Chapter 4

Navigation: Previous Page | Contents | Next Page

Chapter 4

Interaction between custodians, responsible entities, trustees and auditors

4.1        This chapter presents the evidence from the second part of the gatekeepers' roundtable. It deals with the interactions shown in diagram 4.1 (next page) between custodians, responsible entities (REs), trustees, and the auditors of a registrable superannuation entity (RSE) trustee and an RE. Key issues such as the responsibility for asset valuation, portfolio disclosure and asset verification are also dealt with.

4.2        As was the case in chapter 3, when considering the evidence presented in this chapter, it is important to bear in mind the different business models that the various gatekeepers operate and the potential impact that those differences can have on the interactions between gatekeepers. As discussed in chapter 2, the different business models that have relevance in this chapter include:

RSE trustees invest in the managed investment schemes controlled by the Responsible Entity. Managed investment scheme 2 invests in managed investment scheme 3

Role of the custodian

4.3        The committee's inquiry into the collapse of Trio Capital Limited (Trio) identified two misconceptions over the role of custodians. Firstly, even though custodians hold legal title to their client's assets, they do not exercise discretion over how the assets are managed or invested. Custodians only act on the proper authority of their direct client or authorised agent. In effect, they are a 'bare trustee'. Secondly, although custodians undertake regular valuations of client assets and report to the client on all custodially-held assets as required under the custody agreement, the custodian is not required to confirm the existence of the underlying assets.[1]              

4.4        However, the Australian Custodial Services Association (ACSA) indicated that if a custodian suspected mismanagement within a managed investment scheme (MIS), they would notify the Australian Transaction Reports and Analysis Centre, the Australian Securities and Investments Commission (ASIC), or the Australian Prudential Regulation Authority (APRA) in the case of superannuation funds. Both Mr Paul Khoury, Deputy Chairman of ACSA, and Mr Pierre Jond, Chairman of ACSA, stated that these notifications were rare, and much less frequent than once a year.[2]

4.5        Given the limited role of a custodian, the committee sought clarification over which gatekeepers were responsible for valuing assets, verifying assets, and exercising discretion over the investment of assets. These responsibilities are discussed in the following sections.

Asset valuation

4.6        The Trio inquiry revealed the difficulty with establishing an accurate and robust valuation of assets, especially when those assets are held in overseas hedge funds. Indeed, despite the assertions of ASIC and APRA to the contrary, the committee was not convinced that the principal underlying asset of one of the fraudulent funds, the ARP Growth Fund, ever existed and had value.[3]

4.7        The valuation of assets is undertaken by the custodian in accordance with the information it receives from the trustee or RE and its investment managers, and/or agreed independent price sources.[4]

4.8        The process undertaken to value assets depends on the nature of the assets and the availability of independent price sources. In the case of listed securities, a custodian would normally source both primary and secondary prices from 'reputable pricing and information vendors in the securities industry'.[5] Typical sources for listed securities would be Bloomberg and Reuters.

4.9        Mr Jond noted that if the listed securities were invested overseas, a custodian would appoint a local banker in the overseas market to act as subcustodian, and would conduct regular due diligence on the overseas subcustodian.[6]

4.10      ACSA also explained the principles underpinning off-shore asset valuation:

There is no consistent single practice across ACSA members for the location of staff who perform net asset valuation calculations. That said, a common practice, especially with the global banks, is to have some of the pre-work and first order calculations performed in offshore locations. This can include trade and corporate action processing, sourcing of asset prices and initial validation checks. Where any use of offshore locations is conducted, the following principles are adhered to:

1) The staff performing the work are employed by the relevant organization. That is the work is not 'outsourced' to a third party. They are staff of that organization and held to the same code of conduct and other expectations as if they were local staff.

2) Similar operational controls are performed as would be performed if the work was conducted locally.

3) The client location (in this case Australia) retains full accountability for the end product and often (but depending on each ACSA member’s operational layout, possibly not in every situation) staff in Australia perform the final validation of the net asset valuation and release to the clients. This also means that the Australian staff would be responsible to explain any questions arising from the net asset valuation for the Australian clients.

4) The offshore locations are subject to Australian audit controls and oversight.

5) Onshore clients are able to visit and conduct due diligence of operations run outside of Australia.

It is worth noting that, where it is available, the use of offshore locations achieves a global best practice so that Australian investors get the benefit of scale, knowledge, operating controls and systems development that is representative of the same core business approach as for the largest global funds.[7]

4.11      By contrast, in the case of unlisted securities or illiquid assets, or where pricing and information vendors are not available, the custodian would take pricing instructions from the client (the investment manager or RE) 'on an "as is" basis, with no additional checks other than certain tolerance checks'.[8] 

4.12      BT Financial Group emphasised that responsibility for determining valuation methodologies and mechanisms lies, depending on the circumstance, with the RE or trustee:

In terms of trustees' expectations of custodians in the valuation of assets (especially overseas assets and non-exchange traded assets), the relevant regulation (the SIS Act and APRA’s Prudential Standards) makes clear that the responsibility for determining appropriate valuation methodologies for ALL assets of the superannuation fund is that of the trustee.

The Corporations Act also specifies that a responsible entity is required to ensure that the property of the managed investment scheme is valued at regular intervals appropriate to the nature of the property – which includes determining the methodology for valuation.

