The Turnbull Guidance recommends internal control practices for UK listed companies to assist them in assessing the application of the Code’s principles and compliance with the Code’s provisions with regard to internal control.
The group’s systems of internal control are designed and operated to support the identification, evaluation and management of risks affecting the group. These include controls in relation to the financial reporting process and the preparation of consolidated accounts, but extend across all areas of operations. They are subject to continuous review as circumstances change and new risks emerge.
Key features of the systems of internal control are:
- the risk management system;
- written policies and procedures within our businesses, which are detailed in policy manuals;
- clearly defined lines of accountability and delegations of authority;
- management of operating risk by using appropriate infrastructure, controls, systems and people throughout the businesses;
- business continuity planning, including preventative and contingency measures, back-up capabilities and the purchase of insurance;
- maintenance of a state of preparedness for compliance with s404 of the US Sarbanes-Oxley Act through the identification and testing of key financial controls under its Internal Financial Control (IFC) programme. This is a voluntary initiative, and has led to a further strengthening of internal control systems and processes within the group;
- key policies employed in managing financial and operating risk involve segregation of duties, transaction authorisation, monitoring, financial and managerial review and comprehensive reporting and analysis against approved standards and budgets;
- a treasury operating framework which establishes policies and manages liquidity and financial risks, including foreign exchange, interest rate and counterparty exposures, and incorporates group and regional treasury committees that monitor these activities and compliance with the policies. Treasury policies, risk limits and monitoring procedures are reviewed regularly by the audit committee on behalf of the board; and
- a group tax policy and tax operating framework which forms the basis of tax governance across the group and is managed by the group tax function which monitors tax risk and implements strategies and procedures to control it.
Assurance on compliance with systems of internal control and on their effectiveness is obtained through regular management reviews, reviews of key financial controls, internal audit reviews and quality assurance, testing of certain aspects of the internal financial control systems by the external auditors during the course of their statutory examinations and regular reports to the audit committee by the internal and external auditors. The group’s divisional finance, control and assurance committees consider the results of these reviews to confirm that controls are functioning and to ensure that any material breakdowns and remedial actions have been reported to the appropriate boards of directors. In relation to the group’s associated undertakings or joint ventures, these matters are reviewed at the level of the associates’ or joint ventures’ boards or other governing committees.
At the half year and at the year end the members of regional and country business executive committees, each of our functional directors (corporate affairs;corporate finance and development; legal; marketing and supply chain and human resources), each of the direct reports to the Chief Financial Officer (finance and control; global template design authority; information technology; internal audit; tax; and treasury), and the group head of strategy and planning are required to submit to the Company Secretary on behalf of the board formal letters of representation on compliance with internal controls and key policies, including notification of continuing or potential significant legal, regulatory, environmental and other exposures.
These letters form the subject of reports to the audit committee, and cover all subsidiary companies, as well as MillerCoors LLC and Tsogo Sun Holdings Limited which submit tailored letters of representation. Executive directors and executive committee members sit on the boards of major associated companies. Directors and members of the executive committee also make annual written declarations of interests and are obliged to report without delay any potential or actual conflicts of interest which may arise.
The directors are responsible for the group’s systems of internal control and for reviewing their effectiveness annually.