Much of the work of the committee is necessarily targeted at the regulated activities of United Utilities Water Limited, which represent over 98 per cent of group revenues.
- Brian May has chaired the committee since July 2013. He is a serving finance director of a FTSE 100 company and chartered accountant and is considered by the board to have recent and relevant financial experience
- All members of the committee are independent non-executive directors
- Other regular attendees at meetings include the Chairman, the CEO, the CFO, the company secretary, the head of audit and risk, the group controller, and representatives from the external auditor KPMG LLP (KPMG)
- KPMG and the head of audit and risk are both afforded time with the committee to raise freely any concerns they may have without management being present
- The committee is authorised to seek independent advice as it sees fit, but has not done so during the year
Terms of reference – corporate.unitedutilities.com/corporate-governance
Audit committee members
Brian May (chair)
Dr Catherine Bell (stepped down 22 July 2016)
Alison Goligher (appointed 1 August 2016, relinquished 1 July 2017)
Paulette Rowe (appointed with effect from 1 July 2017)
Read the biographies on Board of directors
This year we are again required to report against the 2014 version of the Code. However, we are content that we comply with the new 2016 Code provision that the 'committee as a whole should have competence relevant to the sector in which the company operates' (see the Letter from the Chairman). As chairman of the committee, I fully endorse the view of the board that all the members of the committee have competencies relevant to the utilities sector and the business of the United Utilities group. All members contribute to the work of the committee and have the skills and necessary degree of financial literacy. As non-executive directors, my colleagues and I are of an independent mindset and would have no hesitation in seeking clarification and a full explanation from management or the external auditor on any matter we feel necessary.
Although the audit committee has specific responsibilities rooted in reviewing the group's financial statements and reviewing the internal assurance work and external audit of those financial statements, the committee also reviews the internal control and risk management processes, leaving the review of the significant risks to be undertaken by the board. Last year, the board engaged an independent review of the business risk management framework which was considered to be satisfactory but recommended a number of actions to enhance the process. The audit committee was asked to monitor the progress of the implementation of the actions and I can report that all actions have either been completed or were on target to be completed by their forecast completion date (see Accountability). Our 2017 long-term viability statement can be found in the Accountability section of the Code Principles continues page; we are content that a medium-term period of five years is appropriate to assess the group's viability given the nature of the business and the underlying protection afforded by Ofwat's primary legal duty to ensure that water and wastewater companies are able to finance their functions.
Much of the work of the committee is necessarily targeted at the regulated activities of UUW, which represent over 98 per cent of group revenues and is a reflection of our commitment to safeguarding the interests of our customers.
The FRC Corporate Reporting Review team reviewed our 2016 annual report and accounts; further information can be found below.
We have again worked this year to enhance this report and make it more informative for the reader and we continue to be committed to providing meaningful disclosure of the committee's activities. As chair of the audit committee, I am committed to ensuring that the committee's agenda is kept under review and keeps abreast of relevant developments. The details of the annual evaluation process of the committee's performance, which was conducted alongside the board evaluation process, can be found in Effectiveness.
The following report was approved by the committee at its meeting held on 15 May 2017.
Chairman of the audit committee
Pictured: Brian May, chair of the audit committee.
