Delivering quality - The responsible firm

As a firm, we have a responsibility to our clients, our people, our regulators and to the communities in which we live and work. This is reflected in our approach to quality.

For our clients, the need for high-quality services and solutions is paramount. Added to this, we recognise that robust corporate governance is vital for effective capital flows and for building confidence and trust in the markets from companies, Government, investors and consumers. The need for the highest levels of quality assurance has never been greater.

All of our services are built on our reputation for quality and our ability to deliver high-quality solutions to complex clients and markets. Our robust policies, procedures and methodologies are then complemented by strong quality controls, a challenging programme of review and risk monitoring, as well as our primary asset: the quality of our people, and the reputation built on that. These are underpinned by a strongly consultative culture.

Our focus on quality is reflected in the level of attention and commitment given by our most senior partners. Our Senior Partner and Chief Executive, John Connolly, recognises the critical importance of quality to our clients, our regulators and our people and sees this as a personal priority. In addition, he has appointed senior members of our Executive to take responsibility for our quality and risk management agendas.

Vassi Naidoo is our Managing Partner, Quality and has responsibility for our overall Quality Agenda. This has three strands: clients, infrastructure and people. Vassi looks at all elements of our practice to ensure we are upholding and delivering the very highest quality standards across these three strands, all of which ultimately have to be delivered through the attitudes and behaviours of our people.

We use a variety of processes, tools and approaches to ensure our people have the skills and attitudes to uphold our quality standards. The Deloitte Code provides guidance for our people about the specific standards of behaviour we expect throughout the organisation.

• Honesty and integrity – we act with honesty and integrity
• Professional behaviour – we operate within the letter and the spirit of applicable laws
• Competence – we bring appropriate skills and capabilities to every client assignment
• Objectivity – we are objective in forming our professional opinions and the advice we give
• Confidentiality – we respect the confidentiality of information
• Fair business practices – we are committed to fair business practices
• Responsibility to society – we recognise and respect the impact we have on the world around us
• Respect and fair treatment – we treat all our colleagues with respect, courtesy and fairness
• Accountability and decision making – we lead by example, using our shared values as our foundation.

In addition, our people undertake a set of compulsory training courses to ensure they have the knowledge and skills required within the framework of our competency and performance management model. All of our partners and people are supported in their quality, compliance, risk management and anti-money laundering obligations by appropriate technical and other training programmes. Our online independence and ethics learning programme is undertaken by everyone in the firm, using real-life examples to translate independence and ethical questions into practical actions. Additionally, our telephone helplines allow our people to request information, ask questions or report issues confidentially to senior members of the Practice Protection Group.

We also provide people with a set of internal processes and tools that help ensure they meet our independence and compliance responsibilities. Our engagement compliance and client database systems are all internally developed and comprise cutting edge solutions to the complexity of regulatory requirements; the tools are designed to be intuitive to use while facilitating compliance, reporting and monitoring. We assess whether potential new engagements are consistent with maintaining independence and managing any potential conflicts of interest. We also monitor partner and staff investments to ensure we safeguard the independence and objectivity of Deloitte, our people and our engagement teams.

Vassi Naidoo summarises: “Over the past year, we have continued to improve a number of our processes and working practices that are integral to our business strategy. By gaining feedback from our clients through independent client service assessments and from our people through our annual commitment survey, we have taken actions to enhance the value of the services we deliver and address any concerns raised. We remain committed to ensuring the highest quality in our professional work and in all we do.”

Gerry Paisley, Managing Partner Practice Protection, is responsible for the oversight of the firm’s ethics, compliance and risk management processes. Alongside the Senior Partner and the Board he works with our National Compliance, Independence and Ethics partner to set the strategy and priorities for our ethics and compliance programme.

We have well-established systems and procedures to help safeguard the objectivity of our people and the firm, to avoid conflicts of interest and to comply with ethical and other applicable standards. The release of revised ethical standards this year has added to the complexity of these considerations, requiring a constant balance between the straightforward approach outlined in the Deloitte Code and the increasing levels of regulation and professional requirements in this area.

Gerry Paisley comments: “We take our regulatory obligations extremely seriously, and adopt an approach that whole-heartedly embraces the spirit as well as the letter of regulation. We are confident that they are demonstrated through the tone set by the leaders of our practice and the behaviour and actions of our people.”

Our Practice Protection Group comprises regulatory compliance, risk management, anti-money laundering, information security, and internal audit specialists, providing an all-round function to support the management of quality and risk. The team provides practical support and advice to our client-serving professionals. In addition, it establishes and promulgates firmwide quality, risk management and compliance strategy and policy; manages claims and insurance; and drives compliance with regulatory requirements in relation to all of the firm’s business activities, including interaction with regulators. The Audit Inspection Unit of the Financial Reporting Council’s Professional Oversight Board conducts an annual review of our firm-wide procedures and our audits of public interest entities. The most recently completed review covered the year from April 2007 to March 2008.

The group also leads our approach to information and security, a topical issue and one that we have been alert to for many years. The importance of maintaining confidentiality around client and other information is continually emphasised – and our approach to encryption, ethical walls, clear desk policy and secure storage devices all underpin this commitment. Our policies require all confidential information held on firm laptops to be encrypted, while our people are expected to take the utmost care with such information, whether in hard copy or electronic form. We have supported this through significant investment in a new document management system to refine our working practices.

Our quality and risk framework is embedded in all parts of our business. The framework brings a rigorous approach across all of our service offerings in areas such as client and engagement acceptance, partner portfolios, engagement risk, and assessment of existing and new service offerings. Its primary purpose is to underpin our commitment to quality, integrity and ethical behaviour throughout our business, whilst establishing that the responsibility for quality sits with those who deliver service to our clients. Engagement partners remain fully responsible for the quality of the services they provide. Where those services are regulated, they are conducted by persons who are individually authorised by the appropriate regulatory body. They, in turn, are supported by a partner in each of the service lines who assumes responsibility for the reporting and oversight of quality and risk management issues and who are senior members of each service line’s management team.

As a leading auditor of UK public interest entities, we have also published our annual Transparency Report. This report, which is available from our website, gives more information on our firm and our approach to delivering audit quality, including our structure and governance, independence procedures and practices and our systems of quality control.

The business environment remains complex and regular evaluation of emerging and changing risk is essential. We have a process in place to identify and manage issues through our business risk framework. This focuses on the key risks that could have a material impact on the realisation of our strategy and are evaluated in the light of their potential impact on our people, our infrastructure and our markets. Each identified risk is owned by a senior partner responsible for coordinating mitigating activities and monitoring warning indicators.