Audit committee report
I am pleased to present the Audit Committee Report for the financial year ended 31 December 2018.
Following her appointment to the Board, Laurie Argo has joined the Audit Committee, replacing Karl Gruber. I would like to extend my personal thanks to Karl for his contribution to the Committee’s work and to welcome Laurie.
During 2018, I visited two of the Group’s steel mills in North America, EVRAZ Regina in Canada and EVRAZ Pueblo in the US. In 2019, we plan to hold an Audit Committee meeting at one of our North American operations.
Once again, I would like to extend the thanks of the Committee to the executive and financial management of the Group the internal audit department and EY, our external auditor, for their continuing diligence and valued contributions to the work of the Committee.Deborah Gudgeon Independent Non-Executive Director, Chairman of Audit Committee
Role and responsibilities of the Audit Committee
The role and responsibilities of the Audit Committee are delegated by the Board and set out in the written terms of reference.
The Audit Committee minutes are tabled for the Board’s meeting for consideration, and the chairman updates the Board orally on the Committee proceedings, making recommendations on areas covered by its terms of reference if appropriate.
The Audit Committee reviews the Group’s risk register and risk appetite proposed by the management before they are considered by the Board.
The Committee reviewed the terms of reference for both the Audit Committee and Risk Management Group and considered them to be appropriate with no changes deemed necessary.
EVRAZ also confirmed its compliance, during the financial year commencing 1 January 2018, with the provisions of the Competition and Markets Authority Order 2014 on mandatory tendering and audit committee responsibilities
Committee members and attendance
The Audit Committee members are all independent non-executive directors. The Committee members have a wide range of skills and experience: Deborah Gudgeon has recent and relevant financial experience and Alexander Izosimov provides key strategic experience. Laurie Argo has extensive commercial and financial experience in the North American market. As disclosed in the Corporate Governance Report, Olga Pokrovskaya continues to attend Audit Committee meetings as an observer, providing additional technical expertise and valuable regional knowledge.
Senior members of the Group’s finance function, the head of internal audit (who acts as secretary to the Audit Committee and Risk Management Group), and the external auditors also attend Committee meetings.
Key members of the management team and Risk Management Group are also invited to attend Committee meetings when appropriate. In 2018, these included the CEO and vice presidents of strategy, steel, IT, security, legal, compliance and personnel, the CFO of EVRAZ North America plc (ENA) and the director of investor relations. Other members of th management team and internal audit function were also invited to attend Committee meetings as appropriate.
The Audit Committee met eight times during 2018 and three times in early 2019 before the publication of this Annual Report.
Details of committee attendance are set out on page Corporate governance report.
Activities and work of the Committee during 2018
The Audit Committee has continued to focus on the integrity of the Group’s financial reporting, the related internal control framework and risk management, including finance, operations, regulatory compliance and fraud. These areas were comprehensively reviewed, and the Committee received regular updates from the Group’s financial and operational management, internal audit, compliance officer and legal team, as well as the external auditors.
The Committee monitors the Group’s IT security on an ongoing basis, including the results from external audit, mitigation plans and the level of attempted cyber attacks. During 2018, the Committee reviewed progress on the actions set out in the implementation plan developed for the Russian Federation following the external information security assessment and the attack in 2017. These actions were largely completed by the end of 2018 and a further round of penetration testing will be undertaken during 2019. An IT risk assessment of the North American business was undertaken by EY in 2018 and a detailed plan is being developed to upgrade the IT infrastructure and implement EY’s recommendations. Given the significance of IT security to the Group’s risk profile and resilience, this will remain an area of focus for the Audit Committee in 2019.
Following the financial transformation project and migration to the shared service centre at, Novokuznetsk, management commissioned an external review of the overall finance function to assess the maturity of the process within EVRAZ and this was reviewed by the Committee. Based on the results, a transformation map has been developed with strategic objectives for each part of the finance function through to 2020. The Audit Committee will monitor progress against this plan during 2019.
