This charter outlines the role, responsibilities, composition, and operating guidelines of WorkCover Queensland’s (WorkCover) Risk and Audit Committee (the Committee) in accordance with:
- the Financial and Performance Management Standard 2019; and
- the 'Audit Committee Guidelines - Improving Accountability and Performance' issued by Queensland Treasury.
This charter has been approved by the Board of Directors (the Board).
The role of the Committee is to assist the Board in fulfilling its corporate governance responsibilities by:
- Providing an independent review function to ensure the reliability and integrity of financial information included in the Annual Report.
- Compliance with legislative, regulatory, contractual, policy, industry standards, and good governance principles.
- Obtaining assurance from management that all financial and non-financial internal controls and risk and compliance management functions are operating effectively and reliably.
- Safeguarding the independence of the external and internal auditors.
The Committee does not replace or replicate established management responsibilities and delegations, within WorkCover.
The Committee will provide prompt updates on its findings directly to the Board, particularly when issues are identified that could present a material risk or threat to WorkCover.
Authority and independence
The Committee is a committee of WorkCover and is directly responsible to the Board.
The Committee has no executive powers, unless delegated to it by the Board.
The Committee has the authority from the Board to:
- Conduct or authorise investigations into matters within its scope of responsibility.
- Access information, records and personnel of WorkCover for such purpose.
- Request the attendance of any employee, including executive staff, at Committee meetings.
- Conduct meetings with WorkCover’s internal and external auditors, as necessary.
- Seek advice from external parties, as necessary.
- Approve WorkCover policies as outlined in the Corporate Governance policy.
Duties and responsibilities
The Committee is directly responsible and accountable to the WorkCover Board for the exercise of its duties and responsibilities. In carrying out its duties and responsibilities, the Committee must at all times recognise that primary responsibility for the operational management of WorkCover has been delegated by the Board to the Chief Executive Officer (CEO).
The Committee’s duties and responsibilities are to:
- Review the appropriateness and relevance of accounting policies adopted by WorkCover.
- Review the appropriateness of significant assumptions and critical judgements made by management in preparing the financial statements.
- Review the financial statements for compliance with prescribed accounting and other requirements.
- Review, with management and the external auditors, the results of the external audit and any significant issues identified.
- Ensure there is a proper explanation for any unusual transactions, or trends.
- Ensure that assurance with respect to the accuracy and completeness of the financial statements is given by management.
- Review, through the 2nd line (i.e. Risk and Assurance) and 3rd line (i.e. internal/external audit) functions, the adequacy of the internal control structure and systems, including information technology security and control.
- Review, through the 2nd line and 3rd line functions, whether relevant policies and procedures are in place and up-to-date, including those for the management and exercise of delegations, and whether they are complied with.
- Review WorkCover’s compliance with the performance reporting requirements of the Financial Accountability Act 2009, the Financial and Performance Management Standards 2019, and the 'Financial Reporting Requirements for Queensland Government Agencies', and the 'Annual Report Requirements for Queensland Government Agencies'.
- Monitor the activities of internal audit, including assessment of performance, and objectivity of internal audit function.
- Review and approve the internal audit plan, its scope and progress, and any significant changes to it, including any difficulties or restriction on scope of activities, or significant disagreements with management.
- Review the proposed internal audit plan for the coming year to ensure that it covers key risks and that there is appropriate co-ordination with the external auditor.
- Approve the extension of timeframes for implementation of audit recommendations by management.
- Review internal audit reports to ensure that where major breakdowns in controls or procedures have been identified, appropriate and prompt remedial action is taken by management.
- Review the selection appointment, performance and fees charged by the internal auditors.
- Review and approve the internal audit charter which outlines internal audit’s role, responsibilities, and functions.
- Consult with external audit on the function’s proposed audit strategy, audit plan and fees for the year and ensure there is no material overlap between the internal and external audit functions.
- Review the findings and recommendations of external audit and the response to them by management.
- Review the implementation of external audit recommendations.
- Monitor and review the risk management framework for effective identification, assessment, monitoring and management of significant risks, including fraud.
- Review and endorse the Risk management policy for Board approval annually.
- Liaise with management to ensure there is a common understanding of the key risks to WorkCover and ensure these risks are clearly documented in the Corporate Risk Register.
- Review the Corporate Risk Register on a quarterly basis, including:
- approval of addition/removal of key risks;
- review of initial setting of risk ratings and change in ratings of risks;
- consider that the register reflects the environment, emerging risks, organisational risks and other reporting provided by management;
- consider the controls implemented by management to manage risk and relevant risk treatment plans.
- Monitor risk trends including emerging claims risks and areas of increasing/decreasing risk, sources of risks and how organisational risks are being reported on the Corporate Risk Register.
- Assess and contribute to the audit planning process relating to risks and threats to WorkCover.
- Review reports on any major defalcations, frauds and thefts from the entity, and monitoring procedures to ensure that the required procedures are adhered to.
- Review and approve the fraud and corruption policy, public interest disclosure policy, ethics policy and environmental policy annually.
