Audit and Risk Assurance Committee (ARAC) terms of reference

1. In exercise of its powers under Schedule 1 to the Equality Act 2006 (the ‘Act’), the Equality and Human Rights Commission (EHRC) has established the Audit and Risk Assurance Committee (ARAC) as an advisory committee to the Board.

2. The ToRs have been prepared in line with the guidance and good practice principles set out in HM Treasury’s “Audit and Risk Assurance Committee Handbook” (March 2016) and the Cabinet Office’s “Code of Conduct for Board Members of Public Bodies” (June 2019).

3. ARAC supports the Board and Chief Executive Officer (CEO) (as Accounting Officer (AO)), by providing appropriate independent advice, scrutiny and constructive challenge around:

a) Risk Management: Overseeing, reviewing and advising the Board on: the Commission’s overall risk appetite and risk management strategy and the effectiveness of management processes to identify, assess, monitor and manage risk; reviewing and advising the Board on risk management reports from management; and considering any serious incidents reported.

b) Internal Control: Reviewing with management and auditors the adequacy and effectiveness of all internal controls, including, but not limited to financial controls and the assurance framework;  monitoring the implementation of audit recommendations; ensuring compliance with relevant legal and regulatory requirements; ensuring overall compliance with policy and effective policy controls; reviewing the policy and procedures for the prevention and detection of fraud, bribery, and other irregularities; monitoring the investigation and reporting of fraud and other improper acts; reviewing the arrangements for Whistleblowing and raising concerns; reviewing the policy and procedures for information governance and cyber security; and reviewing delegated authority limits proposed by management.

c) Governance: Monitoring the effectiveness of corporate governance arrangements, taking account of work conducted by internal audit or the outcome of other independent reviews and advising the Board on any proposed changes.

d) External Audit: Relationships with the National Audit Office, and any organisations subcontracted to undertake any work on their behalf; the nature and scope of the external audit; matters arising from the interim and final audits; and meeting with the external auditors, at least once a year, without the presence of management.

e) Internal Audit: Relationships with the Internal auditors; agreeing the annual programme of work whereby key systems and processes are subject to internal audit over an appropriate time cycle;  receiving and reviewing their reports on the outcomes of their work; receiving and their annual report of the internal auditors summarising work undertaken in the year; considering any other matters the internal auditor may wish to raise with ARAC (in the absence of management where necessary); in consultation with management, recommending to the AO the appointment and, if applicable, dismissal of the internal auditors, and advising on their fees; monitoring annually the performance and effectiveness of the internal auditors; and meeting with the internal auditors at least once a year, without the presence of management.

f) Annual Report and Accounts: Considering elements of the annual financial statements in the presence of the external auditor, including the auditor’s formal opinion and any statements on corporate governance, internal control and/or risk management; monitoring the integrity of the financial statements of the Commission; reviewing the content of the annual report and accounts; reviewing the ‘Annual Governance Statement’; reviewing the management’s letter of representation to the external auditors and recommending it for approval; and, subject to the Committee’s satisfaction, recommending to the Board that the annual financial statements be approved.

4. The AO and Board authorise ARAC to investigate any activity across the Commission within its ToRs and to access any information, records, staff and physical properties, deemed necessary, to assist ARAC in meeting its objectives.

5. To obtain in agreement with the AO, or where appropriate the Chair of the EHRC, ad-hoc professional advice on any particular issue where necessary.

6. The Chair of ARAC will have free and confidential access to the AO, the Chief Operating Officer, the Director of Finance, Planning and Governance, the Director of People & Infrastructure (SIRO), Internal Audit and to the NAO, but will keep the AO informed of his/her discussions as appropriate.

7. ARAC shall be provided with such information as it requires in order to discharge its responsibilities as set out in these ToRs and any functions delegated to it by the Board.

8. The Chair of ARAC is empowered to engage, as appropriate, with the Audit Committee of the Sponsor Department and/or those of other ALBs within the Sponsor Department.

9. The Board shall, on the recommendation of the Chair of the EHRC, appoint a chair of ARAC from amongst Commissioners.

10. ARAC shall be made up of not less than five members appointed by the Board (including up to two independent members appointed for up to two years, renewable for up to a total of no more than six years, to provide specialist skills, knowledge and advice) from time to time. ARAC members who are members of the Board may stand down with the consent of the Board and their service will discontinue if they no longer serve as members of the Board.

11. In selecting ARAC members, the Board will take due account of the need to ensure ARAC has the range of skills needed to carry out its function. At least two members of ARAC shall have substantial, recent and relevant professional financial experience. ARAC members will collectively possess knowledge and skills in accounting, risk management, legal/compliance, audit, financial governance and technical issues relevant to the business and strategic management of the organisation.

