Category: Best practices

New Requirement for Quoted Companies in Poland


A new provision in the Act on Public Offers (Ustawy o Ofercie Publicznej) has introduced a new obligation on Polish PIEs to prepare an annual report on the remuneration of the management board and supervisory board and to submit this report to the auditor’s assessment.

Art. 90g of the Act on Public Offering, Conditions Governing the Introduction of Financial Instruments to Organized Trading, and Public Companies” introduces the new Remuneration Report. The supervisory board of a public company must prepare a report on the remuneration of the management board and the supervisory board each year. The scope of the report is specified in the provision cited above. The report has to be “assessed” by a statutory auditor to ensure that the information it contains is accurate and complete.

The first such annual Remuneration Report will be prepared jointly for the years 2019-2020 and the audits of them will be carried out for the first time in 2021.

The Remuneration Report will be prepared separately from the financial statements and the company’s annual report, and its “assessment” will be classified technically as “an assurance service, other than an audit of the financial statements”, and considered by the Regulator as part of the auditing business of a licensed firm. Only registered auditors and their companies licensed to audit Public Interest Entities should be engaged to perform these assurance services.  The purpose of the auditor’s assessment is to confirm that the remuneration report contains all the elements required by law. Responsibility for the substantive correctness of the information indicated in the remuneration report rests solely with the members of the company’s supervisory board, and the auditor should be independent to the entity. It may indeed be the same auditor which carries out the audit of the Financial Statements, according to Art. 136 paragraph. 1 of the Act on Statutory Auditors, therefore in most cases it will be the same auditor which you already have.

The above has been confirmed by the Financial Market Development Department at the Ministry of Finance in response to a query by the Chamber of Auditors in Poland (PIBR).

Should you be in a situation where your financial statements auditor is reluctant to carry out this review, they are not obliged to as it is separate to the existing contracts in place currently. You may prefer, for the sake of good corporate governance, to engage a smaller Firm which is able to carry out PIE audits for this task. Please contact us and we will assist you to a good offer from a reputable Firm for the audit, or alternatively if you would like help with the report itself, this ca also be done with Quoracy Consulting and our partners.

For further help, please use the contact form below.  It emails direct to me at the audit firm Grupa Strategia, which has been developing a competence in this area in anticipation of the changes.

Upcoming changes to what Supervisory Boards in Poland can and cannot do.


The Ministry of State Assets has prepared a draft amendment to the Code of Commercial Companies. The project is currently at the stage of public consultations, which will last until September 19, 2020. The changes include introducing regulations to the holding law, but also strengthening the role of the Supervisory Board.

The most important changes are:

  • The Supervisory Board has the right to request from members of the management board, liquidators, proxies, employees of the company (including those employed under civil law contracts) to prepare or submit any information, documents, reports or explanations needed for supervision over the company. The completion date is set at max. 2 weeks with the possibility of its extension by the Supervisory Board.

  • introduces the obligation to inform the key statutory auditor about the meetings of the Supervisory Board, the subject of which are issues discussed before the AGM and the obligation for the statutory auditor to participate in such meetings.

  • The Supervisory Board will be able to appoint an advisor to the Supervisory Board to investigate, at the company’s expense, a specific issue related to the company’s operations or its financial standing.

  • the principle of open voting of the Supervisory Board is introduced, with the possibility of a different regulation in the statute or the SB regulations.

  • meetings of the Supervisory Board will have to be convened at least once a quarter (currently three times a year).

  • the draft explicitly provides for the possibility of appointing Supervisory Board committees. Until now, the provisions did not regulate this issue, with the exception of obligatory committees (eg the Audit Committee).

  • the role of the chairman in organizing the work of the Supervisory Board was underlined. The statutory requirements for convening Supervisory Board meetings were made more precise.
    Invitations will need to contain the information we already provide (date, time and place of the meeting and the proposed agenda
    the meeting) and the way of using means of distance communication when holding the meeting. The minimum notice period will be specified in the statutes.

  • it is proposed to clarify the issue of liability of Supervisory Board members. The draft stipulates that a member of the Supervisory Board should, in the performance of his duties, exercise due diligence resulting from the professional nature of his activity and be loyal to the company. The obligation to keep the company’s secrets will also apply after the mandate has expired.
    At the same time, it is proposed to add a provision according to which: “A member of the management board, supervisory board, audit committee and liquidator does not violate the obligation to exercise due diligence if acting loyally to the company, he acts within the limits of justified economic risk, including on the basis of information, analyzes and opinions which, in the circumstances, should be taken into account when making a careful assessment. “

Information courtesy of chudzik.pl, in my opinion an excellent law firm, based in Lodz, for corporate legal and CoSec issues in Poland at the highest level.

From myself, I would just add that this is what is already in place in most advanced economies, and that there is nothing unhelpful, for once, in this draft legislation.

What is “gravitas” and how does one develop it?


I think that “gravitas” means really the opposite of being a visibly light-hearted, humorous and happy-go-lucky person. Therefore you have to be able to switch the level of gravitas on and off, that’s the tricky bit. There are people who get noted for being able to make people laugh and sometimes, if they are not carefully, they become regarded as “clowns” who are not really to be taken seriously. On the other hand, too much of the opposite will mean you are seen as someone with gravitas, but maybe not someone with a great sense of humour, which could create distance in situations where you don’t want it.

