In March of 2018 the AIM rules changed to require that companies specified, as part of their Rule 26 disclosure obligations, which corporate governance code they were choosing to follow along with some related information. The rule took effect from 30 March 2018 for new listings, but from 28 September 2018 for existing AIM companies. The extra information required to be made available on a website with free access is as follows:
- details of a recognised corporate governance code that the board of directors of the AIM company has decided to apply;
- how the AIM company complies with that code; and
- where it departs from its chosen corporate governance code an explanation of the reasons for doing so.
The revised rules also indicate that this information should be reviewed annually and the website should include the date on which this information was last reviewed.
It is likely that quite a number of AIM listed companies may choose to follow the Quoted Company Alliance’s Corporate Governance Code (The QCA code). This is designed specifically for smaller listed companies and so might feel more proportionate and relevant to many AIM companies. However, there is no mandate to use this or the FRC code – AIM companies may choose, for example, a code issued in one of their companies of operation.
As mentioned above, Rule 26 merely requires that disclosure is made regarding the code and the compliance with that code on the company’s website. However, the codes themselves which the companies adopt may lead to further disclosure requirements and recommendations. For example, the QCA Code recommends the location for the relevant disclosures. Some disclosures are thought to best sit within the annual report, with other more detailed aspects only on the company’s website. The table below sets out a summary of the key principles within the QCA Code and the suggested location for disclosures.
|Principle||Location for disclosures||Comments|
|1. Establish a strategy and business model which promotes long-term value for shareholders||Annual report||The strategic report requires disclosures regarding the business model so this could be embedded within that document or within a separate corporate governance statement|
|2. Seek to understand and meet shareholder needs and expectations||Website|
|3. Take into account wider stakeholder and social responsibilities and their implications for long-terms success||Website|
|4. Embed effective risk management, considering both opportunities and threats||Annual reports||Again, the strategic report requires a consideration of risks, so there is some crossover in requirements|
|5. Maintain the board as a well-balanced team led by the chair||Annual report||This would include disclosures about the directors and whether they were independent etc.|
|6. Ensure that between them the directors have the necessary up-to-date experience, skills and capabilities||Annual report||What skills and experience do the directors have and how are they kept up to date?|
|7. Evaluate board performance based on clear and relevant objectives, seeking continuous improvements||·Annual report for key details· Website for more detail||Information about how the board is evaluated, succession planning etc.|
|8.Promote a corporate culture that is based on ethical values and behaviour||·Annual report for information about the culture· Website for how the company determines that ethical values/behaviours are recognised and respected||Information about how the board creates an appropriate culture|
|9. Maintain governance structures and processes that are fit for purpose and support good decision-making by the board||Website||Disclosure about which matters are reserved for the Board, relevant responsibilities etc|
|10. Communicate how the company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders||·Annual report for work of key committees and details of any disclosures not made· Website for voting information and annual reports etc||Clarity regarding the application of the code is needed for stakeholders to understand how the company is governed|
ISA 720 (UK) sets out the auditor’s responsibilities relating to other information, which may be statutorily required or just voluntarily included within the annual report. Where information is required by law or regulation (such as the directors’ or strategic report or a mandatorily provided corporate governance statement) the auditor forms an opinion on whether the information given is:
- Consistent with the financial statements;
- Consistent with the auditor’s knowledge obtained in the audit; and
- Whether the reports and any governance statement have been prepared in accordance with applicable legal requirements.
The auditors should therefore ensure that prior to forming such opinions sufficient appropriate audit evidence is gathered in support of these elements.
In practice this usually involves a review of all the information by a senior member of the team who is fully aware of all developments and issues at the entity. It will also require the use of a checklist or similar aide, to form an opinion on whether all elements required in the reports has been provided.
However, it should be noted that many of the requirements are phrased in terms of including information which is fair, balanced and appropriate to the size and complexity of the business. Therefore, the auditor will need to use their judgement in deciding whether this is the case. Evidence of review and exercise of this judgement can be recorded on the documents being reviewed, or in separate file notes.
Where information is not required statutorily the auditor’s responsibilities are to:
(a) To consider whether there is a material inconsistency between the other information and the financial statements;
(b) To consider whether there is a material inconsistency between the other information and the auditor’s knowledge obtained in the audit;
(c) To respond appropriately when the auditor identifies that such material inconsistencies appear to exist, or when the auditor otherwise becomes aware that other information appears to be materially misstated;
(d) To report in accordance with this ISA (UK).
Where a corporate governance statement is provided, even if this is voluntary, ISA 720 sets out the elements that must be considered in 22-3. If the auditor has something to report in terms of an uncorrected material misstatement, then this must be in the audit report.
22D-2 Where the company prepares a separate corporate governance statement in respect of a financial year, the auditor shall in the auditor’s report: (Ref: Para. A53-1)
(a) State whether, in the auditor’s opinion, based on the work undertaken in the course of the audit, the information given in the statement in compliance with rules 7.2.5 and 7.2.6 in the Disclosure Rules and Transparency Rules sourcebook made by the Financial Conduct Authority (information about internal control and risk management systems in relation to financial reporting processes and about share capital structures):
(i) Is consistent with those accounts; and
(ii) Has been prepared in accordance with applicable legal requirements;
(b) State whether, in the light of the knowledge and understanding of the company and its environment obtained in the course of the audit, the auditor has identified material misstatements in the information in the statement referred to in paragraph 22D-2(a);
(c) If applicable, give an indication of the nature of each of the misstatements referred to in paragraph 22D-2 (b), and
(d) State whether, in the auditor’s opinion, based on the work undertaken in the course of the audit, rules 7.2.2, 7.2.3 and 7.2.7 in the Disclosure Rules and Transparency Rules sourcebook made by the Financial Conduct Authority (information about the company’s corporate governance code and practices and about its administrative, management and supervisory bodies and their committees) have been complied with, if applicable.
Note however, that it is not mandatory to include the corporate governance statement in the annual report. It could instead be produced on the company’s website or in a separate published document. If this is the case the auditor does not have the responsibilities as set out above, because these only apply to information included within the annual report.
There are also additional reporting responsibilities for the auditor, if the AIM company adopts the UK Corporate Governance Code. These are set out in ISA (UK) 720 22-3 and 22-4
So, to conclude, the AIM company must ensure that it has selected and disclosed its chosen corporate governance code and has made this information available on its website in accordance with Rule 26.
However, the company must also consider the requirements of its code and include information regarding its compliance or explanations of its non-compliance with the code on its website.
The question then, for the auditors, is what information regarding the adopted code is included in the annual report and therefore what degree of consideration of this is needed from an audit perspective. Clarifying what and when information on this will be available will be important, to ensure there are not last minute hold-ups in signing the audit report because the company has allowed insufficient time for the auditor’s review.