The Committee continued to review the procurement transformation project during the year, as well as the management plan to improve controls over contract approval and signing processes. This plan should be fully implemented during 2019 and the completeness and effectiveness of the new controls will be reviewed by the Committee. The Committee also assessed plans developed by management to improve controls over inventory and product shipment at one of the plants; this is a complex process involving several business functions and the use of innovative technology solutions. It will remain an area of focus for the Committee in 2019.
The Committee continued to monitor the process for identifying and approving related-party transactions during 2018 together with the accuracy and completeness of the disclosures in the 2018 financial statements.
The Committee updated its terms of reference, and undertook a self-assessment to consider its performance. The internal audit charter and the Group’s financial reporting procedures (FRP) manual were also considered and updated. The effectiveness and status of the anti-corruption policy and sanctions risk compliance controls were reviewed throughout the course of the year, together with progress to meet the requirements of the FRC’s Guidance on Risk Management, Internal Control and Related Financial and Business Reporting. The Committee also considered the implications of the new Corporate Governance Code for its work and reviewed the operation of whistleblowing procedures to ensure they were appropriately aligned across the Group and conformed to best practice.
At the request of the Board, the Audit Committee also considered the proforma Viability Statement and supporting analysis produced by management and reviewed by the Risk Management Group. The Audit Committee considered the updated risk register and the scenarios tested and the assumptions underpinning each scenario. Although compliance with trade regulations and sanctions regimes is now identified as a principal risk, the Risk Management Group consider the risk of sanctions being imposed on EVRAZ to be remote and the potential implications difficult to predict in the current environment. The Audit Committee challenged and then agreed with the Risk Management Group and, as a result, this scenario has not been modelled as part of the viability analysis.
Significant financial reporting issues considered by the Audit Committee in 2018
The Audit Committee’s primary objective is to support the Board in ensuring the integrity of the Group’s financial statements and Annual Report, including review of:
- Compliance with financial reporting standards and governance requirements
- The material financial areas in which significant accounting judgements have been made
- The critical accounting policies and substance, consistency and fairness of management estimates
- The clarity of disclosures and
- Whether the annual report, taken as a whole, is fair, balanced and understandable, and provides the information necessary for shareholders to assess the Group’s performance, business model, strategy, principal risks and uncertainties
Financial reporting standards and governance requirements
The full financial statements can be found on pages Financial statements.
The Audit Committee considered several financial reporting issues in relation to the interim results for H1 2018 and the financial statements for 2018. These included the appropriateness of accounting policies adopted, disclosures and management’s estimates and judgements. The Committee considered papers produced by management on the key financial reporting judgements and reviewed reports by the external auditor on the full-year and half-year results which highlight any issues with respect to the audit work.
The financial statements continue to be impacted by fluctuations in the key functional currencies of the business (primarily the Russian rouble) against the US dollar, the presentation currency of the financial statements, as set out in Note 2 . As a result, while challenging the consistency and comparability of balances in the financial statements remains difficult, management separates out where appropriate the forex impact on areas of significant judgements and estimates.
The following financial reporting issues are considered significant.
Going concern (Note 2)
EVRAZ is exposed to a wide range of risks and inherent uncertainties as set out on page Principal risks and uncertainties, many of which are outside the control of the Group. In 2018, steel and raw material pricing remained strong supported by global demand and supply side reform in China, but markets were volatile. The Audit Committee reviewed management’s going concern analysis, which included both a base case and a flexed downside scenario based on forward pricing close to the bottom of the range of current investment analyst forecasts, as well as a reduction in the level of budgeted capital expenditure. The Committee carefully considered the projected use and sources of funds for the period to June 2020, which includes scheduled loan repayments, new committed funding, free cash flow after capital expenditure and the dividend policy. Given the volatility of the global supply and demand environment in which EVRAZ operates, the Committee again focused on the pessimistic downside case and the implications on free cash flow and compliance with financial covenants.
