The Board has overall responsibility for implementing the Group’s system of internal control including financial, operational and regulatory compliance controls and risk management systems. The Board is also responsible for reviewing internal control effectiveness and compliance in accordance with the FRC’s ‘Internal Control: Revised Guidance for Directors on the Combined Code (October 2005).
Internal controls and the risk management processes are reviewed on a regular basis by the Audit Committee, which reports directly
to the Board. This review includes a report from the Executive Risk Management and Monitoring Committee (ERMMC) after each
meeting to the Audit Committee. Further details about the composition and activities of the ERMMC and the Group’s risk management framework can be found in the Strategic Report section of the Annual Report and Accounts.