|
Navigation: Previous Page | Contents | Next Page
Chapter 4
Interaction between custodians,
responsible entities, trustees and auditors
4.1
This chapter presents the evidence from the second part of the
gatekeepers' roundtable. It deals with the interactions shown in diagram 4.1 (next
page) between custodians, responsible entities (REs), trustees, and the
auditors of a registrable superannuation entity (RSE) trustee and an RE. Key issues
such as the responsibility for asset valuation, portfolio disclosure and asset
verification are also dealt with.
4.2
As was the case in chapter 3, when considering the evidence presented in
this chapter, it is important to bear in mind the different business models
that the various gatekeepers operate and the potential impact that those
differences can have on the interactions between gatekeepers. As discussed in
chapter 2, the different business models that have relevance in this chapter
include:
- the different RE structures including internal REs and external
REs;
- the combination of trustee functions whereby a company may offer
custody, trustee and RE services;
- dual regulation where an RE is also licenced to provide RSE
services; and
- the fact that an auditor may be the only truly independent
gatekeeper in a situation where a large financial services corporation provides
research, custody, trustee, RE, fund manager, financial planner and financial
adviser functions.
Role of the custodian
4.3
The committee's inquiry into the collapse of Trio Capital Limited (Trio)
identified two misconceptions over the role of custodians. Firstly, even though
custodians hold legal title to their client's assets, they do not exercise
discretion over how the assets are managed or invested. Custodians only act on
the proper authority of their direct client or authorised agent. In effect,
they are a 'bare trustee'. Secondly, although custodians undertake regular
valuations of client assets and report to the client on all custodially-held
assets as required under the custody agreement, the custodian is not required
to confirm the existence of the underlying assets.[1]
4.4
However, the Australian Custodial Services Association (ACSA) indicated
that if a custodian suspected mismanagement within a managed investment scheme (MIS),
they would notify the Australian Transaction Reports and Analysis Centre, the
Australian Securities and Investments Commission (ASIC), or the Australian
Prudential Regulation Authority (APRA) in the case of superannuation funds.
Both Mr Paul Khoury, Deputy Chairman of ACSA, and Mr Pierre Jond, Chairman of
ACSA, stated that these notifications were rare, and much less frequent than
once a year.[2]
4.5
Given the limited role of a custodian, the committee sought
clarification over which gatekeepers were responsible for valuing assets,
verifying assets, and exercising discretion over the investment of assets.
These responsibilities are discussed in the following sections.
Asset valuation
4.6
The Trio inquiry revealed the difficulty with establishing an accurate
and robust valuation of assets, especially when those assets are held in
overseas hedge funds. Indeed, despite the assertions of ASIC and APRA to the
contrary, the committee was not convinced that the principal underlying asset
of one of the fraudulent funds, the ARP Growth Fund, ever existed and had
value.[3]
4.7
The valuation of assets is undertaken by the custodian in accordance
with the information it receives from the trustee or RE and its investment
managers, and/or agreed independent price sources.[4]
4.8
The process undertaken to value assets depends on the nature of the
assets and the availability of independent price sources. In the case of listed
securities, a custodian would normally source both primary and secondary prices
from 'reputable pricing and information vendors in the securities industry'.[5]
Typical sources for listed securities would be Bloomberg and Reuters.
4.9
Mr Jond noted that if the listed securities were invested overseas, a
custodian would appoint a local banker in the overseas market to act as
subcustodian, and would conduct regular due diligence on the overseas
subcustodian.[6]
4.10
ACSA also explained the principles underpinning off-shore asset
valuation:
There is no consistent single practice across ACSA members
for the location of staff who perform net asset valuation calculations. That
said, a common practice, especially with the global banks, is to have some of
the pre-work and first order calculations performed in offshore locations. This
can include trade and corporate action processing, sourcing of asset prices and
initial validation checks. Where any use of offshore locations is conducted,
the following principles are adhered to:
1) The staff performing the work are employed by the relevant
organization. That is the work is not 'outsourced' to a third party. They are
staff of that organization and held to the same code of conduct and other
expectations as if they were local staff.
2) Similar operational controls are performed as would be
performed if the work was conducted locally.
3) The client location (in this case Australia) retains full
accountability for the end product and often (but depending on each ACSA
member’s operational layout, possibly not in every situation) staff in
Australia perform the final validation of the net asset valuation and release
to the clients. This also means that the Australian staff would be responsible
to explain any questions arising from the net asset valuation for the
Australian clients.
4) The offshore locations are subject to Australian audit
controls and oversight.
5) Onshore clients are able to visit and conduct due
diligence of operations run outside of Australia.
It is worth noting that, where it is available, the use of
offshore locations achieves a global best practice so that Australian investors
get the benefit of scale, knowledge, operating controls and systems development
that is representative of the same core business approach as for the largest
global funds.[7]
4.11
By contrast, in the case of unlisted securities or illiquid assets, or where
pricing and information vendors are not available, the custodian would take
pricing instructions from the client (the investment manager or RE) 'on an
"as is" basis, with no additional checks other than certain tolerance
checks'.[8]
4.12
BT Financial Group emphasised that responsibility for determining
valuation methodologies and mechanisms lies, depending on the circumstance,
with the RE or trustee:
In terms of trustees' expectations of custodians in the
valuation of assets (especially overseas assets and non-exchange traded
assets), the relevant regulation (the SIS Act and APRA’s Prudential Standards)
makes clear that the responsibility for determining appropriate valuation
methodologies for ALL assets of the superannuation fund is that of the trustee.
The Corporations Act also specifies that a responsible entity
is required to ensure that the property of the managed investment scheme is
valued at regular intervals appropriate to the nature of the property – which
includes determining the methodology for valuation.
With respect to responsibility for obtaining robust and
independent valuations of overseas assets and underlying asset values, it is
our view that trustees and REs are responsible for ensuring that such
valuations are obtained. The mechanism for obtaining the valuations will be
part of the methodology determined by the trustee/RE.[9]
4.13
One Investment Group agreed with the division of responsibilities in securing
and valuing the underlying assets of a scheme:
It is our view that the role of a Custodian is to primarily
hold assets on behalf of a Responsible Entity and to act on the proper
instructions of a Responsible Entity in relation to those assets. Whilst a
Custodian may be expected to question suspicious transactions in relation to
the assets in a scheme, their role is limited to notifying the Responsible
Entity and/or ASIC.
