The main purpose of the EAC is to review and maintain oversight of the BBC's corporate governance, particularly with respect to financial reporting, internal control and risk management.
The EAC comprises three non-executive directors, of whom one must have recent and relevant financial experience. The members are:
The EAC considers that Simon Burke has significant, recent and relevant financial experience. When appropriate, the EAC augments the skills and experiences of its members with advice from internal and external audit professionals – for example on matters such as developments in financial reporting.
EAC meetings are also attended by the Director-General, the Chief Financial Officer, the Director of Risk and Assurance and representatives from internal audit, risk management and external auditors KPMG LLP. The EAC also meets privately, without any member of management present, with both internal audit and the external auditors on a regular basis.
Minutes from EAC meetings are made available to the Executive Board and to the BBC Trust. Additionally the Chairman of the EAC reports back to the Board after each meeting of the EAC on any issues where action or improvement is required. The EAC Chairman also produces a formal report to the Board each year.
The EAC met four times in 2011/12. The key areas of focus were:
Internal controls: The EAC reviewed the effectiveness of the system of internal controls, taking account of the findings from internal and external audit reports. The EAC sought assurance from management that control issues identified are being addressed.
Financial reporting: The EAC reviewed the group financial statements. To assist this review the EAC considered reports from management and from the external auditors regarding compliance with accounting standards, key judgements made in preparation of the financial statements and compliance with legal and regulatory requirements.
Risk management: The EAC considered the processes for managing significant risks within the BBC, including a presentation from management on how the BBC seeks to minimise risk and maximise value from its UK property portfolio. The EAC considered enhancements made by management to the processes for managing significant risks within the BBC.
Fraud detection processes and whistle-blowing arrangements: The EAC reviewed these processes and arrangements.
Internal Audit workplan: The EAC continued to oversee the work of Internal Audit. The EAC approved the plan of work for the coming year including specific assurance work on the BBC's transformation programme.
Management of key projects: The EAC reviewed the controls in place to ensure that the portfolio of key projects is managed effectively. The EAC considered the role of the BBC's programme management office which provides a dual role of delivery assurance and capability development.
Investigative journalism payments: The EAC requested a review of all payments made for purposes of investigative journalism. The results from this review were submitted as part of the BBC's evidence to the Leveson Inquiry.
Post-investment reviews: The EAC considered post-investment reviews for major investments.
Relationship with external auditors: The EAC oversaw the relationship with the external auditors, including the scope and approach to their work, their fees, their performance and independence (including the approval and compliance with policy on non-audit work).
The Executive Board is responsible for the operational management of the BBC (excluding the Trust Unit). This includes safeguarding its assets and achieving value for money by ensuring there is a process in place for managing significant risk issues to the BBC.
The Executive Board is responsible for establishing, maintaining and reviewing the effectiveness of the BBC's system of internal control and for ensuring that necessary actions are taken to remedy any significant failings or weaknesses identified. Such systems can only provide reasonable and not absolute assurance against material mis-statement or loss. Our system of control is designed to manage (rather than eliminate) the risk of failure to achieve business objectives and to provide reasonable assurance that assets are safeguarded, transactions are appropriately authorised and material errors or irregularities are either prevented or detected on a timely basis.
Key elements of our system of internal control include:
Risk identification and management: The Executive Board co-ordinates and monitors risk management activity within the BBC. Our process for identifying, evaluating and managing significant risks to the BBC, which accords with the Turnbull guidance (Internal Control: Guidance to Directors), has been in place for the year ended 31 March 2012 and up to the date of approval of this BBC Annual Report and Accounts. The key elements of risk management and oversight activity within the BBC are shown in Governance: Risks and Opportunities.
Risk management and oversight processes
Strategy and financial reporting: The Executive Board approve a business plan that aims to deliver the Trust-approved BBC strategy. Comprehensive monthly, quarterly and annual reporting processes, both within business groups and up to the Executive Board, include financial monitoring against plan, regular re-forecasting, analysis of variances and performance reviews tracking achievements against business plan and strategy.
