Internal control and risk management

Internal control and risk management

The Board is responsible for setting the Group’s risk appetite and for ensuring that procedures are in place to oversee the Group’s internal control and risk management systems and for reviewing their effectiveness. Processes are in place across the business to identify, evaluate and manage the Group’s significant risks.

The Board is committed to protecting and enhancing the Group’s interests through the effective management of risk. As a global business operating in 22 countries, we understand that effectively managing risk underpins the successful performance of the Group. The Board has ultimate responsibility for the Group’s systems of risk management and internal control and ensures the Group’s risk processes and systems of internal control are robust and monitored and that they evolve to address changing business conditions and threats. The Board determines the Group’s risk appetite and ensures that the Group’s exposures to risk are appropriate and align to the Group’s strategic levers and priorities. The Board also provides direction and sets the tone on the importance of risk management. The review of financial risk has been delegated to the Group’s Audit Committee.

The Board also has overall responsibility for the effectiveness of the Group’s internal controls framework and is satisfied that the Group maintains an effective system of internal controls in relation to the financial reporting process, and that there were no significant failings or weaknesses in controls during 2024. At each Audit Committee meeting, reports from the internal auditors on internal controls’ effectiveness are considered and challenged. The Committee also performs an annual review of the Group’s internal control processes and remains satisfied that management places a strong focus on closing out internal audit actions and ensuring their timely completion. The Committee has concluded the internal control system to be effective and in accordance with the Guidance on Risk Management, Internal Control and Related Financial and Business Reporting as issued by the FRC (September 2014).