ACCOUNTABILITY
Principle:
10 The Board should present a balanced and understandable assessment of the company's performance, position and prospects.
Guidelines:
10.1 The Board's responsibility to provide a balanced and understandable assessment of the company's performance, position and prospects extends to interim and other price sensitive public reports, and reports to regulators [if required].
10.2 The Board should take adequate steps to ensure compliance with legislative and regulatory requirements, including requirements under the listing rules of the securities exchange, for instance, by establishing written policies where appropriate.
10.3 Management should provide all members of the Board with management accounts and such explanation and information on a monthly basis and as the Board may require from time to time to enable the Board to make a balanced and informed assessment of the company's performance, position and prospects.
RISK MANAGEMENT AND INTERNAL CONTROLS
Principle:
11 The Board is responsible for the governance of risk. The Board should ensure that Management maintains a sound system of risk management and internal controls to safeguard shareholders' interests and the company's assets,and should determine the nature and extent of the significant risks which the Board is willing to take in achieving its strategic objectives.
Guidelines:
11.1 The Board should determine the company's levels of risk tolerance and risk policies, and oversee Management in the design, implementation and monitoring of the risk management and internal control systems.
11.2 The Board should, at least annually, review the adequacy and effectiveness of the company's risk management and internal control systems, including financial, operational, compliance and information technology controls. Such review can be carried out internally or with the assistance of any competent third parties.
11.3 The Board should comment on the adequacy and effectiveness of the internal controls, including financial, operational, compliance and information technology controls, and risk management systems, in the company's Annual Report. The Board's commentary should include information needed by stakeholders to make an informed assessment of the company's internal control and risk management systems.
The Board should also comment in the company's Annual Report on whether it has received assurance from the CEO and the CFO:
[a] that the financial records have been properly maintained and the financial statements give a true and fair view of the company's operations and finances; and
[b] regarding the effectiveness of the company's risk management and internal control systems.
11.4 The Board may establish a separate board risk committee or otherwise assess appropriate means to assist it in carrying out its responsibility of overseeing the company's risk management framework and policies.
AUDIT COMMITTEE
Principle:
12 The Board should establish an Audit Committee ["AC"] with written terms of reference which clearly set out its authority and duties.9
Guidelines:
12.1 The AC should comprise at least three directors, the majority of whom, including the AC Chairman, should be independent. All of the members of the AC should be non-executive directors. The Board should disclose in the company's Annual Report the names of the members of the AC and the key terms of reference of the AC, explaining its role and the authority delegated to it by the Board.
12.2 The Board should ensure that the members of the AC are appropriately qualified to discharge their responsibilities. At least two members, including the AC Chairman, should have recent and relevant accounting or related financial management expertise or experience, as the Board interprets such qualification in its business judgement.
12.3 The AC should have explicit authority to investigate any matter within its terms of reference, full access to and co-operation by Management and full discretion to invite any director or executive officer to attend its meetings, and reasonable resources to enable it to discharge its functions properly.
12.4 The duties of the AC should include:
[a] reviewing the significant financial reporting issues and judgements so as to ensure the integrity of the financial statements of the company and any announcements relating to the company's financial performance;
[b] reviewing and reporting to the Board at least annually the adequacy and effectiveness of the company's internal controls, including financial, operational, compliance and information technology controls [such review can be carried out internally or with the assistance of any competent third parties];
[c] reviewing the effectiveness of the company's internal audit function;
[d] reviewing the scope and results of the external audit, and the independence and objectivity of the external auditors; and
[e] making recommendations to the Board on the proposals to the shareholders on the appointment, re-appointment and removal of the external auditors, and approving the remuneration and terms of engagement of the external auditors.
12.5 The AC should meet [a] with the external auditors, and [b] with the internal auditors, in each case without the presence of Management, at least annually.
12.6 The AC should review the independence of the external auditors annually and should state [a] the aggregate amount of fees paid to the external auditors for that financial year, and [b] a breakdown of the fees paid in total for audit and non-audit services respectively, or an appropriate negative statement, in the company's Annual Report. Where the external auditors also supply a substantial volume of non-audit services to the company, the AC should keep the nature and extent of such services under review, seeking to maintain objectivity.
12.7 The AC should review the policy and arrangements by which staff of the company and any other persons may, in confidence, raise concerns about possible improprieties in matters of financial reporting or other matters. The AC's objective should be to ensure that arrangements are in place for such concerns to be raised and independently investigated, and for appropriate follow-up action to be taken. The existence of a whistle-blowing policy should be disclosed in the company's Annual Report, and procedures for raising such concerns should be publicly disclosed as appropriate.
12.8 The Board should disclose a summary of all the AC's activities in the company's Annual Report. The Board should also disclose in the company's Annual Report measures taken by the AC members to keep abreast of changes to accounting standards and issues which have a direct impact on financial statements.
12.9 A former partner or director of the company's existing auditing firm or auditing corporation should not act as a member of the company's AC: [a] within a period of 12 months commencing on the date of his ceasing to be a partner of the auditing firm or director of the auditing corporation; and in any case [b] for as long as he has any financial interest in the auditing firm or auditing corporation.
INTERNAL AUDIT
Principle:
13 The company should establish an effective internal audit function that is adequately resourced and independent of the activities it audits.
Guidelines:
13.1 The Internal Auditor's primary line of reporting should be to the AC Chairman although the Internal Auditor would also report administratively to the CEO. The AC approves the hiring, removal, evaluation and compensation of the head of the internal audit function, or the accounting / auditing firm or corporation to which the internal audit function is outsourced. The Internal Auditor should have unfettered access to all the company's documents, records, properties and personnel, including access to the AC.
13.2 The AC should ensure that the internal audit function is adequately resourced and has appropriate standing within the company. For the avoidance of doubt, the internal audit function can be in-house, outsourced to a reputable accounting/auditing firm or corporation, or performed by a major shareholder, holding company or controlling enterprise with an internal audit staff.
13.3 The internal audit function should be staffed with persons with the relevant qualifications and experience.
13.4 The Internal Auditor should carry out its function according to the standards set by nationally or internationally recognised professional bodies including the Standards for the Professional Practice of Internal Auditing set by The Institute of Internal Auditors.
13.5 The AC should, at least annually, review the adequacy and effectiveness of the internal audit function.
9 The Board may wish to refer to the sample terms of reference contained in the Guidebook for Audit Committees in Singapore issued by the Audit Committee Guidance Committee which was established on 15 January 2008 by the Monetary Authority of Singapore, the Accounting and Corporate Regulatory Authority and Singapore Exchange Limited to develop practical guidance for audit committees of listed companies.