The Federation of European Risk Management Associations (FERMA) and the European Confederation of Institutes of Internal Auditing (ECIIA) have responded to increased EU requirements for more corporate transparency with a new joint guidance document on the 8th Company Law Directive launched at the FERMA Seminar held end of October 2014.
Audit and risk committees are on the frontline of the transparency rules enacted by the EU over the last five years. The new guidance document “Audit and Risk Committees: News from EU Legislation and Best Practices” examines specifically how these committees should support their board and be supported by the two professions: risk managers and internal auditors.
The Guidance identifies 10 possible responsibilities to share between audit and risk committees and is meant to help boards of companies and the chairmen of audit and risk committees to handle the increased EU requirements on financial and non-financial transparency.
“Overall, the burden for audit committees is increasing and the knowledge requirements of their members is expanding” explained FERMA President Julia Graham. “Even if some EU countries already have reporting requirements that go beyond what the EU is now imposing, there is a clear constraint on the time and resources on audit and risk committees when they set their agenda. The support of risk managers and internal auditors has become more relevant than ever to ensure a meaningful and qualitative reporting.”
To facilitate the implementation of the more recent Directive on non-financial reporting adopted by the Council of the EU on 29 September 2014, the European legislators have required the European Commission to adopt guidelines within the next two years on a methodology for reporting non-financial information. “Therefore, in addition to informing the board and senior executives about the best practices and the latest developments, our guidance is also meant to be a first step to start a positive dialogue with the Commission to build these guidelines,” said Julia.
The joint working group from FERMA and ECIIA which prepared the guidance makes a clearer distinction between roles of the audit and risk committees and provides an overview of responsibilities falling under each committee.
Thijs Smit, ECIIA President added:“In this changing environment where regulatory and business burdens are increasing, it is important for each organization to set up an efficient and integrated corporate governance model. This guidance clarifies the role of each actor of the governance and should help all the members of risk committees and audit committees.”
The guidance states that the role and responsibility of each committee must be well defined in order to avoid overlap and ensure that the coverage of risk is comprehensive.
This is also a call to European authorities to better take into account the internal functions like risk management and internal audit as essential supports for the audit and risk committees. The three lines of defence model is still considered to be the most efficient way to organise risk management and control functions.
“It is vital that the ‘3 lines of defense’ model is effectively implemented and risk management as well as internal audit activity efficiently coordinated.” commented Thijs Smit.
In preparing the guidance, the working group sought views from the chairs of four European audit and risk committees from various business sectors not just on the challenges coming from the regulatory environment but also interactions with other functions within their organisations.