Audit Committee Network Audit Committee Network Accounting developments Iain Selfridge January 2018 [email protected] Slide 2

Audit Committee Network

Technical workshop

www.pwc.co.uk

January 2018

PwCPwC


PwC

Accounting developments

Iain Selfridge

January 2018

[email protected]

Slide 2

PwCPwC

Agenda


Year end reminders IFRS updates

Future changes to FRS 102

Other resources/communications

1 2

3 45

January 2018

Slide 3

PwCPwC

Year end reminders

1January 2018Audit Committee Network

4

PwCPwC

Year end reminders

New accounting standards

Accounting policies

Business combinations

Alternative Performance

Measures

Judgements and

estimates

Strategic report

Cash flow statements

Pensions

www.pwc.co.uk/aruJanuary 2018Audit Committee Network

Slide 5

http://www.pwc.co.uk/aru

PwCPwC

Impact of new standards:What does the standard (IAS 8) actually say?

30. When an entity has not applied a new IFRS that has been issued but is not yet effective, the entity shall disclose:

a) this fact; and

b) known or reasonably estimable information relevant to assessing the possible impact that application of the new IFRS will have on the entity's financial statements in the period of initial application.

31. In complying with paragraph 30, an entity considers disclosing:

[…]

b) the nature of the impending change or changes in accounting policy;

[…]

e) either:

i. a discussion of the impact that initial application of the IFRS is expected to have on the entity's financial statements; or

ii. if that impact is not known or reasonably estimable, a statement to that effect.

January 2018Audit Committee Network

Slide 6

PwCPwC

What has the FRC said?

[…] Given their significance it is important for companies to disclose the likely impact of the new accounting standards on their financial statements as soon as they can be reliably measured. The FRC encourages companies to provide clear disclosures with reference to their existing accounting policies. In the last set of financial statements before the implementation date we expect to see detailed quantitative disclosure regarding the effects of the new standards. We expect companies to have made a step change in the quality of their disclosures this year, particularly in respect of IFRS 15 and IFRS 9.

These quantitative disclosures should be accompanied by informative and sufficiently detailed explanations of the company’s analysis. Disclosures should be tailored to the company’s specific circumstances and transactions, and describe any key judgements that management will need to make in complying with the new standards.

Open letter to audit committee chairs and finance directors, 10 October 2017


Slide 7

PwCPwC

Thematic reviews –Alternative Performance Measures

FRC will continue to question companies where:

• Definitions and good explanations are not given of APMs used

• A reconciliation to amounts appearing in the financial statements is not disclosed

• APMs are displayed with greater prominence, or earlier in narrative, than IFRS measures

• A term such as non-recurring is used and that description does not appear to apply in the circumstances

• No explanation is given for changes made in the APMs used

Alternative Performance

Measures


Slide 8

PwCPwC

Thematic reviews –Pensions

FRC will continue to question companies where:

• Sufficient information has not been provided about risks, how future cash flows may be affected and valuation of unquoted plan assets

• Net pension asset is recognised, or there may be a future surplus, and there is no disclosure of judgements

• There is an asset-liability matching strategy without description

• Strategic report does not refer to pension scheme

• Plan assets of different nature/risk have been aggregated

Pensions


Slide 9

PwCPwC

Thematic reviews –Judgements & estimates

FRC will continue to question companies when they do not see:

• Clear differentiation of estimates from judgements

• Detailed disclosures of the judgements that have the most significant impact

• Company-specific disclosures that pin-point areas of uncertainty – not boilerplate

• Quantification of the specific amounts of estimates at risk of material adjustment within the next year and assumptions underlying estimates

• Sensitivity analysis or disclosure of the range of reasonably possible outcomes

Judgements and

estimates

Audit Committee Network January 2018

Slide 11

PwCPwC


2018/19 Thematic reviews

Corporate reporting

• Financial Services

• Oil and Gas

• General Retailers

• Business Support Services

Priority sectors

• Target: smaller listed and AIM quoted company

• The effect of new IFRSs on IFRS 15 and IFRS 9 on companies’ 2018 interim accounts

• Expected effect of IFRS 16

• Effects of Brexit on companies’ disclosure of potential risks and uncertainties.

