Audit Committee report

The EOH Audit Committee ('the committee') is pleased to submit its report for the year ended 31 July 2021, which has been approved by the Board. This report has been prepared in compliance with section 94(7)(f) of the Companies Act and in accordance with the mandate given by the Board.

The number of meetings and attendance per committee member are shown in Corporate governance.

The Board is satisfied that the members of the committee have the necessary skills and experience to enable the committee to fulfil its  duties.

The appointment of committee members will be subject to approval by shareholders at the next AGM to be held on Wednesday, Thursday, 2 December 2021. The biographies of the directors who have made themselves available for election to the committee can be viewed in the AGM notice.

COMMITTEE PURPOSE

The main role of the committee is to provide independent oversight  of:

• the integrity of the annual financial statements and other external reports issued by the Company; and
• the effectiveness of the organisation's assurance services and functions, particularly focusing on combined assurance arrangements, the finance function, external assurance service providers and the internal audit function.

TERMS OF REFERENCE

The committee terms of reference, which were approved by the Board in 2019, remained unchanged in 2021, and are aligned with King IV.

MEETINGS

Six meetings of the committee were held during the year under review.

The Chairman of the Board, the Chief Executive Officer, the Chief Financial Officer, the Chief Risk Officer, the Company Secretary and other members of senior management as required, attend committee meetings by invitation, but have no voting rights.

Similarly, external and internal auditors attend committee meetings by invitation, but have no voting rights.

The Chairperson of the committee reports to the Board at all Board meetings on the activities and recommendations of the committee.

The Chairperson of the committee periodically meets separately with the external auditor and the internal audit executive without members of executive management being present.

PROGRESS ON 2021 FOCUS AREAS

The committee's key focus areas for the 2021 financial year included:

Focus areas	Response
Overseeing the implementation of the combined assurance model and the embedding of the internal audit charter	The committee received and reviewed reports from all assurance providers, including internal and external auditors, and continued its oversight over the governance of the organisation and the continuing maturity of the control environment. The combined assurance forum was implemented, with governance and operational activities, as well as key stakeholders, being mapped out by assurance champions.
Ensuring compliance with the JSE guidance letter on financial controls to assist the CEO and CFO in meeting the new requirements	In compliance with JSE requirements, the committee considered a detailed assessment of the entity level controls ('ELCs') and a risk assessment control model ('RACM') on the financial statement close process ('FSCPs'). Progress has been detailed below.
Monitoring progress on the deleveraging plan to ensure that the appropriate capital structure is attained without erosion of value	Due to the strategic and long-term sustainability strategic importance of the deleveraging plan, it was decided to create a Board subcommittee to focus on monitoring the plan. Consequently, the Assets Disposals and Strategic Acquisitions ('ADASA') Committee was formed towards the end of the 2020 financial year. The committee's report is outlined in Asset Disposals and Strategic Acquisitions Committee. The Audit Committee continued, however, to monitor the liquidity and capital structure of the organisation by reviewing reports from the Treasury department.
Review relevant submissions and reports issued by internal and external assurance providers	The committee continued to receive and review reports from both PwC and the internal audit function.
Monitoring the organisation's control environment and engaging with relevant people - both internal and external - as required, to  effectively discharge its responsibilities	Outcomes of assurance activities by both PwC and internal audit were presented to and reviewed by the Internal Audit Committee. The progress on the audit action plans was also monitored to ensure that management was taking appropriate remedial steps where required.
Reviewing relevant reports and position papers prepared by management relating to technical accounting standard changes to  ensure that all material risks are addressed	Reviewing relevant reports and position papers prepared by management relating to accounting standard changes to ensure that all material risks are addressed. Reviewing management submissions on technical accounting and tax matters such as IFRS 15, IFRS 9, IFRS 16, IAS 36, IFRS 5 and transfer pricing policy.
Oversight over Group tax matters	Reviewed the Group tax exposures and assessed the appropriateness of the Group tax policies.
Review of the adequacy and appropriateness of provisions	Reviewed progress on litigation and legal exposures and the related accounting applied and disclosure included in the annual financial statements, note 26.
External audit considerations	Determined the auditors' terms of engagement and fees for 2021. Fees paid to auditors for the year under review are disclosed in note 26 of the annual financial statements. Satisfied itself with the performance of the external auditor and designated registered auditor and further that they are accredited on the JSE's list of auditors and advisers. Satisfied itself that the designated registered auditors are within their tenure and rotation requirements. PwC raised a reportable irregularity relating to the supply of certain equipment and software by a subsidiary within the Group. PwC concluded that this matter was no longer occurring as the Company had acted on this matter. The Company's actions are set out in the Directors' report and in note 34 of the consolidated financial statements. The committee recommends the reappointment of PwC at the AGM.
Key audit matters	The committee reviewed and considered the key audit matters relating to goodwill and intangibles, as well as the indirect tax exposures for the Group.

