This Charter sets out the composition, roles and responsibilities of the Audit & Risk Committee (the Committee) with respect to Iress Limited and its subsidiaries (the Company).
2.1 Responsibilities and functions generally
The primary role of the Committee is to assist and advise the Company Board (Board) to fulfil its responsibilities on matters relating to:
(a) monitoring the adequacy of the Company’s corporate reporting processes;
(b) reviewing and monitoring the integrity of the Company’s consolidated financial reports and statements to ensure that they provide a true and fair view of the Company’s financial position and performance;
(c) oversight of the overall external audit engagement;
(d) oversight of the performance of the internal audit function (Internal Audit);
(e) material risks impacting the Company and relevant controls, as well as the design, implementation and operation of the risk management system to manage those risks and controls, the Iress Risk Management Framework (RMF);
(f) the Company’s risk appetite and the overall risk profile against its material risk classes, as well as the risk culture and behaviours across the Company; and
(g) performing any other duties, and undertaking or overseeing any specific projects, as the Board may request.
2.2. Financial reporting & management
The Committee is responsible for:
(a) reviewing half-year and full-year financial reports and statements with management and the external auditor;
(b) reviewing and making recommendations to the Board regarding significant financial, accounting and reporting issues;
(c) reviewing representation letters from the Managing Director and Chief Financial Officer to the external auditor;
(d) reviewing the appropriateness of the accounting policies adopted by management in relation to the financial reports and making recommendations to the Board as to any changes or amendments;
(e) reviewing the appropriateness of the treasury management policy adopted by the Company and treasury operations undertaken by Management pursuant to that policy;
(f) oversight of tax matters;
(g) reviewing the details of any related party transactions existing at a consolidated group level;
(h) reviewing financial statements for compliance with accounting standards, policies and other requirements relating to the preparation of financial reports;
(i) assessing whether the half-year and full-year financial reports are consistent with the Committee members’ information and knowledge; and
(j) reviewing and making recommendations to the Board concerning new or material changes to existing debt funding arrangements having regard to matters such as interest rates, tenor and lender capacity.
2.3 External audit
The Committee is responsible for:
(a) periodically considering the appointment of the external auditor and, as required, considering the procedures for the selection and appointment of the external auditor and whether an audit tender process is required. Any subsequent recommendation on the appointment of the external auditor is put to the Board;
(b) considering and approving the appointment of the audit engagement partner (where applicable);
(c) reviewing and approving the terms of engagement and fees of the external auditor at the start of each audit year;
(d) reviewing the findings of each audit with the external auditor;
(e) assessing the independence of the external auditor based on the information received from the external auditor and management. In assessing independence of the external auditor, the Committee will consider amongst other things:
(f) reviewing the effectiveness of the annual audit and the performance of the external auditor taking into account the opinions of management; and
(g) reviewing any proposal to engage the external auditor for any non-audit services in accordance with the Non-Audit Services policy, and assessing whether the proposed engagement would compromise the external auditor’s independence.
2.4 Internal Audit
The Committee is responsible for:
(a) approving, on the recommendation from management, the appointment, fees and removal of the internal auditor (if an external provider), or the internal audit budget (if the Internal Audit function is internally sourced);
(b) approving the Company’s annual internal audit plan, including any significant changes to it and overseeing progress against it;
(c) receiving regular reports from Internal Audit on significant audit findings and the timeliness and adequacy of management’s responses and progress in resolving outstanding significant audit findings;
(d) reviewing the effectiveness of internal audit reports and the performance of the Internal Audit function taking into account the opinions of management
(e) assessing, at least annually, the adequacy, independence and effectiveness of Internal Audit and providing feedback to management.