Main responsibilities of the committee
- Make a recommendation to the board for the appointment or reappointment of the auditor, and to be responsible for the tender of the audit from time to time and to agree the fees paid to the auditor
- Establish policies for the provision of any non-audit services by the auditor
- Review the scope and the results of the annual audit and report to the board on the effectiveness of the audit process and how the independence and objectivity of the auditor has been safeguarded
- Review the half-year and annual financial statements and any announcements relating to financial performance, including reporting to the board on the significant issues considered by the committee in relation to the financial statements and how these were addressed
- Review the scope, remit and effectiveness of the internal audit function and the group's internal control and risk management systems
- Review the group's procedures for whistleblowing, reporting fraud and other inappropriate behaviour and to receive reports relating thereto
- Report to the board on how it has discharged its responsibilities
What has been on the committee's agenda during the year
The committee has an extensive agenda of items of business which it deals with in conjunction with senior management, the auditor, the internal audit function and the financial reporting team. There were four scheduled meetings of the committee during the year. Items of business considered by the committee during the year included:
- considering the issues and findings brought to the committee's attention by the internal audit team and satisfying itself that management has resolved or is in the process of resolving any outstanding issues or concerns;
- reviewing the reports from the financial reporting team on the financial statements, including the UUW financial statements and other regulatory reports, and considering matters such as the accounting judgements and policies being applied and how the statutory audit contributed to the integrity of the financial reporting;
- reviewing the proposed audit strategy for the 2016/17 statutory audit, including the level of materiality applied by KPMG, audit reports from KPMG on the financial statements and tasking management to resolve any issues relating to internal controls and risk management systems;
- reviewing the going concern and longer term viability assessments prior to making its recommendations to the board and the assurance provided in undertaking the viability assessment;
- agreed the appointment of the new lead audit partner;
- monitoring the progress of the implementation of actions identified by the externally facilitated review of the business risk management framework which the board commissioned in response to the 2015 Lancashire water quality incident;
- reviewed the statutory audit fee for the year 2016/17;
- reviewed and approved the non-audit services and related fees provided by the statutory auditor for the year 2016/17; approval of a revised policy on non-audit services provided by the auditor for 2017/18 to reflect the European Union Audit Directive and Audit Regulation which came into force in the UK from 17 June 2016 and applies to audits for financial years beginning on or after that date;
- monitoring incidents of whistleblowing and fraud reporting;
- biannual oversight and monitoring of the group's compliance with the Bribery Act which the board reviews annually;
- overseeing and approving the strategic internal audit planning approach and reviewing reports on the work of the internal audit function from the head of audit and risk. A new system of grading for internal audit reports was introduced during the year;
- reviewing the quality and effectiveness of internal audit; and
- reviewing the committee's terms of reference and the conclusions of the committee's annual evaluation. The internally facilitated evaluation was undertaken as part of the overall board evaluation (see Effectiveness). The review explored: time management and the composition of the committee; the committee's processes and support; and the agenda and work of the committee. It was concluded that the committee continued to be effective.
How we assessed whether 'the annual report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the company's position and performance, business model and strategy'
The committee, further to the board's request, has reviewed the annual report and financial statements with the intention of providing advice to the board on whether, as required by the Code, 'the annual report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the company's position and performance, business model and strategy'.
To make this assessment, the committee received copies of the annual report and financial statements to review during the drafting process to ensure that the key messages being followed in the annual report were aligned with the company's position, performance and strategy being pursued and that the narrative sections of the annual report were consistent with the financial statements. The significant issues considered by the committee in relation to the financial statements were consistent with those identified by the external auditor in their report on the Independent auditor's report to the members of United Utilities Group PLC only.
The committee concluded that the key performance indicators (KPIs) included in the strategic report (see Our key performance indicators (KPIs)) were, amongst others, those used by management and reflected the measures to be monitored by Ofwat during the 2015-20 period.
In addition, the committee was satisfied that all the key events and issues which had been reported to the board in the CEO's monthly report during the year, both good and bad, had been adequately referenced or reflected within the annual report.
How we assessed the effectiveness of the external audit process
The committee, on behalf of the board, is responsible for the relationship with the external auditor, and part of that role is to examine the effectiveness of the audit process.
Audit quality is a key requirement. Prior to the statutory audit, at the half-year, KPMG presented the strategy and scope of the audit for the financial year, highlighting any areas requiring special consideration. KPMG then reported against this audit scope at subsequent committee meetings.
On completion of the audit at the full-year, all members of the committee, as well as key members of the senior management team and those who regularly provide input into the audit committee or have regular contact with the auditor, were required to complete a questionnaire seeking their views on how well KPMG performed the year-end audit. Views of the respondents were sought in respect of: the robustness of the audit process; the quality of the delivery of the audit; the expertise of the audit team conducting the audit and that the degree of professional scepticism applied by the auditor was appropriate; the appropriateness of the communication between the committee and the auditor in terms of technical issues; the quality of the service they gave; and their views on the quality of the interaction between the audit partner, the audit director and the company. The feedback was collated and presented to the committee's meeting in November 2016, at which the conclusions were discussed and any opportunities for improvement brought to the attention of the external auditor. During the year, the FRC also undertook a review of certain aspects of KPMG's audit of United Utilities Group PLC for the year ended 31 March 2016. We have discussed the review findings with the FRC, enabling the Committee to challenge KPMG robustly in relation to the points raised, and satisfy itself that KPMG had taken appropriate action to enhance the quality of the audit process for the 2017 financial year.
