Aviva 2009 Annual Report Download - page 92

Download and view the complete annual report

Please find page 92 of the 2009 Aviva annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 328

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328

90
Aviva plc Corporate governance report continued
Annual Report and Accounts 2009
undertaken as well as monitoring the completion of any Group
level actions to a satisfactory conclusion.
Control activities
A formal policy framework has been rolled out across the
Group, which sets out and governs minimum standards around
the management of financial and non-financial risks and the
Group’s approach to internal controls.
Compliance with the policy framework is regularly assessed
and reported upon on a quarterly basis. Such reporting includes
any moves outside the Group’s risk appetite and tolerance and
any emerging issues. Appropriate action plans are developed
and undertaken where such moves are identified.
In addition to the regular reporting, a six monthly Group
policy framework compliance management certification process
is in place. Any risks, control weaknesses, or non-compliance
with the Group policy framework or local delegation of
authority must be highlighted as part of this process.
Internal Controls over financial reporting
A Group Reporting Manual including International Financial
Reporting Standards (IFRS) and Market Consistent Embedded
Value (MCEV) requirements has been defined and rolled out
across the Group. A Financial Reporting Control Framework
(FRCF) is in place across the Group. FRCF relates to the
preparation of reliable financial reporting and preparation of
local and consolidated financial statements in accordance with
IFRS and MCEV. FRCF also allows compliance with the
requirements of the Sarbanes-Oxley Act 2002.
The FRCF process follows a risk based approach, with
management identification, assessment (documentation and
testing), remediation as required, reporting and certification
over key financial reporting related controls. Management
quality assurance procedures over the application of the FRCF
process and FRCF controls are undertaken regularly. The results
of the FRCF process are signed off by business unit and regional
Chief Executives and Chief Financial Officers and at a Group
level by the Group Chief Executive and Chief Financial Officer.
The Disclosure Committee, which has the role of overseeing
the design and effectiveness of the Group’s disclosure controls,
for both financial and non-financial information, evaluates the
Group’s disclosure controls and reviews and endorses the
Group’s key periodic external reports including the consolidated
financial statements. This Committee is chaired by the Chief
Financial Officer and reports to the Audit Committee and
Executive Committee. A Group Technical Committee, reporting
to the Disclosure Committee is in place, which presides over
significant technical matters, reviewing technical decisions
including key judgements, issues and application of
assumptions.
Risk Management
An Enterprise wide Risk Management Framework (ERMF),
designed to identify, evaluate, manage and monitor significant
risks to the achievement of business objectives is in place and
embedded throughout the Group. The Group Risk function
facilitates the implementation of the risk management
framework, with management owning the management and
monitoring of risks. The Group Risk function assesses and
reports significant risks identified across the Group and
corresponding action plans to the Executive Committee,
the Risk and Regulatory Committee and Audit Committee.
A company's objectives, its internal organisation and the
environment in which it operates are continually evolving and,
as a result, the risks it faces are continually changing.
Management in conjunction with the Group Risk function
monitors the risk profile of business units, regions and the
Group on a regular basis. On a quarterly basis, risk reports,
setting the risk profiles, risk exposures outside Group risk
appetite and action plans within financial, operational,
compliance and strategic risk categories, are reported by the
Group risk function. A consolidated Group wide risk profile
including residual risk levels and action plans are considered
by the Executive Committee and the Risk and Regulatory
Committee. Regional executive committees and management
receive and similarly consider local risk reporting.
Where significant risks outside Group risk appetite are identified
an immediate escalation process is in place. Such significant
risks are reported by the Chief Risk Officer to the Executive
Committee, the Risk and Regulatory Committee and Audit
Committee, along with any proposed mitigating actions.
The risk management process has been in place for the year
under review and up to the date of approval of the annual
report and accounts.
Internal audit
The Group’s internal audit function provides independent
assurance to management on the effectiveness of the internal
control systems and, the adequacy of these systems to manage
business risk and to safeguard the Group’s assets and resources.
The internal audit function also provides objective independent
assurance on risk and control to both the Audit Committee and
the Risk and Regulatory Committee.
Throughout 2009, the internal audit function through the
Chief Audit Officer provided quarterly reporting on issues arising
and the status of action items to the Audit Committee and Risk
and Regulatory Committee. Similar reporting is undertaken on a
regional and business unit basis to local executive management
and local audit committees. The effectiveness of the Group’s
internal audit function is reviewed annually by the Audit
Committee.
Share capital and control
The information required to be provided by the directors
pursuant to section 992 of the Companies Act 2006 can be
found on page 83 of the Directors’ report.
Communication with shareholders
The Company places considerable importance on
communication with shareholders and engages with them on
a wide range of issues.
The Group has an ongoing programme of dialogue and
meetings between the executive directors and institutional
investors, fund managers and analysts. At these meetings a
wide range of relevant issues including strategy, performance,
management and governance are discussed within the
constraints of information already made public.
The Company’s investor relations department is dedicated
to facilitating communication with institutional investors.
The directors consider it important to understand the views of
shareholders and, in particular, any issues which concern them.
The Board receives reports on matters that have been raised
with management at the regular meetings held with the
Company’s major investors. During the year the Chairman and
the Senior Independent Director held a meeting with the major
institutional investors and attended investor meetings with
management. In addition, the Senior Independent Director is
available to meet with major investors to discuss any areas of
concern that cannot be resolved through normal channels of
investor communication, and arrangements can be made to