With respect to responsibility for obtaining robust and independent valuations of overseas assets and underlying asset values, it is our view that trustees and REs are responsible for ensuring that such valuations are obtained. The mechanism for obtaining the valuations will be part of the methodology determined by the trustee/RE.[9]

4.13      One Investment Group agreed with the division of responsibilities in securing and valuing the underlying assets of a scheme:

It is our view that the role of a Custodian is to primarily hold assets on behalf of a Responsible Entity and to act on the proper instructions of a Responsible Entity in relation to those assets. Whilst a Custodian may be expected to question suspicious transactions in relation to the assets in a scheme, their role is limited to notifying the Responsible Entity and/or ASIC.

We believe that the expectation of the role of the Custodian in valuing assets is unjustified and note that the obligation to ensure the accuracy of the asset values rests with the Responsible Entity.[10]

4.14      The Trio inquiry had found that like the auditors and custodians, the research houses had relied on the information provided by Trio without verifying the accuracy of the information. Mr Epstein stated that he did not expect a research house to verify the existence of assets, and reiterated that it was the role of the RE to scrutinise the fund operations.[11]

4.15      Ms Karen Volpato, Senior Policy Adviser at the Australian Institute for Superannuation Trustees (AIST), concurred with the other roundtable participants that when an agreed price source is not available to independently price assets, the responsibility for obtaining a price falls on the trustee.[12]

4.16      The AIST noted that for unlisted assets such as direct property and infrastructure:

There is a formal process for the appointment and review of valuers by Investment Committees and Boards. ... In addition to the formal processes of appointing valuers, a fund may also appoint a suitably qualified expert to undertake a due diligence process in terms of valuation practices. Directly held assets are valued by qualified experts.[13]

Asset disclosure

4.17      In his evidence to the Trio inquiry, Mr Greg Medcraft, Chairman of ASIC, noted that the basic premise of an efficient market is the availability of information. He argued that the lack of disclosure to investors around scheme assets 'is a key weakness' in the system.[14]

4.18      From 1 July 2013, MySuper replaces existing default superannuation products.[15] The new MySuper regime requires the disclosure of portfolio holdings through quarterly reports. The steps are set out in the following diagram taken from the Explanatory Memorandum to the Superannuation Legislation Amendment (Further MySuper and Transparency Measures) Bill 2012.[16]

Diagram 4.2

4.19      In diagram 4.2, ABC Super is an RSE licensee that invests assets through a custodian into MIS 1. MIS 1 is a fund of funds that makes investments into other funds such as MIS 2. There are a series of notifications that must occur between ABC Super, the custodian, MIS 1 and MIS 2 (indicated by the arrows on the right hand side of the diagram). However, MIS 2 also has disclosure requirements:

Managed Investment Scheme 2 will also have an obligation to provide information directly to ABC Super that is sufficient to identify its financial product, the financial products it acquires with the assets and other property that it acquires with the assets as well as the value of ABC Super’s investment in each of these things.[17]

4.20      The committee understands that the requirement on RSEs to report to APRA commences 90 days after 1 July 2013. The requirement to report to ASIC will commence 90 days after 1 July 2014. ASIC has advised the committee that it is currently providing feedback and assistance to Treasury on the drafting of regulations in relation to portfolio holdings disclosure.[18] Previously, the proposed commencement of reporting to ASIC was 90 days after 31 December 2013.

4.21      Mr Khoury remarked that portfolio disclosure through quarterly reports will impose significant additional work on custodians to supply the underlying data. He acknowledged that custodians, REs, RSEs, ASIC and APRA were all busy preparing for the new regime.[19]

4.22      ACSA also questioned the practicality of enforcing an Australian requirement for asset disclosure on funds domiciled overseas.[20] Mr Khoury said that there were practical difficulties in trying to source data from complex overseas structures each comprising multiple subholdings.[21]

4.23      Mr Epstein went further and said that the requirement for an overseas scheme to report back to an RSE licensee was unrealistic because overseas hedge funds were not going to comply with disclosure requirements at the asset level.[22]

4.24      Recognising that Australian law does not cover overseas jurisdictions, the AIST said that Australian super funds use a 'best endeavours' approach to underlying assets.[23]

4.25      The committee is concerned that another 'expectation gap' could be created between what is expected of custodians and what they are actually able to deliver. Mr Khoury replied that in working closely with industry and the regulators, ACSA was being clear about what the limitations were in terms of reporting on underlying assets.[24]

4.26      In relation to the MySuper reforms on portfolio holdings, Mr Graeme McKenzie, Partner and Global Head of Pensions at Ernst & Young, expressed concern about the usefulness of collecting such large quantities of data. He also pointed to the potential for another expectation gap to arise and said that with so much data being fed back to APRA, there could be an (unrealistic) expectation that APRA would be able to analyse it all and become aware of a problem before it manifests:

From an external audit perspective, the new requirements are quite demanding. The data points are increasing tenfold, and in some entities there are up to 5,000 data points that we need to actually verify. So it is quite a challenge. The whole industry has tried very hard to get on board and put things in place. I think APRA has been fairly understanding and they have pushed back by a year some aspects of the reporting, but the reporting is coming; it is not as though it is going away. In some ways, I have maybe a perverse view on the expectation gap, because I have a slight concern that APRA is going to have so much data, and it will be a question of what they do with that data. In this industry something will go wrong. It is just inevitable that a fund, perhaps, will have some issues. I must say that I have several concerns from an APRA perspective, because there might well be an expectation of: 'Hang on, APRA. You've actually collected this data. What have you done with it? What have you analysed?' Right down in the detail there is an issue with a particular subfund managed scheme or whatever else. I am not sure that APRA has necessarily turned their mind to this—and I am not saying they have not. But I must say that, with so much data being collected, it is difficult to see, from my perspective, what meaningful information will come back the other way in relation to the MySuper product.[25]