Private meetings are held at each committee meeting between the audit committee and the representatives of the external auditor without management being present in order to encourage open and transparent feedback by both parties.
Notwithstanding the points raised by the FRC in relation to KPMG's audit of the 2016 annual report, the committee concluded that the overall external audit process and services provided by KPMG were satisfactory and effective.
How we assessed the independence of our external auditor
There are two aspects to auditor independence that the committee monitors.
First, in accordance with the Auditing Practices Board's Ethical Standards, KPMG has to implement rules and requirements such that none of its employees working on our audit can hold any shares in United Utilities Group PLC. KPMG is also required to tell us about any significant facts and matters that may reasonably be thought to have an impact on its independence or on the objectivity of the lead partner and the audit team. The lead partner must change every five years and the quality review partner, who reviews the judgements of the audit team actually doing the audit, rotates every seven years along with other partners and staff in senior positions involved in the engagement.
Secondly, the committee considers and approves all the fees that it pays for audit, audit-related and non-audit services from KPMG. KPMG is prohibited from providing certain services to the group, such as operational consulting, internal audit services and strategic planning support, as it is felt that these types of services could impede their independence. Furthermore, auditor independence is also safeguarded by limiting the value of non-audit services performed by the external auditor, which should not ordinarily exceed 100 per cent of the audit fee. The committee has discretion in exceptional circumstances, or where a compelling commercial justification can be provided, for this cap on non-audit fees to be exceeded. The CFO could pre-approve expenditure in respect of non-audit services, such as tax compliance work, of up to £100,000. Thereafter, any fees for non-audit services up to 100 per cent of the audit fee cap could be approved by the committee chair. Any such fees are reported to the committee for review. These arrangements were in place until 31 March 2017.
The EU Audit Directive (2014/56/EU) and Audit Regulation (537/2014) (the Regulation) came into force in the UK on 17 June 2016 and applies to audits for financial years beginning on or after that date. Guidance was issued under the FRC's Revised Ethical Standards 2016 (FRC's Ethical Standards), which prohibit the statutory auditor from providing certain non-audit services to public interest entities (i.e. United Utilities Group PLC) as such services could impede their independence. Historically, the group has engaged Makinson Cowell (a subsidiary of KPMG) to provide it with investor relations services. With effect from 1 April 2017 such services were regarded as prohibited in accordance with the Regulation. As a result, with effect from 1 April 2017, Makinson Cowell no longer provided investor relations services to the group; a tender process was conducted appointing an alternative supplier. In response to the EU Audit Directive and Audit Regulation, the FRC's Ethical Standards have clarified that in the future non-audit services will be subject to a fee cap of no more than 70 per cent of the average annual statutory audit fee for the three consecutive financial periods preceding the financial period in which the cap will apply. The cap will first apply for the group in the year ending 31 March 2021 and, as such, the year ending 31 March 2018 will be the first year of the initial three-year rolling period over which the annual statutory audit fee will be measured for this purpose. The committee has therefore revised its non-audit services policy incorporating the 70 per cent fee cap as described above with effect from 1 April 2017. Furthermore, a limit of £10,000 will be applied for individual items that the CFO can approve, with individual items in excess of £10,000 requiring the approval of the committee.
As part of UUW's licence conditions it is required to prepare audited regulatory accounts, which are derived from its statutory financial statements. The licence stipulates that these regulatory accounts are required to be audited by the appointed statutory auditor and, as such, regulatory audit services will not form part of the non-audit services subject to the 70 per cent cap.
Fees paid to KPMG also include non-audit services in relation to UUW regulatory assurance work that is separate to the regulatory audit. Fees for non-audit services are shown in the bar chart on below.
Taking into account our findings in relation to the effectiveness of the audit process and in relation to the independence of KPMG, the committee was satisfied that KPMG continues to be independent, and free from any conflicting interest with the group. As a result, the committee recommended to the board that KPMG be proposed for reappointment at the forthcoming AGM in July 2017. There are no contractual obligations that restrict the committee's choice of external auditor and no auditor liability agreement has been entered into.