PwC Slide 11

PwCPwC

Dividends under the microscope

How has practice

developed (2016/17)?

132 FTSE 350

companies enhanced

disclosures

48% of FTSE 100 disclose

distributable profits

Only 30% of FTSE 250

now disclose distributable

profits

Improved risk and policy

disclosures

Improved disclosure of

policy application

Source: FRC Lab implementation study: Disclosure of dividends –policy and practice (October 2017)


Slide 12

PwCPwC

Dividends under the microscope

How could disclosures be improved further?

Identifying the explicit links between dividend, business model, principal risks and viability

Enhancing disclosure on constraints

Explaining more fully what policy means in practice

Enhancing understanding of structure and process

Source: FRC Lab implementation study: Disclosure of dividends –policy and practice (October 2017)


Slide 13

PwCPwC

IFRS updates


14

PwCPwC

What’s new?


15

PwCPwC


What’s new: IFRS amendments effective this year

Standard Nature of amendment

Amendments to IAS 12 Income tax on recognition of DTA for unrealised losses

Amendments to IAS 7 Statement of cash flows

Annual improvements 2014-2016 cycle

Disclosure of interests in other entities

Slide 16

Subject to EU endorsement

PwCPwC


What’s new: amendment to IAS 7Might be different to current net debt reconciliation

Effective 1 January 2017

20x1 Cash flows Non-cash changes 20x2

Acquisitions Foreign

exchange

Fair value

changes

Long-term borrowings 22,000 (1,000) – – – 21,000

Short-term borrowings 10,000 (500) – 200 – 9,700

Lease liabilities 4,000 (800) 300 – – 3,500

Hedges of long-term

borrowings

(675) 150 – – (25) (550)

Total liabilities from

financing activities

35,325 (2,150) 300 200 (25) 33,650

Slide 17

PwCPwC


What’s new: amendment to IAS 7But you could do this…

Effective 1 January 2017

20x1 Cash flows Non-cash changes 20x2

Acquisitions Foreign

exchange

Fair value

changes

Long-term borrowings 22,000 (1,000) – – – 21,000

Short-term borrowings 10,000 (500) – 200 – 9,700

Lease liabilities 4,000 (800) 300 – – 3,500

Hedges of long-term

borrowings

(675) 150 – – (25) (550)

Total liabilities from

financing activities

35,325 (2,150) 300 200 (25) 33,650

Cash and cash

equivalents

(1,250) (225) 75 (25) (1,425)

Net debt 34,075 (2,375) 375 175 (25) 32,225

Slide 18

PwCPwC


What’s in the pipeline?

Standard 2018 2019 2020 2021

IFRS 9Financial instruments

Effective

IFRS 15Revenue from contracts with customers

Effective

IFRS 16Leases

Effective

IFRS 17Insurance contracts

EU endorsement

Effective

IFRIC 23Uncertainty over income tax treatments

EUendorsement

Effective

REMEMBER: Disclosure of new accounting standards (IAS 8)!

Slide 19

PwCPwC



20

PwCPwC



FRED 68

Gift aid

Impact ofnew

standards

Simplifications

on Director loans

Fewerintangibles

in a BC

Investmentproperty

choices

Morebasic FI

FinancialInstitution definition

Changes in FRS 102

FRED 67 effective date

1 Jan 2019 with early adoption

Slide 21

PwCPwC

Other resources / communication


22

PwCPwC

Other resources / communicationssee www.pwc.co.uk/aru

Corporate Reporting InsightsPwC Inform IFRS News

In depth / In briefLive webcasts IFRS Talks

Corporate Reporting BlogIFRS series on PwC Inform Youtube channel

PwC Blog

PwC IFRS Manual of Accounting

MoA


Slide 23

PwCPwC

Corporate Governance and Reporting update

Mark O’Sullivan/John Patterson

Audit Committee Network December 2017

Corporate Reporting/Governance

Arran Jones

[email protected]

