Opening Statement – Parliamentary Joint Committee Inquiry into the Regulation of Auditing in Australia: Gary Lennon, Chief Financial Officer
Thank you for the invitation to appear before the Committee this morning, to discuss the regulation of auditing in Australia. I am joined by Shaun Dooley, NAB’s Chief Risk Officer.
As Chief Financial Officer, I am accountable to NAB’s 573,000 shareholders, regulators and nine million customers for the quality of our financial statements.
Accordingly, I am invested in ensuring the highest standards of audit quality – and support the Committee in exploring ways to strengthen practices here in Australia.
As Australia’s leading business bank, NAB relies on quality external audits in our credit assessment processes for many business customers.
It is also a timely review, as I expect that audit practices will fundamentally shift over the next five to ten years, facilitated by technology and more sophisticated data analytics.
At the same time, safeguarding the independence of the external auditor is fundamental to providing shareholders and customers confidence in financial information.
EY provides external audit services to NAB and as such, is subject to our External Auditor Independence Policy.
The Policy sets limitations on work EY can provide – specifically, work that is not audit, audit-related or taxation-related.
This excludes EY from most project and advisory services which are typically undertaken by other major accounting firms for NAB.
In 2018 NAB appointed EY to conduct a review of our risk management framework in accordance with prudential standard CPS 220.
EY had performed similar reviews for other major banks and as such offered valuable insight on industry practices.
The appointment of EY was consistent with our Independence Policy, as the nature of the work was assurance related, and required by regulation.
It was also consistent with APRA’s requirement that the work must be undertaken by operationally independent personnel.
Noting that NAB’s internal audit team also meets the ‘operationally independent’ criteria, NAB chose to seek an external perspective.
EY’s conclusion was that NAB needed to improve its risk management frameworks and their application. Its recommendations were expansive, detailed and actionable.
Our work to strengthen risk management has been informed by EY’s report, as well as our Self-Assessment into our governance, culture and accountability practices.
Along with the Royal Commission, it sets out a blueprint for reform, which is critical to our long-term performance. We have made progress but acknowledge more work is required.
The regulation of audit in Australia is an important topic for NAB but also for confidence in the financial system.
Shaun and I look forward to your questions. Thank you.