Governance Report
Volution Group plc Annual Report 2022
98
Internal control environment continued
BDO has continued to act in the capacity of internal auditor.
The Committee agrees the BDO internal audit plan prior to
the commencement of the new financial year. The plan was
designed to ensure that there was appropriate coverage of the
internal control environment, strategic priorities and key risks
identified by the Board in its annual risk management process.
At regular Committee meetings, BDO gives an update on the
progress of the internal audit plan, which is reviewed to ensure
that it is in line with the Committee’s expectations. Ongoing
government restrictions in the UK and some of the overseas
jurisdictions caused by the Covid-19 pandemic led to some of
theinternal audit work being undertaken using video and audio
calls rather than in-person audit meetings in the early part of
2022, but in-person review work has now been resumed.
Other than the requirement to improve the segregation of duties
and similar controls in newly acquired businesses, there were
nosubstantive or high-risk matters identified and reported to
theCommittee by BDO during the financial year.
Risk management
As outlined above, the Group has a risk management process
that follows a sequence of risk identification and assessment
of probability and impact, and assigns an owner to manage
mitigation activities at the operational level. Each business
unit operates a process to ensure that key risks are identified,
evaluated, managed and reviewed appropriately. This process
is also applied at Board level to major business decisions such
as acquisitions. The business unit risk registers form the basis
for the Group Risk Register, which is maintained for all corporate
risks and is monitored by senior management and reviewed by
the Committee. During the year, the Group Risk Register and
the methodology applied were the subject of review by senior
management and updated to reflect new and developing areas
which might impact business strategy. The Committee reviews
the Group Risk Register at least twice a year and assesses the
actions being taken by senior management to monitor and
mitigate the risks.
The Group’s principal risks and uncertainties, the areas which
they impact and how they are mitigated are described on
pages 62 to 71.
Review of effectiveness
Provision 29 of the 2018 Code states that the Board should monitor
the Company’s risk management and internal control systems and,
at least annually, carry out a review of their effectiveness.
The Committee receives an annual report on the performance
of the system of internal control, and on its effectiveness in
managing risks and in identifying control failings or weaknesses.
The Committee has reviewed the Group’s risk management
process and the effectiveness of the Group’s risk management
and internal control systems for the period from 1 August 2021 to
the date of this report. Taking into account the matters set out on
pages 62 to 71 relating to principal risks and uncertainties and the
internal audit reports from BDO, the Board, with the advice of the
Committee, is satisfied that the Group has in place effective risk
management and internal control systems.
Code of Conduct, anti-bribery and whistleblowing
The Group is committed to providing a safe and confidential
avenue for all employees across the Group to raise concerns
about serious wrongdoings. The Group also acknowledges the
requirements of the 2018 Code in this area, which states that the
Committee should review arrangements by which employees
across the Group may, in confidence, raise concerns about
possible improprieties in matters of financial reporting or other
matters and ensure that these concerns are investigated and
escalated as appropriate.
The Company has a Group-wide Code of Conduct, an Anti-Bribery
and Corruption Policy and a Policy on Corporate Criminal
Offences. These policies set out clearly the Group’s values and
the importance that is placed on honest, ethical and lawful
conduct in all business dealings. The Code of Conduct also sets
out the Group’s policy on anti-slavery and human trafficking, in
accordance with the Modern Slavery Act 2015. Group employees,
agents and suppliers are asked, where relevant, to confirm that
they do and will continue to comply with these policies. A gifts
and hospitality register is operated by each business unit to
ensure transparency where items are over a certain monetary
threshold. In addition, all employees who are considered the
most likely to be exposed to bribery and corruption are given
web-based anti-bribery and corruption training.
The Committee has reviewed the arrangements by which
employees are able to raise, in confidence, any concerns they
may have about possible wrongdoing or dishonest or unethical
behaviour, such as bribery, corruption, fraud, dishonesty and
illegal practices. An external independent whistleblowing
provider provides a confidential web-based and telephone
facility which has been communicated across the Group,
branded as “Speak Up”, to ensure awareness. The Code of
Conduct protects anyone who comes forward to make a
disclosure under the Whistleblowing Policy. When a disclosure
is made, the Company Secretary reports the matter to the
Committee chair and initiates an investigation to include all
necessary parties. A report on the investigation is submitted
to the Committee and appropriate steps are taken to ensure
that any matters relating to any disclosures have been resolved
satisfactorily. The Committee also has the power to conduct
further enquiries itself or any other additional actions it sees fit.
There were no reports brought to the attention of the Committee
for investigation during the year.
Committee performance evaluation
During the year, the Board conducted a formal externally
facilitated evaluation of the performance of the Board, its
Committees, the Directors and the Chairman. Further details
can be found in the Governance Report on pages 84 and 85.
This process concluded that the Committee had fulfilled its
role effectively and did not identify any significant development
points requiring action.
Audit Committee Report continued