Audit, risk and internal control
The Company engages external auditors to audit the Group’s annual financial statements.
The Company also has an internal audit function to act as the third line of defence in ensuring the effectiveness of the Company’s system of internal controls.
The Board is responsible for the effective management of Group risk, including by:
- Considering and approving the Group’s risk appetite;
- Reviewing the Group’s principal risks and approving the Group’s principal risk register; and
- Reviewing the Group’s emerging risks and approving the Group’s emerging risk register.
Please see here for the Group’s management of risk
The Company has a system of internal control which is based on a three lines of defence model which is comprised of a number of features as illustrated by the diagram in the next download.
The Audit Committee is responsible for reviewing the effectiveness of external and internal audit, management of risk and the system of internal control. More information about the Audit Committee can be found on our Committees page.