CORPORATE GOVERNANCE continued
The areas of our risk assurance processes in which compliance monitoring is overseen by the Executive Sub-Committee on Governance and Risk (ESCGR) include: financial reporting, IT controls, legal matters (including anti-bribery and corruption, competition law and export control), human resources issues (including employment practices and employee disclosures), and health, safety and the environment. The risk assurance framework therefore incorporates: • monthly monitoring of compliance with the GRiP financial reporting processes through a self-certification process and peer reviews • the quarterly completion of an IT controls checklist confirming adherence to Group IT standards and policies • monitoring the completion of mandated training on legal topics • receiving assurance from divisional committees that they have complied with Group policy on the use of sales agents and consultants (implemented as part of the Group’s anti-bribery and corruption measures) • the annual completion of a human resources controls checklist confirming compliance with certain Group HR standards and procedures • monitoring the completion of internal health and safety audits against target and any themes arising from these audits • in-depth health and safety risk analysis at high risk sites • the annual completion of a questionnaire by senior managers in relation to awareness of the Group’s Code and policies • the annual confirmation by senior managers that non-financial controls are in place and operating effectively in their businesses. The ESCGR monitors the output from these processes and reports any areas of concern and proposals for improvement to the Executive Committee for consideration. In 2015, the ESCGR made recommendations to adopt a Group-wide policy on driver safety, develop Group standards for key health and safety risks, and increase focus on implementing cyber security measures, all of which were accepted by the Executive Committee. The Group’s risk management and internal control systems and procedures are designed to identify, manage and, where practicable, reduce and mitigate the effects of the risk of failure to achieve business objectives. They are not designed to eliminate such risk, recognising that any system can only provide reasonable and not absolute assurance against material misstatement or loss. The Board has reviewed the effectiveness of the Group’s systems of internal control and risk management during the period covered by this annual report. It confirms that the processes described above, which accord with the FRC guidance on risk management, internal control and related financial and business reporting, have been in place throughout that period and up to the date of approval of the annual report. The Board confirms that no significant failings or weaknesses were identified in relation to the review.
Relations with investors
The Board maintains a dialogue with investors with the aim of ensuring a mutual understanding of objectives.
Communication with major institutional shareholders is undertaken as part of GKN’s investor relations programme, in which non-executive Directors are encouraged to participate. The Chief Executive and Group Finance Director have regular meetings with the Group’s major shareholders and feedback from these meetings is reported to the Board.
The Chief Executive, Group Finance Director and Director of Investor Relations meet regularly with major shareholders to discuss strategy, financial and operating performance.
Feedback is sought by the Company’s brokers to ensure that the Group’s strategy and performance is being communicated effectively and to develop a better understanding of shareholders’ views.