During the 2017 financial year, the Committee met on three occasions.
Discharge of responsibilities for the 2017 financial year:
In the execution of its statutory duties and in accordance with its charter, the Committee effectively discharged the following responsibilities over the past financial year:
- Overseeing the effectiveness of the Group’s governance and internal control systems;
- With regard to the External Auditors, to nominate their appointment, to determine audit fees payable, to pre-determine fees and scope of non-audit services, and monitor their independence;
- Reviewing the scope and effectiveness of the External and Internal Audit functions;
- Ensuring that adequate accounting records are being maintained;
- Ensuring appropriate accounting policies have been adopted and are consistently applied;
- Testing that the Group’s going-concern assertion remains appropriate;
- Overseeing the quality and integrity of the annual financial statements, interim financial results and trading statements;
- Ensuring that Massmart Audit Services (MAS) reports functionally to the Committee, is considered independent, applies King IV standards and adheres to the Institute of Internal Auditors’ Standards for the Professional Practice of Internal Auditing and Code of Ethics;
- Approving MAS’s plan and ensuring that MAS have sufficient resources and skills to effectively perform their function;
- Reviewing the adequacy and effectiveness of combined assurance, compliance and information and technology governance;
- Considering the solvency and liquidity of the Group as and when required;
- Assessing the suitability and appropriateness of the expertise and experience of the Chief Financial Officer on an annual basis; and
- Receiving and reviewing the assurance assertion of MAS and presenting this to the Board.
The CEO, the CFO, senior financial Executives of the Group and representatives from the external and internal auditors attend all meetings by invitation. The internal and external auditors have unfettered access to the Audit Committee and its members, and both present formal reports to the Committee. The Chairman of the Committee meets quarterly with the Chief Audit Executive (CAE), and at the start of every Committee meeting the external auditors have a private meeting with the Committee.
Summary of key focus areas in 2017:
- The Committee has reviewed the scope, quality, effectiveness, independence and objectivity of the external auditors with reference to the audit quality indicators included in inspection reports issued by external audit regulators and is satisfied with all of these areas. In addition, the Committee confirms that it has executed its responsibilities as set out in paragraph 3.84(g) of the JSE Listings Requirements. The audit firm Ernst & Young Inc. (with audit partner Roger Hillen as lead assignment partner) will be proposed to the shareholders at the May 2018 Annual General Meeting for approval to be the Group’s auditor for the 2018 financial year. Ernst & Young Inc. are, in the Committee’s opinion, independent of the Group
- The Committee is satisfied that the internal financial controls and procedures of the Divisions and Group operated effectively during the year ended December 2017 and can be relied upon. In addition, the Committee is satisfied with the Group’s accounting policies and that these have been appropriately and consistently applied during the year ended December 2017.
- Significant matters considered in relation to the AFS include:
- The restatement for an error in the accounting for rebates and the capitalisation of some costs to inventory, as well as the incorrect classification of unrealised foreign exchange movements in the 2016 Statement of Cash Flows. The Audit Committee has ascertained that adequate control measures are in place to address this
- Key assumptions made for the impairment testing of goodwill
- The accounting treatment of supplier rebates
- The assessments of the recoverability of deferred tax assets
- Provisions on inventory balances
- The Committee reviewed this Integrated Annual Report and recommended it to the Board for approval
- The Audit Committee has considered the JSE letter of 17 February 2017 (on proactive monitoring) and has taken the appropriate action where disclosures were queried
- The nature and extent of non-audit services provided by the external auditors is reviewed annually to ensure that fees for such services do not become so significant as to call into question their independence of Massmart
- The nature and extent of any future non-audit services have been defined and pre-approved, and the total fee associated with those non-audit services may not exceed 50% of the total audit fee without approval of the Committee. During the year ended December 2017, the non-audit services made up 0.3% of the audit fee. If it appears that this guideline will be exceeded on a consistent basis, non-audit services will be outsourced to alternative auditors
- No reportable irregularities were identified and reported by the external auditors to the Committee
- The Committee is satisfied with the competence and effectiveness and arrangements for internal audit. A Chief Internal Audit Executive is currently being sourced and the Committee is confident that an appointment will be made within the next few months.
- As at the date of this report, no complaints have been received relating to accounting practices and internal audit of the Company or to the content or auditing of the Company’s financial statements, or to any related matter
- The Massmart website has a link enabling the general public to lodge complaints with the Committee. Since establishing this functionality in 2009, no complaints have been received
Annually the Committee considers whether it is meeting its duties and responsibilities as set out in the Committee charter and in terms of the requirements of the Companies Act.
As part of the Audit function, the Committee receives reports on Group companies’ financial performance, governance, and internal controls, adherence to accounting policies, compliance and areas of significant risk, amongst others. The Committee also receives written reports by both the external and internal auditors, which are accompanied by discussion with Committee members. After considering these reports, the Committee formally reports to the Board, twice a year, regarding the overall control framework and effectiveness of controls.