Statutory audit - group and company
Statutory audit - subsidiaries
Regulatory audit services provided by the statutory auditor
Other non-audit services
- Prior year comparatives in the above table have been re-presented to reflect the classification of services provided by the auditor that will be adopted prospectively in accordance with the audit committee's policy.
Both the Code and the Competition and Market Authority's Statutory Audit Services Order (the Order)* cites the responsibility for the process and implementation of auditor appointment to rest with the audit committee. The Order requires that FTSE 350 companies should put the external audit contract out to competitive tender at least every 10 years. The Order promotes audit tendering every five years through a 'comply or explain' requirement with mandatory tendering after 10 years. Further legislation has been enacted by The Statutory Auditors and Third Country Auditors Regulations 2016, which overlaps the Code and the Order and requires mandatory tendering every 10 years and a 20-year maximum term of engagement.
The Order requires that a company that has not competitively tendered its audit services contract in the previous five years, should explain in the fifth (and subsequent years) why this is in the best interests of the company's shareholders. KPMG commenced their appointment as auditor and presented their first report to shareholders for the year ended 31 March 2012, following a tender process for statutory audit services in 2011. The audit committee last undertook an audit tender review in September 2015. The committee took into consideration, amongst other things, audit quality, auditor independence, the cost of the audit and the likely cost and time involved in a tender process. It also reviewed when the most appropriate point in the regulatory cycle would be to conduct an audit tender, given the benefits of having an experienced audit team in place in the run-up to the next price determination in 2019. The committee's audit tender review concluded that the quality of the audit received from KPMG was satisfactory and that KPMG demonstrated an independent approach and operated in accordance with the Ethical Standards of the Auditing Practices Board ('APB ethical standards'). In accordance with APB ethical standards, the lead audit partner must change every five years; the lead audit partner has indeed been replaced for these 2016/17 financial statements. Bill Meredith, the new lead audit partner, has considerable audit experience of other FTSE 100 utility companies. In September 2015, the committee also agreed that the fee charged for auditing services was competitive and represented value for money, and that it would not be efficient use of the committee's time, nor associated cost to the company, to conduct a tender process for the audit services contract.
The 2017 year end audit has been KPMG's sixth consecutive year in office as statutory auditor. As determined by the September 2015 audit tender review, the committee next intends to undertake a competitive tender, most probably during 2020, for statutory audit services for the financial year ended 31 March 2022. United Utilities has complied fully with the provisions of the Order for the year ended 31 March 2017.
* The Statutory Audit Services for Large Companies Market Investigation (Mandatory Use of Competitive Tender Processes and Audit Committee Responsibilities) Order 2014.
Significant issues considered by the committee in relation to the financial statements and how these were addressed
In relation to the group's financial statements, the committee reviewed the following principal areas of judgement (as noted in the accounting policies):
Capitalisation of fixed assets
Fixed assets represent a subjective area, particularly in relation to costs permitted for capitalisation and depreciation policy.
- In considering the work performed by KPMG during the year in this area, the committee assessed the reasonableness of the group's capitalisation policy and the basis on which expenditure is determined to relate to the enhancement or maintenance of assets. These were both determined to be appropriate
- The committee also reviewed the recovery of the capital overhead rate which management has applied during the year and which the committee had approved in the year ended 31 March 2015 for the five-year regulatory period ending 31 March 2020. The committee concluded that the rate still remained appropriate
Revenue recognition and allowance for doubtful receivables
Due to the nature of the group's business, the extent to which revenue is recognised and doubtful customer debts are provided against is an area of considerable judgement and estimation.
- The committee reviewed the current levels of doubtful debt and credit note provisioning (see note 15 for more detail). The committee challenged management over the adequacy of the overall levels of provisioning following these reviews and were satisfied that the resulting net debtor balance was appropriate
The group's defined benefit retirement schemes are an area of considerable judgement, the performance and position of which is sensitive to the assumptions made.
