Board Committee - Audit and Risk

Terms of Reference

The Audit and Risk Committee (ARC) is tasked with developing, reviewing, planning and overseeing the implementation of these two functions (audit and risk) as outlined below for PEMAC.

Responsibilities:

The committee is responsible for:

Audit

 

Overseeing management’s establishment of an adequate system of internal controls, policies and procedures and effective performance of those internal controls, policies and procedures.

 

Oversight of Financial management:

  • Receive as required yearly, report from the independent auditor on their audit activities. Provide input and comments, recommendations to the Board on report findings and recommendations, best practices improvements etc.
  • The Audit Committee will complete an Audit check list (provided in Appendix A) yearly and its purpose is only to validate that the external audit PEMAC secures has included as a minimum the questions outlined. If in the event questions or the intent of those questions are missing from the yearly external audit the Audit Committee may decide to carry-out an internal audit to capture any missing areas that are specified in Appendix A.
  • Recommend to the Board specific expectations for the independent auditor regarding its information needs.
  • Recommend to the Board situations that may require outside advice on issues where there is not sufficient in-house expertise. Examples of such special needs may include a lawsuit, a significant reorganization, a major financing transaction, or the need for assistance with information systems.
  • The Audit Chair has an ongoing role to act as a confidential contact for any employee, contractor, Board Member, or member of PEMAC in the event a conflict of interest, fraud or inappropriate activity is suspected or perceived for whatever reasons. The Chair will immediately call for an Audit Committee meeting to begin an investigation of the complaint or concern. In the case where the Audit Chair has a conflict of interest, he or she must immediately disclose all details to the Board and the Board will determine the required steps to follow.
  • Oversight of the reliability and integrity of the accounting principles and practices used by PEMAC.
  • The PEMAC financial statements and other financial reporting, including:
      1. Reviewing and discussing with management and the independent auditor the NPO’s annual and quarterly financial statements;
      2. Recommending to the Board of Directors approval of the audited financial statements;
      3. Reviewing major issues regarding accounting principles and financial statement presentation;
      4. Reviewing all critical accounting policies and practices, including all alternative treatments of financial information etc.
  • Disclosure of principles and practices followed by management:
      1. Obligations under the Canada Not-for-profit Corporations Act;
      2. Obligations under PEMAC’s Conflict of Interest Policy and Procedure;
      3. Other relevant disclosure requirements such as outlined in the PEMAC By-Law.
  • Oversight of the independent auditor’s qualifications, independence and performance, including:
      1. Recommending the independent auditor for appointment or replacement to the Board of Directors;
      2. Recommending compensation of the independent auditor to the Board of Directors;
      3. Reviewing and pre-approval of all audit and non-audit services to be performed by the independent auditor;
      4. Reviewing the overall scope of the independent audit plan at least annually;
      5. Receiving all reporting from the independent auditor (i.e. the independent auditor reports to the Audit Committee);
      6. Periodically reviewing the status and findings of the independent auditor’s audit program;
      7. Confirming the independent auditor’s independence, including reviewing the NPO’s hiring policies for employees or former employees of the independent auditor.

 

Oversight of policies and procedures

 

  • Establishing a whistleblower policy and oversight of the receipt, retention and treatment of complaints received regarding questionable matters.
  • Establishing a fraud policy and oversight of the receipt, retention and treatment of actual or perceived fraud.
  • References to policies and procedures as indicated below from the PEMAC Board Handbook (online) that are current PEMAC policies, any other policies and procedures or any new polices (such as under development the “PEMAC Leadership Pipeline”) as they are added over time to ensure they are followed as written and updated as required. This table is to update herewith during each yearly document review.

 

      (From the current PEMAC BoD Handbook as of October 22, 2021)

 

 

  • The Audit Committee to review the process for defining risks and the usage of a risk registry/process used to manage risks etc.
  • The Audit Check List found in Appendix A shall be reviewed by the Audit Committee yearly to ensure that the yearly external Audit as a minimum includes these questions or the intent of the questions listed. Any variances to this table will be followed up by the Audit Committee and in some cases a PEMAC internal Audit could occur. The next step actions will be phased in over a two-year period to provide the organization time to address any variances.

 

  1. Risk

 

Risk and risk culture are at the Governance Framework’s core since they influence and impact the effectiveness of all elements of governance. Managing risk, therefore, is one of the board’s most important responsibilities.