4.27      Mr Everingham of Lonsec stressed that having the right data was just as important as the volume of data. He emphasised that the key factor contributing to risk and return in any portfolio was actually the asset allocation rather than any one particular investment. He argued that the key disclosure related to whether the asset allocation in the portfolio reflected the original intentions of the investor:

I want to make a point about what we would consider useful, because clearly you have to strike a balance between the volume of the information and the usefulness of it. When it comes to disclosing what is in portfolios, the contribution to the risk of the portfolios and the contribution to the return of the portfolios for investors is by far and away dictated by the asset allocation in the portfolio as opposed to any one individual investment. I think the more important disclosure is to ensure that an investor's asset allocation is staying within the parameters that were intended when the investor went into the portfolio, rather than more and more micro details down to which individual stock they are holding, because then what is to be done with that information?[26]

4.28      Mr Thomas drew a distinction between straightforward disclosure in vanilla markets (such as equities and bonds) and the vastly more complicated world of derivatives. He agreed with Mr Epstein's point that it was very difficult to get to the end point of the investment chain because hedge funds make extensive use of derivatives that can significantly impact on risk return ratios. Because derivatives are so complex, Mr Thomas said that the extra disclosure would be unlikely to facilitate an increased understanding of the risk dynamics of a particular underlying asset. Compounding the scale of the problem is the huge size of the derivative market which dwarfs the size of the global economy:

In relation to disclosure, in the vanilla markets, yes, you have a share portfolio and you can see that you have got 10 per cent with BHP and NAB et cetera. I think Mr Epstein was touching on a very valid point, that sometimes disclosures do not really get to the end point because, in the world of hedge funds, derivatives can make a significant impact to the risk return dynamics that Mr Everingham is talking about and it is not transparent, even in the disclosure, as to what that dynamic or the skews of the return or the risk may be—notwithstanding deceptive conduct, because that is quite a separate issue. The derivative world is a huge world. It is much bigger than the GDP of the global economy; I think it is tenfold in terms of assets. It exists and it is a big part of investing. In most cases it is risk management, but in some cases in the hedge fund world it can skew the underlying piece. The provision of information is overwhelming, let alone being able to understand what derivatives are. I do not think it would add too much to the piece.[27]

4.29      Mr Brennan said that disclosure in  jurisdictions such as the United States and the United Kingdom was more detailed than in Australia:

I was involved in RAN, a mutual fund company in the United States for 3 years. We had several funds. All of the holdings of each of those funds in that family were disclosed—the name, the number of holdings, the dollar value of that exposure—for each of those assets every 6 months. Those statements in turn were audited by our external auditor to ensure they were absolutely correct. They were then entered into our public disclosure document, in that case, our prospectus. It made a lot of sense for us.[28]

4.30      Having acknowledged that greater disclosure was coming to Australia, Mr Brennan said that the essential factor would be to allow the RE to determine the appropriate level of disclosure because this could help ensure that disclosure to the investor was valuable:

I think it always comes to the appropriate level of disclosure. I think you need to disclose certainly the top 10 or 20 holdings or a substantial part of the portfolio so that the investor can see it is an Australian equity fund: 'Lo and behold! It is invested in Woolies and BHP and RTZ. They are Australian names that I recognise and therefore am pretty certain it is an Australian equities fund.' So I think that level of disclosure makes a lot of sense. I think, though, when you get into very complex structures, which sophisticated investors wish to invest in, where you may have a number of funds below an overarching fund and then going down within those and commingling up the BHP holdings of all of them, you may in fact do nothing more than actually mislead. So I think, and I hope, that the disclosure will allow the RE to disclose in a way that is appropriate and is revealing to the investor as opposed to misleading to the investor, because this is a complex area and can easily mislead.[29]

Committee view on portfolio disclosure

4.31      The committee notes that two elements of the new MySuper requirements  require resolution:

4.32      ASIC has stated that it cannot insist on the offshore fund reporting to the trustee as to where the money has been placed. However, ASIC expects that the trustee would report the initial offshore investment to the extent that it is known to the trustee.[30] The committee believes that if there does prove to be difficulty in gaining information on portfolio holdings from overseas entities, ASIC should investigate to determine whether the problem is systemic or circumstantial.

4.33      The committee also notes that the government is interested in extending portfolio holdings requirements to managed investment schemes. ASIC has noted to the committee that it 'has consistently expressed its full support for this position'. It has told the committee that the value of portfolio holdings disclosure applies equally to superannuation funds and managed investment schemes.[31]

The role of auditors

4.34      Auditors perform a series of critical roles within the financial services system. There are internal auditors (internal to an entity such as the members of an entity's audit committee) and independent external auditors. The roundtable was concerned principally with the role of independent external auditors, including their relationships with audit committees. External auditors conduct audits of various entities including custodians, RSEs and REs. External auditors audit the financial statements of an entity and also carry out compliance plan audits where they check that an RE has complied with an MIS's compliance plan and whether the plan continues to meet the requirements of Part 5C.4 of the Corporations Act.

Asset verification

4.35      One of the key expectation gaps identified in the Trio report was the frustration expressed by regulators and investors over the inability of financial and compliance plan auditors to verify information. In terms of diagram 4.1, the committee was keen to determine who was responsible for verifying the existence of underlying assets and how this would be achieved in practice, particularly if those assets were held in an overseas hedge fund. The committee recognised that the process of verifying assets becomes even more problematic when, as in the case of Trio, one or more of the directors of the RE is complicit in fraudulent activity.

