The Hallmarks of Good Governance in Academy Trusts

This series of posts examines what effective governance in academy trusts looks like and how boards can create a framework to deliver their core purpose and properly discharge their duties.

With the demise in the role and capacity of local education authorities, England’s state education system is moving inexorably moves towards a school-led system with a diverse landscape of structures, partnerships and institutions entrusted with delivering statutory education with public funds. The need for robust governance and accountability has never been greater. At the same time, schools are subject to so many regulations and reporting requirements, it can be difficult to see the wood for the trees. The spotlight from Government and regulators on sound governance in the education sector has never been stronger. However, trustees face a daunting task in assembling a picture of all the requirements: so in this series of posts we aim to provide a route map, explain and demystify.

What is governance and why is it important?

A system of governance is all about the way organisations are directed, controlled and held accountable to deliver their core purpose over the long-term. The organisation’s structure, practices and procedures should all be organised so that the organisation achieves its core purpose, mission and goals, whilst complying with the law and sound ethical practice.

A sound governance framework will:

  • Set out the shared purpose, vision and values of the trust
  • Enable the trust to develop an agreed strategy to implement the purpose
  • Ensure oversight and monitoring of the organisation’s performance along the way
  • Ensure the organisation remains accountable for delivering its mission.

Positive benefits of good governance in academy trusts include:

  • People will trust and respect the organisation (including pupils, parents, funders, regulators, suppliers and the wider community)
  • The organisation will know where it is going
  • The board will be fully connected with management, the academy’s operations and wider stakeholders
  • Good and timely decisions will be made
  • The board will be better able to identify and manage risks
  • The organisation will avoid mistakes and have greater resilience to cope with problems
  • The organisation should enjoy improved financial stability

Where governance is strong, standards of attainment are likely to be higher because pupils are known and supported to be their best, the quality of teaching is a constant focus of attention, and the leadership of the academy is held to account for the performance and wellbeing of the children.” – Collaborative Academies Trust, 2014.

The pivotal role of the Board

The academy trust’s board is at the epicentre of the system of governance. They must set out the academy’s vision (what the school will look like in 3-5 years time) its values, the shared moral purpose that should run through all the academy’s actions. In most cases, this will be about improving children’s lives through excellent teaching and learning and preparing young people for the challenges of later life.

The model Articles for an academy trust (the main governing document) usually contain an anodyne statement that its object is “to advance for the public benefit education in the United Kingdom…by establishing, maintaining, carrying on, managing and developing a school offering a broad and balanced curriculum.” It therefore falls to the Board to put the flesh on the bones of this and stamp their particular vision and ethos on the trust.

The Department of Education’s view (Governance Handbook, 2015) is that the Board has three core functions:

  1. To ensure clarity of vision, ethos, strategic direction and structure
  2. Hold the Headteacher to account for the educational performance of the school and its pupils and the performance management of its staff;
  3. Oversee the financial performance of the school(s) and make sure money is well spent.

Those are certainly three key strands to the Board’s work, but there is a lot more besides! One of the key challenges for members of an academy trust board is to think and act strategically. The Board should continually review and evaluate the strengths, weaknesses, opportunities and threats and consider how best to play to the organisation’s strengths, or bolster the required competencies. Board members are not there to provide operational oversight or ‘second guess’ the executive managers. Nor are they there to represent or advocate for a particular constituency or interest group. The primary consideration must always be what is best for the pupils. The changing landscape and increasing levels of accountability and responsibility will require high calibre trustees with specific skills and attributes, who are able to step out of their comfort zone to lead school improvement, provide a high level of professional challenge and work as team players on dynamic boards. Running an Academy trust is like running a business, albeit one with a social purpose. Board members must understand that they have corporate collective responsibility and can be personally liable in some circumstances in the event of regulatory action or a legal claim (e.g. breach of trust, accounting irregularities, or negligence leading to personal injury).

