and depreciation policy.
- The committee reviewed the recovery of the capital overhead rate which management has applied during the year and which the committee had approved in the previous year for the next five-year regulatory period. The capital overhead rate historically has been established at the commencement of each five-year regulatory period and is applied as a percentage of capital expenditure to charge certain capital overhead costs to capital projects. Management reported the forecast recovery across the five-year period based upon budgeted capital expenditure and demonstrated that the rate still remained appropriate.
Revenue recognition and allowance for doubtful receivables
Due to the nature of the group's business, the extent to which revenue is recognised and doubtful customer debts are provided against is an area of considerable judgement and estimation.
- The committee reviewed the current levels of doubtful debt and credit note provisioning (see note 14 for more detail). The committee challenged management over the adequacy of the overall levels of provisioning following these reviews and was satisfied that the resulting net debtor balance was appropriate.
Provisions and contingencies
The group makes provisions for contractual and legal claims which by their nature are subjective and require management to arrive at a best estimate as to the probable outcomes and costs associated with each individual case.
- The committee received regular updates on new and existing claims being made against the group and the extent to which these have been provided for (see note 20 for details). The committee focused its attention on the more significant items and discussed the judgements made by management in arriving at appropriate provisions in relation to these matters.
- Based upon the facts behind each provision and taking account of any relevant legal advice that may have been received as well as the past experience of management in making such provisions and challenging where necessary the views taken by management and through the assurance provided by KPMG who cover these as part of their audit, the committee concluded that the provisions management had made were appropriate.
The group's defined benefit retirement schemes are an area of considerable judgement and the performance and position of which is sensitive to the assumptions made.
- The committee reviewed the methodology and assumptions used in calculating the defined benefit scheme surplus (see note A5 for more details). The group employs the services of an external actuary to perform these calculations and determine the appropriate assumptions to make. KPMG presented a report showing how the assumptions applied compared to their client base. After considering the above, the committee concluded that the approach taken and assumptions made were appropriate and fairly balanced in determining the net retirement benefit surplus.
- The committee sought from management an understanding as to the factors which led to the significant increase in the IAS 19 net retirement benefit surplus during the period and noted that the scheme specific funding basis had not been impacted by this volatility. Management presented an explanatory note (see note A5) in order to communicate most effectively what is a complex area for the benefit of the group's stakeholders. The committee was satisfied with the explanations provided by management.
Derivative financial instruments
The group has a significant value of swap instruments, the valuation of which is based upon models which require certain judgements and assumptions to be made. Management performs periodic checks to ensure that the model derived valuations agree back to third party valuations and KPMG checks a sample against its own valuation models. It was confirmed to the committee that such testing had been undertaken during the year and there were no significant issues identified.
The committee considered the tax risks that the group faces and the key judgements made by management underpinning the provisions for potential tax liabilities and deferred tax assets. In addition, the committee took account of KPMG's assessment of these provisions. Based upon the above, the committee was satisfied with the judgements made by management.
Underlying operating profit adjustments
During the year the committee considered and challenged management's treatment of items as adjustments to underlying operating profit which resulted in management enhancing and further clarifying its existing policy in this area. The committee approved management's revised policy on underlying operating profit adjustments and satisfied itself that those items being reported as adjustments met the requirements of the revised policy. A summarised version of the policy is shown on the KPIs page.
The main features of the group's internal controls and risk management systems are summarised below:
a. Internal audit function
The internal audit function is a key element of the group's corporate governance framework. Its role is to provide independent and objective assurance, advice and insight on governance, risk management and internal control to the audit committee, the board and to senior management. It supports the organisation's vision and objectives by evaluating and assessing the effectiveness of risk management systems, business processes and key internal controls.
In addition to reviewing the effectiveness of these areas and reporting on aspects of the group's compliance with them, internal audit makes recommendations to address any key issues and improve processes. Once any recommendations are agreed with management, it monitors their implementation and reports to the committee on progress made at every meeting.
