Audit, risk and internal control

Audit

The Company engages external auditors to audit the Group’s annual financial statements.

The Company also has an internal audit function to act as the third line of defence in ensuring the effectiveness of the Company’s system of internal controls.

Risk

The Board is responsible for the effective management of Group risk, including by:

Considering and approving the Group’s risk appetite;
Reviewing the Group’s principal risks and approving the Group’s principal risk register; and
Reviewing the Group’s emerging risks and approving the Group’s emerging risk register.

Please see here for the Group’s management of risk

Internal control

The Company has a system of internal control which is based on a three lines of defence model which is comprised of a number of features as illustrated by the diagram in the next download.

Download our System of internal control

Audit Committee

The Audit Committee is responsible for reviewing the effectiveness of external and internal audit, management of risk and the system of internal control. More information about the Audit Committee can be found on our Committees page.

Corporate Governance

UK & Ireland

Germany

Spain & Portugal

Morocco

Switzerland

UK

North America

Spain

Switzerland

UK

Spain

North America

About us

How we create value

Sustainability

Our targets

Investors

Annual Report 2022

Media

Register for updates

Audit, risk and internal control

Audit

Risk

Internal control

Audit Committee

London

Audit, risk and internal control

Audit

Risk

Internal control

Audit Committee