Slide 24

PwC

Agenda

Priorities for this year’s reporting

Principal and other developments


Slide 25

PwC

Principal and other developments


26

PwC

Navigating the stakeholder agendaPrincipal developments

Stakeholders and the impact of business on society

Government Green Paper on corporate governance reform and response

FRC consultation on Guidance on the strategic report

Non-financial reporting regulations

Law FRC Guidance

FRC consultation on the UK Corporate Governance Code and Guidance on board effectiveness

Combination

Secondary legislation – s172 reporting requirement

GC100 Guidance on section 172

Guidance

Final

Key

Still subject to consultation/or not yet issued


Law

Investment Association/ICSA Guidance on stakeholder engagement

Guidance

Slide 27

PwC

Navigating the stakeholder agendaOther developments and initiatives

Stakeholders and the impact of business on society

Board diversity Website disclosures based on social impact of companies

Task-force on Climate-related Financial Disclosure (‘TCFD’)

Guidance

Davies and Hampton-Alexander on gender diversity

Parker on ethnic diversity

Guidance

DTR 7.2.8AR on disclosure of diversity policy for the main and executive boards

Regulation

Modern Slavery Act

Law

UK tax strategy

Law

Gender pay gap

Law

Prompt payment policy

Law


Slide 28

PwC

Corporate governance reformDirectors’ duties debate

What does it mean to ‘promote the success of the company’?

[Companies Act s172]

A director must “act in the way he considers, in good faith, would be most likely to promote the success of the company for the benefit of its members as a whole”

• and in doing so have regard (amongst other matters) to:

- the likely consequences of any decision in the long term

- the interest of the company’s employees

- fostering business relationships with suppliers, customers and others

- the impact of operations on the community and the environment

- maintaining a reputation for high standards of business conduct

- the need to act fairly as between members of the company


Slide 29

PwC

Corporate governance reformPrincipal developments – outcome of Government Green Paper

Code consultation – November 2017 and effective for periods beginning January 2019Secondary legislation – laid by March 2018 and effective for periods beginning June 2018 onwards

• Code or Guidance for large private businesses

• Governance reporting for private companies (> 2,000 employees?)

• Reporting: secondary legislation to have all companies (>1,000 employees?) report on implementation of s172

• Stakeholder engagement mechanisms -employees: UK Corporate Governance Code provision for premium listed companies to have one from: o Stakeholder panelso Designated non-executive directoro Representative on board or board

committee

• Guidance: from Investment Association/ICSA on engagement & GC100 on s172

Stakeholder voice

• Public register of cases of ‘significant dissent’, maintained by Investment Association

• Disclosure of ratio of CEO pay to average UK employee

Executive pay

Private company governance


Slide 30

PwC

Navigating the stakeholder agendaPrincipal developments – non-financial reporting regulations

Now applicable – for periods beginning on or after 1 January 2017

Scope

Requirements

EU Public Interest Entities with > 500 employees, with exemptions for certain subsidiaries

‘Non-financial information statement’ within the strategic report covering (‘to the extent necessary for an understanding of the company’s development, performance and position, and the impact of its activity’):

• Environmental matters

• Employees

• Social matters

• Respect for human rights

• Anti-corruption and anti-bribery matters

Italics = new requirement compared to strategic report regulations

January 2018

Slide 31

In relation to these areas:

Policies, including due diligence on them and outcomes

Principal risks, including likely adverse impacts of business relationships, products or services


PwC

Navigating the stakeholder agendaPrincipal developments – FRC consultation on Guidance on the strategic report

Three main themes

Latest indications on timing – middle of 2018; could see initial recommendations around non-financial reporting regulations first

• Reflecting s172 debate, with new focus on:

Value generation and preservation

Long-term reporting

• Annual report content to be judged on materiality to shareholders

Updating for the non-financial reporting regulations

• ESMA Guidance on Alternative Performance Measures

• Consistency of commentary in the business review with the segmental analysis

• Consistency of KPIs with remuneration and how the business is run

• Discouragement of the use of the ‘commercially sensitive’ exemption from disclosure

Other areas of focusNew regulationSection 172


Slide 32

PwC

Priorities for this year’s reporting


33

PwC

Navigating the stakeholder agendaPriorities for this year – Section 172 and engagement

ICSA/Investment Association guidance

Areas to cover Related comments

Who are the key stakeholders?