Each of the four Divisions has a Financial Review Committee, which meets twice a year, before the finalisation and release of the Group’s interim and preliminary financial results, respectively. These Committees effectively function as Divisional Audit Committees but not strictly in the manner required in terms of King IV and applicable legislation. The attendance at these meetings includes the following invitees: the Chief Financial Officer, Divisional Chief Executive and Divisional head of Finance, key finance and accounting staff, members of internal and external audit, and Massmart Corporate Finance executives. Minutes from these meetings are included with the papers of the following Committee meeting. Twice a year the Audit Committee reviews the Financial Review Committee minutes and the external audit reports. Annually they review the Annual Financial Statements, to comply with the Companies Act requirements of a holding company audit committee and its responsibilities in regard to all Company subsidiaries.
The Group’s interim and provisional reports are always subject to independent review by the external auditors.
Information and technology governance
Ensuring proper system security, data integrity and business continuity is the responsibility of the Board, but is given effect by the Audit Committee, the Massmart Technology Information and Process Forum (TIP Forum) and Massmart’s formally contracted Information Technology (IT) business partners and service providers. There is a comprehensive information and technology framework in place that outlines the structures processes and mechanisms that will enable the delivery of value to the business and reduce information and technology risks.
Massmart aligns its IT teams with best practice frameworks including the Information Technology Information Library (ITIL) and Control Objectives for Information Technology (COBIT). Measures are in place to ensure compliance with all relevant laws, information security and the protection of personal information. The TIP Forum is tasked with ensuring proper system security, data integrity and business continuity. Through its link into Walmart Security and Information Security Departments, Massmart receives daily and weekly updates regarding any concerns that are identified internationally.
This information is shared with Massmart’s Divisions through the Divisional IT Operations Managers. Active network monitoring and profiling is managed through industry best-practice tools and firewall traffic is submitted real-time to Walmart’s Security Operations Centre for interrogation.
As a responsible retailer, Massmart is committed to ensuring that all internal e-waste is discarded in a safe, responsible and secure manner, whereby the risk to human health and the environment is minimised and the security of public and private information is maintained. The Board, through the Risk Committee and Massmart’s Compliance department, oversees the protection of privacy and personal information. To ensure that management keeps abreast of changing regulation, regular Protection of Personal Information (“POPI”) meetings are held by management and advanced POPI training is scheduled for high-risk departments.
The Board receives independent assurance on the effectiveness of technology and information internal controls from internal and external auditors. Massmart Audit Services (MAS) not only assess the processes and controls around large projects, but also assess the control environment within existing systems and the Group’s general computer control environment. MAS adopted the COBIT methodology for technology auditing several years ago.
Massmart is committed to the highest level of information and technology governance, as managed by the Group Chief Information Officer (CIO). The board is satisfied that Massmart complies with the significant governance principles in King IV, and has identified Information and cyber security as an area for future focus.
Responsible tax policy
As Africa’s second largest retail group, we understand that it is in society’s best interest to ensure that the public services and infrastructure we rely on remain properly funded through a transparent, fair and effective system of taxation.
Massmart’s tax strategy is to enhance its international tax position by maintaining a highly qualified tax function that is an effective contributor to the overall corporate strategy and plays a pivotal role in supporting the organisation in fulfilling its mandate as a responsible corporate citizen. The Group’s tax policy seeks to define the governance structures and performance management processes necessary to achieve objectives of compliance and transparency.
The Group is committed to complying with all tax laws and regulations in all jurisdictions in which Massmart operates. Massmart has financial and tax controls in place to ensure a high level of compliance with applicable tax legislation across all the tax jurisdictions in which it operates.
We submit tax filings and other representations to revenue authorities which:
- are filed timeously and in co-operation with tax revenue authorities;
- make full disclosure of matters required by law; and
- have reasonable and accurate grounds supporting tax positions taken.
Through regular and proactive communication with tax revenue authorities across the regions in which Massmart operates, we are committed to promoting professional and collaborative working relationships based on principles of transparency and trust.
The commercial needs of the business are paramount in all tax planning opportunities. All transactions are driven by a business purpose or commercial rationale and are aligned to and consistent with Massmart’s overall business strategy. We are committed to acting with integrity and transparency on all tax matters.
Effectiveness of the Chief Financial Officer
As required by the JSE, the Committee and Board have considered the skills, qualifications, experience and performance of the Chief Financial Officer, Johannes van Lierop, and are unanimously satisfied of his suitability for the position. He was appointed in March 2015 and his biographical details can be found on the Massmart website.
Massmart’s combined assurance framework seeks to optimise the assurance obtained from management and internal and external assurance providers on the significant risks and opportunities facing the Group. The model incorporates and enhances all assurance services and functions so that, taken as a whole, they: enable an effective control environment; support the integrity of information used for internal decision making by management and the Board; and support the integrity of Massmart’s external reports.
Massmart applies the five lines of assurance approach to coordinate and optimise our risk and assurance efforts. Combined assurance includes Executive and senior management monitoring and oversight; specialist department monitoring; internal audit and external assurance providers; as well as Board and relevant sub-Committee oversights.
