Integrity is a fundamental characteristic that our clients expect and trust we have. Integrity is also one of KPMG’s main values.
This Pillar of our strategy addresses the material theme that was considered by our stakeholders to be the most important: conduct ethical business. In addition, it deals with questions that have an impact on the quality and independence of the services we provide, which refers to the third theme Identified by our stakeholders.
Ethics, professionalism and integrity of our people enables KPMG to be one of most highly regarded Professional services companies worldwide. As has been demonstrated, transparency and integrity are values of our Organization. Consequently, KPMG International relies on policies and procedures that are strengthened by the involvement of experienced leaders from each member firm. These leaders emphasize the importance of quality control, risk management and compliance, and act as examples in providing services that reflect quality and integrity.
In this chapter we deal with these procedures in detail. A lot of the quality control and risk management processes are multi-functional, and also applicable to the Tax and Advisory areas. However, we stress that the emphasis in this chapter in on the Audit practice, and thus, some of the procedures cited may not apply in full to the other two areas.
At KPMG, the quality of an audit goes beyond issuing a correct opinion, and includes how we reached this opinion. This refers to the processes, thinking and integrity on which an audit is based. KPMG sees the result of a quality audit being an appropriate and independent opinion in accordance with legal and professional requirements. This means, above all, being independent, being in compliance with the relevant legal and professional requirements and offering our clients an impartial and informative vision.
Through the Risk Management area, we manage factors that could have an impact on our business, our professionals and clients, the capital market and the environment in which we operate.
For us, risk management, which includes our operational risks, is accompanied by the quality control of our services since, in our business segment, objective, quality work is a determining factor to meet the public interest and retain the confidence of the capital markets and that of regulatory bodies. Thus, we provide quality services, based on independence, integrity, ethics and objective behavior, and our anticorruption and anti-bribery procedures permeate the management of these risks through all the network of independent entities that operate under the brand KPMG in Brazil.
In order to make feasible this management, we maintain an internal structure, represented in the next page, consisting of partners, directors, managers and technical staff.
The mission of this department, besides risk management, is to spread professional practices and accounting standards, working together with professionals from the Organization, providing technical support and coordinating the implementation of quality programs.
In Brazil, we have a quality system for the audit practice, aimed at meeting the requirements of
Brazilian Law, Professional Standards, the rules of the International Federation of Accountants (IFAC), the rules adopted by the Public Company Accounting Oversight
Board (PCAOB) and the regulations from the European
Union and the US Security and Exchange Commission (SEC).
|
|
The support teams for this structure comprise an integrated management, which includes five fundamental groups for quality control and risk management throughout KPMG in Brazil: (i) independence, integrity, ethics and objectivity; (ii) people management, including professional training and development; (iii) acceptance and continuance with clients and work; (iv) execution of work; and (v) monitoring. We present below, some of the most relevant aspects from these groups.
The procedures that are part of each one of these groups are related, as demonstrated in our Code of Conduct, Global Marketing Risk Management (GMRM), Global Quality and Risk Management Manual (GQ&RM Manual) and training on ethics and independence and anticorruption.
KPMG International is signatory to the Anticorruption Principles from the World Economic Forum. www.weforum.org/issues/partnering-against-corruption-initiative
GRI 4.8
In Brazil, we adopted and disseminated the Code of Conduct: Performance with Integrity, which expresses the commitments to our public and the behavior to be adopted by our professionals to ensure ethical principles in their relations with the Organization, with other professionals, clients and with the community.
The Code emphasizes the personal responsibility of each Professional to observe legal and ethical Standards which apply to their position, as well as disclosing the resources and channels available to provide assistance on the themes covered.
We seek to establish an open and honest communication with all our stakeholders, based on ethics, objectivity and transparency. Therefore, both the GMRM and the GQ&RM Manual provide guidelines to ensure that these principles are present in the relationships with the organization’s stakeholders:
GRI PR6
All of our communication and marketing material is continually revised by qualified professionals from GB&RC, and consists of a set of principles and rules prepared by KPMG International which have to be adopted by the member firms to ensure global consistency of the brand name, control the risks related to its reputation and manage client expectations with respect to the services provided, with the disclosure of clear and objective information. In 2011, we had a team of 16 professionals qualified in these norms.