12. In addition to the membership set out in paragraph 10 ARAC may, with the approval of the Board, co-opt up to three further members for a limited period of time (not exceeding two years). This provides the Committee with additional flexibility, allowing it to benefit from any specialist skills, knowledge and experience which it may require at a particular time.

13. All members of ARAC will have a right to vote. The Chair and CEO/AO will not be voting members of ARAC, though they each have a standing invitation to attend.

14. Meetings shall be held not less than four times a year and where possible should coincide with key dates in the EHRC’s financial reporting calendar.

15. The Chair of ARAC may convene additional meetings as deemed necessary and the Board or AO may request ARAC to convene further meetings to discuss particular issues upon which they would like to seek ARAC’s advice. The internal and external auditors may request that the Chair convene a meeting at any time.

16. Exceptionally, papers may be circulated outside formal meetings for approval by correspondence. Any such papers must be considered and consented to by a simple majority of all ARAC members who would have been entitled to vote on the subject. The responses of individuals should be recorded and the final decision recorded in the minutes of the subsequent formal ARAC meeting.

17. To be quorate, at least three members of ARAC, one of whom must be an independent member, must be present. In the absence of the Chair, the meeting may be chaired by another Commissioner member nominated by those present.

18. In the event that there is no quorum after 15 minutes of the scheduled start time, the Chair (or other nominated Commissioner member in their absence) shall decide whether to either; (i) continue the meeting but vote on any decisions by follow up email; or (ii) adjourn and schedule remaining business for the next meeting.

19. The following are invited to attend each meeting by standing invitation:
Internal: Chair; Chief Executive; Chief Operating Officer; the Director of Finance, Planning and Governance.
External: Internal Auditors; National Audit Office; Sponsor Department.

20. The ARAC Secretary and other members of the Governance team will also normally attend meetings for minute taking and support purposes. The Senior Information Risk Owner (SIRO) will also attend for annual reviews of information governance and at any other time required by the Committee. ARAC may request the attendance of other Commission staff as necessary to assist with its discussions on any particular matter.

21. Support for the Committee shall be provided by the Corporate Governance Team. Meeting agendas and papers will normally be sent to members five clear days before a meeting. Late papers will be accepted with the approval of the Chair of ARAC.

22. The Chair may ask any or all of those who normally attend, but who are not members of the Committee, to withdraw to facilitate open and frank discussions of particular matters should this be deemed appropriate.

23. Internal Audit and the representative of the NAO shall have free and confidential access to the Chair of ARAC.

24. At least once a year ARAC will meet the Commission’s auditors (both Internal and External) without officers present, to discuss matters relating to its remit and any issues arising from the audits.

25. The Chair of ARAC shall report to the Board following each ARAC meeting, summarising the key business conducted and any matters upon which it considers the Board or AO should be taking action on, highlighting any areas of risk, offering advice and/or views of the ARAC.

26. In addition, the minutes of ARAC meetings shall be made available to all Commissioners.

27. ARAC will provide the Board and AO with an Annual Report, timed to support the preparation of the Annual Governance Statement, summarising its conclusions from the work it has done during the year.

28. ARAC will receive reports as required from the People and Workspace Committee (P&WC), allowing ARAC to incorporate assurance on any People, Infrastructure and Change risks explored by P&WC into the overall assurances they provide to the Board and Accounting Officer on the management of organisational risk.

29. ARAC will carry out a review of its effectiveness at least every 18 months and recommend any changes necessary to facilitate the effective and efficient conduct of its business, taking into account best practice in corporate governance, to the Board for approval.

30. Members of ARAC will act with independence and objectivity in the conduct of their responsibilities. In addition, each member should have a sound understanding of the objectives and priorities of the EHRC and of their role as a Committee member.

31. Members of ARAC must abide by the principles contained in HM Treasury’s Audit and Risk Assurance Committee Handbook (March 2016), the Cabinet Office’s Code of Conduct for Board Members of Public Bodies (June 2019) and the governance manual, including any future revisions or amendments.

32. In line with the requirements set out within the Commission’s Governance Manual, any member or attendee who becomes aware of a potential conflict of interest relating to matters to be discussed by ARAC shall give prior notification to the Chair and Corporate Governance Team. If this is not possible, or if the conflict only becomes apparent at the meeting, they should declare this at the meeting and, where necessary, withdraw during discussion of the relevant agenda item. Declaration of interest shall be a standing item on ARAC’s agenda.