The Board has overall responsibility for ensuring that the Group maintains a system of internal controls and for reviewing its effectiveness.
The system is not designed to eliminate the risk that the Group’s objectives will not be achieved but to ensure that there is an ongoing process for identifying, evaluating and managing the significant risks. As with any such system, it can only provide reasonable, but not absolute, assurance against material misstatement or loss. The Board has reviewed the effectiveness of the process regularly throughout the year.
The Group’s key procedures are as follows:
Each operating business has its own management group which meets regularly to monitor operational matters. Each operating business is responsible for establishing its own system of internal controls and for ensuring compliance with those controls. The Managing Director of each operating business reports to the Group Chief Executive, and clearly defined lines of responsibility have been established within this organisational structure. The senior finance executive in each operation has a dual responsibility to report within their operation to the Managing Director and to the Group Finance Director. The Executive Directors visit all operations regularly to perform detailed reviews.
Operating business management have a clear responsibility for the identification of risks facing each operation, and for establishing procedures to investigate and monitor such risks. The Board reviews a group register of risks and mitigation on a regular basis as part of its normal Board reporting. The Board also commissions independent reviews of the key risks facing the Group as appropriate. Full details of the Group’s risk management processes are given in the section on Principal risks and uncertainties on page 26 of the 2016 Report and Accounts.
Information and control systems
Provide management with regular and reliable management information. The Group has a comprehensive process of annual budgets, target setting, and detailed monthly reporting. The annual budget of each operating business and the consolidated Group budget are approved by the Board as part of its normal responsibilities. Each operation produces full monthly management accounts, which are consolidated at a Group level. The Executive management team review the performance with the operations’ management. The Board receives copies of the monthly management accounts for each month and the performance of the Group is reviewed in detail at each Board meeting.
The Board has established a framework of controls encompassing procedures applicable to all businesses that are subject to executive review. The Group operates a self-assessment process so that the operating businesses can quantify the extent of their compliance with control objectives. Each separate accounting entity completes an annual self assessment questionnaire which highlights areas where control improvements could be made. The results of these control questionnaires are reviewed with senior management and new controls are implemented as necessary.
The Group operates an internal audit cycle conducted by peer reviews by the Group’s financial controllers. The scope of the reviews to be conducted each year is agreed in advance with the Audit Committee and the formal reports on each review are considered by the Audit Committee. The Audit Committee considers the Group’s internal audit arrangements to provide an acceptable level of review and to be appropriate for the current size of the business.
The Group has a formal whistleblowing procedure which gives employees the opportunity to escalate their concerns, ultimately to the Senior Non-Executive Director. The Group had one incident reported under the Group’s whistleblowing policy in 2015. It has been investigated, appropriately resolved and the progress and outcomes were reported in full to the Board.
There were no incidents in 2016.
Full management accounts for each entity in the Group are consolidated each month and review and analysis is carried out on those results. These consolidated accounts form the basis of reports that are provided to Board members every month.
The Audit Committee and the Board have reviewed the effectiveness of the Group’s internal controls for the period 1 December 2015 up to the date of approval of the 2016 Annual Report and Accounts and have addressed issues as they have been identified.