AUDIT AND RISK COMMITTEE REPORT

The Clicks Group audit and risk committee is a formal committee of the board which functions within documented terms of reference and complies with all relevant legislation, regulation and governance codes.

The audit committee and the risk committee were amalgamated late in the financial year and the terms of reference of the combined committee have been approved by the board. The terms of reference are available on the group’s website and are also available on request to shareholders.

This report of the audit and risk committee is presented to shareholders in compliance with the requirements of the Companies Act (No. 61 of 1973, as amended).

Role of the committee

The audit and risk committee has an independent role with accountability to the board. The committee’s responsibilities include the statutory duties prescribed by the Corporate Laws Amendment Act, activities recommended by King lll and the responsibilities assigned by the board.

The responsibilities of the committee are as follows:

Financial reporting

  • Review the interim report and the annual financial statements and ensure compliance with International Financial Reporting Standards
  • Review and approve the appropriateness of accounting policies and disclosure policies
  • Consider the treatment of accounting issues, receive and deal with any complaints related to the accounting policies
  • Ensure no limitations are imposed on the scope of the internal and external audits
  • Ensure a co-ordinated approach to all assurance activities and significant risks is applied
  • Perform an oversight role on the group’s integrated reporting and consider factors and risks that could impact on the integrity of the integrated report
  • Review sustainability disclosure in the integrated report and consider external assurance of material sustainability issues

Finance function

  • Consider the appropriateness and expertise of the chief financial officer
  • Consider the appropriateness, expertise and adequacy of resources of the group’s finance function and experience of the senior finance management

Internal audit

  • Assess the effectiveness of internal controls
  • Oversee the functioning of the internal audit department, which reports to the audit and risk committee
  • Approve the internal audit plan

External audit

  • Confirm the nomination and appointment of the group’s auditor and be satisfied that the auditor is independent
  • Approve the terms of engagement and remuneration of the auditor
  • Ensure the appointment of the auditor complies with relevant legislation
  • Develop a policy for non-audit services which the auditor may provide and approve non-audit service contracts
  • Review the quality and effectiveness of the external audit process

Risk management

  • Review risk management policy and processes
  • Review the risk philosophy, strategies and policies
  • Ensure risk management is integrated into business operations
  • Ensure management considers and implements appropriate risk responses
  • Evaluate the basis and adequacy of insurance cover
  • Ensure internal audit is aligned with risk management processes
  • Identify emerging areas of risk
  • Ensure compliance with legislation, regulation and governance codes, including King lll
  • Identify areas of governance non-compliance and propose remedial action

Composition of the committee

The committee comprises three independent non-executive directors who are all suitably skilled, with at least one member of the committee having recent and relevant financial experience. The effectiveness of the committee is assessed as part of the annual board and committee self-evaluation process.

The following directors serve on the committee:

  • John Bester – Chairman
  • Fatima Jakoet
  • David Nurek

Biographical details of the committee members appear here.

King lII recommends that the chairman of the board should not be a member of the audit and risk committee. The chairman of the board, David Nurek, currently serves on the committee. The board has considered the issue and believes that the chairman’s skills, knowledge and experience allow him to make a significant contribution to the committee and the board has therefore recommended that he continues to serve on the committee.

Fees paid to the committee members are detailed and proposed fees for 2011 are disclosed here.

The chief executive officer, chief financial officer, group head of internal audit and senior management in the finance department attend meetings at the invitation of the committee, together with the external auditor.

The audit and risk committee also meets separately with the external and internal auditors, without members of executive management being present.

Internal audit

The internal audit function provides information to assist in the establishment and maintenance of an effective system of internal control to manage the risks associated with the business. The role of internal audit is contained in the internal audit charter. The charter was revised during the year to align with the recommendations of King lll.

Internal audit is responsible for the following:

  • Evaluating governance processes, including ethics
  • Assessing the effectiveness of risk management and the internal control framework (including IT governance and financial controls) in achieving
    • Operational effectiveness and efficiency
    • Safeguarding of assets
    • Reliability of financial reporting
    • Compliance with applicable laws and regulations
    • Sustainability
  • Reviewing the risk process annually in accordance with the annual audit plan and combined assurance model
  • Providing information on fraud, corruption, unethical behaviour and irregularities
  • Evaluating business processes and associated controls

The internal audit function is established by the board and its responsibilities are determined by the audit and risk committee. Administratively the group head of internal audit reports to the chief financial officer who in turn reports to the chief executive officer. The group head of internal audit has direct and unrestricted access to the chairman of the audit and risk committee. The group head of internal audit is appointed and removed by the audit and risk committee, which also determines and recommends remuneration for the position. The chairman of the audit and risk committee meets with the group head of internal audit on a monthly basis.

