We expect companies to be transparent and to provide information to their customers and stakeholders that enables them to understand how the company is performing. And we expect companies to have processes in place to ensure that this information can be trusted. We also need companies to provide specific information that can be compared across companies, allowing us all to evaluate company’s performance against each other.
Ensuring information can be trusted
As a regulator, our role is to ensure that this information can be trusted. If we do not have confidence in the information companies provide about their performance, we will step in to protect customers.
We use our company monitoring framework to provoke and challenge all water and wastewater companies to publish information that can be trusted. This applies to
- service providers who have an annual turnover of at least £6.5 million
- information that we require them to publish or report to us where our information requirements were set out:
- after 1 April 2015, and
- where we have provided adequate notice in advance of when we asked for the information to be published or reported
The company monitoring framework describes three categories of assurance. Companies are assigned to a category, depending on the integrity of the information they have provided to us previously. The categories are:
- self assurance
- targeted assurance
- prescriptive assurance
Initially we assigned companies using an assessment of historic performance against a number of criteria. We placed most weight on the information companies provided as part of the 2014 price review. We assess each company annually and confirm their assurance category.
Where a company demonstrates that it is able to provide appropriate assurance, we will reduce the level of prescription on the process it must carry out in deciding on how it provides assurance. If a company provides information in a way that reduces the trust and confidence customers can place in it, we will step in to increase the prescription in order to protect customers.
The company monitoring framework is part of our overall approach for monitoring and assuring delivery by companies of the services that customers and wider society expect.
|Self assurance||Apart from minimum requirements that apply to all companies, these companies have discretion to deliver self assurance for any extra assurance arrangements they have in place to put in place to give stakeholders the confidence that information they publish is accurate and reliable. Alongside each set of information they provide, the Boards of these water companies must provide:
– explicit sign off of the assurance that they are providing to give stakeholders the confidence that information they publish is accurate and reliable
– full transparency on the audit procedures
– a summary of the outcome of the assurance that their company have carried out
|Targeted assurance||Companies which have not consistently met the high standards that customers and other stakeholders expect in all areas, will be subject to targeted prescriptive assurance requirements, to ensure that the assurance arrangements they put in place are sufficient to protect customers. Companies, in conversation with their stakeholders, are best placed to identify the risks, strengths and weaknesses in providing the quality of information that stakeholders want and will trust. In addition to meeting the requirements for the self-assurance category, companies in the targeted category are required to:
– carry out an exercise with stakeholders to target issues to address
– publish a statement on this in the autumn of each year in advance of submitting information.
For issues a company targets they are required to publish draft assurance plans and speak with and listen to stakeholders before confirming final plans. But only in these targeted areas.
|Prescribed assurance||Where companies have not provided us with sufficient confidence about their ability to deliver, monitor and report performance, then we will prescribe assurance requirements for all the information that we have asked them to publish. We do this to protect customers.
In addition to meeting the requirements of self-assurance and targeted categories, companies in the prescribed category are required to publish their assurance plans for all information in advance of reporting. This is so that stakeholders (including us) can gain confidence and if necessary provide comments or guidance that the company would need to respond to.
The risks, strengths and weaknesses exercise that a prescribed company carries out with stakeholders will highlight the areas of reporting that have the most significance or are of greatest risk to customers. For these areas the company will need to incorporate independent external assurance as part of its assurance plans.