This charter outlines the role, responsibilities, composition, and operating guidelines of WorkCover Queensland's (WorkCover) Risk and Audit Committee (the Committee) in accordance with:
- the Financial and Performance Management Standard 2009; and
- the 'Audit Committee Guidelines - improving accountability and performance' issued by Queensland Treasury.
This charter has been approved by the Board of Directors (the Board).
The role of the Committee is to assist the Board in fulfilling its corporate governance responsibilities in regard to:
- Providing an independent review of reporting functions to ensure the reliability and integrity of financial information included in WorkCover's Annual Report.
- Compliance with legislative, regulatory, contractual, policy, industry standards, and good governance principles.
- Obtaining assurance from management that all financial and non-financial internal control, risk and compliance managment functions are operating effectively and reliably.
- Safeguarding the independence of the external and internal auditors.
The Committee does not replace or replicate established management responsibilities and delegations, the responsibilities of other executive management groups within WorkCover, or the reporting lines and responsibilities of either internal audit or external audit functions.
The Committee will provide prompt and constructive reports on its findings directly to the Board, particularly when issues are identified that could present a material risk or threat to WorkCover.
Authority and independence
The Committee has no executive powers, unless delegated to it by the Board.
The Committee is a committee of WorkCover and is directly responsible to the Board. In discharging its responsibilities the committee has the authority to:
- Conduct or authorise investigations into matters within its scope of responsibility.
- Access information, records and personnel of WorkCover for such purpose.
- Request the attendance of any employee, including executive staff, at committee meetings.
- Conduct meetings with WorkCover's internal and external auditors, as necessary.
- Seek advice from external parties, as necessary.
Duties and responsibilities
The Committee is directly responsible and accountable to the WorkCover Board for the exercise of its duties and responsibilities. In carrying out its duties and responsibilities, the Committee must at all times recognise that primary responsibility for the operational management of WorkCover has been delegated by the Board to the Chief Executive Officer (CEO).
The Committee's duties and responsibilities are to:
- Review the appropriateness and relevance of accounting policies adopted by WorkCover.
- Review the appropriateness of significant assumptions and critical judgements made by management in preparing the financial statements.
- Review the financial statements for compliance with prescribed accounting and other requirements.
- Review, with management and the external auditors, the results of the external audit and any significant issues identified.
- Ensure there is a proper explanation for any unusual transactions, or trends or variations from budget.
- Ensure that assurance with respect to the accuracy and completeness of the financial statements is given by management.
- Review, through the 2nd line (i.e. risk and compliance) and 3rd line (i.e. internal/external audit) functions, the adequacy of the internal control structure and systems, including information technology security and control.
- Review, through the 2nd line and 3rd line functions, whether relevant policies and procedures are in place and up-to-date, including those for the management and exercise of delegations, and whether they are complied with.
- Review WorkCover's compliance with the performance reporting requirements of the Financial Accountability Act 2009, the Financial and Performance Management Standards 2009, and the Financial Reporting Requirements for Queensland Government Agencies.
- Monitor the activities of internal audit, including assessment of performance, and objectivity of internal audit function.
- Review and approve the internal audit plan, its scope and progress, and any significant changes to it, including any difficulties or restriction on scope of activities, or significant disagreements with management.
- Review the proposed internal audit plan for the coming year to ensure that it covers key risks and that there is appropriate co-ordination with the external auditor.
- Approve the extension of timeframes for implementation of audit recommendations by management.
- Review internal audit reports to ensure that where major breakdowns in controls or procedures have been identified, appropriate and prompt remedial action is taken by management.
- Review the nomination, performance, and fees charged by the internal auditors.
- Review procedures for selection and appointment of internal auditors.
- Review and approve the internal audit charter which outlines internal audit's role, responsibilities, and functions.
- Consult with external audit on the function's proposed audit strategy, audit plan and fees for the year and ensure there is no material overlap between the internal and external audit functions.
- Review the findings and recommendations of external audit and the response to them by management.
- Monitor and review the risk management framework for effective identification, assessment, monitoring and management of significant risks, including fraud.
- Review the Corporate risk register on a quarterly basis, including:
- approval of addition/removal of key risks;
- review of initial setting of risk ratings and change in ratings of risks;
- consider that the register reflects the environment, emerging issues, organisational risks and other reporting provided by management;
- consider the controls implemented by management to manage risk and relevant risk treatment plans.