We believe that the expectation of the role of the Custodian
in valuing assets is unjustified and note that the obligation to ensure the
accuracy of the asset values rests with the Responsible Entity.[10]
4.14
The Trio inquiry had found that like the auditors and custodians, the
research houses had relied on the information provided by Trio without
verifying the accuracy of the information. Mr Epstein stated that he did not
expect a research house to verify the existence of assets, and reiterated that
it was the role of the RE to scrutinise the fund operations.[11]
4.15
Ms Karen Volpato, Senior Policy Adviser at the Australian Institute for
Superannuation Trustees (AIST), concurred with the other roundtable
participants that when an agreed price source is not available to independently
price assets, the responsibility for obtaining a price falls on the trustee.[12]
4.16
The AIST noted that for unlisted assets such as direct property and
infrastructure:
There is a formal process for the appointment and review of
valuers by Investment Committees and Boards. ... In addition to the formal
processes of appointing valuers, a fund may also appoint a suitably qualified
expert to undertake a due diligence process in terms of valuation practices.
Directly held assets are valued by qualified experts.[13]
Asset disclosure
4.17
In his evidence to the Trio inquiry, Mr Greg Medcraft, Chairman of ASIC,
noted that the basic premise of an efficient market is the availability of information.
He argued that the lack of disclosure to investors around scheme assets 'is a
key weakness' in the system.[14]
4.18
From 1 July 2013, MySuper replaces existing default superannuation
products.[15]
The new MySuper regime requires the disclosure of portfolio holdings through
quarterly reports. The steps are set out in the following diagram taken from
the Explanatory Memorandum to the Superannuation Legislation Amendment
(Further MySuper and Transparency Measures) Bill 2012.[16]
Diagram 4.2
4.19
In diagram 4.2, ABC Super is an RSE licensee that invests assets through
a custodian into MIS 1. MIS 1 is a fund of funds that makes investments into
other funds such as MIS 2. There are a series of notifications that must occur
between ABC Super, the custodian, MIS 1 and MIS 2 (indicated by the arrows on
the right hand side of the diagram). However, MIS 2 also has disclosure
requirements:
Managed Investment Scheme 2 will also have an obligation to
provide information directly to ABC Super that is sufficient to identify its
financial product, the financial products it acquires with the assets and other
property that it acquires with the assets as well as the value of ABC Super’s
investment in each of these things.[17]
4.20
The committee understands that the requirement on RSEs to report to APRA
commences 90 days after 1 July 2013. The requirement to report to ASIC will
commence 90 days after 1 July 2014. ASIC has advised the committee that it is
currently providing feedback and assistance to Treasury on the drafting of
regulations in relation to portfolio holdings disclosure.[18]
Previously, the proposed commencement of reporting to ASIC was 90 days after
31 December 2013.
4.21
Mr Khoury remarked that portfolio disclosure through quarterly reports
will impose significant additional work on custodians to supply the underlying
data. He acknowledged that custodians, REs, RSEs, ASIC and APRA were all busy
preparing for the new regime.[19]
4.22
ACSA also questioned the practicality of enforcing an Australian requirement
for asset disclosure on funds domiciled overseas.[20]
Mr Khoury said that there were practical difficulties in trying to source data
from complex overseas structures each comprising multiple subholdings.[21]
4.23
Mr Epstein went further and said that the requirement for an overseas
scheme to report back to an RSE licensee was unrealistic because overseas hedge
funds were not going to comply with disclosure requirements at the asset level.[22]
4.24
Recognising that Australian law does not cover overseas jurisdictions,
the AIST said that Australian super funds use a 'best endeavours' approach to
underlying assets.[23]
4.25
The committee is concerned that another 'expectation gap' could be
created between what is expected of custodians and what they are actually able
to deliver. Mr Khoury replied that in working closely with industry and the
regulators, ACSA was being clear about what the limitations were in terms of
reporting on underlying assets.[24]
4.26
In relation to the MySuper reforms on portfolio holdings, Mr Graeme
McKenzie, Partner and Global Head of Pensions at Ernst & Young, expressed
concern about the usefulness of collecting such large quantities of data. He
also pointed to the potential for another expectation gap to arise and said
that with so much data being fed back to APRA, there could be an (unrealistic)
expectation that APRA would be able to analyse it all and become aware of a
problem before it manifests:
From an external audit perspective, the new requirements are
quite demanding. The data points are increasing tenfold, and in some entities
there are up to 5,000 data points that we need to actually verify. So it is
quite a challenge. The whole industry has tried very hard to get on board and
put things in place. I think APRA has been fairly understanding and they have
pushed back by a year some aspects of the reporting, but the reporting is
coming; it is not as though it is going away. In some ways, I have maybe a
perverse view on the expectation gap, because I have a slight concern that APRA
is going to have so much data, and it will be a question of what they do with
that data. In this industry something will go wrong. It is just inevitable that
a fund, perhaps, will have some issues. I must say that I have several concerns
from an APRA perspective, because there might well be an expectation of: 'Hang
on, APRA. You've actually collected this data. What have you done with it? What
have you analysed?' Right down in the detail there is an issue with a
particular subfund managed scheme or whatever else. I am not sure that APRA has
necessarily turned their mind to this—and I am not saying they have not. But I
must say that, with so much data being collected, it is difficult to see, from
my perspective, what meaningful information will come back the other way in
relation to the MySuper product.[25]
4.27
Mr Everingham of Lonsec stressed that having the right data was just as
important as the volume of data. He emphasised that the key factor contributing
to risk and return in any portfolio was actually the asset allocation rather
than any one particular investment. He argued that the key disclosure related
to whether the asset allocation in the portfolio reflected the original
intentions of the investor:
I want to make a point about what we would consider useful,
because clearly you have to strike a balance between the volume of the