The trend now is towards smaller, more strategic and skills-focused board, with less prescriptive structures and a definition of purpose more aligned to the new educational landscape. The National College of Teaching and Learning (Governance of MATs, 2015) has set out the skills and attributes required of trustees. Trustees should:

  • constantly focus on what’s best for the school and pupils by challenging in a constructive manner, asking probing questions, and visualising the strategic picture, in terms of both the trust and the schools within it. See more on developing strategy.
  • understand and effectively carry out their roles, responsibilities and accountabilities, with the ability to take risks and consider dynamic and innovative options
  • be able to analyse data, measure and lead school improvement and drive the necessary changes – useful starting points for monitoring data include the OFSTED data dashboard, Fischer Family Trust Governor dashboard (which measures ‘value added’ by the school based on socioeconomic factors) and the Wellcome Trust Questions for Governors.
  • understand the financial and the business aspects of leading a trust, as well as the legal implications and how the trust and the business work
  • work as part of a team and accept shared responsibility and accountability, as well as undertaking frequent self-evaluation in order to remain effective
  • act with a strong moral purpose, integrity and honesty, and as an advocate for the trust’s values, ethos and philosophy
  • express disagreement in a rational and professional manner
  • adopt an entrepreneurial mind-set in order to see and make the most of opportunities that are outside the day-to-day practices of the trust or schools
  • be innovative, creative and open-minded by engaging in futures thinking and ‘horizon scanning’
  • ensure that they have the commitment and stamina to drive forward the trust, as well as the will to abandon the ‘good’ in order to find the ‘outstanding’.

Composition of the Board

The model Articles state that the number of trustees shall be at least 3, but not subject to any maximum. The Chief Executive / Executive Principal may choose to act as a trustee, but is not obliged to. No more than one third of trustees can be paid employees of the trust. Normally, there must be at least 2 parent trustees (who are parents or carers of a registered pupil at the school) and who are properly elected by parents/ carers. However, (somewhat controversially) in the case of a multi-academy trust, this requirement can be dispensed with, if there is parent representation on local governing bodies. Care must be taken if appointing persons who are employees or councillors of a local authority – their involvement must be kept below 20% of the membership to avoid accounting difficulties.

Beyond that, there is some flexibility to decide the composition of the Board. There will usually be a specified number of trustees appointed by the members and by the external sponsor (if there is one). The Board can co-opt further trustees as it wishes. In practice, trusts have usually adopted one of three models – the traditional model where trustees are drawn from the stakeholder groups such as parents, staff and the community; representation model where there is a group of schools, the board is made up of representatives from each constituent school- the problem is that this can become unwieldy as the group grows and there is potential for inherent conflicts of interest; the third model, usual in sponsored academies, is for the sponsor to appoint the majority of trustees.

The default term of office for a trustee is 4 years, however, trusts may instead opt for retirement by rotation on an annual or bi-annual basis, in which case an annual general meeting of the members may need to be held to deal with appointments. The National Governors Association recommends that Chairs should serve no more than six years and no trustee should serve more than two terms.

The Financial Handbook requires that Board meetings take place at least three times a year (and business can conducted only when quorate), although trusts may consider it appropriate to meet more frequently, particularly in medium-sized and larger trusts with more complex structures, and any undergoing a period of change.

There is no perfect model for the Board, although the trend recently has been toward smaller boards, with an emphasis on getting the right skills mix. The starting point is to get the right people round the table.

Recruitment and succession planning

There should be a formal, rigorous and transparent procedure for the appointment of new directors to the board’ – UK Corporate Governance Code

There are various sources of potential new trustees, including the Chamber of Commerce, local charities or housing trusts, or through organisations such as Academy Ambassadors, SGOSS, Inspiring the Future. It is important to cast the net wide and consider what skills the candidate needs to bring.

Succession planning is a key factor which ensures expertise is shared across the system and prevent boards stagnating or individual trustees or governors gaining too much power and influence. Ideally there should be an annual re-election of Board and committee chairs.

The absence of a succession plan can undermine a company’s effectiveness and its sustainability. It can also be a sign that the trust is not sufficiently clear about its purpose, and the culture and behaviours it wishes to promote in order to deliver its strategy

The Chair’s role is pivotal

The Chair of the academy trust plays a key role in giving the board leadership and direction, ensuing that trustees work as a team and understand their accountability and role in the strategic leadership of the schools and in driving improvements.