Following these detailed considerations, the Audit Committee resolved to recommend the going concern basis of preparation for the Financial Statements as at 31 December 2018 to the Board.
Areas of significant accounting judgement and management estimates
The Committee considered management’s impairment assessment in the context of the current and future trading environment for the Group, including assumptions as to the continuation of tariffs and duties in North America and their impact on the recoverable amount of the affected assets. Testing was undertaken as at 30 September 2018 and reassessed at 31 December 2018 when no further impairment triggers were identified. The continued weakness of the rouble means that the carrying values of Russian cash-generating units remain low in US dollar terms and are largely not challenged by the value in use comparisons used to determine impairment, even if the pricing outlook were to deteriorate.
An impairment charge of US$30 million is recorded in the financial statements for 2018. This primarily relates to EVRAZ Stratcor Inc, where the full asset value of US$12 million has been impaired in anticipation that the entity will enter bankruptcy proceedings. There was a further impairment charge of US$6 million at Yuzhkuzbassugol to reflect an increase in site restoration provisions at one of the mothballed mines.
The Committee gave particular attention to the implications of trade barriers for the businesses in North America and management’s assumption that these will end in 2023. Given the inherent uncertainty around these measures at the current time, the Committee accepted management’s assumption on this occasion but will review it for the interim statements.
The Committee reviewed and agreed with the accounting treatment and disclosure of several transactions during 2018, including:
- The twenty-year contract with Air Liquide for the supply of oxygen and other gases. As the Group will not control or manage the air separation plant and output will also be sold to unconnected third parties, management has concluded that this contract does not constitute a lease as defined by IFRS 16 (Note 30);
- A contract with Brunswick Rail for the lease of gondola cars. This contract was classified as an operating lease under IAS 17 in 2018 but, following the adoption of IFRS 16 in 2019, the Group will recognise the right-of-use asset and related liability of US$60 million in respect of this contract (Note 30); and
- The sale of the 15% interest in Delong Holdings Limited in June 2018 and recognition of the US$59 million gain in other comprehensive income (Note 13).
The Financial Reporting Council (“FRC”) reviewed the financial statements for the year ending 31st December 2017 and wrote to the Company in July 2018. The Audit Committee reviewed the recommendations of the FRC with management and the external auditor and the majority of these recommendations where relevant have been incorporated into the financial statements for the year ending 31st December 2018.
Fair, balanced and understandable
In considering whether the Annual Report is fair, balanced and understandable, the Committee reviewed the information it had received, discussions held with management throughout the year and the preparation process adopted. Management agreed the key overall messages of the Annual Report at an early stage to ensure a consistent message in both the narrative and financial reporting. Regular meetings were held to review the draft Annual Report and for management and Committee members to provide comments, and detailed review of the appropriate draft sections was undertaken by the relevant directors and external advisers. The Committee particularly considered whether the description of the business, principal risks and uncertainties, strategy and objectives were consistent with the understanding of the Board, and whether the controls over the consistency and accuracy of the information presented in the Annual Report are robust.
Taking into account the disclosure implications of the issues discussed in this report, the Committee recommended to the Board that, taken as a whole, it considers the Annual Report to be fair, balanced and understandable. The Audit Committee recommended approval of the Group’s 2018 Consolidated Financial Statements by the Board. Both recommendations were accepted by the Board.
UK Bribery Act
The Committee continues to monitor the status of the procedures, controls and data collection of the Group’s Code of Conduct and Anti-Corruption Policy. A comprehensive framework for annually monitoring compliance with EVRAZ anti-corruption policies and identifying risk was developed during 2016 by the compliance, legal and internal audit teams. Using this framework, compliance was tested in late 2018 and the results reported to the Audit Committee in February 2019, indicating further progress in reducing risk. During 2019, the methodology and current monitoring framework will be updated and extended in consultation with internal audit and legal advisers to reflect the latest best practice.