information and the usefulness of it. When it comes to disclosing what is in
portfolios, the contribution to the risk of the portfolios and the contribution
to the return of the portfolios for investors is by far and away dictated by
the asset allocation in the portfolio as opposed to any one individual
investment. I think the more important disclosure is to ensure that an
investor's asset allocation is staying within the parameters that were intended
when the investor went into the portfolio, rather than more and more micro
details down to which individual stock they are holding, because then what is
to be done with that information?[26]
4.28
Mr Thomas drew a distinction between straightforward disclosure in
vanilla markets (such as equities and bonds) and the vastly more complicated
world of derivatives. He agreed with Mr Epstein's point that it was very
difficult to get to the end point of the investment chain because hedge funds
make extensive use of derivatives that can significantly impact on risk return
ratios. Because derivatives are so complex, Mr Thomas said that the extra
disclosure would be unlikely to facilitate an increased understanding of the
risk dynamics of a particular underlying asset. Compounding the scale of the
problem is the huge size of the derivative market which dwarfs the size of the
global economy:
In relation to disclosure, in the vanilla markets, yes, you
have a share portfolio and you can see that you have got 10 per cent with BHP
and NAB et cetera. I think Mr Epstein was touching on a very valid point, that
sometimes disclosures do not really get to the end point because, in the world
of hedge funds, derivatives can make a significant impact to the risk return
dynamics that Mr Everingham is talking about and it is not transparent, even in
the disclosure, as to what that dynamic or the skews of the return or the risk
may be—notwithstanding deceptive conduct, because that is quite a separate
issue. The derivative world is a huge world. It is much bigger than the GDP of
the global economy; I think it is tenfold in terms of assets. It exists and it
is a big part of investing. In most cases it is risk management, but in some
cases in the hedge fund world it can skew the underlying piece. The provision
of information is overwhelming, let alone being able to understand what
derivatives are. I do not think it would add too much to the piece.[27]
4.29
Mr Brennan said that disclosure in jurisdictions such as the United
States and the United Kingdom was more detailed than in Australia:
I was involved in RAN, a mutual fund company in the United
States for 3 years. We had several funds. All of the holdings of each of those
funds in that family were disclosed—the name, the number of holdings, the
dollar value of that exposure—for each of those assets every 6 months. Those
statements in turn were audited by our external auditor to ensure they were
absolutely correct. They were then entered into our public disclosure document,
in that case, our prospectus. It made a lot of sense for us.[28]
4.30
Having acknowledged that greater disclosure was coming to Australia,
Mr Brennan said that the essential factor would be to allow the RE to
determine the appropriate level of disclosure because this could help ensure
that disclosure to the investor was valuable:
I think it always comes to the appropriate level of
disclosure. I think you need to disclose certainly the top 10 or 20 holdings or
a substantial part of the portfolio so that the investor can see it is an
Australian equity fund: 'Lo and behold! It is invested in Woolies and BHP and
RTZ. They are Australian names that I recognise and therefore am pretty certain
it is an Australian equities fund.' So I think that level of disclosure makes a
lot of sense. I think, though, when you get into very complex structures, which
sophisticated investors wish to invest in, where you may have a number of funds
below an overarching fund and then going down within those and commingling up
the BHP holdings of all of them, you may in fact do nothing more than actually
mislead. So I think, and I hope, that the disclosure will allow the RE to
disclose in a way that is appropriate and is revealing to the investor as
opposed to misleading to the investor, because this is a complex area and can
easily mislead.[29]
Committee view on portfolio
disclosure
4.31
The committee notes that two elements of the new MySuper
requirements require resolution:
- firstly, the practicality of getting the requisite information
from overseas entities; and
- secondly, the relative usefulness of the new information.
4.32
ASIC has stated that it cannot insist on the offshore fund reporting to
the trustee as to where the money has been placed. However, ASIC expects that
the trustee would report the initial offshore investment to the extent that it
is known to the trustee.[30]
The committee believes that if there does prove to be difficulty in gaining
information on portfolio holdings from overseas entities, ASIC should
investigate to determine whether the problem is systemic or circumstantial.
4.33
The committee also notes that the government is interested in extending
portfolio holdings requirements to managed investment schemes. ASIC has noted
to the committee that it 'has consistently expressed its full support for this
position'. It has told the committee that the value of portfolio holdings
disclosure applies equally to superannuation funds and managed investment
schemes.[31]
The role of auditors
4.34
Auditors perform a series of critical roles within the financial
services system. There are internal auditors (internal to an entity such as the
members of an entity's audit committee) and independent external auditors. The
roundtable was concerned principally with the role of independent external
auditors, including their relationships with audit committees. External
auditors conduct audits of various entities including custodians, RSEs and REs.
External auditors audit the financial statements of an entity and also carry
out compliance plan audits where they check that an RE has complied with an
MIS's compliance plan and whether the plan continues to meet the requirements of
Part 5C.4 of the Corporations Act.
Asset verification
4.35
One of the key expectation gaps identified in the Trio report was the
frustration expressed by regulators and investors over the inability of
financial and compliance plan auditors to verify information. In terms of
diagram 4.1, the committee was keen to determine who was responsible for
verifying the existence of underlying assets and how this would be achieved in
practice, particularly if those assets were held in an overseas hedge fund. The
committee recognised that the process of verifying assets becomes even more
problematic when, as in the case of Trio, one or more of the directors of the
RE is complicit in fraudulent activity.