INTERNAL AUDIT

The in-house internal audit function, which was established in 2019, has grown and scaled up its resourcing with skilled and highly experienced individuals. The growth in the effectiveness of the function has contributed significantly to the audit charter becoming embedded in the committee and the Group. The Chief Audit Executive reports directly to the Audit Committee Chair, in line with best practice. Summaries of the internal audit reports were reviewed and discussed at committee meetings and, where appropriate, recommendations were made to the Board. The audit action plans are monitored on a monthly basis with management, and the Group Executive Committee is informed regarding the progress of implementation.

Notwithstanding the resource constraints caused by COVID-19, significant progress was made on the 2020 internal audit plan. In  addition, the internal audit universe was finalised after intensive engagement with key stakeholders in the Group, resulting in the finalisation of the three-year audit plan and budget. The function was instrumental in establishing and embedding the combined assurance model across the organisation. Some of the activities in 2021 include:

• Engaging first and second-line assurance providers
• Conducting workshops and training
• Performing the assurance mapping
• Publishing an assurance of gap assessment reports.

The focus in 2022 will be on implementing control strategies and embedding continuous awareness and reporting.

The medium-term goal is to obtain PwC audit reliance on some assurance areas. Internal audit is also pleased to be rolling out its CA training programme in partnership with SAICA.

JSE REQUIREMENTS FOR CFO/CEO RESPONSIBILITY OVER FINANCIAL CONTROLS

The EOH Group CEO and CFO have, in compliance with the new JSE requirements, made an undertaking on the adequacy and reliability of internal controls around the preparation of annual financial statements. This includes an undertaking by management that where deficiencies and weaknesses have been identified, these have been reported to the Audit Committee. In compliance with this requirement, the committee considered a detailed assessment of the ELCs and well as an RACM on the FSCPs. The primary objective of this assessment was to conduct a gap analysis review to identify shortcomings in the current process, as  well as to enable the committee to:

• Identify and define the critical internal controls and understand the impact of control failure on the organisation;
• Determine which existing evaluations are performed and who provides the assurance over the adequacy and effectiveness of these controls; and
• Develop a standard consolidated report of the critical controls identified.

This process was conducted with the participation of the first, second and third-line assurance providers.

The committee has satisfied itself that there are adequate and effective entity level controls relating to the risk assessment, control activities, information and communication and monitoring of the control environment. These pillars of controls are mainly predicated on the oversight and monitoring role played by the Board subcommittees, the combined assurance model, as well as the control self-review through the management attestation process.

While no significant gaps were identified with the entity level controls, several internal control deficiencies were identified by various combined assurance players across various areas relating to this process. However, the committee has satisfied itself that none of these deficiencies have a material effect for the purposes of the preparation and presentation of financial statements for the year under review. The committee is also not aware of incidents of fraudulent activities that would render the financial statements unreliable.

The committee is also cognisant of the target operating model initiative that is being put in place by management. Management has in the past been constrained by an ERP system that was not fit for purpose. This technological environment has resulted in control activities that are largely reactive and not proactive. Significant progress has already been made in implementing a new ERP system that will not only deliver efficiencies, but also enable the control activities that are challenging under the current technology. This will also be enabled by a data strategy that will ensure that all financial reporting information is accurate, reliable and complete. The benefits of this are expected to be realised in the latter part of the 2022 financial year. The committee is satisfied that this initiative will remediate the identified material control deficiencies in  a  sustainable manner.

The committee looks forward to the journey towards control maturity which will be enabled by the new target operating model, as  well the combined assurance model.

DISCHARGE OF RESPONSIBILITIES

The committee is satisfied that it has conducted its affairs, discharged its legal and other responsibilities as outlined in its charter, the Companies Act and King IV. The Board concurred with this assessment.

CONCLUSION

The committee has had due regard to the principles and recommended practices of King IV in carrying out its duties and is satisfied that it has discharged its responsibilities in accordance with its terms of reference.

The full Audit Committee report can be found in the annual financial statements.

Mike Bosman
Chairperson, Audit Committee

26 October 2021