Anti-corruption training continued during 2018. A further 2,500 managers across the business completed the anti-corruption training programme developed by Thomson Reuters, bringing the total number of those trained to 11,000. The training will continue to be extended to additional staff in 2019 and refresher training will commence. In addition, specific training modules will be developed in-house by the management to supplement the Thomson Reuters programme during 2019.
Sanctions compliance controls
Given the increase in geo-political tension during 2018, compliance with the extended sanctions regime has been a key focus for the Committee throughout the year. The Committee received regular updates from the Group’s external legal advisers and compliance officer on any extension or change to the evolving sanctions framework. The control processes, procedures and reporting framework are updated regularly to incorporate the latest guidance. These were tested by internal audit during the year, along with progress against the recommendations of the Group’s external legal advisers, and were found to be satisfactory. There is a process of continuing education of compliance personnel and executive management in relation to sanctions.
Risk management and internal control
This should be read in conjunction with the Risk Management and Internal Control section on page Risk management and internal control.
EVRAZ has an integrated approach to risk management to ensure that the review and consideration of risks inform the management of the business at all levels, the design of internal controls and internal audit process. The Group’s financial reporting procedures, internal controls, risk management systems and activities are documented in a comprehensive FRP manual. The manual was updated and reviewed by the Audit Committee in January 2019.
The Risk Management Group and the Audit Committee reviewed the Group’s risk profile in November 2018 and finalised the assessment in January 2019. The assessment includes the Risk Management Group’s recommendation on the level of risk appetite of the Group and how that appetite is applied to strategic and operational business decisions. This was reviewed by the Audit Committee, along with the draft Statement of Principal Risks and Uncertainties to be included in the Annual Report, prior to the Board’s consideration.
Internal audit findings on control issues that exceed the Group’s risk appetite are reported to the Board by the Audit Committee and followed up by the Group’s Management Committee. Progress on resolving issues is monitored regularly by the Committee.
The Audit Committee continues to receive quarterly updates on whistleblowing reports together with a bi-annual security report on the progress of follow-up investigations and resulting actions in relation to fraud and theft. Any significant whistleblowing report is reported to the Committee on an ad hoc basis when it arises.
Assessment of the Group’s risk profile and control environment
Internal audit reviews the Group’s risk and control environment annually and this is considered by the Risk Management Group and the Audit Committee. The chairman of the Audit Committee tables the internal audit report assessment of the risk and control environment with the Board.
The Committee monitors the internal control environment throughout the year and engages with executive management on any deficiencies identified by internal audit and assesses management’s response. During 2018, the Audit Committee reviewed the updated assessment of the information security risks and supporting analysis and the preliminary risk assessment of GDPR compliance, and considered the analysis of issues arising from the current contract approval process. The Committee also reviewed the results of the external finance function assessment and a project to optimise product inventory and shipment control at one of the plants. The Audit Committee considered whether any of these matters had implications for the risk and control environment of the Group.
The Audit Committee reviewed in detail the Group’s risk management practices and management’s self-assessment of the process. While the maturity of the process was assessed as fair, areas were identified that require additional management focus and enhanced risk management practices. As a result, management developed a plan to address these gaps, which was reviewed by the Audit Committee and considered appropriate. Progress against this plan will be monitored during 2019.
The Audit Committee reviewed the internal audit plans for 2019 and recommended certain revisions in view of the macroeconomic environment, risk profile of the business and resources available. The plan was revised to reflect the updated risk analysis and to prioritise key business cycles and controls from a risk perspective. During 2018, the Audit Committee also approved the expansion of the internal audit function in North America to increase the geographic coverage of risk areas. Overall, the Committee considers the current internal audit resource to be adequate for the internal control and risk management assurance requirements.