- The committee sought from management an understanding as to the factors which led to the significant decrease in the IAS 19 net retirement benefit surplus during the period and noted that the scheme specific funding basis had not been impacted by this volatility. Management presented an explanatory note (see note A5) in order to communicate most effectively what is a complex area for the benefit of the group's stakeholders. The committee was satisfied with the explanations provided by management and following a review of the explanatory note approved its inclusion in the financial statements
- The committee reviewed the methodology and assumptions used in calculating the defined benefit scheme surplus (see note A5 for more details). The group employs the services of an external actuary to perform these calculations and determine the appropriate assumptions to make. KPMG presented a report showing how the assumptions applied compared to their client base. After considering the above, the committee concluded that the approach taken and assumptions made were appropriate and fairly balanced in determining the net retirement benefit surplus
Provisions and contingencies
The group makes provisions for contractual and legal claims which, by their nature, are subjective and require management to arrive at a best estimate as to the probable outcomes and costs associated with each individual case.
- The committee received regular updates on new and existing claims being made against the group and the extent to which these have been provided for (see note 20 for details). The committee focused their attention on the more significant items and discussed the judgements made by management in arriving at appropriate provisions in relation to these matters
- Based on the facts behind each provision and taking account of any relevant legal advice that may have been received as well as the past experience of management in making such provisions and challenging where necessary the views taken by management and through the assurance provided by KPMG who cover these as part of their audit, the committee concluded that the provisions management had made were appropriate
Derivative financial instruments
The group has a significant value of swap instruments, the valuation of which is based on models which require certain judgements and assumptions to be made. Management performs periodic checks to ensure that the model derived valuations agree back to third party valuations and KPMG check a sample against their own valuation models. It was confirmed to the committee that such testing had been undertaken during the year and there were no significant issues identified.
The committee considered the tax risks that the group faces and the key judgements made by management underpinning the provisions for potential tax liabilities and deferred tax assets. In addition, the committee took account of KPMG's assessment of these provisions. Based on the above, the committee was satisfied with the judgements made by management.
Underlying operating profit adjustments
During the year, the committee considered and challenged management's treatment of items as adjustments to underlying operating profit and satisfied itself that those items being reported as adjustments met the requirements of the group's policy.
Interactions with the Financial Reporting Council (FRC)
During the year, the FRC undertook a review of the United Utilities Group PLC annual report and accounts for the year ended 31 March 2016, which resulted principally in queries relating to disclosures. These queries were all resolved to the FRC's satisfaction. To provide greater clarity the group has provided enhanced, voluntary disclosures on these and other matters in this year's financial statements. The review has subsequently been closed. The FRC noted that their review did not provide assurance that the 2016 annual report and accounts is materially correct as their role is not to verify the information included therein but rather to consider compliance with reporting requirements and stimulate improvements in the quality of corporate reporting.
During the year, the FRC also undertook a review of certain aspects of KPMG's audit of United Utilities Group PLC for the year ended 31 March 2016. We have discussed the review findings with the FRC, enabling the Committee to challenge KPMG robustly in relation to the points raised, and satisfy itself that KPMG had taken appropriate action to enhance the quality of their audit process for the 2017 financial year.
The main features of the group's internal controls and risk management systems are summarised below:
a. Internal audit function
The internal audit function is a key element of the group's corporate governance framework. Its role is to provide independent and objective assurance, advice and insight on governance, risk management and internal control to the audit committee, the board and to senior management. It supports the organisation's vision and objectives by evaluating and assessing the effectiveness of risk management systems, business processes and key internal controls.
In addition to reviewing the effectiveness of these areas and reporting on aspects of the group's compliance with them, internal audit makes recommendations to address any key issues and improve processes. Once any recommendations are agreed with management, it monitors their implementation and reports to the committee on progress made at every meeting.
A five-year strategic audit planning approach is applied. This facilitates an efficient deployment of internal audit resource in providing assurance coverage over time across the whole business, as well as greater variation in the nature, depth and breadth of audit activities. This strategic approach supports the annual audit plan, which is then endorsed by management, and which the committee also approves. The plan focuses the team's work on those areas of greatest risk to the business. Building on the strategic planning approach, the development of the plan considers risk assessments, issues raised by management, prior audit findings and the cyclical review programme. The in-house team is expanded as and when required with additional resource and skills sourced from external providers – primarily PwC at present. The committee keeps the relationship with PwC under review to ensure the independence of the internal audit function is maintained. In the course of its work, the internal audit function also liaises with the statutory auditor, discussing relevant aspects of their respective activities which ultimately supports the assurance provided to the audit committee and board.
