Tesco 2011 Annual Report Download - page 76

Download and view the complete annual report

Please find page 76 of the 2011 Tesco annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 162

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162

Internal Audit
The Internal Audit department is independent of business operations
and has a Group-wide mandate. It undertakes a programme to address
internal control and risk management processes with particular
reference to the Turnbull Guidance. It operates a risk-based methodology,
ensuring that the Group’s key risks receive appropriate regular
examination. Its responsibilities include maintaining the Key Risk
Register, reviewing and reporting on the effectiveness of risk
management systems and internal control with the Executive
Committee, the Audit Committee and ultimately to the Board.
Internal Audit facilitates oversight of risk and control systems across
the Group through risk committees in Asia and Europe and audit
committees in a number of our businesses and joint ventures. The
Head of Internal Audit also attends all Audit Committee meetings.
External audit
PricewaterhouseCoopers LLP, the Companys external auditor,
contributes a further independent perspective on certain aspects of
our internal financial control systems arising from its work, and reports
to both the Board and the Audit Committee. The engagement and
independence of external auditors is considered annually by the Audit
Committee before it recommends its selection to the Board.
The Company has a non-audit services policy for work carried out
by PricewaterhouseCoopers LLP. This is split into three categories as
explained below:
(a) pre-approved for the external auditors – is predominantly the
review of subsidiary undertakings’ statutory accounts and is
Audit-related in nature;
(b) work for which Audit Committee approval is specifically required
transaction work and corporate tax services, and certain advisory
services; and
(c) work from which the external auditors are prohibited.
The Audit Committee concluded that it was in the best interests of the
Company for the external auditors to provide a number of non-audit
services during the year due to their experience, expertise and
knowledge of the Group’s operations.
Auditor objectivity and independence was achieved by ensuring
that personnel involved in the non-audit work were not involved in
the audit, and by ensuring that management took responsibility for
all decisions made.
The fees paid to the auditors in the year are disclosed in note 3 to the
Group Financial Statements.
PricewaterhouseCoopers LLP also follows its own ethical guidelines
and continually reviews its audit team to ensure its independence
is not compromised.
Tesco Bank
Tesco Bank monitors the risks it faces through its governance
structures, assessing any potential impact and action required to
manage them. The work of the Tesco Bank Risk Committee focuses
on systematic risks such as funding, credit risk and risks in the insurance
business, while the Tesco Bank Audit Committee considers internal
controls and assurance. The Bank’s Board has overall responsibility
for ensuring that it has an appropriate approach to risk management
and internal control within the context of achieving its objectives.
Executive management is responsible for implementing and maintaining
the necessary control systems with the independent risk function
providing oversight and assurance in relation to risk profiles. The role
of Tesco Bank Internal Audit is to monitor the overall internal control
systems and report on their effectiveness.
Internal controls
The Board is responsible for the Company’s system of internal controls
and for reviewing the effectiveness of such a system. We have a
Group-wide process for clearly establishing the risks and responsibilities
assigned to each level of management and the controls which are
required to be operated and monitored.
The CEO of each subsidiary business is required to certify by way
of an annual governance return that the Group’s governance and
compliance policies and processes have been adopted. The returns
received from across the Group are reviewed and discussed by the
Compliance Committee and the results of that review are included in
the Compliance Committee’s annual report to the Board. For certain
joint ventures, the Board places reliance upon the internal control
systems operating within our partners’ infrastructure and the
obligations upon partners’ boards relating to the effectiveness
of their own systems.
Such a system is designed to manage rather than eliminate the risk of
failure to achieve business objectives and can only provide reasonable
and not absolute assurance against material misstatement or loss.
In respect of Group financial reporting, Group Finance is responsible
for preparing the Group financial statements, incorporating the
consolidation process. Group Finance contains a consolidation team
and technical accounting team, which reviews external technical
accounting developments, financial reporting and accounting policy
issues. It is also responsible for the maintenance of the Group’s
accounting policy manual, which is in accordance with International
Financial Reporting Standards. Group Finance also maintains its own
risk register and assesses its own controls systems. This incorporates
risks such as wrong or unclear accounting policies, ineffective financial
close processes, inaccurate or incomplete Group financial and
management accounts, reputational risk, IT risks, fraud and people
risks. Internal Audit also reviews the effectiveness of controls operating
in the Group Finance function. The results of Group Finance’s risk
register review and Internal Audit’s findings are reported to the Audit
Committee on an annual basis.
The Board has conducted a review of the effectiveness of internal
controls and is satisfied that the controls in place remain appropriate.
Monitoring
The Board oversees the monitoring system and has set specific
responsibilities for itself and the various committees as set out below.
Both Internal Audit and our external auditors play key roles in the
monitoring process, as do several committees including the
Compliance Committee and the Corporate Responsibility Committee.
The minutes of the Audit Committee and the other committees are
distributed to the Board and each committee submits a report for
formal discussion at least once a year. These processes provide
assurance that the Group is operating legally, ethically and in
accordance with approved financial and operational policies.
Audit Committee
The Audit Committee reports to the Board each year on its review of
the effectiveness of the internal control systems for the financial year
and the period to the date of approval of the financial statements.
Throughout the year the Committee receives regular reports from
the external auditors covering topics such as quality of earnings and
technical accounting developments. The Committee also receives
updates from Internal Audit and has dialogue with senior managers on
their control responsibilities. It should be understood that such systems
are designed to provide reasonable, but not absolute, assurance against
material misstatement or loss.
72
TESCO PLC Annual Report and Financial Statements 2011
GOVERNANCE
Directors report on corporate governance