Our business
Our performance
Governance review
Other
The Group’s Audit, Risk and Compliance Committee (‘ARC Committee’) operates within a Board approved mandate and terms of reference. In line with the Companies Act of 2008, as amended, the members of the Committee were appointed at the annual general meeting that was held on Thursday 17 July 2015.
The ARC Committee’s responsibilities include the following:
The Chief Executive Officer and Chief Financial Officer, as well as the head of internal audit, the Chief Risk Officer and the external auditors, attend ARC Committee meetings by invitation. The primary role of the ARC Committee is to ensure the integrity of the financial reporting and the audit process and that a sound risk management and internal control system is maintained. In pursuing these objectives the ARC Committee oversees relations with the external auditors and reviews the effectiveness of the internal audit function.
The internal and external auditors have unlimited access to the Chairman of the ARC Committee. The internal audit department reports directly to the ARC Committee and is also responsible to the Chief Financial Officer on day-to-day administrative matters.
Four ARC Committee meetings and one teleconference are scheduled per financial year. Additional Committee meetings may be convened when necessary. One special meeting was held during the current year.
Attendance for the year ended March 2016 was as follows:
Name of director | 11.5.2015 | 29.5.2015 Telecon |
2.6.2015 Special |
4.9.2015 | 3.11.2015 | 8.3.2016 | 17.3.2016 Telecon |
|
DH Brown | ||||||||
BP Mabelane | ||||||||
PJ Moleketi |
The ARC Committee discharged all of those functions delegated to it in terms of its mandate, section 94(7) of the Companies Act of 2008, as amended, (‘the Act’) and the JSE Listings Requirements as listed below:
Internal controls comprise systematic measures, policies, procedures and business rules adopted by management to provide reasonable assurance in safeguarding assets, prevention and detection of error, accuracy and completeness of accounting records, and reliability of annual financial statements of all entities within the Group. In addition, Vodafone Group Plc (‘Vodafone’) is required to comply with Section 404 of the Sarbanes-Oxley Act (‘SOX’) due to its listing on the NASDAQ stock exchange. With combined efforts between the Group and Vodafone, specific processes were identified that had to be brought in line with SOX requirements as part of the Group’s South African SOX compliance efforts.
During the year, management revisited the accounting judgements applied in accounting for finance deals, which resulted in the restatement of certain lines in the consolidated annual financial statements (Note 21). Management has adequately responded to the restatement and with the exception of the aforementioned, concluded that the internal controls over financial reporting as at 31 March 2016 were effective
The internal audit function is governed by the internal audit charter, as approved by the ARC Committee. The internal audit function serves management and the Board by performing independent evaluations of the adequacy and effectiveness of the Group’s internal controls, financial reporting mechanisms and records, information systems and operations.
Reviews of the Group’s risk management, enterprise risk management programmes, business continuity and forensic services are performed by the Group’s Risk Management Committee which reports to the ARC Committee through the Chief Risk Officer. Critical and high strategic risks which are ranked in relation to a scale from catastrophic to negligible, are presented annually to the ARC Committee and are then reported to and considered by the Board. Further details of the Group’s key risks are reported in the risk management report included in Vodacom’s Integrated Report and online at www.vodacom.com.
From 1 April 2015 to 31 March 2016, the Group’s forensic services department investigated over 6 344 cases of which 5 983 related to external cases and 361 to internal cases. These cases were reported through various channels, including direct reports received from customers, service providers, online reports, referrals from business and external whistle blowing. Over the same period, 51 reports were received via the whistle blowing line.
The integrated assurance model aims to optimise the assurance coverage attained from management (first line of defence), internal assurance providers (second line of defence) and independent assurance providers (third line of defence) in mitigating the risk areas affecting the Group. The Group has adopted an integrated assurance model which identifies the key risk areas affecting the Group, and maps the level of assurance being provided by the different lines of defence to mitigate these risks.
In accordance with King III requirements, the ARC Committee has concluded that the finance function is adequately resourced with technically competent individuals, and that it is effective.
In alignment with King III, the ARC Committee has satisfied itself that the following areas have been appropriately addressed:
The ARC Committee confirms that it is satisfied that Dr. phil. T Streichert, the current Chief Financial Officer, possesses the appropriate expertise and experience to meet the responsibilities of this position.
Per the Group’s policy for non-audit services, the external auditors may only be considered as a supplier for such service where:
The total amount of fees earned during the year by the external auditors in respect of non-audit services was R626 642.
The ARC Committee has overseen the integrated reporting process, reviewed the report and has recommended the 2016 Integrated Report and consolidated Annual Financial Statements for approval by the Board on 3 June 2016.
DH Brown
Chairman
Audit, Risk and Compliance Committee