4.36
Mr Amir Ghandar, Policy Adviser for Audit and Assurance at CPA Australia,
said that the external auditor of the financial statements was responsible for
obtaining reasonable assurance 'as to the existence of the assets on the
balance sheet' at the time of the annual audit.[32]
CPA Australia confirmed that:
The same standards of obtaining reasonable assurance apply to
all assets on the financial statements, regardless of whether those assets are
held in Australia or overseas.[33]
4.37
However, Mr Ghandar recognised that the RE had an ongoing hands-on role
in ensuring the security of scheme assets:
the responsible entities in terms of the assets within the
fund have a really crucial role and perhaps more of a day-to-day and
during-the-year role and maybe a more granular role than when you are looking
at the case of a large set of financial statements. But, in saying that, I
think in a complex system which involves quite a number of different players,
what is really important with more accessibility to everyday Australians is
that the information that gets to those Australians is in a format that they
can understand, that is clear and that is reliable—and that is a big part of
what auditors do in terms of the annual financial statement audit.[34]
4.38
Mr McKenzie confirmed the central role played by the external auditor in
confirming the existence and robust valuation of underlying assets,[35]
but he also drew attention to the significant difficulties in detecting fraud:
To be frank, from an external audit perspective, it is very
challenging when there is fraud. We often send confirmations out to confirm the
existence and valuation of assets. You receive a confirmation back in good
faith. Certainly the antennae might be up if the fund is perhaps externally
based overseas, so you might well dig a little deeper, but if you are receiving
information back that appears bona fide it can be, I must say, quite a
challenge.[36]
4.39
While recognising the vital role that financial and compliance plan
auditors play in providing reasonable assurance to investors with regard to the
position and performance of a scheme, One Investment Group argued that an
expectation from investors that an auditor will provide absolute assurance that
a scheme is free from error or fraud is 'unrealistic'.[37]
4.40
Furthermore, One Investment Group pointed out that the directors of a RE
play the central role in ensuring the accuracy of financial statements, the
proper operation of a scheme, and the protection and security of a scheme's
investments.[38]
4.41
In effect, the RE is responsible for verifying the existence of scheme
assets on an ongoing basis, whereas the auditor is responsible for obtaining
reasonable assurance as to the existence of the assets at the time of the
annual audit.
4.42
Both One Investment Group and BT Financial Group pointed out that it is
also the role of the RE to appoint an auditor of sufficient capacity and
competency to undertake the required audits.[39]
4.43
Mr McKenzie of Ernst & Young set out the process that an external
auditor would go through to gain assurance regarding the assets of an MIS
managed by an RE:
We may have some interaction with the auditor of the
responsible entity of this investment management fund if the investment is a
controlled investment of the entity that we are auditing-so a very significant
investment. But if it is a 'normal' investment, we would more typically go
straight to the investment manager because we have no contractual
relationship-and, indeed, typically it would certainly be a different firm or a
different partner who would be responsible for that other audit of the
responsible entity. And looking at many of the funds that we would audit, there
would be multiple funds that ultimately a superannuation entity would enter
into and so this diagram [diagram 4.1] on the right-hand side could be
replicated 20 different times.[40]
4.44
Mr McKenzie explained the interaction between the auditor of the
custodian and the auditor of the investment manager that will be signing off on
the financial statements. He said that each custodian would have one auditor
that went in to test the internal controls, and provide assurance over the
existence and valuation of those assets that they are able to verify. In the
case of unlisted securities, the custodian auditor would typically flag any
particular securities that have not been tested. When the receiving audit firms
gets the opinions, it is then incumbent on that audit firm to approach the fund
manager and get confirmation on asset existence and value for the unlisted
securities that were not tested by the custodian auditor. Mr McKenzie said that
this mechanism for reporting between auditors is transparent, efficient,
effective and has been adopted globally:
There is an audit guidance in relation to dealing with both
investment managers and custodians, GS 007, which sets out fairly clearly the
responsibilities and the rights of both the user auditor—the auditor who is
ultimately signing off the set of financial statements—and the auditor of, in
this case, the custodian. There is quite a standard mechanism for sign-off of
internal controls at the custodian, which has been in place for many years,
where the custodian's auditor will go in and test the overall control
environment at the custodian. That is an efficient and very effective
mechanism. I cannot speak on behalf of the custodians, but as opposed to having
every audit firm in Australia—be it State Street or BNP et cetera—going into
it, you have one organisation very familiar with that organisation doing the
control report.
That control report is a very transparent report. It clearly
states that there are stated control objectives that have to be covered off in
relation to a custodian. They are clearly stated in the GS 007, which was a
development made over the last four or five years by the auditing standards
board which states that you must cover off these control assertions. It is very
transparent reporting on the testing that has been performed and on the results
of that testing. That mechanism has been in place for many years. It has been
adopted both locally and internationally, and I think that it is an efficient
and effective way of gaining assurance over the controls that are operating.
On the question of asset existence and evaluation, under this
GS 007 audit guidance standard there are mechanisms where the auditor of the
custodian can provide that assurance to the ultimate auditor. The ultimate
auditor, and indeed the trustee or the responsible entity, does not necessarily
have to have that assurance. It is not as though it is forced upon them. But,
again, it is seen as an efficient and effective way to gain assurance. So as
opposed to each audit firm going in and testing valuations of, let's say, BHP
shares for this managed scheme and that managed scheme, the one audit firm will
test BHP in this case across all of the schemes and ultimately report that to
each of the individual auditors. So it is, as I say, an effective mechanism; it
is efficient. The reporting back is quite transparent.
... the existence of valuation of standard style investments—equities
and fixed interest et cetera—is fairly straightforward, to be honest, and quite
mechanical in how that is done. Where an issue arises, as we have also heard,
is where it is an unlisted security. Typically, the auditor of the custodian
will not form a view on those types of assets and will specifically call out in
their audit opinion that they have not conducted testing on these assets—they
typically will have a reference schedule where they are all listed.