4.36      Mr Amir Ghandar, Policy Adviser for Audit and Assurance at CPA Australia, said that the external auditor of the financial statements was responsible for obtaining reasonable assurance 'as to the existence of the assets on the balance sheet' at the time of the annual audit.[32] CPA Australia confirmed that:

The same standards of obtaining reasonable assurance apply to all assets on the financial statements, regardless of whether those assets are held in Australia or overseas.[33]

4.37      However, Mr Ghandar recognised that the RE had an ongoing hands-on role in ensuring the security of scheme assets:

the responsible entities in terms of the assets within the fund have a really crucial role and perhaps more of a day-to-day and during-the-year role and maybe a more granular role than when you are looking at the case of a large set of financial statements. But, in saying that, I think in a complex system which involves quite a number of different players, what is really important with more accessibility to everyday Australians is that the information that gets to those Australians is in a format that they can understand, that is clear and that is reliable—and that is a big part of what auditors do in terms of the annual financial statement audit.[34]

4.38      Mr McKenzie confirmed the central role played by the external auditor in confirming the existence and robust valuation of underlying assets,[35] but he also drew attention to the significant difficulties in detecting fraud:

To be frank, from an external audit perspective, it is very challenging when there is fraud. We often send confirmations out to confirm the existence and valuation of assets. You receive a confirmation back in good faith. Certainly the antennae might be up if the fund is perhaps externally based overseas, so you might well dig a little deeper, but if you are receiving information back that appears bona fide it can be, I must say, quite a challenge.[36]

4.39      While recognising the vital role that financial and compliance plan auditors play in providing reasonable assurance to investors with regard to the position and performance of a scheme, One Investment Group argued that an expectation from investors that an auditor will provide absolute assurance that a scheme is free from error or fraud is 'unrealistic'.[37]

4.40      Furthermore, One Investment Group pointed out that the directors of a RE play the central role in ensuring the accuracy of financial statements, the proper operation of a scheme, and the protection and security of a scheme's investments.[38]

4.41      In effect, the RE is responsible for verifying the existence of scheme assets on an ongoing basis, whereas the auditor is responsible for obtaining reasonable assurance as to the existence of the assets at the time of the annual audit.

4.42      Both One Investment Group and BT Financial Group pointed out that it is also the role of the RE to appoint an auditor of sufficient capacity and competency to undertake the required audits.[39]

4.43      Mr McKenzie of Ernst & Young set out the process that an external auditor would go through to gain assurance regarding the assets of an MIS managed by an RE:

We may have some interaction with the auditor of the responsible entity of this investment management fund if the investment is a controlled investment of the entity that we are auditing-so a very significant investment. But if it is a 'normal' investment, we would more typically go straight to the investment manager because we have no contractual relationship-and, indeed, typically it would certainly be a different firm or a different partner who would be responsible for that other audit of the responsible entity. And looking at many of the funds that we would audit, there would be multiple funds that ultimately a superannuation entity would enter into and so this diagram [diagram 4.1] on the right-hand side could be replicated 20 different times.[40]

4.44      Mr McKenzie explained the interaction between the auditor of the custodian and the auditor of the investment manager that will be signing off on the financial statements. He said that each custodian would have one auditor that went in to test the internal controls, and provide assurance over the existence and valuation of those assets that they are able to verify. In the case of unlisted securities, the custodian auditor would typically flag any particular securities that have not been tested. When the receiving audit firms gets the opinions, it is then incumbent on that audit firm to approach the fund manager and get confirmation on asset existence and value for the unlisted securities that were not tested by the custodian auditor. Mr McKenzie said that this mechanism for reporting between auditors is transparent, efficient, effective and has been adopted globally:

There is an audit guidance in relation to dealing with both investment managers and custodians, GS 007, which sets out fairly clearly the responsibilities and the rights of both the user auditor—the auditor who is ultimately signing off the set of financial statements—and the auditor of, in this case, the custodian. There is quite a standard mechanism for sign-off of internal controls at the custodian, which has been in place for many years, where the custodian's auditor will go in and test the overall control environment at the custodian. That is an efficient and very effective mechanism. I cannot speak on behalf of the custodians, but as opposed to having every audit firm in Australia—be it State Street or BNP et cetera—going into it, you have one organisation very familiar with that organisation doing the control report.

That control report is a very transparent report. It clearly states that there are stated control objectives that have to be covered off in relation to a custodian. They are clearly stated in the GS 007, which was a development made over the last four or five years by the auditing standards board which states that you must cover off these control assertions. It is very transparent reporting on the testing that has been performed and on the results of that testing. That mechanism has been in place for many years. It has been adopted both locally and internationally, and I think that it is an efficient and effective way of gaining assurance over the controls that are operating.

On the question of asset existence and evaluation, under this GS 007 audit guidance standard there are mechanisms where the auditor of the custodian can provide that assurance to the ultimate auditor. The ultimate auditor, and indeed the trustee or the responsible entity, does not necessarily have to have that assurance. It is not as though it is forced upon them. But, again, it is seen as an efficient and effective way to gain assurance. So as opposed to each audit firm going in and testing valuations of, let's say, BHP shares for this managed scheme and that managed scheme, the one audit firm will test BHP in this case across all of the schemes and ultimately report that to each of the individual auditors. So it is, as I say, an effective mechanism; it is efficient. The reporting back is quite transparent.

... the existence of valuation of standard style investments—equities and fixed interest et cetera—is fairly straightforward, to be honest, and quite mechanical in how that is done. Where an issue arises, as we have also heard, is where it is an unlisted security. Typically, the auditor of the custodian will not form a view on those types of assets and will specifically call out in their audit opinion that they have not conducted testing on these assets—they typically will have a reference schedule where they are all listed.