b. Assessing the effectiveness of the internal audit function
The effectiveness of the internal audit function's work is continually monitored using a variety of inputs including the ongoing audit reports received, the audit committee's interaction with the head of audit and risk, an annual review of the department's internal quality assurance report, annual stakeholder surveys in which committee members also participate as well as any other periodic quality reporting requested. In addition, during 2015, the quality and effectiveness of the internal audit function was externally assessed. Taking all these elements into account, the committee concluded that the internal audit function was effective and appropriate resources were available as required.
Internal audit, led by the head of audit and risk, covers the whole of the group's activities and reports to the committee and functionally to the CFO. The head of audit and risk attends all scheduled meetings of the audit committee, and has the opportunity to raise any matters with the members of the committee at these meetings without the presence of management. He is also in regular contact with the chair of the committee outside of the committee meetings.
c. Risk management systems
The committee receives updates and reports from the head of audit and risk on activities relating to the company's risk management systems and processes at every meeting. These are then reported to the board, as appropriate. The group designs its risk management activities in order to manage rather than eliminate the risk of failure to achieve its strategic objectives.
The CFO has executive responsibility for risk management and is supported in this role by the head of audit and risk and the corporate risk manager and his team. The group audit and risk board (GARB) is a sub-committee of the executive team. The GARB meets quarterly and reviews the governance processes and the effectiveness and performance of these processes along with the identification of emerging trends and themes within and across the business. The work of the GARB then feeds into the information and assurance processes of the audit committee and into the board's assessment of risk exposures and the strategies to manage these risks.
Supplementing the more detailed ongoing risk management activities within each business area, the biannual business unit risk assessment process (BURA) seeks to identify how well risk management is embedded across the different teams in the business. The BURA involves a high level review of the effectiveness of the controls that each business unit has in place to mitigate risks relating to activities in their business area, to encourage the identification of new and emerging risks and generally to facilitate improvements in the way risks are managed. The outcome of the BURA process is communicated to the executive team and the board. This then forms the basis of the determination of the most significant risks that the company faces which are then reviewed by the board. The group utilises risk management software to underpin the company's risk management process. A new risk management assurance model was implemented during the year. This annual assurance process allows the objective appraisal and degree of maturity in how the risk management system is being applied and the quality of each risk in terms of quantification and management. Resulting actions will be monitored and the results reported to the GARB.
An external assessment of the risk management process took place in 2015/16; this was sought as part of the internal investigation of the Lancashire water quality incident. This examined whether the existing risk management framework was effective in identifying and assessing risk; whether employees (as appropriate) have the necessary capabilities, knowledge and resource to use risk management processes effectively and whether the mitigation and management of risk at a strategic and tactical level were effective.
The independent review concluded that the risk management framework was robust and reflected best practice and that there was active engagement with risk management by senior management, the executive team and the board, but it could be strengthened. Following this assessment, the board took responsibility for ensuring that the recommendations were implemented including: the need for better coordination of drinking water safety plans to aid consistency; improved application by some business units of the risk management process; further embedding existing risk management processes within wholesale and improving system integration; and increasing the focus on reputational and operational risks. As reported on Code principles continued, all actions have either been completed or were on target to be completed by their forecast completion date.
d. Internal controls
The committee reviews the group's internal control systems and receives updates on the findings of internal audit's investigations at every meeting, prior to reporting any significant matters to the board. Internal control systems are part of our 'business as usual' activities and are documented in the company's internal control manual which covers financial, operational and compliance controls and processes. Internal control systems are the responsibility of the CFO, with the support of the GARB, the financial control team and the internal audit team, although the head of audit and risk and his team are directly accountable to the audit committee.
Confirmation that the controls and processes are being adhered to throughout the business is the responsibility of managers, but is continually tested by the work of the internal audit team as part of its annual plan of work which the committee approves each year as well as aspects being tested by other internal assurance providers. Compliance with the internal control system is monitored annually by the completion of a self-assessment checklist by senior managers in consultation with their teams. The results are then reviewed and audited on a sample basis by the internal audit team and reported to the committee.