The Audit Committee reviewed and updated the charter and key performance indicators of the internal audit function in early 2019. An annual assessment of the effectiveness, independence and quality of the internal audit function was undertaken by way of a questionnaire to Committee members, management and the external auditors, and was again found to be very satisfactory. An external assessment of the internal audit function in North America and Canada was undertaken during 2018 and confirmed that it generally conforms to the International Standards for the Professional Practice of Internal Auditing, Code of Ethics and Definition of Internal Audit of the Institute of Internal Auditors. The next scheduled external assessment of the internal audit function in Russia, the CIS and Europe will be undertaken in 2020.
The head of internal audit is secretary to both the Audit Committee and Risk Management Group and prepares the minutes.
The Audit Committee is responsible for monitoring the ongoing effectiveness and independence of the external auditor, as well as for making recommendations to the Board on the re-appointment of the auditor.
Effectiveness and independence
The Audit Committee has an established framework through which it monitors the effectiveness, independence, objectivity and compliance of the external auditor with ethical, professional and regulatory requirements of the external auditor. This includes:
- Review and approval of the external audit plan for the interim review and year-end audit, including consideration of the audit scope, key audit risks and audit materiality measures, and compliance with best practice
- Review and approval of the external auditor’s engagement letter
- Review of the FRC’s June 2018 Quality Inspection Report and EY’s response
- Consideration of the external auditor’s report on the interim review and annual report and representation letters and
- Review of the external auditor’s management letter on the 2017 audit with management, consideration of management’s response and proposed actions, and directing that internal audit undertake a follow-up audit of key areas
Management and members of the Audit Committee completed a questionnaire to assess the effectiveness and independence of the 2017 external audit process during 2018, which was found to be satisfactory.
The Audit Committee holds regular meetings with the external auditor at which management is not present to consider the appropriateness of the Group’s accounting policies and audit process. During 2018, the external auditor confirmed that these policies and processes were appropriate. The Committee chairman also meets the Senior Statutory Auditor regularly outside of Audit Committee meetings.
Engagement of the external auditor for non-audit services is managed in accordance with the Group’s policy, which can be found on the website. This policy identifies a range of non-audit services which are prohibited on the basis that they might compromise the independence of the external auditor, and establishes threshold limits for the level of non-audit fees relative to audit fees and authorisation processes for the approval of all audit and non-audit fees. This policy was updated in January 2019 to reflect the latest guidance. Fees in respect of the interim review are now classified as an audit-related service and the threshold for audit-related and non-audit services has been increased. During 2018, non-audit fees totalled US$1,202,000 and included US$459,000 in respect of the interim review (2017 US$1,073,000 including US$530,000 in respect of the interim review. The balance in 2018 primarily related to work in connection with the EVRAZ plc guarantee to Sibuglemet, as well as other quality assurance reviews. Non-audit fees were 41% of the 2018 audit fee of US$2.9 million, compared with 35% of the 2017 audit fee. Irrespective of prior approval by the CFO and Audit Committee chairman, all fees are reported to the Audit Committee for noting and comment.
Re-appointment of the external auditor
Following a tender process undertaken during 2016, the Committee recommended the re-appointment of Ernst & Young LLP (EY) as external auditor for the years ended 31 December 2017 and 2018. After consideration of the UK Corporate Governance Code, EU legislation on audit regulation and the performance of EY, the Committee recommended in 2017 that, subject to the agreement of appropriate terms, a further tender to appoint an external auditor be deferred to 2021. The Committee reviewed the terms agreed with EY in respect of the financial years ended 31 December 2019 and 2020, as well as the performance of EY, and continues to recommend the deferral of the tender process.
EY was appointed as external auditor of EVRAZ plc in 2011. The current audit engagement partner, Steven Dobson, assumed the role for the year ended 31st December 2016 and will continue up to and including the audit for the year ended 31st December 2020.
The Audit Committee continues to consider EY to be effective and independent in their role as auditor and has advised the Board that it should recommend to shareholders that EY be re-appointed as external auditor for the year ending 31 December 2019.