Arguably, there has been a potential failing where receiving audit firms have got the opinions. They say, 'Great, we've got an opinion from Ernst & Young, PricewaterhouseCoopers or whoever else. Okay, we're done,' without detailed reading of what is included and excluded. I do not think this is a widespread issue, but I can see that it could happen. I know that some of my graduates get the files and say, 'We're done,' and I say, 'No, we are not done at all.' In these particular assets, where the other audit firm has not provided assurance at all, we must dig deeper, issue confirmations and get information from the fund managers ourselves on the existence and the valuation of the assets. You are right in saying that there is a mechanism in place. It is a well-documented and approved mechanism, if you like, through the auditing standards. I think it is efficient and effective, but, on the use of the material, you really need to understand what you are getting when you get the material; you must understand those reports in a lot of detail.[41]

4.45      In an answer to a question on notice, ASIC told the committee that as part of its audit inspection program report for 2011–12, it found that auditors of compliance plans 'did not always obtain sufficient and appropriate audit evidence on which to base their conclusions'. This included:

4.46      Mr McKenzie also pointed out that auditors of financial statements are registered with ASIC and submit annually information about the audits that they have conducted. However, he did not necessarily see a need for compliance plan auditors to be registered with ASIC, and said that Ernst & Young had a risk management policy that authorised only a small number of suitably qualified partners with the requisite levels of professional scepticism to sign compliance plan audits.[43]

Relationships between the auditor of the financial statements and the compliance plan auditor

4.47      Under section 601HG(2) of the Corporations Act, the auditor of an entity's compliance plan cannot be the auditor of that entity's financial statements, although the auditors may work for the same audit firm.[44] However, as Ernst & Young point out, 'there is no prohibition on the compliance plan auditor also performing the statutory audit of the fund's financial statements'.[45]

4.48      The committee sought clarification on why these auditing duties were separated, what impact, if any, it had on auditor performance, and which of the auditors would have responsibility for detecting fraud. Ernst & Young explained their understanding of the separation of compliance and financial statement auditing functions:

We understand that the segmentation between compliance plan auditor and the auditor of the Responsible Entity (RE) (not the fund financials) is due to the philosophy that the compliance plan auditor should have the best interest of the investors in the fund front of mind, while the auditor of the RE should consider more the interests of the shareholders of that corporate entity. There appeared to be a belief that there may be a conflict of interest if auditing both the compliance plan and the RE.[46]

4.49      While the separation of auditing roles was 'not a major concern' for Ernst & Young, it stated that:

The separation does not inhibit the performance of effective and robust compliance plan audits, but there is no doubt that having separate partners involved on what is effectively the one audit is less efficient.[47]

4.50      The committee also asked ASIC why the auditor of the entity's compliance plan cannot be the auditor of the entity's financial statements. ASIC responded:

The independence and objectivity of the auditor is an important contributor to audit quality and market confidence in the independence assurance provided by the auditor.  Having a separate person within a firm audit the compliance plan to the auditor of the financial report of the responsible entity can only enhance the independence and objectivity of the auditors.  The risk and perception that the auditor may be less willing to raise and report concerns in the compliance plan audit to avoid any impact on the relationship with the responsible entity and fees from that entity is reduced.[48]

4.51      As noted earlier, the directors and managers of the RE are charged with the responsibility to establish appropriate risk management systems to reduce the risk of fraud with regard to a registered MIS. It was also noted that the auditor of the financial statements is responsible for obtaining reasonable assurance as to the existence of scheme assets.

4.52      In terms of the assets of an MIS, Ernst & Young noted that although the compliance plan auditor would seek assurance about scheme property, 'typically such assurance will be provided to the compliance plan auditor from the financial auditor'.[49]

4.53      Given the separation of duties between a compliance auditor and financial statement auditor, Ernst & Young said that in general, a financial statement auditor would be 'better placed to identify instances of fraud' and that:

it would be unlikely, but not inconceivable, for a compliance plan auditor to identify instances of fraud. We form that view based on the quite specific role that a compliance plan auditor executes, being the assessment of whether the Plan complies with the Law and the operation of that plan in practice, as opposed to the broader role of a financial auditor.[50]

4.54      Nevertheless, both CPA Australia and Ernst & Young stated that an external auditor (compliance auditor or financial statement auditor) would report fraud to senior management and the directors (generally via the Audit Committee) and to ASIC.[51]

4.55      ASIC confirmed to the committee that a compliance plan audit is not designed to identify fraud. It noted that the audit might identify a failure to apply controls which would may help reduce the risk of fraud occurring and in this way may attract attention to a fraud.[52]

Suggestions to improve audit quality

4.56      The committee acknowledges that the audit profession is pursuing global and domestic initiatives and working with ASIC to improve audit quality and to render audits more meaningful for investors.

4.57      Dixon Advisory recommended three steps to improve audit quality within the existing regulatory framework rather than trying to raise the threshold for reasonable assurance (which would be unlikely to pass a cost benefit analysis):

4.58      CPA Australia welcomed specific suggestions that would make audits more meaningful for investors:

CPA Australia recognises the importance of the audits conducted in respect of managed investment schemes for investors and the public, and the need for these to be performed to as high a standard as possible. We believe the standards applicable for managed investment scheme audits are comprehensive, robust and internationally equivalent and are committed to constant improvement in audit quality (see also CPA Australia’s submission to the Committee dated 20 March 2013). We would welcome any specific suggestions as to how audits could be made to be more meaningful for investors.[54]

4.59      CPA Australia also supported the use of emphasis of matter paragraphs to highlight matters of importance and noted that the auditing profession is currently drafting new standards in this area:

CPA Australia supports the use of emphasis of matter paragraphs to highlight matters that are fundamental to users’ understanding of financial statements. A substantial project currently being undertaken by the audit profession is to expand the auditor's report to include narrative information on key matters of audit significance (see also response to question 9(b) of the questions on notice from the Committee). Based on early draft standards, we expect these enhanced requirements will include the auditor providing information regarding uncertainty in the financial statements such as accounting estimates with high estimation uncertainty. This model is expected to be encapsulated in a draft standard to be exposed in July 2013.[55]

4.60      Ernst & Young noted that emphasis of matter paragraphs are typically 'used to highlight uncertainty - about the future financial performance, or the outcome of a legal case, for example'.[56]  However, it stressed that the overuse of such paragraphs may be counter-productive:

While on first read of the above it may be concluded that arguably there should be more emphasis of matters in audit reports, ASA 706[57] does state that a proliferation of emphasis of matter paragraphs is not desirable as it diminishes the effectiveness of an auditor's communication with stakeholders. From an audit profession perspective we believe that it is more desirable that companies/funds provide adequate disclosure in the financial statements so that the need for emphasis of matters is diminished.[58]

4.61      Ernst & Young said that an audit is significantly more rigorous than a review, and pointed out that their reviews contain a declaration stating that the review does not express an audit opinion. It estimated that a review would cost about one-third the amount of an audit.[59]

4.62      While acknowledging that performing an audit twice a year would increase the level of assurance, CPA Australia pointed out that it would need cost-benefit justification from an investor perspective:

Requiring an audit every six months would increase the level of assurance obtained by the auditor in the half year engagement, and also increase the cost involved in comparison to a half year review. It is critical that any consideration of this suggestion is undertaken on the basis of the costs and benefits from the perspective of investors.[60]

4.63      Dixon Advisory maintained that a twice-yearly audit would be manageable because the additional costs would be spread across all unit holders in an MIS:

The cost impact per unit holder of the implementation of a more robust audit program and an increased standard of half yearly audits is unlikely to be material for the average MIS. This is because the cost will be proportionately shared across all unit holders regardless of if they are an active or passive investor. We are confident that unit holders would be willing to pay this additional cost as it would provide active investors with more reliable information on how their investment is being managed and passive investors would view the additional cost as the price of 'peace of mind'.[61]

Structure of the auditing industry and relationships with an audit committee

4.64      In the previous ASIC oversight report, the committee noted that the structure of the audit industry is of particular interest given that four large audit firms dominate the global and Australian audit market: PricewaterhouseCoopers, Deloitte, Ernst & Young and KPMG.[62]

4.65      The previous ASIC report also highlighted the provisional findings put forward by the Competition Commission in the UK that 'shareholders play very little role in appointing auditors compared to executive management', and that where the demands of executive management and shareholders differ, auditors compete to satisfy management rather than shareholder needs.[63]

4.66      The structure of the audit industry and the conflicting pressures that auditors face has raised concerns both internationally and within Australia about the extent of competition within the audit market and the potential impact on audit quality that arises when an audit firm has to balance commercial pressures (retaining client contracts) with adherence to audit quality (highlighting matters of concern in financial statements and/or compliance plans).

4.67      In responding to a question about whether they believed the findings of the UK Competition Commission were applicable to Australia, Ernst & Young said that this was not how the interaction between auditors, management, shareholders and directors worked in practice:

While globally and potentially locally the perception may be that external auditors 'compete to satisfy management' the reality is quite different. Certainly to ensure an efficient and effective audit it is appropriate to have good, professional, working relationships with management, however we clearly see that our ultimate stakeholder to be the shareholder. From a practical perspective, that relationship is managed by Board Audit Committees.

It should also be noted that shareholders, via the directors, do appoint external auditors, not management.[64]

4.68      An audit committee is a sub-committee of the main board that acts under delegated authority, furnishing a link between management, the board and the external auditor. It provides the interface for discussions with both internal and external auditors and its role is to ensure the 'integrity and transparency of corporate reporting'.[65]

4.69      CPA Australia pointed out that they have 'publicly supported the UK Competition Commission's proposals to strengthen the role of audit committees and enhance shareholder engagement in auditor appointments'.[66] It stated that because directors and audit committees represent shareholders and investors and also function closely with the business, they are the group best positioned to oversight the performance of the auditor.[67]

4.70      Ernst & Young said that the membership of the audit committee 'will generally dictate how robust they are in their assessment of an external auditor’s professional skepticism and work overall'. However, it did note that since the Centro failure, audit committees 'have become significantly more interested in the findings of the external auditor and engage/challenge with more vigour than historically'.[68]

4.71      Ernst & Young also explained its interaction with an audit committee, noting that not every RE has an audit committee:

If an RE has an Audit Committee (and not all do) then we would have a range of interactions with them. At a minimum we would:

Where an RE does not have an Audit Committee, then the interaction will vary depending on the overall corporate structure in which the RE operates in, whether there is a majority of independents (and therefore no need for a Compliance Committee), and the general preference/desires of the Board. At a minimum we would provide a copy of our engagement letter and then a letter to those charged with governance at the completion of the audit.[69]

4.72      In terms of the visibility of the contribution made by auditors, Ernst & Young said that:

Much of the auditors' best work is done behind the scenes, in discussions with client management about accounting requirements and key judgments and assumptions, to help produce information that provides a true and fair view and complies with accounting standards.[70]

Discussion on the role of trustees and the business and governance models of responsible entities

4.73      The following sections present the roundtable discussion on the role of superannuation trustees, the different business models and governance models used for REs, and the role of compliance committees.