GRI PR3
Our contracts are based on the GQ&RM Manual, and seek to achieve transparency in client relations, and are available to all professionals on intranet.
Main information and specifications stated in the contracts agreed between KPMG and its clients | |
---|---|
Scope of services | The scope and purpose of the KPMG engagement, with limitations on the work expressly stated. |
Description of products | Description of what will be submitted, the nature (report, presentation, etc.) and possible limitations. |
Timetable | Whenever agreed with the client, the timetable for undertaking and concluding the work. |
Client responsibilities | Client responsibilities for providing information, assistance to KPMG and decision making. |
Fees | Determining fees for the services provided,
collection methods, payment, interest on accounts overdue and currency in which payment will be made. |
Subcontracting | For the services when this is permitted, inform any subcontracting of specialists. |
KPMG responsibilities | The limit on responsibilities is subject to legal or regulatory restrictions and is included in each contract. |
Beyond Compliance
KPMG is aware of the importance of disseminating its values throughout the organization, and as such, extends the training in Ethics & Independence to all professionals from the administrative areas, even though this is not required by professional regulations.
GRI 4.6
To achieve independence, ethical work and the objectivity of our professionals during the services provided, we have a policy that establishes the norms for relationships with our public, for example, assessing any possible conflict of interests prior to allocating a professional on certain projects.
KPMG in Brazil also monitors compliance of its investment policies, whether of the Organization or its partners, directors and managers, through an automatic integrated tracking system of independence based on the Web. This system contains a list of public stock corporations, their branches and financial institutions and the types of securities they issue.
It also includes a list of investments held by KPMG in Brazil and other financial relationships that have to be analyzed prior to KPMG in Brazil accepting a new client. The independence department continually updates this list and these relationships.
Prior to acquiring securities, the partners, directors and managers have to use the independence tracking system to determine whether the investment is restricted. They also have to inform all of the movements in individual investments within 14 days after purchasing or selling investments.
If a security becomes restricted in a subsequent date, the holders of these amounts will receive automatic notification stating that they have to dispose of the restricted investment.
The Global People, Performance and Culture Manual informs the conduct to be adopted at each of the human resource management areas, as an integral part of the process for analyze quality and risk management, attending to the norms enacted by the local laws and also professional requirements in Brazil, requirements of the Federal Accounting Council (CFC), IBRACON – Institute of Independent Auditors in Brazil, the National Monetary Council (CMN), the Securities Commission (CVM), the Secretary for Complementary Social Security and by international bodies, such as Public Company Accounting Oversight Board (PCAOB) and US Security and Exchange Commission (SEC).
Every year, Training in Ethics and Independence is provided, which is mandatory for all partners, partner-directors and other technical professionals that provide services to clients, and also Anticorruption Training, mandatory for all professionals. After concluding this training, the professionals sign a term confirming their understanding and compliance with KPMG policies and their independence in performing the services. During the period covered by this report, 100% of the required professionals - that had to receive the training - were trained in the Ethics & Independence and Anticorruption policies.
GRI SO3
|
We work diligently to avoid any conflicts of interest arising. In addition to the tools and systems to improve the independence, integrity and objectivity of the work of our professionals, we have a global, exclusive system, called Sentinel.
Finally, to offer services with consistency and integrity, we have implemented the rotation of audit partners, in compliance with legislation, which limits the number of years that the leaders can provide this type of service to the same client. This exchange of leaders assists us to develop transition and succession plans, which encourages the continuity of our business.
The dynamic nature of our work and the environment in which we operate demands that we continually seek professional excellence. Consequently, in addition to the specific training stated before, our people management includes actions to attract, retain, train, develop and recognize our professionals, which reflect the way we want to grow and be recognized.
This system is presented, in general terms, beside, but is presented in more detail in the next strategic Pillar People.
We rely on policies and procedures for assessing risk that support decision making regarding the acceptance of and continuity with clients and projects, for example, the tools referred to previously, CEAC and Sentinel. Rigorous compliance is essential for us to provide professional services with quality and integrity that are necessary for building more ethical and sustainable markets.