Arguably, there has been a potential failing where receiving
audit firms have got the opinions. They say, 'Great, we've got an opinion from
Ernst & Young, PricewaterhouseCoopers or whoever else. Okay, we're done,'
without detailed reading of what is included and excluded. I do not think this
is a widespread issue, but I can see that it could happen. I know that some of
my graduates get the files and say, 'We're done,' and I say, 'No, we are not
done at all.' In these particular assets, where the other audit firm has not
provided assurance at all, we must dig deeper, issue confirmations and get
information from the fund managers ourselves on the existence and the valuation
of the assets. You are right in saying that there is a mechanism in place. It
is a well-documented and approved mechanism, if you like, through the auditing
standards. I think it is efficient and effective, but, on the use of the
material, you really need to understand what you are getting when you get the
material; you must understand those reports in a lot of detail.[41]
4.45
In an answer to a question on notice, ASIC told the committee that as
part of its audit inspection program report for 2011–12, it found that auditors
of compliance plans 'did not always obtain sufficient and appropriate audit
evidence on which to base their conclusions'. This included:
- whether the compliance plan continued to meet the requirements of
Pt 5C.4 of the Corporations Act;
- the adequacy of procedures for reporting and assessing breaches
of the compliance plan;
- the assessment of whether the service organisation auditor’s
report could be relied on in relation to outsourced functions, risk assessments
performed by the auditors, and the relationship to work performed on areas of
the compliance plan audit; and
- the testing of specific areas, such as subsequent events up to
the date of issuing the compliance plan audit report, net tangible asset
calculations (for the responsible entity), and cash flow projections.[42]
4.46
Mr McKenzie also pointed out that auditors of financial statements are
registered with ASIC and submit annually information about the audits that they
have conducted. However, he did not necessarily see a need for compliance plan
auditors to be registered with ASIC, and said that Ernst & Young had a risk
management policy that authorised only a small number of suitably qualified
partners with the requisite levels of professional scepticism to sign
compliance plan audits.[43]
Relationships between the auditor
of the financial statements and the compliance plan auditor
4.47
Under section 601HG(2) of the Corporations Act, the auditor of an
entity's compliance plan cannot be the auditor of that entity's financial
statements, although the auditors may work for the same audit firm.[44]
However, as Ernst & Young point out, 'there is no prohibition on the
compliance plan auditor also performing the statutory audit of the fund's
financial statements'.[45]
4.48
The committee sought clarification on why these auditing duties were
separated, what impact, if any, it had on auditor performance, and which of the
auditors would have responsibility for detecting fraud. Ernst & Young
explained their understanding of the separation of compliance and financial
statement auditing functions:
We understand that the segmentation between compliance plan
auditor and the auditor of the Responsible Entity (RE) (not the fund
financials) is due to the philosophy that the compliance plan auditor should
have the best interest of the investors in the fund front of mind, while the
auditor of the RE should consider more the interests of the shareholders of
that corporate entity. There appeared to be a belief that there may be a
conflict of interest if auditing both the compliance plan and the RE.[46]
4.49
While the separation of auditing roles was 'not a major concern' for
Ernst & Young, it stated that:
The separation does not inhibit the performance of effective
and robust compliance plan audits, but there is no doubt that having separate
partners involved on what is effectively the one audit is less efficient.[47]
4.50
The committee also asked ASIC why the auditor of the entity's compliance
plan cannot be the auditor of the entity's financial statements. ASIC
responded:
The independence and objectivity of the auditor is an
important contributor to audit quality and market confidence in the
independence assurance provided by the auditor. Having a separate person
within a firm audit the compliance plan to the auditor of the financial report
of the responsible entity can only enhance the independence and objectivity of
the auditors. The risk and perception that the auditor may be less willing to
raise and report concerns in the compliance plan audit to avoid any impact on
the relationship with the responsible entity and fees from that entity is
reduced.[48]
4.51
As noted earlier, the directors and managers of the RE are charged with
the responsibility to establish appropriate risk management systems to reduce
the risk of fraud with regard to a registered MIS. It was also noted that the
auditor of the financial statements is responsible for obtaining reasonable
assurance as to the existence of scheme assets.
4.52
In terms of the assets of an MIS, Ernst & Young noted that although
the compliance plan auditor would seek assurance about scheme property, 'typically
such assurance will be provided to the compliance plan auditor from the financial
auditor'.[49]
4.53
Given the separation of duties between a compliance auditor and
financial statement auditor, Ernst & Young said that in general, a
financial statement auditor would be 'better placed to identify instances of
fraud' and that:
it would be unlikely, but not inconceivable, for a compliance
plan auditor to identify instances of fraud. We form that view based on the
quite specific role that a compliance plan auditor executes, being the
assessment of whether the Plan complies with the Law and the operation of that
plan in practice, as opposed to the broader role of a financial auditor.[50]
4.54
Nevertheless, both CPA Australia and Ernst & Young stated that an
external auditor (compliance auditor or financial statement auditor) would
report fraud to senior management and the directors (generally via the Audit
Committee) and to ASIC.[51]
4.55
ASIC confirmed to the committee that a compliance plan audit is not
designed to identify fraud. It noted that the audit might identify a failure to
apply controls which would may help reduce the risk of fraud occurring and in
this way may attract attention to a fraud.[52]
Suggestions to improve audit
quality
4.56
The committee acknowledges that the audit profession is pursuing global
and domestic initiatives and working with ASIC to improve audit quality and to
render audits more meaningful for investors.
4.57
Dixon Advisory recommended three steps to improve audit quality within
the existing regulatory framework rather than trying to raise the threshold for
reasonable assurance (which would be unlikely to pass a cost benefit analysis):
- Requiring that the audit of
managed investment schemes is more robust as investors and the public
confidence in the financial system rely on the audits being performed to a high
standard. The cost of this will ultimately be borne by the investor but the
audit opinion will be more meaningful.
-
Putting more focus on using
emphasis of matter paragraphs and highlighting these to the investor if there
is uncertainty in the financial statements. This is particularly relevant if
there has been uncertainty when testing the existence and/or valuation of
assets.
