The FRC Guidance recommends internal control practices for UK listed companies to assist them in assessing the application of the Code’s principles and compliance with the Code’s provisions with regard to internal control.
Our systems of internal control are designed and operated to support the identification, evaluation and management of risks affecting the group. These include controls in relation to the financial reporting process and the preparation of consolidated accounts, but extend across all areas of operations. They are subject to continuous review as circumstances change and new risks emerge.
Key features of the systems of internal control are:
- the risk management system described here;
- written policies and procedures within our businesses;
- clearly defined lines of accountability and delegations of authority;
- management of operating risk by using appropriate infrastructure, controls, systems and people throughout the businesses;
- business continuity planning, including preventative and contingency measures, back-up capabilities and the purchase of insurance;
- maintenance of a state of preparedness towards compliance with Section 404 of the US Sarbanes-Oxley Act through the identification and testing of key financial controls under its Internal Financial Control (IFC) programme. This is a voluntary initiative, which strengthens internal control systems and processes within the group;
- key policies employed in managing financial and operating risk involve segregation of duties, transaction authorisation, monitoring, financial and managerial review and comprehensive reporting and analysis against approved standards and budgets;
- a treasury operating framework which establishes policies and manages liquidity and financial risks, including foreign exchange, interest rate and counterparty exposures, and incorporates group and regional treasury committees that monitor these activities and compliance with the policies. Treasury policies, risk limits and monitoring procedures are reviewed regularly by the audit committee on behalf of the board; and
a group tax policy and tax operating framework which forms the basis of tax governance across the group and is managed by our group tax function which monitors tax risk and implements strategies and procedures to control it, and which is also reviewed regularly by the audit committee on behalf of the board.
Assurance on compliance with systems of internal control and on their effectiveness is obtained through regular management reviews, reviews of key financial controls, internal audit reviews including business capability programme and other programme assurance, testing of certain aspects of the internal financial control systems by the external auditors during the course of their statutory examinations and regular reports to the audit committee by the internal and external auditors. Our regional finance, control and assurance committees consider the results of these reviews within each region twice a year, together with reports from country audit committees, to confirm that controls are functioning and to ensure that any material breakdowns and remedial actions have been reported to the appropriate boards of directors. In relation to our associated undertakings or joint ventures, these matters are reviewed at the level of the associates’ or joint ventures’ boards or other governing committees.
At the half year and at the year end the members of country and business units, regional and country business executive committees, each of our functional directors (corporate finance and development; legal and corporate affairs; marketing; and supply chain and human resources), each of the direct reports to the Chief Financial Officer (finance and control; global business services; global template design authority; global procurement; information technology; internal audit; tax; treasury; and strategy and planning) are required to submit to the Company Secretary on behalf of the board formal letters of representation on compliance with internal controls and key policies, including notification of continuing or potential significant financial, regulatory, environmental and other exposures. Similar rigorous letter of representation processes operate at country and regional levels within our global business entities.
These letters form the subject of reports to the audit committee, and cover all subsidiary companies, as well as MillerCoors LLC which submits a tailored letter of representation. Executive directors and executive committee members sit on the boards of major associated companies such as CR Snow, Anadolu Efes and Castel. Directors and members of the executive committee also make annual written declarations of interests and are obliged to report without delay any potential or actual conflicts of interest which may arise.
The directors are responsible for the group’s systems of internal control and for reviewing their effectiveness annually.