  • Develop and implement the organization’s policies and processes for assessing and managing major risk exposures on an integrated, enterprise-wide basis. The risk process shall include the following as a minimum:
    • Shall focus on risk culture;
    • Shall define the key risks, vulnerabilities and plans to address them, and;
    • Shall articulate the organization’s risk appetite with the board’s input and approval.
  • Consider the relationship between strategy and risk and communicate that into a policy or practice;
  • Ensure the Board is getting the information it needs from across the organization to enable it to make key decisions;
  • Through the ARC the Board ensures that management:
    • Determines the specific risks that might arise as a consequence of the organization’s business model, strategy and operations, thereby identifying and prioritizing risks in the context of its unique characteristics and operating environment;
    • Assesses the potential impact of each identified risk on the integrity of financial reporting, as well as on the organization’s strategy, operations and compliance activities;
    • Aligns each risk with the organization’s objectives for creating and preserving value, including specific processes or functional areas in which that risk may occur;
    • Assigns responsibility for monitoring, responding to, and controlling each risk, or set of risks, to the appropriate individuals;
    • Monitors and reports on changing risk conditions, and
    • Establishes formal communication and escalation protocols regarding risk response, control performance, and changes to the organization’s risk profile.

Audit and Risk Committee Accountabilities:

The ARC is accountable to the members of PEMAC and directly to the PEMAC Board of Directors.

Audit and Risk Committee and Members:

The ARC consists of a minimum of three members unless directed otherwise by the Board of Directors, all of whom are members of the Board of Directors, are independent of management and are financially literate.

Committee members are appointed for a one-year term unless directed otherwise by the Board.

The committee shall appoint one of the committee members to be the ARC Chair for a period of one year unless directed otherwise by the Board.

Committee members shall receive no remuneration for serving as such, however are entitled to reasonable expenses incurred in the exercise of their duty. As outlined in the PEMAC Policies and Procedures found in the Directors Handbook.

Term of Office:

The Board appoints Committee members and terms at their discretion.

 Any committee member may be removed by a majority vote of the Board of Directors or Committee Members for performance issues. Refer to performance section.

Performance:

If unable to attend a meeting(s), notice is to be provided to the committee chair and following the meeting minutes and action items are to be reviewed and followed up on as required.

ARC performance

 

The Board will review the committee’s charter on an annual basis to ensure that it remains appropriate to the circumstances of PEMAC and of the Board. Any continuous improvement performance items will be brought to the attention of the ARC Chair and actioned as required by the committee.

Meetings:

Schedule of Meetings

ARC Meetings will be held as per the following:

  • During committee development or high demand periods at least monthly.
  • No fewer than four (4) meetings will occur within a calendar year.  
  • As part of at least two ARC meetings through the year, formal Audit Meetings shall occur independent of management (1st quarter and 3rd quarter).
  • The Audit Committee may choose to hold additional meetings if it considers them necessary for it to carry out its responsibilities effectively.
  • The Audit Committee or Chair, Treasurer and Executive Director shall meet with the independent auditor at least once per year in the event the PEMAC Treasurer is not active and providing detailed financial and budget updates at monthly Board Meetings. The meeting will include the completion of the yearly audit check list. In the event of no meeting the checklist will be completed by the Audit Chair and Executive Director of PEMAC.

Meeting Format and Agenda / Admin Support:

Meetings will largely be held by remotely accessible means: for example, telephone conferencing, web conferencing, video conferencing. From time-to-time face to face meetings may be held in conjunction with PEMAC events and conferences.

The Chair is responsible to ensure that dates, times and means of the meeting are set and communicated to all committee members and to ensure that agenda and minutes are circulated in a timely way.

Admin Support from PEMAC staff will be provided to help set calendar meetings, agendas and take minutes etc.

Individual committee members are free to propose agenda items.

All reports, documents and outputs of the committee are the property of PEMAC.

Documentation

All current reports, documents and meeting minutes related to this committee will be stored on the website accessible to the ARC members, BoD, and Executive Director.

Quorum

No business may be transacted by the Committee except at a meeting of its members at which a quorum is present. A majority of voting members constitutes a quorum.  A meeting may proceed without a quorum for information sharing purposes, but no decisions will be taken.

Recommendations and Decision Making

The committee will strive for consensus in its decisions. However, majority vote (51%) of the quorum will suffice.

Reporting

The ARC will report to the PEMAC Board of Directors

Reporting can occur in the form of verbal or written reports containing recommendations on matters addressed by the Committee prior to or during Board meeting.

At any other time on relevant issues through the Chair.

All recommendations, directions, decisions and resolutions of the Committee shall be recorded in the minutes of the meetings of the Committee; such minutes will be circulated to the members of the Committee prior to the next meeting.

The Board of Directors will have the final authority to accept or reject the recommendations of the Committee.

 

Statement of Policy and Procedure

Manual:

PEMAC Board Handbook

Status

Final BoD Approved

Section:

Audit and Risk

Issued:

Nov 17,2021

Subject:

ARC Terms of Reference

Effective:

Nov 18, 2021

BoD Approval Date: Oct 30th, 2021

 

Next Approval Date: Oct 30th, 2022