The role of the trustee

4.74      As explained in chapter 2, a trustee is a person or company that holds or administers property or assets on behalf of a beneficiary. An APRA-regulated RSE is required to have a trustee. An RSE, whether an industry or retail superannuation fund, has a trustee board that is required to act in the best interest of scheme members. Board membership in an industry fund typically has both employer and employee representatives. By contrast, in a self-managed superannuation fund (SMSF), the members are the trustees.

4.75      The three main licensed trustee company roles are debenture issuers, RE and custodian. The role of the RE is similar to that of a trustee, but the RE has more statutory obligations.[71] As discussed in chapter 2, One Investment Group is licenced to act as a trustee for an unregistered MIS and as RE for registered MISs.

4.76      Dixon Advisory agreed that, where necessary, trustees need to engage independent experts to examine the assumptions and methodology used by custodians in asset valuations. However, they also noted that auditors are driving change in ascertaining the existence of underlying assets and their valuation:

Our experience is that auditors are already driving improvement in this area by ensuring that a process exists to make sure the assets held by custodians exist and the correct valuation in used.[72]

4.77      Ms Karen Volpato, Senior Policy Adviser at the Australian Institute of Superannuation Trustees (AIST), indicated that since Trio and with the changes to the superannuation system including MySuper, there was a heightened awareness among trustees of the need to be actively engaged in the valuation process and to review their risk management frameworks. She also noted that the new prudential standards are very detailed with regard to outsourcing arrangements that a trustee may have with a custodian, investment manager or fund administrator, and that when APRA conducts an operational review of a trustee, it is 'a long and extensive process'. As a consequence, governance issues and risk appetite are a high priority for trustees as they strive to achieve best practice.[73]

4.78      In response to a question about risk appetite, Ms Volpato gave the following description of how risk management might be consciously assessed within the trustee business:

For example, a question that could be asked of the trustees within a fund is: what keeps you awake at night, as a trustee, given your personal liabilities and responsibilities to the members of this fund? That might help highlight those particular issues that are of an extreme-risk nature to the fund. Then the entire management team and the trustee board have to look at the various processes and procedures within both the fund and the material outsourced providers—be they custodians, investment managers or fund administrators—and at how they can better ensure a decrease in the likelihood of this risk occurring.[74]

4.79      Mr Codina added that just as the Future of Financial Advice reforms would raise standards across the financial planning and advisory sector, the new prudential standards directly address operational and governance issues and would 'raise the bar' across the trustee sector.[75]

4.80      Speaking as a representative of a large group that contains Authorised Deposit-taking Institutions that have been subject to prudential standards for many years, Mr Brennan agreed that risk management standards would be raised because the new 'superannuation prudential standards are very closely modelled on the APRA prudential standards for large banks'. He noted:

Those are very high standards, matured over quite a long period of time, and as they are inculcated into the superannuation industry more widely in the coming years you will see quite an appreciable lift in risk management and, more generally, across the whole of the operation.[76]

4.81      The committee asked whether there were advantages in being able to act as both an RE and RSE. BT Financial Group pointed out that while it is a holding company and not a regulated entity, there are dual-regulated entities within its group. It noted that:

The Stronger Super reforms that have amended the duties of RSE licensees and their directors are very closely modelled on those that apply to REs.

By combining the roles of RE and RSE licensee in a single company and Board, the beneficiaries of the company’s managed investment schemes and superannuation funds benefit from:

Business and governance models for a Responsible Entity

4.82      In the Trio collapse, the RE (Trio Capital) was at the centre of the fraud. It acted as RSE trustee and as RE with responsibility for various MISs. The vast majority of the MISs were legitimate, but one (or possibly two) of the MISs was used as a vehicle for fraudulent activity.

4.83      Given the critical gatekeeper role performed by the RE and its directors in the financial services system (discussed in the earlier section on asset verification), and given that it was the RE itself that was involved in the Trio fraud, the advantages of a business model that operated with either an internal or external RE were canvassed at the roundtable.

4.84      Mr Epstein argued that an external independent RE is a preferable and more prudent arrangement because it 'minimises conflicts of interest and reduces the likelihood of the RE acting in a detrimental manner to investors'. He noted that the risk of an internal RE acting in a manner detrimental to investors is not necessarily removed with the appointment of non-executive independent directors.[78]

4.85      Expertise, specialist resources, and economies of scale were also nominated as additional advantages in a scheme appointing an external RE:

Further, an independent Responsible Entity that specialises in providing Responsible Entity services to a range of clients is likely to possess a higher degree of expertise and specialised resources to assist in the operation of a scheme in addition to providing better and truly independent oversight. Given the economies of scale an independent responsible entity can enjoy, there is no reason an external responsible entity should burden a scheme with additional costs when compared to an internal responsible entity. Whilst we are not proposing that an independent responsible entity be mandatory, perhaps an "if not, why not" approach similar to the ASX Listing Rules relating to Corporate Governance Principles could be considered.[79]

4.86      The merits of an internal versus an external RE were also discussed with respect to the size of the fund manager and their internal capabilities. Mr Epstein questioned the ability of smaller fund managers to conduct the RE function internally, and suggested that in such cases, the reasons for keeping the RE function in-house should be disclosed:

The argument I put forward in my paper is that the role of an independent responsible entity is absolutely critical. That is beneficial to my group in that we do look after a lot. I am not suggesting that groups such as BT, for example, outsource the responsible entity function. Without question, the responsible entity function within BT would be more than capable of performing that function, but ultimately it is the responsible entity that is responsible to the investors. So, whilst it might be appropriate for large responsible entities that look after large fund managers to perform that function, I propose that, in the event that you had a smaller manager or responsible entity looking after that function, there might be an expectation that that responsible entity or that fund would disclose why it did not see it as appropriate to appoint an external responsible entity. They have the expertise and they are independent of the manager.