The Chair must be able to:

  • Articulate the vision, shape the culture, build a team and attract trustees and local governors with the necessary skills, values and principles, ensuring that tasks are delegated, followed up and accomplished, and who can ensure board members feel that their skills, knowledge and experience are used
  • Develop a positive relationship with the CEO/ Executive Principal as a critical friend offering support, challenge, and encouragement, holding the CEO to account for outcomes across the trust and ensuring there is rigour in the management of their performance
  • Pursue a relentless focus on school improvement – this should be the focus of policy and strategy and scrutiny and challenge by the board and its committees should reflect this
  • Leadership – ensuring that systems are in place to meet statutory obligations, terms of Funding Agreement, value for money from resources that board business is conducted effectively, including effective minute-taking and agendas.

You can read more on the role of the Chair here.

Given the increasing demands on trustees and governors, it perhaps not surprising that HM Chief Inspector of Schools, Sir Michael Wilshaw last November called for Chairs and Vice Chairs to be paid for their work. “The role is so important that amateurish governance will no longer do. Goodwill and good intentions will only go so far,” Wilshaw said. He was also concerned about governors who “lack curiosity” and hold “an overly optimistic view” of how their school was performing.

In all their dealings Academy trustees local governors and the Accounting Officer are expected to adhere to the Nolan Principles of Public Life: selflessness, integrity, objectivity, accountability, openness, honesty, and leadership. See more.

Next time: we will examine the framework of governance in academy trusts.

Mark Johnson is a highly experienced independent solicitor & chartered secretary supporting academy trusts, free schools & other education providers with their governance arrangements, legal and compliance matters. He is an independent member of a MAT audit committee. He offers a cost-effective governance review GovernanceCHECK360™ for academy trusts

If you would like to be kept up to date on more topics like this, then why not sign up to receive our regular newsletter.

What Does an Effective Audit Committee Actually Do? – Part 2

In Part 1 of this post, we considered the role and functions of the audit committee in overseeing risk management and internal controls, and monitoring the effectiveness of internal and external auditors. In this post, we explore the practical arrangements which make the audit committee successful.

Composition of the Audit Committee

The UK Code states that an audit committee should have at least 2 members who are independent non-executive directors (3 for listed companies). (i.e. they are not salaried employees, ex-employees or otherwise in a business relationship with the organisation). Appointments should be made by the Board in consultation with the Audit Committee chair. Usually appointments are made for 3 years, extendable for further periods. At least one member should have ‘recent and relevant financial experience’ and ideally a professional accountancy qualification. The role of the Chair is critical to success of the committee. A good chair will be independently minded, promote open discussion, manage meetings to cover all business and encourage a candid approach from all participants. An interest in and knowledge of financial and risk management, audit, accounting concepts and standards, and the regulatory regime are also essential. A specialism in one of these areas would be an advantage. Outside the formal meetings, the chair will usually meet periodically with the CEO, finance director, external auditor and head of internal audit, as well as the Chair of the Board.

The committee will need access to suitable resources to ensure agendas, board packs are distributed in advance and timely, accurate minutes are prepared. As a matter of good practice, the company secretary should normally act as secretary to the audit committee. Audit committee members must be given suitable induction and ongoing training, which should include understanding of financial statements, application of accounting standards, regulatory and legal developments affecting the organisation’s business, as well as risk management techniques. Internal and external auditors could usefully help with this as part of their retainer.

What makes an effective audit committee?

Recent research by Grant Thornton (Knowing the Ropes, 2015) found that the following qualities are found in effective audit committee members (ranked in order):

  • Ability to ask challenging questions
  • Recent and relevant financial experience
  • Audit experience
  • Ability to think clearly
  • Experience from being an executive team member elsewhere
  • Relevant industry background
  • Good listening skills
  • An eye for detail
  • Experience of other audit committees
  • Team-working skills

The FRC has recently proposed an amendment to its guidelines which recommends the audit committee should include competence relevant to the specific sector in which the organisation operates.

Some key questions which the audit committee should address include:

How do we know that there is a comprehensive process for identifying and evaluating key risks across the organisation and deciding what levels of risk are tolerable?

How do we know that the culture of risk management in the organisation is appropriate and how well people are supported to manage risk well?

