Tesco 2013 Annual Report Download - page 45

Download and view the complete annual report

Please find page 45 of the 2013 Tesco annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 142

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142

41
Tesco PLC Annual Report and Financial Statements 2013
OVERVIEW BUSINESS REVIEW PERFORMANCE REVIEW GOVERNANCE FINANCIAL STATEMENTS
Principal risks Key controls and mitigating factors
Tesco Bank
The impact on the Group of financial risks taken by Tesco Bank • The Bank has a defined ‘Risk Appetite’, approved and regularly
reviewed by both the Bank’s Board and the Tesco PLC Board,
which sets out the key risks, their optimum ranges, alert limits
and the controls required to manage them within their approved
tolerance limits
• There is a comprehensive structure of governance and oversight
in place to ensure the Bank complies with all applicable laws
and regulations
Pensions
Our IAS 19 deficit could increase if there is a fall in corporate bond
yields which is not offset by an increase in the pension scheme’s
assets. There are also increasing risks of legal and regulatory changes
introducing more burdensome requirements
• Diversified investment strategy with increased control and visibility
through the appointment of an in-house investment team
• Changes to benefits were introduced in 2012 to reduce the
scheme’s life expectancy and inflation risks
• Appointment of a new Audit and Risk Pensions Committee to
provide greater visibility and internal controls of pension and
investment risks
• Monthly review by Pensions and Treasury Directors
• External advisors and pension fund trustees fully engaged to
consider deficit and fund performance and legislative and regulatory
changes and their impact
Fraud, compliance and internal controls
As the business develops new platforms and grows in both size and
geographical scope, the potential for fraud and dishonest activity by
our suppliers, customers and employees increases
• Appropriate procedures and controls including Group Accounting
Policy, key financial controls, IT access controls and segregation of
duties are set out across the business to reduce fraud risks
• Compliance Committee monitors implementation of, and
compliance with, relevant policies and procedures
• An annual governance return is completed by each business unit
• Clear behavioural guidance given to employees through training on
Tesco Values, the Group Code of Business Conduct, the UK Bribery
Act and our Whistleblowing service – Protector Line
• Internal Audit undertakes risk-based programmes and detailed
investigations into all business areas and reports its findings to the
Audit Committee
• Group Loss Prevention & Security monitors fraud, bribery and
business continuity across the Group and reports its findings to the
Audit Committee
• Store and distribution compliance and technical law and trading
reviews conducted regularly to reinforce compliance across
the estate
• Information Security Committee regularly reviews IT incidents
• External Audit rotational coverage of areas and assessment
of controls
Business continuity and crisis management
A major incident or activism could impact on colleague safety or the
Group’s ability to trade
• Appropriate business continuity plans and crisis management plans
are in place for each business area
• Disaster recovery plans are in place for key IT systems and
data centres
• Security systems and processes that reflect best practice are
also in place to review the risks of incidents or activism across
the Group including liaison with the UK National Co-ordinator
for Counterterrorism