- Increasing the standard of the
half yearly audit review for managed investment schemes so that the chance of
fraud being uncovered on a timely basis is increased. A full audit every six
months would be more costly but the outcome of an audit is more useful to an
investor than that of a review.[53]
4.58
CPA Australia welcomed specific suggestions that would make audits more
meaningful for investors:
CPA Australia recognises the importance of the audits
conducted in respect of managed investment schemes for investors and the
public, and the need for these to be performed to as high a standard as
possible. We believe the standards applicable for managed investment scheme
audits are comprehensive, robust and internationally equivalent and are
committed to constant improvement in audit quality (see also CPA Australia’s
submission to the Committee dated 20 March 2013). We would welcome any specific
suggestions as to how audits could be made to be more meaningful for investors.[54]
4.59
CPA Australia also supported the use of emphasis of matter paragraphs to
highlight matters of importance and noted that the auditing profession is
currently drafting new standards in this area:
CPA Australia supports the use of emphasis of matter
paragraphs to highlight matters that are fundamental to users’ understanding of
financial statements. A substantial project currently being undertaken by the
audit profession is to expand the auditor's report to include narrative
information on key matters of audit significance (see also response to question
9(b) of the questions on notice from the Committee). Based on early draft
standards, we expect these enhanced requirements will include the auditor
providing information regarding uncertainty in the financial statements such as
accounting estimates with high estimation uncertainty. This model is expected
to be encapsulated in a draft standard to be exposed in July 2013.[55]
4.60
Ernst & Young noted that emphasis of matter paragraphs are typically
'used to highlight uncertainty - about the future financial performance, or the
outcome of a legal case, for example'.[56]
However, it stressed that the overuse of such paragraphs may be counter-productive:
While on first read of the above it may be concluded that
arguably there should be more emphasis of matters in audit reports, ASA 706[57]
does state that a proliferation of emphasis of matter paragraphs is not
desirable as it diminishes the effectiveness of an auditor's communication with
stakeholders. From an audit profession perspective we believe that it is more
desirable that companies/funds provide adequate disclosure in the financial
statements so that the need for emphasis of matters is diminished.[58]
4.61
Ernst & Young said that an audit is significantly more rigorous than
a review, and pointed out that their reviews contain a declaration stating that
the review does not express an audit opinion. It estimated that a review would
cost about one-third the amount of an audit.[59]
4.62
While acknowledging that performing an audit twice a year would increase
the level of assurance, CPA Australia pointed out that it would need cost-benefit
justification from an investor perspective:
Requiring an audit every six months would increase the level
of assurance obtained by the auditor in the half year engagement, and also
increase the cost involved in comparison to a half year review. It is critical
that any consideration of this suggestion is undertaken on the basis of the
costs and benefits from the perspective of investors.[60]
4.63
Dixon Advisory maintained that a twice-yearly audit would be manageable
because the additional costs would be spread across all unit holders in an MIS:
The cost impact per unit holder of the implementation of a
more robust audit program and an increased standard of half yearly audits is
unlikely to be material for the average MIS. This is because the cost will be
proportionately shared across all unit holders regardless of if they are an
active or passive investor. We are confident that unit holders would be willing
to pay this additional cost as it would provide active investors with more
reliable information on how their investment is being managed and passive
investors would view the additional cost as the price of 'peace of mind'.[61]
Structure of the auditing industry
and relationships with an audit committee
4.64
In the previous ASIC oversight report, the committee noted that the
structure of the audit industry is of particular interest given that four large
audit firms dominate the global and Australian audit market: PricewaterhouseCoopers,
Deloitte, Ernst & Young and KPMG.[62]
4.65
The previous ASIC report also highlighted the provisional findings put
forward by the Competition Commission in the UK that 'shareholders play very
little role in appointing auditors compared to executive management', and that
where the demands of executive management and shareholders differ, auditors
compete to satisfy management rather than shareholder needs.[63]
4.66
The structure of the audit industry and the conflicting pressures that
auditors face has raised concerns both internationally and within Australia
about the extent of competition within the audit market and the potential
impact on audit quality that arises when an audit firm has to balance
commercial pressures (retaining client contracts) with adherence to audit
quality (highlighting matters of concern in financial statements and/or
compliance plans).
4.67
In responding to a question about whether they believed the findings of
the UK Competition Commission were applicable to Australia, Ernst & Young
said that this was not how the interaction between auditors, management,
shareholders and directors worked in practice:
While globally and potentially locally the perception may be
that external auditors 'compete to satisfy management' the reality is quite
different. Certainly to ensure an efficient and effective audit it is
appropriate to have good, professional, working relationships with management,
however we clearly see that our ultimate stakeholder to be the shareholder.
From a practical perspective, that relationship is managed by Board Audit
Committees.
It should also be noted that shareholders, via the directors,
do appoint external auditors, not management.[64]
4.68
An audit committee is a sub-committee of the main board that acts under
delegated authority, furnishing a link between management, the board and the
external auditor. It provides the interface for discussions with both internal
and external auditors and its role is to ensure the 'integrity and transparency
of corporate reporting'.[65]
4.69
CPA Australia pointed out that they have 'publicly supported the UK
Competition Commission's proposals to strengthen the role of audit committees
and enhance shareholder engagement in auditor appointments'.[66]
It stated that because directors and audit committees represent shareholders
and investors and also function closely with the business, they are the group
best positioned to oversight the performance of the auditor.[67]
4.70
Ernst & Young said that the membership of the audit committee 'will
generally dictate how robust they are in their assessment of an external
auditor’s professional skepticism and work overall'. However, it did note that
since the Centro failure, audit committees 'have become significantly more
interested in the findings of the external auditor and engage/challenge with
more vigour than historically'.[68]
4.71
Ernst & Young also explained its interaction with an audit
committee, noting that not every RE has an audit committee:
If an RE has an Audit Committee (and not all do) then we
would have a range of interactions with them. At a minimum we would:
- provide a summary of our audit
plan/approach, provide engagement letters, inclusive of fees for approval;
- provide status updates and then
report back on the findings of the audit both in the context of the areas of
focus outlined in our audit plan and any new issues;
- cover a range of matters that we
need to address to those charged with Governance, including independence,
fraud, etc.
Where an RE does not have an Audit Committee, then the
interaction will vary depending on the overall corporate structure in which the
RE operates in, whether there is a majority of independents (and therefore no
need for a Compliance Committee), and the general preference/desires of the
Board. At a minimum we would provide a copy of our engagement letter and then a
letter to those charged with governance at the completion of the audit.[69]
4.72
In terms of the visibility of the contribution made by auditors, Ernst
& Young said that:
Much of the auditors' best work is done behind the scenes, in
discussions with client management about accounting requirements and key
judgments and assumptions, to help produce information that provides a true and
fair view and complies with accounting standards.[70]
Discussion on the role of trustees and the business and governance models
of responsible entities
4.73
The following sections present the roundtable discussion on the role of superannuation
trustees, the different business models and governance models used for REs, and
the role of compliance committees.
The role of the trustee
4.74
As explained in chapter 2, a trustee is a person or company that holds
or administers property or assets on behalf of a beneficiary. An APRA-regulated
RSE is required to have a trustee. An RSE, whether an industry or retail superannuation
fund, has a trustee board that is required to act in the best interest of
scheme members. Board membership in an industry fund typically has both
employer and employee representatives. By contrast, in a self-managed
superannuation fund (SMSF), the members are the trustees.
