Internal Controls
The Turnbull Guidance sets out best practice on internal control for UK-listed companies. It allows companies to assess the application of the principles of the Combined Code on Corporate Governance and its compliance with the underlying provisions with regard to internal control.
The Group’s systems of internal control are designed and implemented to support the identification, evaluation and management of risks affecting the Group, including the ones related to the financial reporting process, the preparation of consolidated accounts, and the business environment in which the Group operates. The systems of internal control are subject to continuous review as circumstances change and new risks emerge.
Features of the systems of internal control include:
- The risk management system.
- Documented policies and procedures within the Group’s businesses.
- Clearly defined lines of accountability.
- An annual review of key internal controls.
- Minimising operating risk by using appropriate infrastructure, controls, systems and people throughout the businesses.
The key policies employed in managing operating risk involve the segregation of duties, transaction authorisation, monitoring, financial, managerial and comprehensive reporting and analysis against approved standards and budgets.
Group Treasury function manages exposure to counter-party risk, liquidity risk and currency transaction risks, and coordinates the activities of Group companies in this area. The treasury policies, risk limits and monitoring procedures are reviewed regularly by the Audit Committee on behalf of the Board.
Group Tax function manages risks associated with tax compliance, tax reporting, transfer pricing and tax planning. It monitors tax risk and implements strategies and procedures to control it.
Assurance on compliance with systems of internal control and their effectiveness is obtained through:
- Regular management reviews.
- Annual testing of key internal controls.
- Internal audit reviews.
- Testing of certain aspects of the internal financial control systems by the external auditors during the course of their statutory examinations with regular reports to the Audit Committee by the external auditors.
The Audit Committee considers the results of the reviews to confirm that controls are functioning. Any material breakdowns and remedial actions are reported to the Board of Directors.
The main features of the Group’s systems of risk management and internal control in relation to financial reporting, other than the general principles referred to above, are:
- Control environment – communication of key principles and policies, delegation of authority and reports on compliance.
- Risk management – identification of key financial risks and appropriate responses.
- Control activities – a range of preventative and detective controls to minimise errors.
- Monitoring – ongoing monitoring of the above.
The systems of risk management and internal control are designed to manage, rather than eliminate, the risk of failure to achieve business objectives. They can provide reasonable, but not absolute, assurance against material misstatement or loss. In reviewing these, the Board has taken into account the results of all the work carried out by internal and external auditors.