Experian 2013 Annual Report Download - page 29
Download and view the complete annual report
Please find page 29 of the 2013 Experian annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.WHAT ARE THE PRINCIPAL FEATURES OF THE RISK MANAGEMENT FRAMEWORK?
• Defined governance structure and
commitment by the Board and management
towards integrity, risk ownership and
commitment to competent leadership
(Tone at the Top).
• Standardised process to identify, evaluate and
manage significant risks on an ongoing basis
(Identify, Evaluate and Respond).
• Regional risk management committees
with local oversight of risk management
processes (Communicate and Monitor).
• Defined and communicated business
principles and strategies
(Business Strategy).
• Control reviews and follow-ups performed by
management, internal audit and third parties
(Monitor).
• Executive Risk Management Committee
with global oversight of risk management
processes (Communicate and Monitor).
• Clear global, regional and line of business
objectives, supported by financial and non-
financial key performance indicators (‘KPIs’)
(Business Strategy).
• Budgetary controls and monthly performance
reviews, including achievement of objectives and
KPIs (Monitor).
• Regular reporting on risk to the Audit
Committee by senior management
and regular risk updates to the Board
(Communicate and Monitor).
WHAT DOES THE CONTROL ENVIRONMENT LOOK LIKE?
• Terms of reference for the Board and each of
its committees, which are regularly reviewed.
• Principles, policies and standards including
a global risk management policy, compliance
policy, accounting policies, treasury policy,
information security policy and a policy on fraud
and whistleblowing.
• All significant business investments,
developments and divestments are
reviewed by Regional and Global Strategic
Project Committees.
• Clear organisational structure directed by the
global and regional delegated authorities’
matrices.
• Defined and well-understood review and approval
procedures for major transactions, capital
expenditure and revenue expenditure.
• Establishment of strategies to manage
each identified significant risk including
the establishment of internal controls,
insurance and specialised treasury
instruments.
WHAT MONITORING TAKES PLACE?
• Board approval of Group strategy and
budgets and ongoing Board monitoring of
performance against the agreed plan.
• Ongoing identification and escalation
of accepted, new and emerging risks to
management and the Board consistent with the
global risk management policy.
• Experian’s internal audit function
performs independent testing and reports
to the Audit Committee on the adequacy
and effectiveness of the system of internal
controls.
• Achievement of business objectives, both
financial and non-financial, using a range of
monthly KPIs.
• Ongoing business unit risk management within
established exposure limits and escalation of
identified risks and control weaknesses or gaps
consistent with the global risk management
policy.
• A variety of reports on risk, including
material risk reports, material litigation
reports, information security reports and
regulatory and compliance reports are
reviewed by the Audit Committee.
• Regular reporting to the Board of the exercise
of the delegations of authorities to the
principal subsidiaries.
• Annual certification by each business and key
function leader to confirm compliance with
Experian’s system of internal control, policies,
and corporate governance and corporate
responsibility processes.
• The Audit Committee performs an annual
review of the effectiveness of Experian’s
systems of risk management and internal
control and receives an annual report on
the controls over relevant risks.
• The internal audit programme and
methodology is aligned to the risk categories
and makes use of risk assessment
information at a business level in planning
and conducting its audits.
HOW DO WE COMMUNICATE RISK AND CONTROL RESULTS?
• Monthly finance reports to the Board
including Group financial summary, Group
results, forecasts and sales trends, investor
relations analysis and detailed business
trading summaries.
• Quarterly Regional and Executive Risk
Management Committee reports highlighting the
status of principal and emerging risks along with
the status of significant projects that promote the
Group’s strategic objectives.
• Regular reports to the Audit Committee
by the Head of Global Internal Audit on
the results of investigations initiated
through fraud and whistleblowing
procedures that allow employees to report
suspected improprieties.
• Monthly detailed performance reviews at a
regional level.
• Quarterly Audit Committee reports highlighting
the status of principal and emerging risks along
with the status of significant strategic projects
and other material investments that promote
Experian’s strategic objectives.
27
Business overview Business review Governance Financial statements