The Board has overall responsibility for the Company's system of internal control and reviewing its effectiveness, whilst the role of management is to implement Board policies on risk and control. The system of internal control is designed to manage rather than eliminate the risk of failure to achieve business objectives. In pursuing these objectives, internal controls can only provide reasonable and not absolute assurance against material misstatement or loss. There is a continuous process for identifying, evaluating and managing the significant risks faced by the Company which is in accordance with the guidance set out in The Turnbull Committee Report and has been in place for the year under review and up to the date of approval of the annual report and accounts.
This process, which is regularly reviewed by the Board, is as follows:
- the Group's management operates a risk management process which identifies the key risks facing the business and reports to the Audit and Risk Committee and the Board on how those risks are being managed. This is based on a risk register produced by executive management which identifies those key risks, the probability of those risks occurring, their impact if they do occur and the actions being taken to manage those risks to the desired level. This risk register is discussed at the Audit and Risk Committee and Board meetings on a regular basis and regular monitoring reports are presented to the Board. The management of these risks is monitored by the internal audit function;
- large acquisitions and capital projects require Board approval; and
- there is regular communication between management and the Board on matters relating to risk and control.
The Board has established a strong control framework within which the Group operates. This contains the following key elements:
- organisational structure with clearly defined lines of responsibility, delegation of authority and reporting requirements;
- defined expenditure and contract authorisation levels;
- on-site, video and teleconferencing reviews of operations, covering all aspects of each business, are conducted by Group executive management on a regular basis throughout the year;
- the financial reporting and information systems which comprise: a comprehensive annual budget which is approved by the Board; weekly reports of key operating information; cash flow and capital expenditure reporting; monthly results and forward performance indicators which are measured against the annual budget and the prior year's results. Significant variances are reviewed by the Board and executive management and action is taken as appropriate. The forecast for the year is revised when necessary;
- Group tax and treasury functions are coordinated centrally.
- There is weekly cash and treasury reporting to Group management and periodic reporting to the Board on the Group's tax and treasury positions; and
- internal audits are performed by Group's internal audit function.