- Monitor risk trends including areas of increasing/decreasing risk, sources of risks and how organisational risks are being reported on the corporate risk register.
- Review reports on any major defalcations, frauds and thefts from the entity, and monitoring procedures to ensure that the required procedures are adhered to.
- Review the insurance program at least annually having regard to the organisation's business and its insurable risks.
- Review business continuity planning arrangements, including whether business continuity and disaster recovery plans have been periodically updated and tested.
- Review the effectiveness of the system for monitoring WorkCover's compliance with relevant laws, regulations, and policies.
- Review the findings of any examinations by regulatory agencies and any auditor observations.
- Review the details relating to a compliance breach that has been reported to the committee as per the reporting guidelines in the risk management policy.
- Initiate and supervise special investigations.
- Circulate minutes of the Committee meetings to the Board, Committee members, and invited guests as appropriate.
- Prepare an Annual Report to the Board summarising the performance and achievements for the previous year. An interim program of the planned activities for the coming year should also be provided.
Committee members will not publicly comment on matters pertaining to the activities of the committee other than as authorised by the accountable officer or statutory body.
Membership and meetings
- Members, including the Chair of the Committee, are appointed by the Chair of the Board.
- Membership of the Committee will consist of a minimum of three and a maximum of six (unless otherwise determined by the Board).
- At least one member will have 'financial expertise'.
- At least one member will have expertise in the industry in which the agency operates.
- The term of appointment is subject to review by the chair of the Board.
- Members are appointed on the basis of personal qualities and skills, and proxies are not permitted if the member is unable to attend meetings.
- Member terms of appointment are to be disclosed in the Letter of Appointment.
- Members may resign by providing sufficient notice to the Chair of the Board. The member will provide reasons for leaving and the date of resignation will be minuted by the Secretary.
- Members can be dismissed by the Board. Dismissal will be performed verbally as well as in writing and will be effective immediately. The date of dismissal will be minuted by the Secretary.
- The Committee will endeavour to replace members on a staggered basis.
- The Chair will be appointed by the Chair of the Board.
- The Chair will be external to the agency or if internal to the agency will be a person independent of the areas within the Risk and Audit Committee's scope of review and independent of line management and day-to-day operations of WorkCover.
- The Chair will possess sound communication and strong leadership skills.
- The Secretary will be appointed by the Chair of the Board to facilitate the Committee's meetings and reporting duties.
- The Secretary, in consultation with the Chair, will prepare and send notices of meetings and agendas, and accurately transcribe all decisions of the Committee.
- The Secretary will table all correspondence, reports, and other information relevant to the Committee's activities and operations.
Members are required to declare any interests that could constitute a real, potential, or apparent conflict of interest with respect to participation on the Committee. The declaration must be made on appointment to the committee and in relation to specific agenda items at the outset of each committee meeting, and be updated as necessary.
Members are governed by the requirements of WorkCover's code of conduct in the performance of their duties.
Meetings and attendance
The Committee will meet four times a year. The schedule of meetings will be agreed in advance. A quorum will consist of two members.
The Committee should determine its own agenda, ensuring appropriate consultation to include emerging issues and emphasis on the most significant risks and threats. The agenda and relevant papers will be distributed to members at least five business days before the meeting.
The Committee will act as a forum for internal audit and oversee its planning, monitoring, and reporting processes of internal audit. This process will form part of the governance processes which ensure that WorkCover's internal audit function operates efficiently, effectively, and economically.
The Committee will make a recommendation to the Board regarding the appointment of the internal auditor as and when contractual arrangements fall due.
The internal auditor will have a standing invitation to attend committee meetings.
The Chair and an independent member will hold executive sessions with the internal auditor at least twice a year, if required.
The Committee has no power of direction over external audit or the manner in which the external audit is planned or undertaken. The Committee will act as a forum for the consideration of external audit findings, and will ensure that they are balanced with the views of management.
The external audit function is performed by the Queensland Audit Office who reserve the right to outsource the function to a third party. The external audit provider will have a standing invitation to attend committee meetings.
The Chair and an independent member will hold executive sessions with the external auditor at least twice a year, if required.
Board members will have a standing invitation to attend committee meetings.
The Committee may, at its discretion, invite management such as Executives and Heads of Departments to attend committee meetings.
This charter is to be reviewed annually by the Board.