My background is that I come from an environment where I have worked for what I would say is a fairly large fund manager. It had an internal responsible entity and I would argue that it is questionable whether an internal responsible entity, regardless of whether it has independent directors, is appropriately qualified to determine whether the operations of the fund are run correctly. They do not have the expertise. They do not have the ability to spend the time to actually overlook it day to day.[80]

4.87      However, Mr Brennan pointed out that the choice of internal versus external RE depends on the internal RE capability of the fund manager:

It comes down to fitness, properness, expertise and capability. We are a large organisation and our independent directors are extraordinarily able in this industry. They are, because we have selected them carefully. They keep the appropriate discipline on management. Management, in turn, is extraordinarily capable because we make sure that they are when looking at underlying investments that are being put onto our platforms to our trustee and made available to underlying investors. As you come down the scale [in terms of size and resourcing capability], the level of fitness and properness may not be as strong.[81]

4.88      Dixon Advisory disagreed with the view put forward by One Investment Group that an external RE is preferable. Instead, Dixon Advisory firmly favoured the internal RE model with an independent compliance committee:

In our view an internal RE with an independent compliance committee (ICC) represents the best model for investors. This is because the structured approach of an ICC with an ASIC approved compliance program drives a culture of compliance within the RE and ensures that there are unconflicted persons who can report breaches to ASIC.

We believe that an ICC should be required even if the board of the RE is majority independent. It is a mistake to assume that simply because the board is independent they have the relevant skill or time to appropriately attend to compliance reviews.[82]

4.89      Dixon Advisory highlighted significant disadvantages in the external RE model, and drew attention to a conflict between the commercial interests of the RE and its duty to the members of the MIS:

There are some strong disadvantages of the out-sourced RE model. These are:

4.90      Based on the arguments above, Dixon Advisory said that 'ASIC should consider disallowing' external RE arrangements.

The role of compliance committees

4.91      The role of compliance committees and the nature of compliance plan audits were a major issue in the Trio inquiry. KPMG suggested that there was a need for greater oversight of managed investment schemes. KPMG argued that one option would be to mandate a majority of truly independent directors of the responsible entity which would remove the need for a compliance committee.[84] The second option would be to strengthen the role of the compliance committees and hold management accountable for acting on the recommendations of the compliance committee.[85]

4.92      Dixon Advisory recommended that a compliance committee should be compulsory for REs in all cases:

Responsible entities should be required to have an independent compliance committee in all circumstances (compared to the current situation where they are only required in situations where the Responsible Entity’s board is not made up of a majority of independent directors). This will lead to a situation where all responsible entities have people whose sole responsibility is to ensure compliance.[86]

4.93      Noting some specific concerns with the first option (independent directors) put forward by KPMG, CPA Australia suggested that the second option of strengthening the role of compliance committees might be a more practical approach.[87]

4.94      Ernst & Young said that it has seen both models in operation and that 'it is difficult to comment if one is better/stronger than the other'. While noting that appropriately qualified independent directors could 'bring a wealth of experience, insight and challenge to a business', Ernst & Young did, however, identify a potential pitfall in a compliance committee that was divorced from the business:

What we would say however is that at times we have seen Compliance Committees operate quite separately from the business. While this is a positive from an independence of thinking perspective, it is also possible that there could be items that "fall between the cracks" without having a full business perspective.

The model adopted by businesses will depend on how they operate their RE. If the RE board is very active in the management of the business it may not be appropriate/desirable to have independents dealing in such detail (and incurring additional cost for the RE and ultimately the investors in the fund).[88]

4.95      Dixon Advisory was also of the view that the directors of an RE 'should have a minimum level of relevant education and experience in relation to the scheme they are managing'. They noted that at present, only the responsible manager has these requirements and yet the directors of the RE make most of the operational decisions for a MIS.[89]

4.96      Finally, given that a compliance plan auditor is only required to ascertain the compliance of an RE with its compliance plan, the committee was keen to establish who is actually responsible for ensuring that an RE adheres to the constitution of the RE's MIS. BT Financial Group confirmed that this was a responsibility for the RE's board of directors.[90]

Committee view

4.97      The committee believes that the relationship between REs and custodians is an important, but misunderstood, link in the operation of Australia’s financial system. The committee recommended in its Trio Capital report that ASIC consider changing the name 'custodian' to a term that better reflects the current role of a custodian.[91] The committee notes ACSA's concerns about the confusion that a name-change would create, given the term 'custodian' is widely used internationally. However, it believes there is a need to better inform investors about what custodians actually do. To this end, the committee supports proposals to ensure that REs and other financial product issuers provide clear disclosure about the role of custodians in Product Disclosure Statements and retail marketing material.

4.98      The committee notes ASIC's consultations over the past 12 months on issues including the net tangible asset (NTA) requirement for custodians. It supports ASIC's decision to increase the NTA requirement to the greater of $10 million or 10 per cent of average revenue. The committee also welcomes the recent changes to enhance custodians' obligations in asset disclosure. While this will impose additional work on custodians to supply the underlying data, this is outweighed by the benefits to superannuation trustees from greater transparency in complex and diffuse investment structures.

4.99      The committee believes that the recently legislated reforms to trustees' portfolio holdings disclosure requirements are both necessary and important. It will enable investors to better understand the risks associated with their investment and to monitor how the fund complies with its investment strategy. A similar requirement could be imposed on managed investment schemes.

Navigation: Previous Page | Contents | Next Page