The Chief Executive Officer (CEO) has established an Audit and Risk Committee in compliance with section 45 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and PGPA Rule section 17 – Audit committee for Commonwealth entities.
Functions
Section 17(2) of the PGPA Act (the Rule) establishes mandatory functions for Audit Committees:
1. the accountable authority of a Commonwealth entity must, by written charter, determine the functions of the Audit Committee for the entity.
2. the functions must include reviewing the appropriateness of the accountable authority’s:
a) financial reporting
b) performance reporting
c) system of risk oversight and management
d) system of internal control.
Consistent with the requirement of subsection 17(2) of the Rule, the CEO of the Australian Pesticides and Veterinary Medicines Authority (APVMA), as the accountable authority, has determined that the functions of the Committee are to review the appropriateness of, and to provide written advice on, the APVMA’s:
Financial reporting
1. Review the financial statements and provide advice to the CEO (including recommending their signing by the CEO). In particular, the Committee will:
a) assess the APVMA’s compliance with accounting standards, including an assessment of the appropriateness of accounting policies and disclosures
b) assess areas of significant judgement and financial statement balances that require estimation
c) assess any significant changes to accounting policies and practices (by May each year)
d) review significant or unusual transactions
e) assess whether appropriate management action has been taken in response to any issues raised by the Australian National Audit Office (ANAO), including financial statement adjustments or revised disclosures.
2. Review the processes in place designed to ensure that financial information included in the APVMA’s annual report is consistent with the signed financial statements
3. Discuss with the ANAO the auditor’s judgments about the adequacy of the APVMA’s accounting policies and the quality of the APVMA’s processes for the preparation of the APVMA’s financial statements.
Performance reporting
1. Review the APVMA’s systems and procedures for assessing, monitoring and reporting of performance. In particular, the Committee shall satisfy itself that
a) the APVMA’s Portfolio Budget Statements and Corporate Plan contain appropriate details of how the entity’s performance will be measured and assessed
b) the APVMA’s approach to measuring its performance throughout the financial year against the performance measures included in its Portfolio Budget Statements and Corporate Plan is appropriate and in accordance with the Commonwealth Performance Framework
c) the APVMA has appropriate systems and processes for preparation of its annual performance statement and inclusion of the statement in its annual report.
2. Review the annual performance statements and provide a statement of the Audit Committee’s view in relation to:
a) the appropriateness of the entity’s annual performance statements
b) the performance reporting as a whole including compliance with the PGPA Act and Rule
c) specific suggestions for improvement or areas of concern.
Systems of risk oversight and management
1. Review whether the APVMA has a current and appropriate enterprise risk management framework and the necessary internal controls for the effective identification and management of the entity’s risks
2. Satisfy itself that an appropriate approach has been followed in managing the APVMA’s key risks, including those associated with individual projects and program implementation and activities
3. Review the process of developing and implementing the APVMA’s fraud control arrangements consistent with the PGPA Rule requirements (section 10) and satisfy itself that the APVMA has adequate processes for detecting, capturing and effectively responding to fraud risks
4. Review whether the APVMA has adequately developed risk management capability in and whether key roles, responsibilities and authorities relating to risk management are clearly articulated and adhered to.
5. Provide a statement of the Audit and Risk Committee’s view in relation to:
a) the appropriateness of the APVMA’s systems for risk oversight and risk management as a whole, with reference to the APVMA’s risk management framework
b) specific areas of concern or suggestions for improvement.
System of internal control
1. Internal control framework
a) reviewing the APVMA’s approach to maintaining an effective internal control framework and whether appropriate processes are in place for assessing whether key policies and procedures are complied with
b) reviewing whether APVMA has in operation relevant policies and procedures for internal control (e.g. accountable authority instructions, delegations/authorisations, business continuity management plan, bullying and harassment policies).
2. Legislative and policy compliance
a) reviewing the effectiveness of systems for monitoring the APVMA’s compliance with laws, regulations and associated government policies with which the entity must comply.
3. Security compliance
a) reviewing APVMA’s approach to maintaining an effective internal security system and ICT security policy.