Identification of risks from assessment of the company’s background, its administration, businesses and other relevant questions, focused on integrity. Acceptance or otherwise of a client is determined by a partner who assesses the client, and this has to be approved by the partner responsible for risk management, when necessary. |
Assessment of risks and skills of the client’s financial management team, and additional safeguards can be introduced to the services, in order to mitigate any risks identified. |
Assessment of other relationships and services provided by KPMG to the potential client that are not related to the Project, to avoid potential conflicts of independence. Acceptance of the Project is approved by its potential leader, and another senior professional, when necessary. |
The continuance of each client and Project is assessed every 12 months, or less – if specific questions of integrity are identified. The company’s risk factors are revised and possible changes to determine the continuance of the services provided. |
The execution of our work also follows methodological guidelines and policies that aim to maintain integrity, compliance with local and international regulations and the incorporation of good global practices so that ethical behavior is observed during all of the stages of the services.
Our methodology includes an assessment of the information system, and our professionals from Information Technology Advisory Services (ITAS), are responsible for performing the corresponding tests.
The professional practice, risk management and quality control are the responsibility of each KPMG Professional, who has to adhere to the policies and procedures (including independence policies) and to the extensive range of tools developed to support them in attending these expectations. The policies and procedures we have established for audits include the requirements for accounting, audit, ethics and quality control norms and other relevant laws and regulations.
We invest significant resources to maintain our standards and tools up to date. Our global audit methodology, developed by the Global Service Centre (GSC), is based on International Standards on Auditing (ISA).
The methodology is included in the KPMG Audit Manual (KAM) and contains requirements that go beyond the ISA, for cases where KPMG understands that this increases the quality of our analyses. The member firms of KPMG International can also include local procedures to comply with professional, legal or regulatory requirements.
Our audit methodology is supported by eAudIT, an electronic audit tool from KPMG, which provides the auditors from the member firms worldwide with the methodology, guidelines and knowledge of the sector necessary to render efficient and high quality audits.
The work flow for eAudIT provides the teams with immediate access to relevant information at the correct time during the audit, thus increasing efficiency and value for our clients. The main activities included in the eAudIT work flow are:
Engagement set up
Risk assessment
Tests
Completion
KAM includes, amongst other things, the procedures intended to identify and assess the risk of material misstatement and procedures to respond to those assessed risks. Our methodology encourages engagement teams to exercise professional skepticism in all aspects, from the planning to performing the audit.
KAM includes the implementation of quality control procedures at the engagement level that provides us with a reasonable assurance that our engagements comply with relevant professional, legal, regulatory and KPMG requirements.
The policies and procedures established in KAM are specific to audits and supplement the policies and procedures set out in the Global Quality and Risk Management Manual (GQ&RM) which is applicable to all KPMG International member firms, functions and personnel. The provisions of International Standard of Quality Control I (ISQC-I) are addressed through KAM and through member-firms implementation of the Q&RM Manual.
Monitoring procedures complete the groups from our quality control system and risk management, and include permanent assessments by means of internal and external reviews to check the integrity and independence of our professionals and adherence to our practices, methodologies, training and internal controls.
The verifications, to which we are subject, and for which we have always received adequate classifications, are:
In the period covered by this report, no sanctions or fines occurred as a result of these reviews. GRI PR9
In addition to these reviews, other monitoring is performed in relation to compliance with ethical standards and the integrity of our professionals and assessments of any deviations in our procedures or professional norms to which our services are subject.
One of these monitoring procedures is performed by the Disciplinary Committee, which is responsible for analyzing information and documents that suggest possible violations of the rules and policies related to risk management, ethics and integrity and training by any professional, including partners.
If evidence of such is confirmed, the violation is qualified between one of four categories (light, medium, severe or very severe violations) and could result in disciplinary measures that vary from simple notification to additional training or financial penalties to variable remuneration to rescission of the employment contract.
In addition, we provide a confidential international hotline for denouncing possible illegal, ethical violations or violations of norms and standards, coordinated by an independent supplier and can be contacted by all our public, 24 hours a day, seven days a week.
All of the contacts received are registered and a confidential investigation process begins, which is also consistent with legislation in force and our norms and procedures.
During the period covered by this report, no case of corruption was registered by any of our monitoring tools. GRI SO4
Hotline for Denouncing Unlawful Acts By telephone: Brazil – 0800 891 7391 Other countries – (www.kpmg.com/Global/en/Pages/International-hotline-numbers.aspx) On-line: www.clearviewconnects.com/ By post: P.O. Box 11017 – Toronto, Ontário – M1E 1N0 Canada |