How do we know how well the organisation identifies and reviews emerging and novel risks?

How do we know that the internal audit strategy is appropriate to deliver reasonable assurance on risk, controls and governance?

How do we know that accounting policies, financial management, and accounts are highlighting hidden financial risks?

How appropriate are the anti-fraud, whistle-blowing and conflicts of interest policies?

How do we know that management follows up on recommendations by auditors?

How do we know we are being effective in our work as a committee and making an impact on the organisation?

Running the audit committee

The audit committee chair should decide the timing and frequency of committee meetings, and the committee should meet as many times as the role and responsibilities require – typically there will be 3-4 meetings per year. FRC Guidance suggests the following:

  • There should be at least 3 committee meetings per year, timed to coincide with key dates in the financial reporting and audit calendar, for example, to examine the audit plan before it commences, and to review the draft annual report and accounts before approval by the Board; to review the effectiveness of the audit process once it is complete.
  • Sufficient time should be allowed between audit committee meetings and meetings of the main board to allow work arising from the committee to be carried out and reported to the Board as a whole.
  • Only the audit committee chair and members are entitled to attend meetings of the committee. Salaried executives attend by invitation and may be asked to leave for certain items of business. It is usual for the Accounting Officer (usually the CEO) and Finance Director to attend regularly.
  • At least once a year, the audit committee should meet the external and internal auditors, without management being present, to discuss its responsibilities and any issues arising from the audit.
  • Work continues outside of formal meetings, with the Chair keeping in contact with key people such as the Board Chair, CEO , Finance Director, audit lead partner and head of internal audit.

It is very important to have a clear channel of communication between the audit committee and main Board. If the audit committee chair does not sit on the main board, it will be necessary to arrange for the chair of audit to meet with the Board to report on any findings and programme of work carried out. FRC Guidance recommends that the report should cover:

  • Any significant issues found with the financial statements and how these were addressed
  • An assessment of the effectiveness of external audit and recommendations on the selection, reappointment or removal of the auditor
  • Issues where the Board has asked for the audit committee’s opinion

A typical cycle of meetings might be

Meeting 1

  • approval of internal audit plan for following year in conjunction with review of risk register
  • consideration of external audit pre-scoping report
  • review of routine internal audit reports

Meeting 2 

  • presentation of draft accounts and statement of internal control
  • review of external audit report on accounts
  • review of annual internal audit report for year
  • review of other assurance reports for year
  • review of risk register

Meeting 3

  • post audit effectiveness review
  • review of routine internal audit reports
  • review of strategic and operational risk registers
  • ‘deep dive review’ of a key risk area

Meeting 4 

  • review of routine internal audit reports
  • review of risk registers
  • ‘deep dive review’ of a key risk area

Strive for continuous improvement

Audit Committees should assess their performance annually. Typically, this review will cover areas such as reviewing and, if necessary, updating their terms of reference, assessing whether sufficient resources have been deployed to support their activities, the effectiveness of meetings, procedures for induction, training and succession planning,  and the quality and value of internal and external audit activities. An external review can help to bring an independent perspective. The Committee should draw up its own plan for improvement as a result of the self-assessment, either  requesting future training or development for members, or in changes to its processes and procedures.

Final thoughts

Audit Committees have a crucial role to play in the governance of any organisation – unless they report effectively on the relevance and rigour of the underlying structures and processes and on the assurances that the Board receives, the entire governance framework can be compromised. Effective audit committees provide comfort and reassurance to senior managers, ensuring that the organisation has a sound base for growth and protection against nasty surprises. Audit Committee members must therefore take responsibility for scrutinising the risks and controls affecting every aspect of the business. Whilst the role of an Audit Committee member is demanding, it can also be an enriching and rewarding experience.

If you need help in establishing an audit committee, an independent review of its effectiveness or advice on any other aspect of corporate governance, please get in touch.


Mark Johnson is an experienced solicitor & chartered company secretary supporting businesses, charities, social enterprises & academy trusts on governance, compliance & legal affairs. He also serves as an independent audit committee member for a leading Multi-Academy Trust. Please get in touch or 01625 260577.

