Independence and objectivity
The Committee has a policy governing the engagement of the
external auditor to provide non-audit services. This precludes EY
from providing certain services. The policy is reviewed annually
and was last updated in 2021 (the Committee having agreed in
2022 that no changes were required). The latest version can be
found on the Company’s website at: www.softcat.com/about-us/
investor-centre/governance. All non-audit services provided by
the external auditor are reported to the Committee and a record is
kept so that the total costs regarding non-audit work during a
financial year are monitored.
For certain specific permitted services, the Committee has
pre-approved that EY can be engaged by management, subject
to the policy set out above, and subject to a total of 10% of the
current external audit fee on an annual basis.
For all other services or those permitted services that exceed these
specified fee limits, I, as Committee Chair, or in my absence
another Committee member, can pre-approve permitted services.
The Committee also received confirmation from EY that there are
no relationships between the Company and EY that may have a
bearing on its independence.
In respect of the audit of the 2022 financial statements, the
Committee considered a fee proposal from EY and the Committee
reviewed the quantum and rationale relating to increased costs for
EY to undertake required audits. Audit fees had increased from the
previous year, reflecting the ongoing growth of the Company.
Following the receipt of formal assurance that its fees were
appropriate for the scope of the work required, the Committee
agreed a charge from EY of £545,000 for statutory audit services
in respect of the Company’s annual financial statements.
In addition to the above statutory audit fee, EY and related
member firms charged the Company £132,500 for additional
audit fees primarily in connection for the first year of auditing
following the implementation of Softcat new finance ERP system,
NetSuite. The Committee also agreed a fee of £40,000 in respect
of EY’s review of the 2022 half-year results, which was classified
as a non-audit fee. Further details of the fees paid, for audit and
non-audit services, to EY for the 2022 and 2021 financial years
can be found in note 3 to the financial statements.
The Committee is aware of the requirements of the Statutory
Auditors and Third Country Auditors Regulations 2016 (the ‘2016
Regulations’). The 2016 Regulations provide for a cap on non-audit
services of a maximum of 70% of the average of the audit fees paid
on a rolling three-year basis. In order to ensure this limit is not
exceeded, the Company shall in usual circumstances seek that
permitted non-audit fees shall not exceed 50% of the average
audit fee over the three preceding financial years in each case. The
three-year measurement period covers the 2020, 2021 and 2022
financial years and is 6.6%, which is considerably below thecap.
Internal control and risk management
The Committee has the primary responsibility for the oversight
oftheCompany’s system of internal control, including the risk
management framework and the work of the internal audit function
(see below). During the year the Committee closely monitored
theCompany’s internal control and risk management systems and
received regular reports from management and the Internal Audit
Team covering the major risks and/or events faced by the business.
During the year, the Committee considered the proposals in the
BEIS reforms on the audit market and on corporate governance,
including proposals to further strengthen processes and disclosures
on the effectiveness of a company’s internal controls. The Committee
is monitoring developments and considering its potential next steps.
A further update will be provided in next year’s Annual Report.
Assessment of the Company’s system of internal
control, including the risk management framework
The Company’s risk assessment process and the way in which
significant business risks are managed is a key area of focus for the
Committee. Our activity here was driven primarily by the Company’s
assessment of its principal risks and uncertainties, as set out on
pages 59 to 63.
The Company has in place an internal control environment to protect
the business from the material risks which have been identified.
Management is responsible for establishing and maintaining
adequate internal controls over financial reporting and the
Committee has responsibility for ensuring the effectiveness of
thesecontrols.
The Committee has completed its review of the effectiveness of the
Company’s system of internal control, including risk management,
during the year and up to the date of this Annual Report, in
accordance with the requirements of the Guidance on Risk
Management, Internal Control and Related Financial and Business
Reporting published by the FRC. As part of the financial year-end
process, management presented to the Committee an overview of
the existing control framework and it summarised the key controls
inoperation which underpinned the control environment during
FY2022. Management has documented certain key controls,
including IT general controls, overarching controls for the Finance
department, financial management controls, audit risk financial
reporting controls, and fraud management.
Management had considered the control environment and
concluded that in its view the controls had been operating
effectively throughout the year and, taken together, provided a high
degree of assurance that the financial statements are free from
material misstatement.
Through the processes outlined above, the Audit Committee has
considered all significant aspects of the Company’s risk management
and internal control systems for the year and up to the date of this
Annual Report, allowing it to provide positive assurance to the
Board to assist it in making the statements required by the
UKCorporate Governance Code. No significant failings or
weaknesses were identified as a result of the review that may
significantly impact the financial statements. However, had there
been any such failings or weaknesses, the Committee and the
Board confirm that necessary actions would have been taken
toremedy them.
Internal audit
During the 2022 financial year, the Company had an internal audit
function consisting of an internal audit manager (who joined
Softcat during the year) and Grant Thornton LLP (‘Grant Thornton’).
The aim of the internal audit function is to provide independent and
objective assurance on the adequacy and effectiveness of internal
controls, risk management and governance processes. The
appointment and removal of the internal audit function is a matter
reserved to the Committee.
AUDIT COMMITTEE REPORT CONTINUED
ACCOUNTABILITY CONTINUED
88 Softcat plc Annual Report and Accounts 2022