The Audit Committee ensures that the combined assurance model is applied throughout the Group to provide a coordinated approach to all assurance activities and this Committee also monitors the relationship between external service providers and the Group.
Massmart has obtained assurance on the data included in the Integrated Annual Report from the following sources:
- Group and Company Annual Financial Statements are audited by Ernst & Young Inc.
- Emissions data was externally verified by GCX Africa
- Massmart’s BBBEE scorecard were verified by Honeycomb BEE Ratings Proprietary Limited
- Key compliance, CSI and human capital performance indicators were assured by Massmart Audit Services (MAS)
During the year ended December 2017, Ernst and Young Inc. were the external auditors for all Group companies, with the exception of:
- Masscash Swaziland (Proprietary) Limited who are audited by David Walker FCA (CA) SD
- Game Discount World (Lesotho) (Proprietary) Limited who are all audited by New Dawn Chartered Accountants
Total fees incurred to Ernst & Young Inc. during the year ended December 2017 were R30.0 million (2016: R24.5 million).
The Committee considers Massmart Audit Services (MAS) to be an independent, objective body providing assurance to the Group’s governance, risk and control activities. MAS comprises a dedicated team that, although managed from Massmart Corporate, is deployed Group-wide. The team comprises appropriately tertiary qualified and experienced personnel, including internal audit and retail/wholesale professionals, to ensure the delivery of a relevant and high-quality risk-based audit service. Pleasingly, the audit team has a strong race diversity profile, 92% of which is African, Coloured or Indian.
MAS is an objective body providing assurance concerning the Group’s governance, risk and control activities. MAS has the unequivocal support of the Board and Audit Committee. It has access to any part of, or person, in Massmart. All employees are expected to co-operate positively with MAS.
MAS is considered independent and has been subjected to a quality review. To ensure independence, MAS reports functionally to the Audit Committee and administratively to the CEO. The MAS team formally reports any material findings and matters of significance at the quarterly Divisional Boards and at the Audit Committee meetings. The reports highlight whether actual or potential risks to the business are being appropriately managed and controlled. Progress in addressing previous unsatisfactory audit findings is monitored until MAS reports the proper resolution of the problem area.
The responsibilities of MAS are defined and governed by a charter reviewed and recommended by the Audit Committee and approved by the Board.
The Internal Audit function has adopted a risk-based methodology for several years in order to ensure appropriate coverage of governance, risk management and control processes that are key to the realisation of strategic objectives. The internal audit plan is based on risk assessments, risk registers, group strategies and input from management, the Board and the Audit Committee. The Audit Committee approves the annual audit plan and the budget. The CAE has unrestricted access to anyone in the organisation, has frequent and independent discussions and updates with the Committee Chairman and Massmart Executive Directors. The CAE holds a senior Executive position in the organisation and has an influential impact across the business strategically and operationally. The Board provides MAS with the authority to attend any strategic session, Committee or Board meeting and to have unrestricted access to all information across the Group to assist with its determination of the types and levels of governance, control and risk that exist across Massmart.
There is significant MAS involvement in IT throughout the Group in order to ensure satisfactory IT governance and assurance. All new major IT systems in the Group require specific MAS involvement and governance oversight prior to implementation, where all significant IT initiatives are subject to MAS review per their detailed annual risk assessment. The MAS role is twofold: to assess the process and controls around large IT projects at significant phases of these projects; and to assess the control environment within existing IT systems and the Group’s general computer control environment. MAS adopted the Control Objectives for Information and related Technologies (COBIT) methodology for technology auditing several years ago and also makes use of various other standards.
MAS and external audit’s scope and work-plans, and those of other assurance providers, are properly co-ordinated and, when appropriate, are relied upon in order to provide efficient and effective assurance to the Committee and to reduce the governance burden.
MAS applies the standards of the International Standards for the Professional Practise of Internal Auditor and the recommendations of King IV. In accordance with the International Standards for the Professional Practise of Internal Audit standards, it has been determined that MAS will be subjected to an independent external quality assessment review at least once in five years. An independent external audit firm conducted the last quality review and concluded that Massmart’s Internal Audit function ‘generally conforms’ to the standards of the Institute of Internal Audit which is the highest standard possible.
The Committee’s report in accordance with section 94(7)(f) of the Companies Act, can be found here.
The Audit Committee comprises:
Mr Chris Seabrooke*
Independent non-Executive Director
Mr Kuseni Dlamini^
Independent non-Executive Director and Chairman of the Board
Dr Lulu Gwagwa
Independent non-Executive Director
Ms Phumzile Langeni
Independent non-Executive Director
* Mr Chris Seabrooke was appointed Chairman of the Audit Committee on 13 September 2017.
^ Mr Kuseni Dlamini resigns as alternate member of the Audit Committee with effect from 25 May 2018.
Mr Moses Kgosana was the Chairman and a member of the Audit Committee until his resignation from the Board and the Committee on 13 September 2017
More information on the Audit Committee’s roles and responsibilities can be found here