On the Audit Committee’s agenda for 2018

The Audit Committee held seven meetings in 2018. The meetings were attended by the Chief Executive Officer and Chief Financial Officer, as well as the Internal Audit Director. Other members of the Management Board, Executive Directors and other managers and invited guests attended the meetings when appropriate. The meetings were also attended by representatives of the Company’s external auditor, Ernst & Young.



Our approach to the monitoring of the financial reporting process

As required by law, the Audit Committee monitored the process of financial reporting. The goal of the Audit Committee was to assess and provide advice to the Supervisory Board on whether the financial statements as well as the annual report, taken as a whole, secured faithful representation and relevance of the information necessary for shareholders to assess the Company’s position and performance, business model and strategy.

The Audit Committee reviewed the quarterly and annual financial statements during the drafting process. The Committee also reviewed Orange Polska Group’s strategy as well as budgets. The aim of the review was to ensure that the key messages being followed in the annual and periodic reports were aligned with the Company’s position, performance and strategy and that the narrative sections of the reports were consistent with the financial statements. In order to assess that the reports and the financial statements secured faithful representation and relevance of the information, the Audit Committee also reviewed reports on financial performance of the Company, accounting policies and procedures, accounting estimates and judgments, one-off items as well as market guidance and Orange Polska Group’s performance against the budget and other information with the aim to assess the Company’s situation, position and performance. The Audit Committee was satisfied that all the key events and issues which had been reported by the Management Board during the year, both good and bad, had been adequately referenced or reflected within the annual report.

In 2018, as a result of significant changes in accounting standards, the Committee put special attention to Alternative Performance Measures (APMs) to make sure that the APMs reported by the Orange Polska Group were in line with the ESMA guidelines, relevant and understandable to shareholders and reflected properly the way in which the Management Board manages the operations of the Orange Polska Group.

The auditor was regularly participating in the meetings of the Audit Committee and gave its view on issues significant from the accounting perspective as they were coming up during the year. Subsequently, the auditor presented and the Audit Committee reviewed and where appropriate discussed with the auditor the additional report prepared as required by the Regulation (EU) No 537/2014 of the European Parliament and of the Council (Audit Regulation).

Our approach to the monitoring of performance of the auditor

The Audit Committee is responsible for the relationship with the external auditor and that role involves examining the effectiveness of the audit process as well as the independence of the auditor. The auditor is Ernst & Young and 2018 was the fourth year of Ernst & Young being the auditor of the Orange Polska Group.

The Audit Committee reviewed the external auditors’ proposed audit plan for 2018 including key auditing matters to be focused on, the materiality level set for audit testing and schedule of planned works and reporting along with planned interactions with the Audit Committee. Subsequently, the Audit Committee reviewed and discussed the auditor’s recommendations, observations and comments on key areas requiring special consideration taking into account also the views of the Management Board on those issues. The key auditing personnel participated in the meetings of the Audit Committee to allow for discussion of all issues as they came up during the year. Also, private meetings with the auditor were held by the Audit Committee to ensure open and transparent discussion between the auditor and the Audit Committee without the presence of the Management Board. The Audit Committee monitored the progress of the audit and its quality against the audit plan throughout the year.

In addition, the Audit Committee supported by Internal Audit looked into conflict of interest issues given that Ernst & Young became a statutory auditor of a major competitor of the Company. The measures applied by Ernst & Young in order to secure confidentiality of information including but not limited to Chinese Walls were discussed with the auditor. Generally, the Audit Committee was satisfied with the procedures applied by the auditor in this respect, however, the auditor did not agree to allow the Company to have a right to audit the measures applied.

This topic will be considered when next run a tender process for audit services.

In order to assess the performance and independence of the auditor as well as generally the relationship with the auditor feedback was sought from all members of the Audit Committee, the Management Board, key members of the senior management team and those who have regular contact with the auditor. The feedback was collated and presented to the Audit Committee in April 2018. The Audit Committee also asked the auditor for its feedback on the co-operation with the Company. The conclusions were discussed and opportunities for improvement were brought to the attention of both the auditor and the Management Board and key personnel having regular contact with the auditor. Subsequently, the Audit Committee reviewed the report on progress with the implementation of the agreed changes.

In summary, the Audit Committee concluded that the overall external audit process and services were effective and satisfactory.

