Audit and Risk Management/Internal and External Audit
The Audit and Risk Management coordinates with the internal and external auditors to perform its duties and responsibilities under the Manual on Corporate Governance. The Committee's scope of responsibility covers the financial reporting process, internal control system, audit process and compliance and reporting to the Board and shareholders. The Committee meets at least four times a year, and may convene additional meetings as may be necessary.
The Manual also mandates the company to have an independent internal audit function which shall be performed by an internal auditor or a group of internal auditors. The internal auditor is responsible for ensuring that the company's key organizational and procedural controls are effective, appropriate and complied with. The Internal Auditor reports to the Audit and Risk Management.
The Manual also contains safeguards in the selection and engagement of the external auditor. The stockholders select and appoint the external auditor upon the recommendation of the Audit and Risk Management. The external auditor shall be rotated or the handling partner changed every five (5) years or earlier. It shall not at the same time provide the services of an internal auditor to the company, which must ensure that other non-audit work shall not be in conflict with the functions of the external auditor. The resignation, dismissal or cessation from service of an external auditor and the reasons for the same, as well as any disagreements on accounting principles or practices, financial statement disclosure or auditing scope or procedure, must be reported in the company's annual and current reports.
The Audit and Risk Management Charter
SMDC's Audit and Risk Management has adopted a Charter to govern the Committee's operations and define its purpose, authority and responsibilities. Under the Charter, the purpose of the Committee is to assist the Board in fulfilling its oversight responsibilities for the internal control system as well as the processes for financial reporting, audit, risk management and monitoring compliance with laws and regulations.
Under its Charter, the Committee is authorized to conduct an investigation into any matter within the scope of its responsibility. The Committee's specific responsibilities include the following: check all financial reports against its compliance with internal financial management systems and pertinent accounting standards; monitor and evaluate the adequacy and effectiveness of the company's internal control system; review and approve the annual internal audit plan and the annual internal audit report; recommend to the Board the appointment, replacement and dismissal of the Internal Auditor; recommend to the Board the external auditor who will be endorsed to the stockholders for selection and appointment; pre-approve external audit plans and evaluate non-audit work by the external auditor; review with management and the external auditor the company's annual financial statements and any issues encountered by the external auditor in the course of its audit; coordinate, monitor and facilitate compliance with laws and regulations; and report to the Board on Committee activities, issues and recommendations.
Internal Audit Charter
SMDC has an Internal Audit Charter that defines the Internal Audit Group's purpose, responsibilities, authorities and standards of practice. Under its Charter, the purpose of Internal Audit is to provide an independent, objective and systematic approach to evaluate the adequacy and effectiveness of risk management and organizational and procedural controls. The specific responsibilities of the Internal Auditor include the following: (i) develop and implement an annual audit plan using an appropriate risk-based methodology; (ii) report to the Audit and Risk Management and management on the results of audit activities; and (iii) assist in the investigation of significant suspected fraudulent activities within the company and notify the Audit and Risk Management and management of the results.
To maintain its independence, the Internal Auditor will report functionally to the Board, through the Audit and Risk Management and senior management, and administratively to the President.
In the course of its work, Internal Audit is authorized to have unrestricted access to all functions, records, property and personnel, as well as free access to communicate with the Audit and Risk Management and management. Internal Audit is also authorized to obtain assistance from other employees of the Company and from external consultants whenever necessary to carry out its responsibilities.
The Charter also lays down certain standards of audit practice. These standards stress the importance of Internal Audit's coordination with the Audit and Risk Management and the rest of the groups within the company and the confidentiality of information obtained in the course of audit. Thus, the Charter mandates Internal Audit to maintain effective relations with the operating management and staff. Any problems encountered in the course of audit work must be promptly discussed with the Audit and Risk Management. Internal Audit must not divulge audit findings to anyone and instead must report these directly to the Audit and Risk Management.
The principal accountants and external auditors of the Company is the accounting firm of SyCip, Gorres, Velayo and Company (SGV and Co.).
Related Party Transactions
SMDC practises full disclosure of details of related-party transactions. The nature, extent and all other material details of transactions with related parties are disclosed in the company's financial statements and quarterly and annual reports to the SEC and PSE. The financial statements and reports are also available in the website and readily accessible to the public.
At the meetings of the Audit and Corporate Governance Committee, the management presents information on the transactions entered into by the company with related parties. The company ensures that all related-party transactions are conducted on an arms' length basis.