Business policies: Formal policies and procedures are in place for all material business processes to ensure compliance with all applicable laws and regulations, that risks are managed and that timely, relevant and reliable information is available across the business.
Cash management: The BBC undertakes regular treasury and cash reporting, which analyses funding requirements and liquidity. Authorisation procedures: Clearly stated formal authorisation limits and processes cover all financial transactions.
Staff capability: Processes are in place to ensure that our staff are professional and competent. These include recruitment policies, performance appraisals and development programmes.
Internal Audit, Risk Management and Investigation Services combine to form our Business Assurance function, which is led by the Director of Risk and Assurance. Internal Audit's authority and independence is assured by the Director of Risk and Assurance's independent and direct access to the Director-General and to the EAC.
Internal Audit regularly tests the BBC's control systems and core business processes to ensure they are fit for purpose and consistently applied. The work plan, which is based on a continuing assessment of key risks, is agreed annually with the EAC and covers financial, operational and compliance controls, including the exercise of the BBC's right of audit over external suppliers such as the independent production companies and service providers. Any significant control failings or weaknesses identified are reported to appropriate levels of management. The status of corrective actions is reported back to the EAC.
We comply with the Corporate Governance Code guidance on maintaining an appropriate relationship with external auditors. The BBC appointed KPMG LLP as external auditors during 2008, after a formal tender process.
The EAC has set a clear policy which defines the threshold above which proposed non-audit work to be carried out by KPMG LLP must be approved in advance by the EAC. It also defines when it must be submitted for competitive tender. This is to safeguard and support the external auditors' ability to remain impartial and objective. KPMG is not considered for work which might compromise its ability to give independent opinion on the BBC's financial statements. Recruitment from KPMG into any senior management position in the BBC requires the prior approval of the EAC.
We have a 'whistle-blowing' (protected disclosure) policy to facilitate the confidential communication via a number of routes of any incident in which there is a suspicion that the BBC's codes have been breached. We recognise that there could be sensitivities regarding actual or suspected incidents and so we provide a ‘whistle-blowing' hotline administered by an independent external company to ensure anonymity.
Each incident or suspicion reported is independently investigated in a confidential manner, a response is communicated and action taken as appropriate. The EAC is responsible for ensuring that there are appropriate arrangements in place for the proportionate investigation of matters reported and for appropriate follow-up action.
The past year has, as expected, been one of significant challenge for the BBC. In its Delivering Quality First programme, the BBC is endeavouring to reduce further its operating cost base whilst substantially maintaining the scope, and improving the quality, of its broadcast output. This requires not just imagination and relentless focus, but also the development of new ways of working across many parts of the Corporation.
At times like this, the Executive Audit Committee (EAC) has an important role in supporting the process, but also in ensuring that it is well governed and executed, as well as providing the Board with regular assurance that the financial targets are on course to be achieved. We have therefore invested much time in Delivering Quality First this year, and will continue to do so as the programme unfolds. In addition, however, we have addressed some other important issues. We reviewed the BBC's controls over key capital projects, initiated an overhaul of the risk assessment process, considered aspects of the management of the property portfolio, and worked to accelerate the implementation of internal audit recommendations. We also carried out a special investigation of payments made in connection with investigative journalism, the results of which formed part of the BBC's submission to the Leveson Inquiry.
Alongside this, we continued our regular activity, taking a close interest in the findings of the BBC's Internal Audit department, requesting follow-up work where appropriate, and approving its work plan for the coming year. We reviewed the BBC's financial reporting and we meet regularly with the BBC's external auditors, considering with them their audit approach and discussing any issues they wish to bring to our attention.
The Committee provides the BBC's management with an independent view, informed by the fine work of the Internal Audit team and by the different perspectives and experiences of its members. Our aim is to help the BBC achieve its goals and be a better organisation, mindful always of audience priorities and giving value for money to licence fee payers. We set out below the EAC's formal report, covering the most important things we have considered during the year.
Chairman of the Executive Audit Committee
21 June 2012
This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.