Internal control

Systems of internal control are designed to manage, rather than eliminate, the risk of failure to achieve business objectives and to provide reasonable, but not absolute, assurance against misstatement or loss.

While the board of directors is responsible for the internal control systems and for reviewing their effectiveness, responsibility for their actual implementation and maintenance rests with executive management. The systems of internal control are based on established organisational structures, together with written policies and procedures, and provide for suitably qualified employees, segregation of duties, clearly defined lines of authority and accountability. They also include cost and budgeting controls, and comprehensive management reporting.

The directors are satisfied that the control systems and procedures are suitably implemented, maintained and monitored on an ongoing basis by qualified personnel, with an appropriate segregation of authority, duties and reporting lines.

External audit

A review of the external auditor was undertaken by the board and four auditing firms were invited to tender for the audit for the 2010 financial year. Following this process, the board proposed the incumbent auditor KPMG Inc. for election as the group’s external auditor and this was approved by shareholders at the AGM In January 2010.

The audit and risk committee appraised the independence, expertise and objectivity of KPMG as the external auditor, as well as approving the terms of engagement and the fees paid to KPMG (refer to note 6 of the annual financial statements).

The external auditor has unrestricted access to the group’s records and management. The auditor furnishes a written report to the committee on significant findings arising from the annual audit and is able to raise matters of concern directly with the chairman of the committee.

The group has received confirmation from the external auditor that the partners and staff responsible for the audit comply with all legal and professional requirements with regard to rotation and independence, including the stipulation that they should not hold shares in Clicks Group Limited.

Policy on non-audit services

Non-audit services provided by the external auditor may not exceed 25% of the total auditors’ remuneration. These services should exclude any work which may be subject to external audit and which could compromise the auditor’s independence. All non-audit services undertaken during the year were approved in accordance with this policy.

During the year KPMG received fees of R303 650 (2009: R3 000) for non-audit services, equating to 11% (2009: 0.1%) of the total audit remuneration. These services related to South African Reserve Bank approvals for foreign payments and tax advice on the group’s employee share schemes.

KPMG satisfied the audit and risk committee that appropriate safeguards have been adopted to maintain the independence of the external auditor when providing non-audit services.

Activities of the audit and risk committee

The committee meets four times annually. Members of the committee, the external auditor and the group head of internal audit may request a non-scheduled meeting if they consider that one is necessary. The chairman of the audit and risk committee will determine if such a meeting should be convened.

Minutes of the meetings of the committee, except those recording private meetings with the external and internal auditors, are circulated to all directors and supplemented by an update from the audit and risk committee chairman at each board meeting. Matters requiring action or improvement are identified and appropriate recommendations made to the board.

The chairman of the committee attends all statutory shareholder meetings to answer any questions on the committee’s activities.

The committee performed the following activities relating to the audit function during the year under review, with certain of these duties being required in terms of section 270 of the Companies Act No. 61 of 1973:

  • Recommended to the board the appointment of the external auditors, approved the remuneration of the external auditors and monitored their independence, objectivity and effectiveness
  • Determined the nature and extent of any non-audit services which the auditor may provide to the group and pre-approved any proposed contracts with the auditors
  • Reviewed the group’s internal financial control and financial risk management systems
  • Monitored and reviewed the effectiveness of the group’s internal audit functions
  • Reviewed and recommended to the board for approval the company’s annual and interim reports
  • Evaluated the effectiveness of the committee

Refer to the risk management report for an overview of the risk function.

Evaluation of chief financial officer and finance function

The audit and risk committee is satisfied that the expertise and experience of the chief financial officer is appropriate to meet the responsibilities of the position. This is based on the qualifications, levels of experience, continuing professional education and the board’s assessment of the financial knowledge of the chief financial officer.

The committee is also satisfied as to the appropriateness, expertise and adequacy of resources of the finance function and the experience of senior members of management responsible for the finance function.

Approval of the audit and risk committee report

The committee confirms that it has functioned in accordance with its terms of reference for the 2010 financial year and that its report to shareholders has been approved by the board.

John Bester

John Bester
Chairman: Audit and risk committee

Cape Town
12 November 2010