Audit and Risk Committee Terms of Reference

The Audit and Risk Committee is a sub-committee of the HM Revenue & Customs (HMRC) Board. These are the terms of reference to enable the Audit and Risk Committee to discharge their responsibilities to provide assurance to the Board and Principal Accounting Officer as to the veracity of the financial statements, the efficacy of risk management and the strength and appropriateness of control processes across HMRC.

The scope of this responsibility will be all aspects of the business within HMRC and issues relating to the Valuation Office Agency (VOA) as escalated.

1. Membership

1.1 The Audit and Risk Committee will have three members, drawn exclusively from non-executive Board members. At least one member will have relevant financial and audit committee experience.

1.2 A minimum of two members will be required for the meeting to be quorate.

1.3 The Secretariat will be responsible for:

  • preparing the agenda
  • commissioning and quality assuring briefing papers
  • producing and circulating draft minutes of the committee meetings to members and standing invitees, normally within ten working days
  • maintaining an action log
  • maintaining the forward look of items for the committee’s attention
  • ensuring committee papers are maintained in accordance with the Code of Practice for Records Management
  • preparing notes for the Chairman’s report to the Board

2. Reporting

2.1 The Chairman of the Audit and Risk Committee will provide a report (either verbal or written) of the key points to the Board after each meeting.

2.2 Draft minutes of the committee will be circulated to the Board as soon as practical and if necessary prior to ratification at the committee’s next meeting.

2.3 The Chairman of the Audit and Risk Committee will provide an annual report to the Board, timed to support finalisation of the accounts and the Statement on Internal Control, summarising the Audit and Risk Committee’s conclusions from the work it has done during the year.

2.4 Periodically the Audit and Risk Committee will provide a review of its terms of reference and its work to the Board.

3. Responsibilities

3.1 The Audit and Risk Committee will review assurance processes and actions in relation to management of risks and their reflection in the HMRC’s risk register and the underlying processes, in addition they will advise the Board and the Principal Accounting Officer on:

  • the strategic processes for risk, control and governance and the Statement on Internal Control
  • the accounting policies, the accounts, and the annual report of the organisation, including the process for review of the accounts prior to submission for audit, levels of error identified and management’s letter of representation to the external auditors
  • the planned activity and effectiveness of both internal and external audit
  • adequacy of management response to issues identified by audit activity, including external audit’s management letter
  • assurances relating to the corporate governance requirements for the organisation
  • (where appropriate) proposals for tendering for either internal or external audit services or for purchase of non-audit services from contractors who provide audit services to the department
  • anti-fraud policies, whistle-blowing processes, and arrangements for special investigations

3.2 The Audit and Risk Committee will review significant issues identified by Internal Audit, National Audit Office (NAO), ExCom and the Board, and require senior executives to provide an account of action being taken to address these issues. The Director of Internal Audit (IA) and the representative from NAO will have free and confidential access to the Chair of the committee.

3.3 The Audit and Risk Committee will also review areas of risk:

  • escalated via the departmental risk register
  • referred by the Board or ExCom for in-depth review, challenge and assurance
  • regarded as high profile carrying significant reputational risk and external interest for example information security

4. Meetings

4.1 The Audit and Risk Committee will meet bi-monthly, with an additional meeting arranged in June to review the final resource accounts and trust statement. Throughout the year agendas will reflect core seasonal work including: resource accounts, trust statement, Statement on Internal Control, IA plans, updates and annual report, NAO plans and updates and National Insurance Funds accounts. The Secretariat will maintain a forward look which will include this work and reflect Finance, IA and NAO timetables.

4.2 The Board or the Accounting Officer may ask the Audit and Risk Committee to convene further meetings to address time critical issues.

4.3 Programmed committee meetings will be preceded by a pre-meeting of the Audit and Risk Committee members, Director IA and the NAO representative(s). The pre-meeting will discuss the forthcoming agenda to ensure understanding of the issues and highlight areas of concern to the members.

4.4 The following will be expected to attend each meeting:

  • Chief Executive (CE)
  • Chief Finance Officer (CFO)
  • Director, Internal Audit
  • Assistant Auditor General, National Audit Office
  • Director, Governance and Security or Director, Risk Management

4.5 Other senior executive staff will be required to attend as the accountable owner of 4.5 specific issues scheduled to be discussed by the committee.

4.6 The Audit and Risk Committee may ask any or all of those who normally attend but who are not members to withdraw to facilitate open and frank discussion of particular matters.

5. Liaison with Valuation Office Agency (VOA)

5.1 The Chairman of the Audit and Risk Committee will meet annually with the chairman of the VOA Audit Committee to discuss common issues around governance, risk and control.

5.2 The Audit Committee will receive an annual report from the VOA Audit Committee Chair.

6. Information Requirements

6.1 For each meeting the Audit and Risk Committee will be provided with:

  • a report summarising any significant changes to the organisation’s Risk Register
  • a progress report from the Head of Internal Audit summarising:
  1. key issues emerging from Internal Audit work
  2. management response to audit recommendations
  3. progress against work planned/significant changes to the Audit Plan
  4. any resourcing issues affecting the delivery of Internal Audit objectives

(Key issues will be reported to every Audit Committee and a full Assurance report will be provided quarterly)

  • a progress report from the external audit representative summarising work done and emerging findings


6.2 As and when appropriate the committee will also be provided with:

  • proposals for the terms of reference of Internal Audit
  • the Internal Audit Strategy
  • the Head of Internal Audit’s Annual Opinion and Report
  • quality assurance reports on the Internal Audit function
  • the draft accounts of the organisation
  • the draft Statement on Internal Control
  • a report on any changes to accounting policies
  • external audit’s management letter
  • a report on co-operation between Internal Audit and NAO

Minutes