• Company-specific, and may change over time – reflect in reporting

• Outline process used to make decisions, based on impact and materiality

How does the board hear from them?

• Explain engagement processes concisely, for ongoing and ad hoc instances

• Consider disclosing outcome of any engagement effectiveness assessment

What were the outcomes of the engagement with stakeholders – what impact did they have on the board’s decisions?

• Report a fair, balanced and understandable appraisal

• Aim for a mix of qualitative and quantitative information

ICSA/IA The stakeholder voice in board decision making, pages 28 – 29


Slide 34

PwC


FRC encouraged content elements

An entity could set out who it considers its major stakeholders to be, how an entity engages with those stakeholders and how the interests of major stakeholder groups and the matters set out in section 172 were taken into account when making significant strategic decisions in the period.

FRC draft Guidance on the strategic report, paras 7.10 and 7.18

An entity could describe how it develops and maintains its relationships with its key stakeholders. This could include the regular interactions it has with them, how it communicates with them and how regard is had to their interests in key decisions. For instance, there may be a non-executive director who has specific responsibility for considering the interests of employees and other stakeholders.


Slide 35

PwC


Early examples – Stakeholder engagement (Marks & Spencer annual report 2017)


Slide 36

PwC


Early examples - Board activity (SSE annual report 2017)


Slide 37

PwC

Navigating the stakeholder agendaPriorities for this year – non-financial reporting regulations

Points of focus

Areas to cover Related comments

Structure of reporting • Fully integrated, as per the draft FRC Guidance on the strategic report?

Non-financial risks • Relationship with other principal risks?

Revisit disclosures on all fiveareas of content, including the new one on anti-corruption and anti-bribery matters

• Are all material matters disclosed, including material impactsof the business

Consider what due diligence on how policies are operating needs to be disclosed

• ‘Due diligence’ on policies has been promoted from the FRC Guidance and generates debate as to how much is enough


Slide 38

PwC

Navigating the stakeholder agendaPriorities for this year – value generation and preservation

Points of focus from draft FRC Guidance on the strategic report

A critical part of understanding an entity’s business model is understanding its sources of value, being [its] key resources and relationships… In identifying [these it] should consider both its tangible and intangible assets and consider those resources and relationships that have not been reflected in the financial statements.

FRC draft Guidance on the strategic report, paras 7.17 and 7.21

(Encouraged content element)

An entity could describe how its allocation of resources will support the achievement of its strategy, generate and preserve value and will impact on its stakeholders where material to an understanding of the entity’s future prospects. This could include a, quantitative and qualitative analysis of allocation decisions made (such as investments) and their impact during the year.


Slide 39

PwC

Navigating the stakeholder agendaPriorities for this year – value generation and preservation

Investment Association Long-term Reporting Guidance on capital management strategy

IA Guidance, para 23

• The objectives and investment priorities of the company’s capital management strategy, including

an explanation of the key criteria and underlying assumptions used to assess capital allocation

opportunities

• The policies governing what the company regards as capital, including an explanation of the

company’s approach to distinguishing between maintenance capital, and capital that is used for

growth

• The process by which capital allocation decisions are made by the company, how often policies

regarding capital management are reviewed, and how performance of these decisions are assessed

over the long term

• The role of the Board in setting the Capital Management Strategy, with discussion regarding its

responsibility in providing oversight over final capital allocation decisions and reviewing past

performance


Slide 40

PwC

Navigating the stakeholder agendaPriorities for this year – long-term reporting

Viability statements

FRC Annual Review of Corporate Reporting, page 29

“…improvements have not been widely identified in the quality of companies’ viability statements, and investors are therefore getting limited value from this disclosure. Investors would welcome further explanation of the factors taken into account when making an assessment of viability including explaining why a company has selected its period of assessment and how this aligns to the business cycle, the potential exposure of different parts of the business to one or more risks materialising, and an explanation of the extent of resilience of the company as a result.”