If you would like to be kept up to date on more topics like this, then why not sign up to receive our regular newsletter.

What Does an Effective Audit Committee Actually Do?

Part 1 – Role of the Audit Committee

The audit committee makes up one of the three pillars of the Board committee system and forms a critical part of the overall framework of corporate governance for medium to large companies, housing associations, charities, academy trusts and public sector bodies. Experience shows that the role is not an intuitive one and there is often confusion about the purpose of an audit committee.

For example, in a recent Education Funding Agency webinar, a leading accountancy practitioner was asked what is the role of the audit committee in an academy trust? He replied that its job was ‘to manage risk in the organisation’. That may be his perception, but in practice how can this group of usually 3-5 non-executive members possibly have eyes and ears in every corner of the organisation? Do they really have the time and resources to achieve that result? Or is it more a case of providing oversight and ‘reasonable assurances’ to the Board and external stakeholders that appropriate systems and controls are in place? In this piece, I look at the role and functions of the audit committee and share some lessons on what makes it effective.

Why have an audit committee?

In the education sector, all academy trusts with an annual income over £50 million are required by the Financial Handbook to appoint a dedicated audit committee (smaller ones may combine this function with other committee business), under the NHS Codes of Conduct and Accountability and the Monitor Governance Code health trusts are required to establish one, local authorities are required by accounting standards to establish one, the National Housing Federation Governance Code requires that ‘All but small non-developing organisations must have a committee primarily responsible for audit, and arrangements for an effective internal audit function’. Similarly, HM Treasury requires that all government departments, executive agencies and arm’s length bodies should establish an ‘audit and risk assurance committee’. UK listed companies are required by law to have an audit committee.

The UK Corporate Governance Code (widely regarded as the gold standard of best practice) requires that boards should establish formal and transparent arrangements for:

  • Consideration of how they should apply reporting and risk management and principles of internal control; and
  • Maintaining an appropriate relationship with the organisation’s external auditors

These functions are discharged by establishing a formal audit committee with clear terms of reference.

The Board must put in place governance structures and processes to ensure that the organisation operates effectively, meets its strategic objectives and provides the Board with assurance that this is the case. However, even the best structures and processes can let down an organisation if they, and the assurances they provide, are not operated with sufficient rigour. Boards are ultimately responsible for assessing risk, signing off financial statements and the accuracy of public announcements. There can be significant personal liabilities for getting it wrong. Board members need to be reassured that they can rely on the information being presented to them.  Boards look to their audit committee to review and report on the relevance and rigour of the governance structures in place and the assurances the Board receives. The Audit Committee supports the Board in this area by obtaining assurances that controls are working as designed and by challenging poor sources of assurance.

What are the functions of an audit committee?

The UK Code lists the role and responsibilities of an audit committee:

  • To monitor the integrity of the organisation’s financial statements and any formal announcements relating to financial performance
  • To review the organisation’s internal financial controls, internal control and risk management systems
  • To monitor and review the effectiveness of the organisation’s internal audit function (if it has one, and if there is not, annually consider whether there ought to be one in the light of current risks and trends in the market)
  • To make recommendations to the board in relation to the appointment, reappointment or removal of the organisation’s external auditors
  • To approve the remuneration and terms of engagement of the external auditors
  • To review and monitor the independence of the external auditors, as well as the objectivity and effectiveness of the audit process
  • To develop and implement a policy on using external auditors to provide any non-audit services
  • To report to the board on how it has discharged its responsibilities.

The Code recommends that part of the organisation’s annual report should describe the work of the audit committee.

The Financial Reporting Council has published extensive guidance on the role of the audit committee. Of particular note are the following points:

  • The organisation’s management is under an obligation to make sure that the audit committee is kept properly informed and should take the initiative in providing the committee with information instead of waiting to be asked – this is crucial since the audit committee can only work properly if it is kept informed.
  • Whilst the core duties of the audit committee are oversight, assessment and review of systems and functions in the organisation, it is not the duty of the committee itself to carry out those functions or to make or endorse substantive decisions. Executive management prepares financial statements, auditors prepare audit plans. Executive management is responsible for actually managing risk (within the risk appetite and tolerances set by the Board as whole). The audit committee’s role is to provide reasonable assurance to the board and external stakeholders that the functions are being carried out properly. They must flag up issues indentified. FRC guidance recognises that, faced with unsatisfactory explanations by management, the committee may ‘have no alternative but to grapple with the detail and perhaps seek independent advice’. They might also from time to time carry out thematic reviews of known areas of high risk on their own initiative.

