Financial Times: Call to UK companies on risk controls
By Jane Croft, Retail Banking Correspondent, in London
May 25, 2004
All UK listed companies may soon be required to demonstrate the quality of their internal controls to their auditors for the first time, according to new proposals.
The Financial Services Authority, which is the UK's financial regulator, believes auditors should be required to review 10 key audit and accountability areas included in the UK's Combined Code on Corporate Governance.
The most important of these will be reviewing a company's internal risk controls, which measure the reliability of a company's financial reporting and risk management.
The FSA, which has responsibility as the listing authority to ensure companies comply with the corporate governance code, said its latest proposal came after a series of high-profile corporate failures in Europe and the US.
It said it wanted investors to be clear which areas of the Combined Code were subject to auditor review.
Earlier this year Royal Dutch/Shell became the latest company to admit its internal controls had been deficient after it was forced to admit it had been overstating its oil and gas reserves by 20 per cent.
A report into the Shell scandal by Davis Polk & Wardell, the US law firm, said overbooking reserves was possible only "because of certain deficiencies in the company's controls".
The FSA, which is seeking feedback from the industry on the proposals, believes the changes will not impose "incremental costs on issuers of more than minimal significance".
In the US, regulators already require auditors to check the internal controls of companies they audit.
The US Sarbanes-Oxley Act of 2002 significantly added to auditors' responsibility on internal controls and increases the chances that regulators will punish them for oversight failures.