Slide 41

PwC


1 2 3

4 5

7 8 9

Show relevance & priority of principal risks6

Investment Association Guidance on viability statements

Consider time horizon beyond 3 – 5 years

Distinguish prospects (long term plan) from viability

Explain period chosen through more than strategic (medium term) plan

Consider current state of affairs & assumptions in plan

Be clear on impact on sustainability of dividend policy

Discuss specific mitigating or remedial actions

Be clear on scenarios tested and outcomes

Consider carrying out reverse stress testing


Slide 42

PwC


FRC draft Guidance on the strategic report

Three encouragements to provide a longer-term view on risks

‘Entities should communicate relevant information that enables shareholders to assess the factors that may have an impact on the long-term success of the business. This may involve looking beyond the strategic planning horizon of an entity.’1

Linkage example ‘Principal risks may result in threats to solvency and liquidity. An entity should consider the period over which principal risks may crystallise and how these have been taken into account when, where relevant making the viability statement. Where a viability statement uses a timeframe shorter than that over which risks may crystallise, the entity should explain the potential impact of these long term risks on the entity’s viability.’

2

‘Where the entity is facing long-term systemic risks which may have a material effect on the entity’s ability to generate and preserve value in the long term, for instance risks arising from climate change or risks arising from changing technology, the strategic report should explain how the directors expect the entity’s strategy and business model to change in response to those risks.’

3FRC draft Guidance on the strategic report, paras 6.14, 7.24 & 7.25


Slide 43

PwCPwC

GDPR

David Carney


[email protected]

Slide 44

PwC

An overview of the GDPR – why is it important?


Slide 45

Law that regulates the processing of personal data.

Comes into effect in May 2018, but the legislative journey began in 2009.

All sectors of the economy are regulated and all living individuals protected and empowered.

Scope extended to Data Processors (service providers).

Global reach – legislation is extra-territorial.

Financial, regulatory, operational and reputational consequences for non-compliance.

1

2

3

4

5

6

A new ‘Accountability Principle’:

‘The controller shall be responsible for, and be able to demonstrate compliance…….’

Intention is to put people back in control of their data and to improve how personal data is handled and used.

PwC

An overview of the GDPR – what has changed?


Slide 46

A new ‘Transparency Framework’

• Entities need to be much clearer about how they use personal data.

• Consent rules are toughened up, with new proof requirement.

• Individual rights are boosted.

• Mandatory breach disclosure, means entities must come clean after failure.

• Enhanced rights of regulatory inspections and audit.

A new ‘Compliance Journey’

• ‘Privacy by Design’ means entities have to get data handling right from the start.

• ‘Privacy Impact Assessments’ will have to be carried out routinely.

• ‘Accountability’ means compliance activities need to be undertaken and evidenced.

• ‘Data Portability’ means that people will be able to take their data away with them.

• ‘Right to be Forgotten’ means that people will have greater power to demand deletion.

A new ‘Punishment Regime’

• Tougher enforcement powers for regulators.

• Financial penalties at 4% Annual Worldwide Turnover.

• Compensation rights for distress.

• Data Processors liable in their own right.

PwC

An overview of the GDPR – what has not changed?


Slide 47

Is your business compliant with existing regulation? If not, the step up is more onerous.

Principles - Personal data must be:

(a) Processed fairly, lawfully and in transparent manner

(b) Collected for specific and legitimate purposes, and used only for the purpose obtained

(c) Adequate, relevant and not excessive

(d) Kept accurate and up to date

(e) Not kept longer than necessary

(f) Kept secure

PwC

The local regulatory environment


Slide 48

Guernsey legislation

• The Data Protection (Bailiwick of Guernsey) Law, 2017

Jersey legislation

• Data Protection (Jersey) Law 2018

• Data Protection Authority (Jersey) Law 2018

Both laws are intended to be ‘equivalent’ to the GDPR.

Both islands are seeking to maintain their ‘adequacy’ status which enables free movement of personal data with the EU.

New Guernsey and Jersey regulatory bodies to be established.

PwC

Risks and challenges – which area is of most concern for you?


Slide 49

Reputational

Non-compliance with the GDPR could result in brand damage, loss of consumer trust, loss of employee trust, and customer attrition.