In the public sector, HM Treasury sees the role of the audit committee ‘is also to act as the conscience of the organisation’ and to provide insight and constructive challenge where required, for example, on risks arising from increasing constraints on resources, new service delivery models, information flows on risk and control and the general agility of the organisation to respond to new risks.

Oversight of risk management and controls

The effective development and delivery of an organisation’s strategic objectives, its ability to seize new opportunities and to ensure its own long-term survival depend on its identification, understanding of, and response to, the risks it faces. In an earlier post we looked at how boards can develop an effective approach to risk management. Risk appetite is the level of risk that the organisation is willing to take in pursuit of its objectives (it can have ‘upside’ as well as ‘downside’). It is concerned with the amount and types of risk the Board would like the organisation to take without a serious threat to its financial stability – it can be quantified so that prudent limits can be set. Setting that level of risk appetite is a key role for the Board as a whole.

The UK Corporate Governance Code requires that ‘the Board should satisfy itself that appropriate systems are in place to identify, evaluate and manage the significant risks faced by the organisation’. The Board should carry out a review of the effectiveness of risk management systems in the organisation. The work of the audit committee helps to inform this, but it must always be remembered that ‘the buck stops’ with the Board.

An internal control system must be effective in preventing losses arising from risk events, identifying risk events and taking corrective action when they occur. An internal control system is concerned with managing business risks which are largely internal to the organisation. Controls will include the policies, processes, procedures, methods, measures, tasks and behaviours to ensure that operational activities progress effectively. It is designed to provide assurance on the achievement of objectives as follows:

  • Effectiveness and efficiency of operations
  • Reliability of financial reporting
  • Compliance with applicable laws and regulations

Internal controls can be classified into 3 main types:

Preventive controls – intended to prevent an adverse risk event from occurring, e.g. fraud by employees

Detective controls – for detecting risk events when they occur, so that an appropriate person is alerted and corrective action can be taken

Corrective controls – measures for dealing with the consequences of risk events that have occurred.

The various sources of assurance make up what is known as the ‘three lines of defence’:

First line: management assurance from frontline or operational areas;

Second line: oversight of management activity, separate from those responsible for delivery (but still part of management chain);

Third line: independent and objective assurances from internal audit and external bodies.

Together these assurances make up the Assurance Framework.

“The Assurance Framework is the ‘lens’ through which the Board examines the assurances it requires to discharge its duties. The key question Board members need to ask is ‘How do we know what we know?’ The Assurance Framework should provide the answer.” (NHS Audit Committee Handbook 2011).

The role of ‘internal audit’ in assisting the committee

‘Internal audit’s role is to enhance and protect organisational value by providing risk-based and objective assurance, advice and insight’–  Institute of Internal Auditors.

The role of internal audit is to provide independent assurance that an organisation’s risk management, governance and internal control processes are operating effectively. Unlike external auditors, they look beyond financial risks and statements to consider wider issues, such as operational effectiveness, the organisation’s reputation, growth prospects, impact on the environment, dealings with employees and compliance with regulations. The internal audit function can be performed by directly employed staff (with appropriate reporting lines), or alternatively the function can be outsourced to a specialist firm. The scale and frequency of activities really depends on the complexity of the organisation. A properly resourced internal audit function can provide management with valuable objective assurance and advice on risk management and controls. The data and reports produced by internal audit will be valuable data to feed into the audit committee meetings, particularly where they highlight trends or recurring problems which the committee may need to probe more deeply.

In part 2, we will consider the composition of the Audit Committee, how it can manage its business effectively and the qualities to look for in effective members.

Mark Johnson is an experienced solicitor & chartered company secretary supporting businesses, charities, social enterprises & academy trusts on governance, compliance & legal affairs. He also serves as an audit committee member for a leading multi-academy trust. Please get in touch