A certain dignity in not being too open about one’s personal life is probably good – familiarity can breed contempt, and making sure that your use of humour is aimed at quality rather than quantity will do a lot to enable you to come off as someone with gravitas. Other than that it is something which grows with age, experience and the ability to show a certain classic style of speech, choice of language, dress and posture. But you can’t stand on your dignity the whole time. If you make a mistake and people laugh at you, better join in the joke rather than get offended or that will undermine gravitas quicker than anything else.

Certainly a serious demeanour going hand in hand with a genuine reputation for being ethical and having a flawless integrity, these are things which many of us aspire to and should aspire to. For many successful people, this is what they tend to have in common and for many this is what they will sum up as “gravitas”.

A former boss of mine suggested that I increase my level of gravitas in order to get on, he did not say how I should go about it, but I think to a degree I did it anyway. Now I am pleased to say I can still make people laugh, but I can just as easily get them to take an issue seriously. That’s what I wanted to achieve and that’s a target I recommend people to aim for whenever I hear them talking about gravitas.

What should the relationship of internal and external audit look like?


Not every organisation has both an external audit and internal audit. In some jurisdictions you can get companies that have internal audit but no external audit, while in most countries you get quite a prevalent external audit with far less incidence of internal audits. Russia is a prime example of the latter case.

External audits done under ISAs are supposed to plan and carry out work in order to have a reasonable expectation of detecting fraud and other irregularities, and certainly the expectation of users has traditionally been that external auditors are responsible for finding fraud.

I work both as external auditor and I also carry out internal audits for clients who don’t have their own departments or who do but still need to be beefed up locally by brought-in experts. Therefore I have no particular axe to grind, but I will say this – a lot seems to be expected of external auditors with relation to fraud without giving them the tools necessary to find instances of fraud.

Internal audit departments can, within reason (they cannot supercede data protection law or labour law, etc, or contravene people’s basic human rights when monitoring them) have whatever tools they like if they are within budget. I can just imagine what my clients would think if I as an external would start installing cameras, GPS trackers on company vehicles, doing spot checks for alcohol, lifestyle checks on managers, and all the other things that internals can do. And yet if you take the standards literally I have to do a job not far off that of a policeman as an external auditor.

All we are usually given as external auditors is a couple of generic questionnaires which we try to go through with the client’s management adapting it to the specifics of their business, then we have the duty and hopefully also the ability to map out and analyse the systems of the client, including the controls and to perform walk-through tests and seek to identify key controls. The way an external auditor assesses a key control and the way an internal auditor assesses a key control are also different in a number of ways, and how we define a key control for our respective purposes differs, and then the timing and frequency of checks on that control will differ. Many people who have worked only in external audit won’t know how or why they differ and therefore their ability to get the best from internal if it is even there will be in many cases limited.

Actually most of the fraud questionnaires in use are a good start because they are based in fact on the fraud triangle originally talked about by notable criminologist Donald Cressey back in the 1960s and 70s. This is the triangle of means, motivation and rationalisation or self-justification. It is based on the idea that if a person hasn’t got the opportunity to get around the system, doesn’t really need to and thinks it would be wrong to, then the chances of that person committing fraud are extremely remote. If on the other hand a person thinks that they know how to get away with it, need the money and also think they deserve to do it, then the fraudulent activity by that person is virtually certain. Various permutations of this give varying degrees of likelihood of fraud. The questions in fraud questionnaires would be good at helping to build a “fraud triangle” exercise in a given context, but only as long as the person doing it knows what they are doing both in theory and in practice. Often it is given to quite junior people to carry out and also very often in assessing audits I have seen that the answers don’t necessarily carry through to specific tests relevant to those answers, but instead increase general risk meaning that there is a likelihood that the sample sizes for other detailed substantive tests (by the way the weakest set of tests for detecting fraud) will be higher. And sometimes you are lucky to even get that much of a response.

Externals go on to make their control tests if they do recognise a key control (and on a worldwide scale I would hazard a guess that tests of controls are still done on only a small minority of audits, with most defaulting to the substantive route based really on lack of time or confidence with control work by the external audit team) and also the other big weapon they have in the arsenal is substantive analytical review. But SAR is only as good as the in-depth knowledge of the branch or business, so externals – especially those which are not branch specific as some Big Four externals are – don’t really have the sector knowledge that the internal audit team have and so their chance of noticing something that doesn’t stack up as they go through their analyses of ratios, or building of expectations and confronting to reality is not as good as that of the internal in many cases.

And then auditors finish every section by mopping up whatever needed assurance they could not derive from the earlier procedures by other substantive procedures based if done properly on a statistical sample, which is designed to get them from the assurance they got from less time-consuming procedures through to within their tolerable error (a function of risk and materiality from their perspective, which again differs from the internal auditor’s perspective which may not even be couched in money figures but in non-monetary terms). However the chances of getting at fraud looking through sampled accounting documents is miniscule, and here many external auditors do the bulk of their work.

So naturally if there is an internal audit team, an enlightened external auditor should be ver anxious to understand how they decided their work plan, what they did, and how many key controls have been checked thoroughly and how many risks are still open. If they want to give the organisation real value for money they will design tests that supplement, rather than duplicate the work of internal auditors.

Internal auditors will encourage this – they too will want to see that the organisation’s budget for external audit work goes on procedures that help to improve the risk heat map and the overall picture for the organisation. This call only be done when each side understands the other and “speaks their language”. Many internals have worked as external but not many are continually doing both types and therefore able to think through an assurance issue from both perspectives.