Aviva 2013 Annual Report Download - page 73

Download and view the complete annual report

Please find page 73 of the 2013 Aviva annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 320

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320

Strategic report Governance IFRS Financial statements Other information
Aviva plc
Annual report and accounts 2013
71
Directors’ and Corporate governance report continued
reviewed and comply with the Financial Reporting Council’s
Internal Control: Revised Guidance for Directors.
Risk Management Framework
The Risk Management Framework (RMF) is designed to identify,
measure, manage, monitor and report the significant risks to
the achievement of the Group’s business objectives and is
embedded throughout the Group. The RMF has been in place
for the year under review and up to the date of approval of the
Annual report and accounts. It is codified through risk policies
and business standards which set out the risk strategy, appetite,
framework and minimum requirements for the Group’s
worldwide operations. Further details on procedures for the
management of risks are given in note 58.
Internal controls
Internal controls facilitate effective and efficient business
operations, the development of robust and reliable internal
reporting and compliance with laws and regulations.
A Group Reporting Manual including International Financial
Reporting Standards (IFRS) requirements and a Financial
Reporting Control Framework (FRCF) are in place across the
Group. FRCF relates to the preparation of reliable financial
reporting and preparation of local and consolidated financial
statements in accordance with IFRS and with the requirements
of the Sarbanes-Oxley Act of 2002. The FRCF process follows
a risk-based approach, with management identification,
assessment (documentation and testing), remediation (as
required), reporting and certification over key financial
reporting-related controls. Management regularly undertakes
quality assurance procedures over the application of the FRCF
process and FRCF controls.
The Board has delegated to the Group CEO the day-to-day
management of the Company and approval of specific issues up
to set financial limits, including limits on revenue and capital
expenditure, reinsurance spend and the settlement of claims. In
turn the Group CEO has delegated some of his authority to his
direct reports. There is a similar delegated authority framework
in place throughout the Group.
First line
Management are responsible for the application of the RMF, for
implementing and monitoring the operation of the system of
internal control and for providing assurance to the Audit
Committee, the Risk Committee, the Governance Committee
and the Board.
The Group Executive members and each business unit Chief
Executive Officer are responsible for the implementation of
Group strategies, plans and policies, the monitoring of
operational and financial performance, the assessment and
control of financial, business and operational risks and the
maintenance and ongoing development of a robust control
framework and environment in their areas of responsibility.
The CFO has established the Asset Liability Committee
(ALCO) which assists him in discharging his responsibilities in
relation to management of the Group’s balance sheet within
risk appetite and to provide financial risk management
oversight. This includes recommending financial and insurance
risk appetites and limit frameworks, evaluating the asset and
liability impact of strategies and business plans, financial risk
oversight, monitoring and management of the Group’s capital
and liquidity position, transaction risk oversight, stress and
scenario testing, and identification of emerging financial risks.
The Disclosure Committee is chaired by the CFO and reports
to the Audit Committee. It oversees the design and
effectiveness of the Group’s disclosure controls, for both
financial and non-financial information, evaluates the Group’s
disclosure controls and reviews and endorses the Group’s key
periodic external reports, including the consolidated financial
statements. The results of the FRCF process are signed off by
business unit Chief Executive Officers and Chief Financial
Officers and compliance with the FRCF is reported to the
Disclosure Committee and the Audit Committee.
Second line
The Risk function is accountable for the quantitative and
qualitative oversight and challenge of the identification,
measurement, monitoring and reporting of significant risks and
for developing the RMF.
As the business responds to changing market conditions and
customer needs, the Risk function regularly monitors the
appropriateness of the Company’s risk policies and the RMF to
ensure they remain up to date. This helps to provide assurance
to the various risk oversight committees that there are
appropriate controls in place for all core business activities, and
that the processes for managing risk are understood and followed
consistently across the Group.
To assist with the execution of his duties the CRCO has
established the Operational Risk and Reputation Committee
(ORRC) which oversees operational risks and reputational
impacts arising from activities across the Group. It oversees the
operational risk elements of the implementation and
maintenance of the risk policies and business standards, the
Group’s adherence to the Operational Risk Policy, and the
adequacy and implementation of the RMF throughout the
Group.
Third line
The Internal Audit function provides independent and
objective assessment on the robustness of the RMF and the
appropriateness and effectiveness of internal control to the
Audit, Governance and Risk Committees, business unit audit
committees and the Board. Further information on the activities
of the Internal Audit function is contained within the Audit
Committee Report.
Board oversight
The Risk Committee assists the Board in its oversight of risk and
risk management across the Group and makes
recommendations on risk appetite to the Board. The
responsibilities and activities of the Risk Committee are set out
in the Risk Committee Report.
The Audit Committee, working closely with the Risk
Committee, is responsible for assisting the Board in discharging
its responsibilities for the integrity of the Company’s financial
statements, the effectiveness of the system of internal financial
controls and for monitoring the effectiveness, performance and
objectivity of the internal and external auditors. The
responsibilities and activities of the Audit Committee are set out
in the Audit Committee Report.
The Governance Committee also works closely with the Risk
Committee and is responsible for assisting the Board in its
oversight of operational risk across the Group, particularly in
respect of behavior and the Group’s relationship with customers.
The Audit, Governance and Risk Committees report regularly
to the Board on their activities and make recommendations and
escalate significant risk exposures to the Board as appropriate.
They ensure that mitigating actions are taken when risks are, or
are expected to move, out of appetite.
The chart overleaf shows the Board and committee structure
that oversees the Company’s frameworks for risk management
and internal control.