4.75
The three main licensed trustee company roles are debenture issuers, RE
and custodian. The role of the RE is similar to that of a trustee, but the RE
has more statutory obligations.[71]
As discussed in chapter 2, One Investment Group is licenced to act as a trustee
for an unregistered MIS and as RE for registered MISs.
4.76
Dixon Advisory agreed that, where necessary, trustees need to engage
independent experts to examine the assumptions and methodology used by
custodians in asset valuations. However, they also noted that auditors are
driving change in ascertaining the existence of underlying assets and their
valuation:
Our experience is that auditors are already driving
improvement in this area by ensuring that a process exists to make sure the
assets held by custodians exist and the correct valuation in used.[72]
4.77
Ms Karen Volpato, Senior Policy Adviser at the Australian Institute of
Superannuation Trustees (AIST), indicated that since Trio and with the changes
to the superannuation system including MySuper, there was a heightened
awareness among trustees of the need to be actively engaged in the valuation
process and to review their risk management frameworks. She also noted that the
new prudential standards are very detailed with regard to outsourcing
arrangements that a trustee may have with a custodian, investment manager or
fund administrator, and that when APRA conducts an operational review of a
trustee, it is 'a long and extensive process'. As a consequence, governance
issues and risk appetite are a high priority for trustees as they strive to
achieve best practice.[73]
4.78
In response to a question about risk appetite, Ms Volpato gave the
following description of how risk management might be consciously assessed
within the trustee business:
For example, a question that could be asked of the trustees
within a fund is: what keeps you awake at night, as a trustee, given your
personal liabilities and responsibilities to the members of this fund? That
might help highlight those particular issues that are of an extreme-risk nature
to the fund. Then the entire management team and the trustee board have to look
at the various processes and procedures within both the fund and the material
outsourced providers—be they custodians, investment managers or fund
administrators—and at how they can better ensure a decrease in the likelihood
of this risk occurring.[74]
4.79
Mr Codina added that just as the Future of Financial Advice reforms
would raise standards across the financial planning and advisory sector, the
new prudential standards directly address operational and governance issues and
would 'raise the bar' across the trustee sector.[75]
4.80
Speaking as a representative of a large group that contains Authorised
Deposit-taking Institutions that have been subject to prudential standards for
many years, Mr Brennan agreed that risk management standards would be raised
because the new 'superannuation prudential standards are very closely modelled
on the APRA prudential standards for large banks'. He noted:
Those are very high standards, matured over quite a long
period of time, and as they are inculcated into the superannuation industry
more widely in the coming years you will see quite an appreciable lift in risk
management and, more generally, across the whole of the operation.[76]
4.81
The committee asked whether there were advantages in being able to act
as both an RE and RSE. BT Financial Group pointed out that while it is a
holding company and not a regulated entity, there are dual-regulated entities
within its group. It noted that:
The Stronger Super reforms that have amended the duties of
RSE licensees and their directors are very closely modelled on those that apply
to REs.
By combining the roles of RE and RSE licensee in a single
company and Board, the beneficiaries of the company’s managed investment
schemes and superannuation funds benefit from:
- the specialist expertise of
trustee directors appointed for their relevant knowledge and skills;
- risk management and conflicts
management systems directed to the roles and duties of trustees; and
- specialist advisers including
in-house counsel, who specialise in advising trustees.[77]
Business and governance models for
a Responsible Entity
4.82
In the Trio collapse, the RE (Trio Capital) was at the centre of the
fraud. It acted as RSE trustee and as RE with responsibility for various MISs.
The vast majority of the MISs were legitimate, but one (or possibly two) of the
MISs was used as a vehicle for fraudulent activity.
4.83
Given the critical gatekeeper role performed by the RE and its directors
in the financial services system (discussed in the earlier section on asset
verification), and given that it was the RE itself that was involved in the
Trio fraud, the advantages of a business model that operated with either an
internal or external RE were canvassed at the roundtable.
4.84
Mr Epstein argued that an external independent RE is a preferable and
more prudent arrangement because it 'minimises conflicts of interest and
reduces the likelihood of the RE acting in a detrimental manner to investors'.
He noted that the risk of an internal RE acting in a manner detrimental to
investors is not necessarily removed with the appointment of non-executive
independent directors.[78]
4.85
Expertise, specialist resources, and economies of scale were also
nominated as additional advantages in a scheme appointing an external RE:
Further, an independent Responsible Entity that specialises
in providing Responsible Entity services to a range of clients is likely to
possess a higher degree of expertise and specialised resources to assist in the
operation of a scheme in addition to providing better and truly independent
oversight. Given the economies of scale an independent responsible entity can
enjoy, there is no reason an external responsible entity should burden a scheme
with additional costs when compared to an internal responsible entity. Whilst
we are not proposing that an independent responsible entity be mandatory,
perhaps an "if not, why not" approach similar to the ASX Listing
Rules relating to Corporate Governance Principles could be considered.[79]
4.86
The merits of an internal versus an external RE were also discussed with
respect to the size of the fund manager and their internal capabilities. Mr
Epstein questioned the ability of smaller fund managers to conduct the RE
function internally, and suggested that in such cases, the reasons for keeping
the RE function in-house should be disclosed:
The argument I put forward in my paper is that the role of an
independent responsible entity is absolutely critical. That is beneficial to my
group in that we do look after a lot. I am not suggesting that groups such as
BT, for example, outsource the responsible entity function. Without question,
the responsible entity function within BT would be more than capable of
performing that function, but ultimately it is the responsible entity that is
responsible to the investors. So, whilst it might be appropriate for large
responsible entities that look after large fund managers to perform that
function, I propose that, in the event that you had a smaller manager or
responsible entity looking after that function, there might be an expectation
that that responsible entity or that fund would disclose why it did not see it
as appropriate to appoint an external responsible entity. They have the
expertise and they are independent of the manager.
