
Audit and Risk Committee report
continued
The Committee monitored the continued
independence of the external auditors and
reviewed the quality and effectiveness of the
audit process. As part of this we reviewed
and updated our policies on the provision of
non-audit services by external auditors and
the recruitment of former employees of the
external auditors (available online).
We reviewed the processes in place for
assessing the principal and emerging risks
facing the business, in support of the
assessment of these risks by the Board during
the year. We reviewed the risk oversight model
to ensure all principal risks, and the Board’s
appetite (or tolerance) for these risks, are given
appropriate consideration by the Board and
committees. We also completed our annual
review of the effectiveness of the company’s
risk management and internal control systems
on behalf of the Board.
During the year the Committee received
presentations on risk management matters
in support of its duties to monitor the overall
effectiveness of the company’s risk
management and internal control systems
on behalf of the Board and to oversee the
management of specific risks assigned to it
by the Board. We received management-led
presentations on commodity price volatility;
cyber and information security; access to
capital; and the development of the internal
financial control framework. Presentations also
included the project to develop a company
enterprise management system (EMS). The
project was independently assured by PwC
under the direction of internal audit and the
Committee met with management and the
assurance providers during the course of
the project ahead of its implementation in
November 2022. Where applicable, these
presentations included a discussion on risk
appetite to ensure alignment with the business
on the nature and extent of the risks that the
Board is willing to take. These presentations
provided an opportunity for us to gain closer
contact with managers in the business helping
us understand how the principal risks are
managed ‘on the front line’ and the
opportunities and challenges in this regard.
We also held a joint session with the Health,
Safety, Environment and Security (HSES)
Committee to review current and emerging
requirements related to TCFD reporting.
The Committee received reports on the
outcome of internal audits conducted
over the period. These included audits
of risk areas related to commitments and
authorities, supply chain resilience, cyber
and information security, and the EMS
project. The Committee noted any significant
findings and progress on the completion
of the actions arising from these audits.
The Committee also reviewed and approved
the internal audit plan for 2023 and reviewed
an initial draft of its audit and assurance
policy which will be completed in 2023.
The Committee received reports on
whistleblowing incidents and endorsed
management’s plan to engage a third party in
early 2023 to independently assess and to
assure the company’s compliance programme.
In November, the Chairman received a letter
from the FRC seeking clarification and further
information in relation to some aspects of the
company’s TCFD reporting in the 2021 Annual
Report. While noting in our response that
elements of our 2021 Annual Report were
included as examples of better disclosure
practice in the FRC’s 2022 CRR Thematic
Review of TCFD disclosures, we committed
to provide additional disclosures as now
reflected on pages 33 to 38 in this report
and the accompanying ESG Report to
ensure our disclosures are fully consistent
with TCFD recommendations.
We note that an FRC review provides no
assurance that Harbour’s Annual Report and
financial statements for 2021 was correct
in all material respects. The FRC’s role was
not to verify the information provided but
to consider compliance with reporting
requirements. Its letters are written on the
basis that the FRC (which includes the FRC’s
officers, employees and agents) accepts no
liability for reliance on them by Harbour or
any third party, including but not limited to
investors and shareholders.
At year-end, the Committee conducted
an externally facilitated review, facilitated
by Lintstock, of its own effectiveness and
ensured that the actions it identified
were integrated into its planning for 2023.
Independence and objectivity of
the external auditors
The Committee is responsible for overseeing the
Board’s relationship with the external auditors
and assuring their continued independence.
Ernst & Young LLP (EY) were appointed in 2021
for a period of up to five years following the
completion of a limited competitive tender
process as part of the merger and therefore
it is intended that the company will run a full
competitive tender process by 2026. The
Committee believes that the anticipated timeline
for the re-tender of audit services is in the best
interests of shareholders since it provides an
appropriate balance between factors such as
the auditor’s knowledge of the company, its risk
management environment and maintaining
audit quality, as well as ensuring a challenge to
independence and objectivity. The company
is fully compliant with the requirements of the
Statutory Audit Services Order 2014.
The Committee reviews the independence and
objectivity of the auditors on an ongoing basis
and takes into account the overall relationship
between the auditors and the company. In
conducting this review, we consider feedback
from the company’s finance function and the
auditors, the nature and extent of non-audit
services provided by the auditors, any
recruitment of former employees of the
auditors, and the safeguards the auditors have
in place to prevent loss of audit independence,
including the rotation of the audit engagement
partner which is required every five years.
The Committee holds private meetings with
the auditors throughout the year without
management present. I also hold private
meetings with the lead audit partner in
between Committee meetings. These meetings
provide an opportunity for open discussion with
the auditors on a variety of topics. Matters
discussed included: the auditor’s assessment
of significant financial risks and the
performance of management in addressing
these risks, the auditor’s observations on
management’s role in fulfilling obligations to
maintain internal controls, the transparency
and responsiveness of management,
confirmation that no restrictions have been
placed on them by management, maintaining
the independence of the audit, and how they
have exercised challenge of management.
The Committee approves the fees for the
full-year audit and half-yearly review after
reviewing the scope of work, and reviews the
fees for non-audit assignments to satisfy itself
that the assignments concerned do not give rise
to threats to the auditor’s independence and
objectivity. The Committee believes that certain
limited non-audit work may be carried out by the
external auditors without compromising their
independence. Non-audit work is allocated in
line with the company’s policy on the provision
of non-audit services by the external auditors
and is approved by the Committee. In 2022,
this comprised services relating to reporting
accountant services and interim financial
review of £0.75 million and the performance
of certain agreed-upon-procedure
engagements of £0.05 million. The global
audit fee for the 2022 external audit work
amounted to £2.6 million. Further details of
the fees paid are set out in note 5 to the
financial statements on page 139.
The external auditors are required to confirm
to the Committee that they have both the
appropriate independence and objectivity to
allow them to continue to serve the company.
The Committee also requires the external
auditors to confirm that in providing non-audit
services, they comply with the Ethical Standard
(2019) issued by the UK Financial Reporting
Council. This confirmation was received for 2022.
70
Harbour Energy plc
Annual Report & Accounts 2022