A five-year strategic audit planning approach has been developed and adopted during the previous year. This now facilitates a more efficient deployment of internal audit resource in providing assurance coverage over time across the whole business, as well as greater variation in the nature, depth and breadth of audit activities. Following approval by the audit committee, this strategic approach supports the annual audit plan, which is then endorsed by management, and which the committee also approves. The plan focuses the team's work on those areas of greatest risk to the business. Building on the strategic planning approach, the development of the plan considers risk assessments, issues raised by management, prior audit findings and a cyclical review programme. The in-house team is expanded as and when required with additional resource and skills sourced from external providers – primarily PwC at present. The committee keeps the relationship with PwC under review to ensure the independence of the internal audit function is maintained. In the course of its work, the internal audit function also liaises with the statutory auditor, discussing relevant aspects of their respective activities which ultimately supports the assurance provided to the audit committee and board.
The effectiveness of the internal audit function's work is continually monitored using a variety of inputs including the ongoing audit reports received, the audit committee's interaction with the head of audit and risk, an annual review of the department's internal quality assurance report, annual stakeholder surveys in which committee members also participate as well as any other periodic quality reporting requested. In addition, during 2015, the quality and effectiveness of the internal audit function was externally assessed. Following this assessment, the committee concluded that the internal audit function was effective and appropriate resources were available as required.
Internal audit, led by the head of audit and risk, covers the whole of the group's activities and reports to the committee and functionally to the CFO. The head of audit and risk attends all scheduled meetings of the audit committee, and has the opportunity to raise any matters with the members of the committee at these meetings without the presence of management. He is also in regular contact with the chair of the committee outside of the committee meetings.
b. Risk management systems
The committee receives updates and reports from the head of audit and risk on activities relating to the company's risk management systems and processes at every meeting. These are then reported to the board, as appropriate. The group designs its risk management activities in order to manage rather than eliminate the risk of failure to achieve its strategic objectives.
The CFO has executive responsibility for risk management and is supported in this role by the head of audit and risk and the corporate risk manager and his team. The group audit and risk board (GARB) is a sub-committee of the executive team. The GARB meets quarterly and reviews the governance processes and the effectiveness and performance of these processes along with the identification of emerging trends and themes within and across the business. The work of the GARB then feeds into the information and assurance processes of the audit committee and into the board's assessment of risk exposures and the strategies to manage these risks.
Supplementing the more detailed ongoing risk management activities within each business area, the annual business unit risk assessment process (BURA) seeks to identify how well risk management is embedded across the different teams in the business. The BURA involves a high level review of the effectiveness of the controls that each business unit has in place to mitigate risks relating to activities in their business area, to encourage the identification of new and emerging risks and generally to facilitate improvements in the way risks are managed. The outcome of the BURA process is communicated to the executive team and the board. This then forms the basis of the determination of the most significant risks that the company faces which are then reviewed by the board. During the previous year, new risk management software was developed and has now been implemented across the business to further enhance the company's risk management process.
In addition, during 2015/16, the quality and effectiveness of the risk management process was externally assessed. The external assurance was sought as part of the internal investigation of the Lancashire water quality incident. The scope of the assessment examined whether the existing risk management framework was effective in identifying and assessing risk; whether employees (as appropriate) have the necessary capabilities, knowledge and resource to use the risk management processes effectively; and whether the mitigation and management of risk at a strategic and tactical level were effective.
The independent review concluded that the risk management framework was robust and reflected best practice and there was active engagement with risk management by senior management, the executive team and the board but could be strengthened. Following this assessment, the board will be responsible for ensuring that the recommendations are implemented including: the need for centralisation of the drinking water safety plans within wholesale to aid consistency; improved application of the risk management process; further embedding existing risk management processes within wholesale and improving system integration; and increasing the focus on reputational and operational risks.
c. Internal controls
The committee reviews the group's internal control systems and receives updates on the findings of internal audit's investigations at every meeting, prior to reporting any significant matters to the board. Internal control systems are part of our 'business as usual' activities and are documented in the company's internal control manual which covers financial, operational and compliance controls and processes. Internal control systems are the responsibility of the CFO, with the support of the GARB, the financial control team and the internal audit team, although the head of audit and risk and his team are directly accountable to the audit committee.
Confirmation that the controls and processes are being adhered to throughout the business is the responsibility of managers, but is continually tested by the work of the internal audit team as part of its annual plan of work which the committee approves each year as well as aspects being tested by other internal assurance providers. Compliance with the internal control system is confirmed annually by the completion of a self-assessment checklist by senior managers in consultation with their teams. The results are then reviewed and audited on a sample basis by the internal audit team and reported to the committee.