Our approach to assessing the independence of the external auditor

There are two aspects to auditor independence that the Audit Committee monitors to ensure the external auditor remains independent of the Company.

First, in assessing the independence of the auditor from the Company, the Audit Committee takes into account the information and assurances provided by the auditor. The Audit Committee received the auditor’s statement on independence made in accordance with the Polish Act on Auditors of 11 May 2017 (Polish Audit Act) and the Audit Regulation.

Second, the Audit Committee reviews the proportion of the value of non-audit services rendered by the auditor or its affiliated entities and the audit fees. As required by law, the Company has a Policy on the provision of authorised non–audit services by the audit firm and its affiliated entities. Following the Policy all authorised non-audit services should be approved in advance by the Audit Committee taking into account their potential influence on the independence of the auditor. Also, any additional audit service requires a prior consent from the Audit Committee. According to the relevant law as well as the Policy, authorised non-audit services are subject to a fee cap of no more than 70 per cent of the average annual statutory audit fee for the three consecutive financial years preceding the year in which the cap will apply. The 70% rule has been applicable since 17 June 2016 under the Audit Regulation. The Management provides the Audit Committee with information on the value of non-audit services compared to the average statutory audit fee presenting data for the previous three years. At the end of 2018 fees for non-audit services were at the level of 19% of audit fees. As shown in the chart below, fees for non-audit services in 2018 are lower than in 2017 and visibly lower in comparison to 2016. Ernst & Young provides also regulatory audit relating to the costs of regulated services rendered by the Company. That audit is commissioned by the regulator but it is costs are borne by the Company. The costs of regulatory audit are also shown in the table below.

In addition the feedback questionnaire referred to in the previous section included questions relating to the independence of the audit firm and individuals in the audit staff. There was no case of auditor’s independence threat observed and reported by the respondents.

Taking into account all aspects described above the Audit Committee was satisfied that the auditor continues to be independent.

EY network costs in Orange Polska Group (‘000)



Recommendation on the appointment of the statutory auditor

The Company, similarly as the Orange Group, last undertook a formal tender process for statutory audit services in 2014. The tender process for the Company was separate from the tender process for the Orange Group. Based on the tender, Ernst & Young was selected as an auditor of the Company and independently Ernst & Young was also selected as one of two auditors of the Orange Group. Ernst & Young presented their first audit report of the Orange Polska Group for the year ended 31 December 2015.

In 2017, based on the Polish Audit Act and Audit Regulation a new Policy on the audit firm’s selection was adopted by the Supervisory Board of the Company. The Policy formalised most of the requirements which were already followed by the Company but a new requirement was the time limitation for the appointment of an auditor to 5 consecutive years (with certain exceptions). In the beginning of 2018, the Audit Committee reviewed the prior year’s performance of the auditor and recommended to the Supervisory Board the reappointment of Ernst & Young as the statutory auditor for 2018 and 2019. The recommendation was based on competencies of the auditor, benefits of having an experienced audit team which has good knowledge of the Orange Polska Group from the previous three years cooperation, good performance so far and level of the fee. According to the Company’s Articles a statutory auditor is appointed by the Supervisory Board.

In 2019, the Company will undertake the tender for statutory audit service.

Significant issues considered by the Audit Committee in relation to the financial statements and how these were addressed

In relation to the group’s financial statements, the Audit Committee reviewed the following principal areas of judgement:

• The Group’s key judgments and estimates related to revenue recognition including significant one-off transactions such as:
  1. Accounting treatment of agreements signed by Orange Polska with the Digital Poland Project Centre and suppliers relating to the development of the broadband telecommunications network was an area of considerable judgement, both in consolidated and standalone financial statements. The Audit Committee focused among others on the accounting treatment proposed by the Management relating to the moment of recognition of EU funds. The Audit Committee also challenged the presentation of the whole transaction at the Group level, taking into account the fact that a subsidiary of the Group was a subcontractor to one of the suppliers and significant judgement was required to assess whether the supplier should be regarded as a principal or an agent. After a thorough discussion it was agreed that it should be regarded as an agent,
  2. Accounting treatment of an agreement with T-Mobile on telecommunications access to Orange Polska’s fibre network in the form of Bitstream Access (“BSA”). Based on the agreement, Orange Polska offered T-Mobile wholesale access to the Group’s fibre network in exchange for an upfront fee and monthly fees. The Audit Committee focused among others on identification of performance obligations in the agreement and their valuation resulting from allocation of the transaction prices between these performance obligations. The Audit Committee challenged also the period within which revenue from the agreement contract should be recognised;
• New accounting standards with a particular focus on:
  1. IFRS 15 ‘Revenue from Contracts with Customers’ implemented in 2018: recognition of separate performance obligations and definition of their stand-alone selling price being the basis for transaction price allocation between performance obligations,
  2. IFRS 9 ‘Financial Instruments’ implemented in 2018: the impact of expected losses approach on allowance for trade receivables and contract asset,
  3. FRS 16 ‘Leases’ implemented in 2019: new rules on leases definition, scope of leases and identification of lease contracts valuation and recognition, application of options allowed by the standard and determination of lease period.
• The Group’s valuation of the off-balance sheet commitments as reported in 2018 financial statements;
• Management’s assessment of risks related to claims and litigation as well as other matters and the level of related provisions or decisions on the lack of provisions;
• Impairment indicators and impairment test prepared by the Management as well as goodwill recognition and deferred tax recoverability;
• Management’s assessment of the length of the economic useful life of assets;
• Disclosures in the financial statements and Management’s report relating to new matters e.g. revenue disaggregation or key judgments;
• Distributable capital calculation.

Internal audit function and assessing the effectiveness of the internal audit function

The Internal Audit function provides the Audit Committee, the Management Board and senior management with independent and objective assurance and advice on governance, risk management and internal control. It assists the organisation in reaching its objectives by systematically and methodically evaluating its processes, risk management and internal control system.

In addition to reviewing the effectiveness of these areas and reporting on aspects of the Orange Polska Group’s compliance with them, Internal Audit makes recommendations to address any key issues and improve processes. Once any recommendations are agreed with management, Internal Audit monitors their implementation and reports to the Audit Committee on progress made at every meeting.

Internal Audit considers all of Orange Polska Group‘s activities, and reports to the Audit Committee, and to the Management Board President. The Director of Internal Audit attends all scheduled meetings of the Audit Committee, and also has the power to raise any matters with the members of the Committee without the presence of management.

Internal Audit responsibilities are clearly defined and approved as stated in the internal audit charter which is reviewed and approved annually by the Audit Committee. The Internal Audit function acts in conformity with the Standards for the professional practice of Internal Auditing and the Code of Ethics issued by the Institute of Internal Auditors (IIA). Internal Audit plans are drawn up annually and take account of risk assessment, changing business needs and issues raised by management, follow-up on prior audit findings and cyclical review planning. The approach also builds reserved hours into the plan for ad-hoc, specially requested audits, and for urgent audit issues that arise throughout the year. The annual plan of Internal Audit is submitted for review of the Audit Committee and approval of the Management Board President. Progress against the annual Internal Audit plan, is monitored and regularly reported to the Audit Committee.

In the course of its work, the Internal Audit function also liaises with the statutory auditor, discussing relevant aspects of their respective activities and assisting them in internal control testing which ultimately supports the assurance provided to the Audit Committee and management.

The effectiveness of the Internal Audit is monitored using the quality assurance and improvement programme which is composed of internal assessment activities and annual external assessment by IFACI - l’Institut Francais de l’Audit et du Controle Internes (the French Chapter of the IIA). Following the assessment carried out in 2018, Orange Polska’s Internal Audit maintained its IIA certification from IFACI.

The Audit Committee reviews the annual plan of Internal Audit, its budget and progress reports. The Committee monitors the periodic reporting on internal audit actions and findings and responsiveness of management to Internal Audit recommendations. In addition, the Committee meets privately with the Director of Internal Audit and reviews the independence of the Internal Audit process.

Risk management

Risks are identified within all relevant business units. The risks which are perceived by members of the Management Board or Executive Directors as most significant for Orange Polska operations are qualified as top risks. In addition to top risks, emerging risks which may become top risks in the longer term are also identified. Review of top risks along with emerging Corporate governance risks and their update is done and reported twice a year. The Audit Committee receives a report on top and emerging risks once a year in April. Every year in October top and emerging risks are reported to the Supervisory Board. The top risk analysis is taken into account in the preparation of the annual Internal Audit plan. The plan addresses different aspects of top risks. The plan is submitted for review from the Audit Committee and approval from to the Management Board President.