4. Internal audit coverage
a) reviewing the proposed internal audit coverage, ensuring that the coverage takes into account the APVMA’s primary risks, and recommending approval of the internal audit work plan by the accountable authority.
b) reviewing all internal audit reports, providing advice to the board on major concerns identified in those reports, and recommending action on significant matters raised, including identification and dissemination of information on good practice.
Engagement with the ANAO
1. The Committee will engage with the ANAO, as the APVMA’s external auditor, in relation to the ANAO’s financial statement and performance audit coverage. In particular, the Committee will:
a) meet privately with the ANAO at least once per year.
Membership
1. The Audit and Risk Committee comprises:
a) at least 3 external persons who have appropriate qualifications, knowledge, skills or experience to assist the Committee to perform its functions.
2. Members will be appointed for periods up to a maximum of 6 years as specified by the accountable authority.
a) The Chair of the Committee will be one of the members
b) The Deputy Chair of the Committee will be one of the members.
A representative(s) of the ANAO will be invited to attend meetings of the Committee, as an observer. The Chair may invite other attendees as advisers or observers.
Membership of the Committee will be reviewed periodically (but at least every 3 years) by the CEO with the aim of ensuring an appropriate balance between continuity of membership, the contribution of fresh perspectives and a suitable mix of qualifications, knowledge, skills and experience.
The Committee will adopt and maintain a program of induction, training and awareness-raising for its members, with the objective of enabling the Committee to keep abreast of contemporary developments and leading practices in relation to its functions.
Authority
The CEO authorises the Committee, in performing its functions, to:
1. obtain any information it requires from any official or external party (subject to any legal obligation to protect information)
2. discuss any matters with the ANAO, or other external parties (subject to confidentiality considerations)
3. request the attendance of any official at Committee meetings
4. obtain legal or other professional advice at the APVMA’s expense, as considered necessary to meet its responsibilities.
The CEO directs officials of the APVMA to cooperate with the Committee.
Independence
The Committee is directly accountable to the CEO for the performance of its functions. The Committee has no executive powers in relation to the operations of the APVMA. The Committee may only review the appropriateness of particular aspects of those operations, consistent with its functions, and advise the CEO accordingly.
Responsibility for the appropriateness of the APVMA’s financial reporting, performance reporting, system of risk oversight and management, and system of internal control rests with the CEO and officials of the APVMA.
Members or observers with a conflict of interest will notify the Committee as soon as these issues become apparent. Any member with a conflict of interest will absent themselves from discussions about relevant matters.
All decisions of the Committee shall be referred to the CEO for approval, other than:
1. the APVMA’s Internal Audit Charter and Internal Audit Plan
2. the APVMA-wide assurance map.
The internal audit budget and appointment of internal auditors are to be agreed by the CEO after consultation with the Chair.
Reporting
The Committee is responsible to, and will regularly update the CEO on its activities and make recommendations, as appropriate.
The Chair will report to the CEO following a meeting of the Committee on any matters that the Committee considers should be brought to the attention of the CEO.
The Committee will at least once annually confirm to the CEO that all functions/responsibilities outlined in this charter have been carried out, and comply with any other reporting requirements specified by the CEO from time to time.
During the year, to meet its obligations under the PGPA Act and the Charter, the Committee will provide written advice to the CEO on its view of the appropriateness of:
1. the APVMA’s annual financial statements and financial reporting
2. the annual performance statements and performance reporting
3. the systems for risk oversight and management
4. the systems for internal control.
Meetings
The Committee will meet at least 4 times per year. One or more special meetings may be held to review the APVMA’s annual financial statements or to meet other responsibilities of the Committee.
All Committee members are expected to attend each meeting, in person or via tele-or-video conference.
The Chair is required to call a meeting if asked to do so by the CEO and decide if a meeting is required if requested by another member, internal audit or the ANAO.
A quorum for any Committee meeting will be 2 members, one of whom must be the Chair or Deputy Chair, and one of whom must be an external member.
The Committee will adopt a forward program at the beginning of the reporting period.
Secretariat
The APVMA will provide secretariat and administrative support services to the Committee.
Review of functions
The Chair will initiate a review of the performance of the Committee at least once every 2 years. The outcomes will be reported to the CEO.
The Committee will review the charter every 3 years, in consultation with the CEO.
Any substantive changes to the charter will be recommended by the Committee and formally approved by the CEO.