HSBC 2015 Annual Report Download - page 278

Download and view the complete annual report

Please find page 278 of the 2015 HSBC annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 502

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
  • 457
  • 458
  • 459
  • 460
  • 461
  • 462
  • 463
  • 464
  • 465
  • 466
  • 467
  • 468
  • 469
  • 470
  • 471
  • 472
  • 473
  • 474
  • 475
  • 476
  • 477
  • 478
  • 479
  • 480
  • 481
  • 482
  • 483
  • 484
  • 485
  • 486
  • 487
  • 488
  • 489
  • 490
  • 491
  • 492
  • 493
  • 494
  • 495
  • 496
  • 497
  • 498
  • 499
  • 500
  • 501
  • 502

Report of the Directors: Corporate Governance (continued)
Internal control / Going concern and viability
HSBC HOLDINGS PLC
276
regulatory focus on conduct of business and financial
crime;
dispute risk;
people risk;
execution risk;
third-party risk management;
model risk;
cyber threat and unauthorised access to systems;
and
data management.
Strategic plans. Strategic plans are prepared for global
businesses, global functions and geographical regions
within the framework of the Group’s overall strategy.
Annual Operating Plans, informed by detailed analysis of
risk appetite describing the types and quantum of risk
that the Group is prepared to take in executing its
strategy, are prepared and adopted by all major HSBC
operating companies and set out the key business
initiatives and the likely financial effects of those
initiatives.
Disclosure Committee. The Disclosure Committee
reviews material public disclosures made by HSBC
Holdings for any material errors, misstatements
or omissions. The membership of the Disclosure
Committee, which is chaired by the Group Company
Secretary, includes the heads of Finance, Legal, Risk,
Communications and Investor Relations. The integrity of
disclosures is underpinned by structures and processes
within the Global Finance and Global Risk functions that
support expert and rigorous analytical review of
financial reporting complemented by certified reviews
by heads of global businesses, global functions and
certain legal entities.
Financial reporting. The Group’s financial reporting
process for preparing the consolidated Annual Report
and Accounts 2015 is controlled using documented
accounting policies and reporting formats, supported
by a chart of accounts with detailed instructions and
guidance on reporting requirements, issued by Group
Finance to all reporting entities within HSBC in advance
of each reporting period end. The submission of
financial information from each reporting entity
to Group Finance is subject to certification by the
responsible financial officer, and analytical review
procedures at reporting entity and Group levels.
Responsibility for risk management. Management are
primarily accountable for measuring, monitoring,
mitigating and managing the risks and controls in their
areas of responsibility. Processes are in place to ensure
weaknesses are escalated to senior management and
addressed, supported by the three lines of defence
model.
IT operations. Centralised control is exercised over all
IT developments and operations. Common systems are
employed for similar business processes wherever
practicable.
Global function management. Management of the
global functions are responsible for setting policies,
procedures and standards to control the principal risks
detailed under ‘Risk identification and monitoring’
above.
Authorities to enter into credit and market risk
exposures are delegated with limits to line management
of Group companies. The concurrence of the appropriate
global function is required, however, to credit proposals
with specified higher risk characteristics. Credit
and market risks are measured and reported at
subsidiary company level and aggregated for risk
concentration analysis on a Group-wide basis.
Internal Audit. The establishment and maintenance of
appropriate systems of risk management and internal
control is the responsibility of business management.
The Global Internal Audit function, which is centrally
controlled, provides independent and objective
assurance in respect of the adequacy of the design and
operating effectiveness of the Group’s framework of risk
management, control and governance processes across
the Group, focusing on the areas of greatest risk to
HSBC using a risk-based approach. The Group Head of
Internal Audit reports to the Chairman of the GAC and
administratively to the Group Chief Executive. Executive
management is responsible for ensuring that issues
raised by the Global Internal Audit function are
addressed within an appropriate and agreed timetable.
Confirmation to this effect must be provided to Global
Internal Audit.
Role of Board Committees
On behalf of the Board, the GAC has responsibility for
overseeing risk management and internal controls over
financial reporting and the GRC has responsibility for
overseeing risk management and internal controls,
other than over financial reporting.
During the year, the GRC and the GAC have kept under
review the effectiveness of this system of internal control
and have reported regularly to the Board. In carrying
out their reviews, the GRC and the GAC received:
regular business and operational risk assessments;
regular reports from the Group Chief Risk Officer and
the Group Head of Internal Audit;
reports on the annual reviews of the risk control
framework of HSBC Holdings which cover all internal
controls, both financial and non-financial;
half yearly confirmations to the GAC and GRC from audit
and risk committees of principal subsidiary companies
regarding, in relation to audit committees, whether their
financial statements have been prepared in accordance
with Group policies, present fairly the state of affairs of
the relevant principal subsidiary and are prepared on a
going concern basis;
reports confirming if there have been any material
losses, contingencies or uncertainties caused by
weaknesses in internal controls;
internal audit reports;