2.5 Risk management
The Committee is responsible for:
(a) overseeing the design, implementation and operation of the RMF. This includes reviewing the RMF, at least annually, to ensure that it continues to operate effectively;
(b) reviewing and recommending to the Board for approval, changes to the Company’s Risk Appetite Statement (RAS);
(c) monitoring the Company’s current and future risk profile as assessed against the RAS and the implications of such assessment for either varying risk limits or recommended management actions;
(d) monitoring new and emerging sources of risk and the controls and mitigation strategies put in place by management to deal with those risks;
(e) reviewing and approving, or endorsing to the Board for approval, key risk frameworks and policies (including material changes to those frameworks or policies) relating to the Company’s material risk classes, other than those that require or are reserved for Board approval, or have been delegated to management;
(f) reviewing changes to operational or governance structures to ensure that they continue to facilitate effective risk management, and making recommendations to the Board, where required;
(g) Reviewing and receiving reports from management or any Board Committee:
(h) constructively challenging management’s proposals and decisions on aspects of risk management and compliance matters;
(i) monitoring the ongoing effectiveness of the Group Risk function to ensure that it is appropriate for the size, business mix and complexity of the Company, and that it is adequately resourced; and
(j) reviewing and recommending to the Board for approval the Company’s Whistleblowing Policy and receiving reports from management that include information relating to:
(k) considering, and reporting to the People & Performance Committee, any material financial or non-financial risk or internal control matters, and / or any people-related matters relevant to the determination of remuneration outcomes for the CEO and the CEO’s direct reports.
2.6 Risk culture
The Committee is responsible for:
(a) guiding management to establish and maintain a sound risk culture;
(b) reporting to the Board on risk culture-related matters that affect (or may affect) the Company’s ability to operate consistently within its risk appetite; and
(c) reviewing incidents involving fraud, bribery, corruption, unethical conduct or other breaches of the Company’s internal controls and risk management system including any lessons learnt from such incidents.
2.7 Compliance
The Committee is responsible for:
(a) reviewing and overseeing the compliance function and framework, including reviewing the effectiveness of both in ensuring compliance with applicable legal and regulatory requirements and internal policies;
(b) reviewing management reports with respect to the Company’s compliance with applicable legal and regulatory requirements; and
(c) reviewing significant regulatory incidents and breaches and the management of such by management.
2.8 Insurance
The Committee is responsible for reviewing the adequacy of the Company’s insurance program, having regard to the Company’s particular business, and the insurable risks associated with that business, and making recommendations to the Board in relation to such insurance programs.
2.9 Environment, social & governance (ESG)
The Committee is responsible for:
(a) reviewing the ESG strategy, initiatives, and policies on an annual basis;
(b) reviewing and monitoring the financial, operational, regulatory, and reputational risks and opportunities of ESG on the Company and provide insight and guidance with respect to the Company’s management of such risks and impacts;
(c) reviewing and discussing reports and ESG risk disclosures in periodic reporting documents from management regarding the Company’s progress toward achieving its key ESG objectives;
(d) providing guidance with respect to communications with employees, investors, and other stakeholders, as appropriate, regarding the Company’s position on or approach to ESG matters;
(e) reviewing the sufficiency of the financial and human resources allocated to ensuring the proper development, training, education, management and advancement of the Company’s ESG strategies; and
(f) considering any other matters pertaining to ESG that may be referred to the Committee by the Board or another Board Subcommittee.
2.10 Collaboration with other Subcommittees
If a risk or matter relevant to the business of the People & Performance Committee (PPC) comes to the attention of this Committee, the Committee shall ensure that the issue is brought to the attention of the PPC.
If the PPC refers to the Committee a risk or matter relevant to the business of the Committee, the Committee shall examine the issue and take such actions as may be required, including making recommendations to the PPC, management or the Board as appropriate.
3.1 Delegation
Without limiting in any way the rights of each individual Director, the Board authorises the Committee to:
(a) appoint, compensate and oversee the work of any external auditor employed by the Company;
(b) resolve any disagreements between management and the external auditor on financial reporting;
(c) approve all auditing and non-audit services to be provided by the external auditor;
(d) retain independent counsel, accountants or others to advise the Committee or assist in the conduct of an investigation;
(e) seek and obtain information from people including employees, interview management and internal and external auditors, and seek advice from external consultants or specialists, where the Committee considers any one or more of these steps to be necessary or appropriate; and
(f) delegate authority to subcommittees of the Committee.
The Committee has full delegated authority from the Board to fulfil its responsibilities, including:
(a) having access to adequate internal and external resources, including having:
(b) obtaining independent advice, at the Company's expense, including engaging and receiving advice and recommendations from appropriate independent experts.