The Audit Committee reviewed the effectiveness of the risk management system and verified the key risks in terms of their impact on the strategic objectives of Orange Polska, Management’s approach to the risks and effectiveness of the assigned mitigation actions.

Internal control

The Management implements internal controls at various levels of the organisation. The scope of these controls starts from, but is not limited to, transactional level controls, line managers’ or corporate reviews, trend analysis, reconciliation controls and goes up to the entity level controls. The aim is to provide reasonable assurance in safeguarding assets, detecting errors, the accuracy and completeness of accounting records, and the overall reliability of the financial statements. The Company continuously monitors the evolution of the control environment. It ensures that all significant changes are sufficiently controlled and any identified deficiencies in the internal control system are addressed with action plans. On a quarterly basis, the internal control system is monitored in a self-assessment tool implemented by the Company and, in addition senior managers certify the effectiveness of the internal controls in their areas of responsibility. On a yearly basis, the controls are subject to testing by the Internal Control team, Internal and External Auditors, and the results are reported to the Audit Committee.

The Audit Committee received reports from the Management on the internal control system, and monitored the appropriateness of the “control culture” as well as the way risks were identified, managed and disclosed. The Committee also reviewed reports from the management on implementation of actions in response to comments on internal controls from the internal and external auditors. In addition, the Audit Committee received assurance from management after completion of a yearly comprehensive assessment of Orange Polska Group’s internal controls over financial reporting. All deficiencies identified were corrected or appropriate action points have been adopted. Management concluded that there were no weaknesses that would materially impact internal control over financial reporting in the year ended 31 December 2018.

Compliance

Matters related to the implementation of the Compliance Management Programme are reported to the Audit Committee in the following areas: ethics, general compliance with laws and regulations, anti -fraud, security and anti-corruption. As part of its periodic reports, the Compliance Management function informs the Audit Committee about activities carried out, including the results of inspections initiated by notification of irregularities through dedicated channels. Orange Polska actively cooperates with the Compliance functions within the international Orange Group, sharing good practice and maintaining the Group’s anti-corruption standards.

The Compliance Management Programme in Orange Polska embraces the Company’s obligations to act in line with the law, applicable standards, regulations, market and industry standards, as well as ethical principles, both in dealings with clients and business partners and between employees. One of the key elements of the Compliance Management Programme is the Anti-Corruption Policy, through which the Company adopts a zero-tolerance approach towards corruption with regard to every aspect of its activities. The correct application of Anti-Corruption Policy rules is supported by internal regulations with detailed guidelines and instructions aiming to identify and effectively prevent irregularities.

Another integral part of the Programmme is the Anticorruption Guidelines which introduced thresholds for offering and accepting gifts, meal and entertainment in scope of business relations.

The Compliance Management area provides continuous information and training to build employees’ awareness and knowledge. If a problematic situation arises, employees can access ongoing consultation, advice and opinions.

Whistleblowing

The Company provides different channels of communications where all employees and stakeholders can also report their doubts or observed irregularities (such as conflict of interest, cases of corrupt behavior or other violations of applicable laws) through dedicated channels, either anonymously or openly, without fear of negative consequences. All such notifications are treated confidentially and examined and addressed with due diligence. The whistleblowing system is fully confidential and guarantees anonymity. The Audit Committee reviews the summary of cases reported via the whistleblowing system.

Monitoring changes in the legal environment and changes in accounting standards

Relevant changes in the legal environment, together with updates to accounting standards and recommendations from regulatory bodies, were considered by the Audit Committee, as well as the question of how Orange Polska Group approached and implemented them. The Committee also reviewed the improvement of alternative performance measures disclosure in line with ESMA guidelines.

Other areas of interest

The Committee reviewed and issued opinions on significant transactions with related parties, in line with internal regulations and best practices of corporate governance. Orange SA’s nominees are excluded from voting at Supervisory Board meetings and Audit Committee meetings on transactions involving Orange SA or its subsidiaries. The Committee reviewed other matters of interest, including but not limited to revenue assurance, hedging and insurance tax and review of the exposure of the Company resulting from the implementation of the General Data Protection Regulation. Also the Committee issued opinions on other matters referred to the Committee by the Supervisory Board and/or the Management Board including financing and granting bank guarantees to Orange Polska’s subsidiaries.