ABB Bank Ltd (ABB Ltd) is a listed company. It has been given a substantial fine by the Central Bank for serious breaches of the banking regulations and, in the same month, the bank reported that it had suffered large losses because of unauthorized dealings in financial derivatives by a manager in its treasury department. The company’s reported profits for the previous financial year were over-stated because of these losses.
The chairman of the audit committee of ABB Ltd has resigned, accepting responsibility for failures by the committee. A newly-appointed director has been made chairman of the audit committee. He has called a meeting with you the Finance Director. The purpose of the meeting is to review financial reporting and internal control, with a view to making recommendations to the board. ABB Ltd does not have a strong internal audit function and the company has been using the same firm of external auditors since it acquired its listing 8 years ago.
Required:
a) Explain the role and responsibilities of the audit committee of ABB Ltd with regards to:
i) The external audit of the company’s financial statements; and (6 marks)
View Solution
- The audit committee should monitor the integrity of the company’s financial statements. This requirement means that the audit committee has responsibilities regarding the external audit.
- The committee, in consultation with the auditors, review the findings of the audit. At the end of the audit cycle it should assess the effectiveness of the audit. This assessment should include considering the way in which they have treated key accounting judgements and also obtaining feedback about their conduct from people within the company such as the finance director.
- The audit committee should make recommendations to the board in relation to the appointment, re-appointment or removal of the company’s external auditors, whose annual appointment is put to the shareholders for approval in general meeting of the company. The committee should also approve the remuneration and terms of engagement of the external auditors that have been negotiated with the auditors by management.
- The audit committee should also review and monitor the independence of the external auditors, and the objectivity and effectiveness of the audit process. Regarding auditor independence, the committee should also develop and implement the company’s policy on using the external audit firm for non-audit work, consistent with the ethical guidelines of the auditing profession.
- The audit committee should review the reasons why the fraud by the employee in the treasury department was not identified, and whether the external auditors may have been at fault in any way in failing to identify the problem. Although the auditors do not have responsibility for preventing and detecting fraud, they might be expected to identify and report suspicions of fraud that are uncovered during the audit. (Any 3 points)
ii) The internal control system and internal audit function (6 marks)
View Solution
- The audit committee should review the company’s internal financial controls and, unless addressed by the board as a whole or by another board risk committee consisting of independent directors, it should also review the company’s internal control system.
- If the company does not have an internal audit function or a weak internal audit function, the audit committee should consider each year whether there is a need for such a function and make a recommendation to the board. The reasons for not having an internal audit function should also be explained in the report of the audit committee to the shareholders in the annual report.
- The audit committee should also review the adequacy of the whistle-blowing arrangements in the company.
(Any 3 points)
b) In relation to the possible failures in internal controls that have occurred, suggest FOUR (4) changes that might be recommended to the board at the next board meeting. (8 marks)
View Solution
- ABB Bank Ltd has experienced some events that could be attributable to weak internal controls. The fine for breach of environmental regulations may be due to failure by company employees to apply appropriate procedures, or there may be inadequate procedures within the company to ensure compliance with the regulations. Management should maintain a proactive approach to identifying vulnerabilities unique to their organization and implement effective and efficient internal controls to help prevent serious breaches of the banking regulations.
- The fraud by the employee may have been made possible by lax financial controls, and possibly also inadequate whistle-blowing procedures that encourage employees to report suspicions of wrongdoing in confidence. There should be separation of duties involving the custody of assets, authorization of transactions affecting those assets and recording/reporting of related transactions. The underlying theory of separation of duties is that a single employee should not be in a position to both commit and then conceal fraudulent activities.
- The adequacy of the company’s internal controls should therefore be reviewed as a matter of some urgency. It is possible that the audit committee has failed in its responsibilities in this respect, but the board may be prepared to allow the new chairman of the audit committee to lead the investigation.
- The investigation should be conducted by individuals who are independent of operational management. The audit committee should also be asked to review, in the light of any failings in internal control, whether the company should establish an internal audit function.