Composition of the Committee is as follows:
(a) members of the Committee, and the Committee Chair, are appointed by the Board;
(b) the Committee will consist of:
(c) Directors who are not members of the Committee are invited to attend meetings in a non-voting capacity and are allowed full access to all Committee papers, minutes and reports at all times;
(d) a Director’s membership of the Committee shall cease automatically where such Director ceases to be a Director of the Company;
(e) each Committee member must have a working familiarity with general finance and accounting practices. At least one member of the Committee must have accounting or related financial management expertise;
(f) the performance of the Committee will be evaluated by the Board at least annually.
6.1 Meetings
Committee Meetings will be conducted as follows:
(a) the Committee will meet at least four times per year and the schedule of meetings will be agreed in advance;
(b) additional meetings may be convened as required or requested by the Committee Chair or the Board;
(c) the Committee Chair will call a meeting of the Committee if so requested by any member of the Committee, the external auditor, internal auditor (if any) or by the Chair of the Board;
(d) a quorum shall be any two (2) Committee members;
(e) should the Committee Chair be absent from the meeting, the members of the Committee present at the meeting have the authority to choose one of their number to chair that particular meeting;
(f) the primary functions, responsibilities and composition of the Committee, along with the attendance by members of the Committee meetings, will be disclosed in the Annual Report;
(g) if a time-sensitive risk arises when a meeting of the Committee is not scheduled to occur within a reasonable period of time then:
(A) call an impromptu meeting of the Committee;
(B) arrange for the urgent issue to be on the agenda for the next full Board meeting;
or, if neither (A) or (B) are suitable options, then:
(C) arrange for the Committee Chair, Chair of the Board, Managing Director, and other appropriate stakeholders to conduct impromptu discussions to address the material risk.
In the case of (B) and (C), the material risk, including any action taken or outcome , should be raised at the next Committee meeting and recorded in Committee meeting minutes in accordance with section 6.6.
6.2 Secretary
The secretary of the Committee will be the Company Secretary or in the absence of the Company Secretary a suitable alternative approved by the Committee Chair.
6.3 Board papers
The following practices will apply to the Board papers:
(a) the Committee secretary will distribute in advance of a meeting the Board agenda and any related papers to each member of the Committee;
(b) it is the Company’s practice for Committee papers to be distributed via a secure electronic Board portal, the contents of which is maintained by the Company Secretary; and
(c) at the discretion of the Committee Chair, additional papers may be tabled for discussion at the meeting.
6.4 Attendees
(a) It is expected that the Managing Director, Chief Financial Officer and Chief Risk Officer will attend each meeting of the Committee.
(b) The internal auditor and external auditor will be invited to attend all meetings of the Committee.
(c) The Committee may also invite any person to attend any meeting or part of any meeting of the Committee.
(d) The Committee should also meet regularly with the external auditor and Internal Audit, to discuss any matters the Committee or each of these groups believe should be discussed privately.
(e) The members of the Committee shall, at all times, have free and unfettered access to management, the external auditor and Internal Audit, and vice versa.
6.5 Voting
Any matters requiring decision will be decided by a majority of votes of members present in person or by phone.
6.6 Minutes
The minutes of the Committee will be managed as follows:
(a) the secretary will prepare minutes of meetings of the Committee and have them approved by the Committee Chair;
(b) minutes of meetings will be confirmed at the next meeting of the Committee;
(c) minutes of Committee meetings will be included in the papers for the next meeting of the Board following the date of the Committee meeting; and
(d) minutes of Committees meetings must be entered into the minute book within one month after the relevant meeting, signed within a reasonable time after the meeting by the Chair of that meeting, or a succeeding meeting.
6.7 Reporting lines to the Committee
For the purpose of supporting the independence of each function, both the external auditor and Internal Audit have a direct line of reporting to the Committee, and under the terms of the Company’s Code of Ethics Policy, Company employees have access to the Committee Chair if required.
The Charter shall be reviewed annually by the Board on advice from the Committee to keep it up to date and consistent with the Committee’s authority, objectives and responsibilities.
All amendments to the Charter are to be approved by the Board.
A copy of this Charter is available on the Company website.
Updated January 2024.
Iress is a technology company providing software to the financial services industry.