My background is that I come from an environment where I have
worked for what I would say is a fairly large fund manager. It had an internal
responsible entity and I would argue that it is questionable whether an
internal responsible entity, regardless of whether it has independent
directors, is appropriately qualified to determine whether the operations of
the fund are run correctly. They do not have the expertise. They do not have
the ability to spend the time to actually overlook it day to day.[80]
4.87
However, Mr Brennan pointed out that the choice of internal versus
external RE depends on the internal RE capability of the fund manager:
It comes down to fitness, properness, expertise and
capability. We are a large organisation and our independent directors are
extraordinarily able in this industry. They are, because we have selected them
carefully. They keep the appropriate discipline on management. Management, in
turn, is extraordinarily capable because we make sure that they are when
looking at underlying investments that are being put onto our platforms to our
trustee and made available to underlying investors. As you come down the scale
[in terms of size and resourcing capability], the level of fitness and
properness may not be as strong.[81]
4.88
Dixon Advisory disagreed with the view put forward by One Investment
Group that an external RE is preferable. Instead, Dixon Advisory firmly
favoured the internal RE model with an independent compliance committee:
In our view an internal RE with an independent compliance
committee (ICC) represents the best model for investors. This is because the
structured approach of an ICC with an ASIC approved compliance program drives a
culture of compliance within the RE and ensures that there are unconflicted
persons who can report breaches to ASIC.
We believe that an ICC should be required even if the board
of the RE is majority independent. It is a mistake to assume that simply
because the board is independent they have the relevant skill or time to
appropriately attend to compliance reviews.[82]
4.89
Dixon Advisory highlighted significant disadvantages in the external RE
model, and drew attention to a conflict between the commercial interests of the
RE and its duty to the members of the MIS:
There are some strong disadvantages of the out-sourced RE
model. These are:
- The directors of an external RE
are not involved in the day to day operations of a Managed Investment Scheme
(MIS). This can mean that their access to information concerning the MIS for
which they are appointed is limited, leading to a heightened risk of fraud and
non compliance.
- As an external RE is a standalone
enterprise a conflict exists between the RE’s responsibilities to the members
of an MIS and the RE’s commercial interests. This can lead to two issues:
- The RE may accept new, unqualified
appointments, from parties they have no history or knowledge of.
- If the revenue stream that the RE
receives from an MIS represents a significant portion of their total income,
independence is compromised and the likelihood of reporting breaches or
non-compliance is reduced.[83]
4.90
Based on the arguments above, Dixon Advisory said that 'ASIC should
consider disallowing' external RE arrangements.
The role of compliance committees
4.91
The role of compliance committees and the nature of compliance plan
audits were a major issue in the Trio inquiry. KPMG suggested that there was a
need for greater oversight of managed investment schemes. KPMG argued that one
option would be to mandate a majority of truly independent directors of the
responsible entity which would remove the need for a compliance committee.[84]
The second option would be to strengthen the role of the compliance committees
and hold management accountable for acting on the recommendations of the
compliance committee.[85]
4.92
Dixon Advisory recommended that a compliance committee should be
compulsory for REs in all cases:
Responsible entities should be required to have an
independent compliance committee in all circumstances (compared to the current
situation where they are only required in situations where the Responsible
Entity’s board is not made up of a majority of independent directors). This
will lead to a situation where all responsible entities have people whose sole
responsibility is to ensure compliance.[86]
4.93
Noting some specific concerns with the first option (independent
directors) put forward by KPMG, CPA Australia suggested that the second option
of strengthening the role of compliance committees might be a more practical
approach.[87]
4.94
Ernst & Young said that it has seen both models in operation and
that 'it is difficult to comment if one is better/stronger than the other'. While
noting that appropriately qualified independent directors could 'bring a wealth
of experience, insight and challenge to a business', Ernst & Young did,
however, identify a potential pitfall in a compliance committee that was
divorced from the business:
What we would say however is that at times we have seen
Compliance Committees operate quite separately from the business. While this is
a positive from an independence of thinking perspective, it is also possible that
there could be items that "fall between the cracks" without having a
full business perspective.
The model adopted by businesses will depend on how they
operate their RE. If the RE board is very active in the management of the
business it may not be appropriate/desirable to have independents dealing in
such detail (and incurring additional cost for the RE and ultimately the
investors in the fund).[88]
4.95
Dixon Advisory was also of the view that the directors of an RE 'should
have a minimum level of relevant education and experience in relation to the
scheme they are managing'. They noted that at present, only the responsible manager
has these requirements and yet the directors of the RE make most of the operational
decisions for a MIS.[89]
4.96
Finally, given that a compliance plan auditor is only required to
ascertain the compliance of an RE with its compliance plan, the committee was
keen to establish who is actually responsible for ensuring that an RE adheres
to the constitution of the RE's MIS. BT Financial Group confirmed that this was
a responsibility for the RE's board of directors.[90]
Committee view
4.97
The committee believes that the relationship between REs and custodians
is an important, but misunderstood, link in the operation of Australia’s
financial system. The committee recommended in its Trio Capital report that
ASIC consider changing the name 'custodian' to a term that better reflects the
current role of a custodian.[91]
The committee notes ACSA's concerns about the confusion that a name-change
would create, given the term 'custodian' is widely used internationally.
However, it believes there is a need to better inform investors about what
custodians actually do. To this end, the committee supports proposals to ensure
that REs and other financial product issuers provide clear disclosure about the
role of custodians in Product Disclosure Statements and retail marketing
material.
4.98
The committee notes ASIC's consultations over the past 12 months on
issues including the net tangible asset (NTA) requirement for custodians. It
supports ASIC's decision to increase the NTA requirement to the greater of $10
million or 10 per cent of average revenue. The committee also welcomes the
recent changes to enhance custodians' obligations in asset disclosure. While
this will impose additional work on custodians to supply the underlying data,
this is outweighed by the benefits to superannuation trustees from greater
transparency in complex and diffuse investment structures.
4.99
The committee believes that the recently legislated reforms to trustees'
portfolio holdings disclosure requirements are both necessary and important. It
will enable investors to better understand the risks associated with their
investment and to monitor how the fund complies with its investment strategy. A
similar requirement could be imposed on managed investment schemes.
Navigation: Previous Page | Contents | Next Page
Top
|