Operational

Data subjects can impose data processing bans, suspend data transfers, and order the correction of an infringement. This could result in restricted EU operations and invalidated data transfers.

Financial

Fines of up to 4% of the total global annual turnover can be enforced depending on the breach severity. You may also experience loss of revenue, and high litigation and remediation costs.

Regulatory

Regulators may require the provision of information, conduct audits, and obtain access to premises if they determine it is necessary.

PwC

What does GDPR ‘good’ look like?

1. There is an organisational view on what data privacy means.

2. You understand how privacy and data protection fit in to your overall strategy.

3. There is a clear understanding of what data is held, where it is and who has access to it.

4. You know how well you are protecting the data, and where you are not.

5. The risks introduced to the data by third parties are well understood and managed.

6. The data is being used for the purpose that you have committed to, and nothing more.

7. Your privacy model is designed with agility in mind given the ever changing privacy landscape and changes in strategy.

8. You understand your legal obligations here and abroad and you are tracking developments in regulation.


Slide 58

PwC

What might a good GDPR programme look like?


Slide 51

Data discovery and mapping

Tech stack functionality to deliver subject rights

Culture, training and change

Roles and responsibilities

Third parties/ Vendor risk management

Breach management

Risk management and governance systems

Policies and controls design

Project Management Office

Ongoing programme maintenance

Embed new processes and controls

Remediation – Fix identified issues

PwC

Emerging market trends in GDPR programmes


Slide 52

Internalaudit

Programme assurance

Second opinion requests

Contentious business

• Uplift in IA inquiries for GDPR support.

• Programmes are starting to mature to the point of needing validation and testing.

• GDPR is now residing on corporate risk registers, because generally the IA cycle is closely connected to the content of those registers.

• Programme assurance looks at whether the set-up of the programme is optimised (vision and strategy; governance; requirements and metrics)

• Programme assurance also monitors the delivery of the programme and checks it’s on track measured against the programme requirements and metrics.

• Organisations are seeking second opinion on whether the right programme choices have been made.

• Requests are concerned with the quality of the choices made on the actual programme priorities and content.

• There is a shortage of skilled data privacy professionals in-house.

• An increase in awareness of the litigation risks involved in getting data protection wrong.

• Organisations starting to notice that there is more to GDPR than fines.

• New focus on Personal Data Breach notification, with organisations thinking afresh about how they will handle things going wrong.

PwC

What are Audit Committees asking?


Slide 53

Is it too early to audit the GDPR programme?

What should be in my internal audit scope?

How do I upskill my team to do this?

• Timing – GDPR will be in effect in four months and now is the perfect time for an audit as it will uncover areas of unmitigated risk and provide early and actionable feedback.

• Value add – A lot more value can be added by doing an audit before rather than after a regulatory breach.

• Programme scope –Obtain confidence on the programme scope, approach and resources. Failure to deliver is often a result of poor scoping, ineffective leadership, insufficient resourcing and expertise.

• Key questions – Is the programme considering all the relevant risks? How are they engaging with the business? Are they hitting their milestones?

• Core skills – The same basic principles apply to the GDPR programme (as they do to others) as it relates to appraising risk, running a compliance programme and embedding change.

• Supplementing the team – Data Protection experts can help ask the right questions and identify risk areas.

PwC

GDPR - closing thoughts

The GDPR is effective from May 2018

• Many businesses will struggle to be compliant by then

• Need to at least ensure you understand the risks and that you are working to a prioritised plan

Compliance will be a journey – regulatory guidance and industry practice will continue to involve.

Consider how you deal with data privacy risks in a business-as-usual context:

• Privacy control framework

• Three lines of defence model

• Third party assurance

• Board reporting and oversight

• Regulatory engagement


Slide 54

PwC

Thank you!

This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the

information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or

completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, its members, employees and agents do

not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information

contained in this publication or for any decision based on it.

© 2018 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to the UK member firm, and may sometimes refer to the PwC network. Each

member firm is a separate legal entity. Please see www.pwc.com/structure for further details.

170602-163110-KA-OS


Slide 55

Documents

Audit Committee Network Audit Committee Network Accounting developments Iain Selfridge January 2018 [email protected] Slide 2