Skip to main content

Effectiveness of internal control and risk management

The Executive Committee, (ExCo) (previously known as the Chief Executive’s Committee until 1 September 2008) as mandated by the Board, has established a Group-wide system of internal control to manage significant Group risks. This system, which has been operating throughout the year and to the date of this report, supports the Board in discharging its responsibility for ensuring that the wide range of risks associated with the Group’s diverse international operations is effectively managed in support of the creation and preservation of shareholder wealth. Where appropriate, necessary action has been or is being taken to remedy any failings or weaknesses identified from review of the effectiveness of the internal control system.

Internal control

The system of internal control, which is embedded in all key operations, provides reasonable rather than absolute assurance that the Group’s business objectives will be achieved within the risk tolerance levels defined by the Board. Regular management reporting, which provides a balanced assessment of key risks and controls, is an important component of Board assurance. In addition, certain Board committees focus on specific risks such as safety and capital investment and provide assurance to the Board on those matters. The chief financial officers provide confirmation, on a six-monthly basis, that financial and accounting control frameworks have operated satisfactorily. The Board also receives assurance from the Audit Committee, which derives its information, in part, from regular internal and external audit reports on risk and internal control throughout the Group. The Group’s internal audit function has a formal collaboration process in place with the external auditors to ensure efficient coverage of internal controls. The Anglo American internal audit function is responsible for providing independent assurance to ExCo and the Board on the effectiveness of the risk management process throughout the Group.

Anglo American seeks to have a sound system of internal control, based on the Group’s policies and guidelines, in all material associates and joint ventures. In those companies that are independently managed, as well as joint ventures, the directors who are represented on these organisations’ boards seek assurance that significant risks are being managed.

Risk management

The Board’s policy on risk management encompasses all significant business risks to the Group, including, financial, operational and compliance risk, which could undermine the achievement of business objectives. This system of risk management is designed so that the different businesses are able to tailor and adapt their risk management processes to suit their specific circumstances. This flexible approach has the commitment of the Group’s senior management. There is clear accountability for risk management, which is a key performance area of line managers throughout the Group. The requisite risk and control capability is assured through Board challenge and appropriate management selection and skills development. Managers are supported in giving effect to their risk responsibilities through policies and guidelines on risk and control management. Continuous monitoring of risk and control processes, across headline risk areas and other business-specific risk areas, provides the basis for regular and exception reporting to business management and boards, ExCo, the Audit Committee and the Board.

Some of the headline risk areas, which have been elaborated upon in the financial review, are:

  • commodity price risk;
  • political risk;
  • legal and regulatory risk;
  • counterparty risk; and
  • infrastructure and operational performance risks.

The risk assessment and reporting criteria are designed to provide the Board with a consistent, Group-wide perspective of the key risks. The reports to the Board, which are submitted at least every six months, include an assessment of the likelihood and impact of risks materialising, as well as risk mitigation initiatives and their effectiveness.

In conducting its annual review of the effectiveness of risk management, the Board considers the key findings from the ongoing monitoring and reporting processes, management assertions and independent assurance reports. The Board also takes account of material changes and trends in the risk profile and considers whether the control system, including reporting, adequately supports the Board in achieving its risk management objectives.

During the course of the year the Board considered the Group’s responsiveness to changes within its business environment. The Board is satisfied that there is an ongoing process, which has been operational during the year, and up to the date of approval of the Annual Report, for identifying, evaluating and managing the significant risks faced by the Group. This includes social, environmental and ethical risks as highlighted in the Disclosure Guidelines on Socially Responsible Investment issued by the Association of British Insurers. A detailed report on social, environmental and ethical issues is included in the Company’s Report to Society 2008.

Accountability and audit

The Board is required to present a balanced and understandable assessment of Anglo American’s financial position and prospects. Such assessment is provided in the Chairman’s and Chief executive’s statements and the Operating and financial review of this Annual Report. The respective responsibilities of the directors and external auditors are set out in the Statement of directors’ responsibilities and Independent auditors’report. As referred to in the Directors’ report, the directors have expressed their view that Anglo American’s business is a going concern.

Whistleblowing programme

Following adoption in December 2003 of a whistleblowing policy that is aligned with the Public Interest Disclosure Act 1998, the Group implemented a whistleblowing programme in all of the managed operations. The programme, which is monitored by the Audit Committee, is aimed at enabling employees, customers, suppliers, managers or other stakeholders, on a confidential basis, to raise concerns in cases where conduct is deemed to be contrary to our values. It may include:

  • actions that may result in danger to the health and / or safety of people or damage to the environment;
  • unethical practice in accounting, internal accounting controls, financial reporting and auditing matters;
  • criminal offences, including money laundering, fraud, bribery and corruption;
  • failure to comply with any legal obligation;
  • miscarriage of justice;
  • any conduct contrary to the ethical principles embraced in our Good Citizenship: Our Business Principles or any similar policy;
  • any other legal or ethical concern; and
  • concealment of any of the above.

The programme makes available a selection of telephonic, e-mail, web-based and surface mail communication channels to any person in the world who has information about unethical practice in Anglo American and its managed operations. The multilingual communication facilities are operated by independent service providers who remove all indications from information received as to the identity of the callers before submission to designated persons in the Group

During 2008, 208 reports were received via the global ‘Speakup’ facility, covering a broad spectrum of concerns, including ethical, criminal, supplier relationships, health and safety, and human resource-type issues. Reports received were kept strictly confidential and were referred to appropriate line managers within the Group for resolution. Where appropriate, action was taken to address the issues raised.

Back to the top