- Review the insurance program at least annually having regard to the organisation's business and its insurable risks.
- Ensure business continuity planning arrangements are in place, including whether business continuity and disaster recovery plans have been periodically updated and tested.
- Review the effectiveness of the system for monitoring WorkCover’s compliance with relevant laws, regulations, and policies.
- Review the findings of any examinations by regulatory agencies and any auditor observations.
- Review the details relating to a compliance breach that has been reported to the Committee as per the reporting guidelines in the risk management policy.
- Review and approve the compliance policy.
- Initiate and supervise special investigations.
- Circulate minutes of the Committee meetings to the Board, Committee members, and invited guests as appropriate.
Committee members will not publicly comment on matters pertaining to the activities of the Committee.
Membership and meetings
- Members, including the Chair of the Committee, are appointed by the Chair of the Board.
- Membership of the Committee will consist of a minimum of three and a maximum of six members of the Board (unless otherwise determined by the Board).
- At least one member will have ‘financial expertise’.
- At least one member will have expertise in the industry in which the agency operates.
- The term of appointment is subject to review by the chair of the Board.
- Members are appointed on the basis of personal qualities and skills.
- Member terms of appointment are to be disclosed in the Letter of Appointment.
- Members may resign by providing sufficient notice to the Chair of the Board. The member will provide reasons for leaving and the date of resignation will be minuted by the Secretary.
- Members can be dismissed by the Board. Dismissal will be performed verbally as well as in writing and will be effective immediately. The date of dismissal will be minuted by the Secretary.
- The Committee will endeavour to replace members on a staggered basis.
- The Chair will be appointed by the Chair of the Board.
- The Chair will possess sound communication and strong leadership skills.
- The Chief Executive Officer (CEO) attends as many Committee meetings as practicable.
- The Secretary of the Committee is the Company Secretary as appointed by the Board.
- The Secretary, in consultation with the Chair, will prepare and send notices of meetings and agendas, and accurately transcribe all decisions of the Committee in the minutes.
- The Secretary will table all correspondence, reports, and other information relevant to the Committee’s activities and operations.
Members are required to declare any interests that could constitute a real, potential, or apparent conflict of interest with respect to participation on the Committee. The declaration must be made on appointment to the Committee and in relation to specific agenda items at the outset of each Committee meeting, and be updated as necessary.
Members are governed by the requirements of WorkCover’s Code of Conduct in the performance of their duties.
Risk and Audit Committee Meetings
The Committee will meet four times a year. The schedule of meetings will be agreed in advance. The Chair of the Committee may convene a meeting at any time and must convene a meeting when asked by a quorum of directors. The Committee may hold meetings using any technology that reasonably allows directors to take part in the meeting (i.e. video conferencing), and any member taking part using such technology is taken to be present at the meeting.
The Committee should determine its own agenda, ensuring appropriate consultation with the CEO and Secretary to include emerging issues and emphasis on the most significant risks and threats. The Secretary will draw up the agenda for each meeting, which will be circulated to the Committee with associated papers at least five business days before the meeting, via the electronic board paper portal.
Resolutions without meetings
Resolutions without meetings are noted in flying minutes prepared by the Secretary. A resolution is passed if at least a majority of members approve (either physically or digitally) that they are in favour of a resolution within the flying minute. It is taken to be passed at a meeting of the Committee held on the day the document is approved or if the members do not approve on the same day, the day on which the last of the members constituting the majority approves the document. The flying minute resolution is submitted.
Presiding at meetings
The Chair of the Committee is to preside at all meetings at which the Chair is present. If the Chair is not present at a meeting, the director chosen by the directors present at the meeting is to preside.
To conduct a meeting, the Committee must meet the required minimum number of directors, a quorum, which will be half the number of directors of which the Committee for the time being consists or, if that number is not a whole number the next higher whole number (excluding any director who has a conflict of interest).
Questions are decided by a majority of the votes of the directors present and voting at a meeting (excluding any director who had a conflict of interest). The Chair has the casting vote if the votes are equal.
Members must attend all meetings where practicable. If a member is unable to attend a meeting, the Secretary should be advised in advance of the meeting. Members will still receive papers if they are not attending the meeting.
The Committee will act as a forum for internal audit and oversee its planning, monitoring, and reporting processes. This process will form part of the governance processes which ensure that WorkCover’s internal audit function operates efficiently, effectively, and economically.
The internal auditor will have a standing invitation to attend Committee meetings.
The Chair will meet with the internal auditor at least twice a year.
The Committee has no power of direction over external audit or the manner in which the external audit is planned or undertaken. The Committee will act as a forum for the consideration of external audit findings.
The external audit function is performed by the Queensland Audit Office who reserve the right to outsource the function to a third party. The external audit provider will have a standing invitation to attend Committee meetings.
The Chair will meet with the external auditor as required.
Board members who are not a part of the Committee will have a standing invitation to attend Committee meetings.
The Committee may, at its discretion, invite management to attend Committee meetings.
This charter is to be reviewed annually by the Committee and approved by the Board.