Strategic report Governance Financial statements Other information AUDIT COMMITTEE REPORT CONTINUED The Committee has also received the Chief Internal Auditor’s Overall, the Committee is satisfied that the Group’s internal During the period, the Committee received regular reporting on annual assessment of the Group’s internal control framework; control and risk management framework comprises adequate the Group’s whistleblowing arrangements, including management Monitored the status of the Group’s CASS control environment arrangements, actions and mitigating controls. The Committee information on concerns raised and completion rates for internal • recognises that in order to support the recent and continuing training. The Committee has also overseen improvements to the and the improvements being made. In doing so it has considered growth and increasing complexity of the Group, there is a need Group’s whistleblowing arrangements including the appointment the report from the external auditors on client assets held by the to invest in improving and strengthening the Group’s risk culture of a third party to provide a whistleblowing hotline and case Group’s regulated subsidiaries and received regular reports from and the risk management and internal control systems. Further management tool to further encourage colleagues to raise the Group’s CASS function on thecompletion of CASS assurance information on the planned enhancements can be found on page concerns without fear of reprisal and improve case administration activity, status updates on remediation activity carried out as part 123 of the Risk Committee Report. The Committee has reviewed and formal training for those staff investigating concerns as well as of the CASS action plan, and management information on any and approved the statements included in this Report and Financial senior managers to ensure they provide a supportive environment breaches of significance and associated remediation; Statements relating to risk management and longer-term viability for staff to ‘blow the whistle’. •Received reports from the Group’s Compliance Monitoring on page 52 of the Strategic Report and on the adequacy of the Internal Audit function on the effectiveness of measures designed to ensure Group’s internal control and risk management arrangements on The role of the Group’s Internal Audit function is to provide compliance with the Group’s regulatory obligations. The page 80 of the Corporate Governance Report. objective assurance and advice to both the Board and senior Committee approved the Compliance Charter which defines the Whistleblowing management on the Group’s internal control and risk management role, responsibilities and authority of the Regulatory Compliance The Group is committed to creating a culture of openness, framework. The Committee plays an important role both in function within the Group. The Committee also reviewed the integrity and accountability. A formal policy is in place which overseeing the programme of work carried out by the function, forward compliance monitoring programme to ensure encourages colleagues and contractors to raise concerns, in and in monitoring and reviewing its role and effectiveness, coordination with the Internal Audit plan; and confidence, about possible wrongdoing in relation to financial including its objectivity. •Received an annual report from the Group Director of Risk and reporting or other matters. Changes to the policy require the The role of the Group’s Internal Audit function is defined by the Compliance to assist the Committee in its responsibility to keep approval of the Board, and the Committee has responsibility for Internal Audit Charter, which sets out its objectives, responsibilities under review the adequacy and effectiveness of the Group’s regularly reviewing the adequacy of arrangements to ensure the and scope of work. During the period, the Internal Audit Charter Compliance function. This includes ensuring it is adequately proportionate and independent investigation of matters raised was reviewed by both the Committee and as part of the external resourced, has appropriate access to information and is and appropriate follow up action. These arrangements are viewed evaluation of the Group’s Internal Audit function and minor sufficiently independent from first line management to enable as an important internal control for the Group and the Committee updates were made to the Charter. it to perform its duties effectively. regularly updates the Board on their operation and incidences of The Committee spent a significant amount of time throughout the concerns raised. The function’s detailed work programme is set out in a rolling period under review considering the impact on the Group’s system 12-month Internal Audit Plan, which is reviewed and approved by of internal controls of the measures put in place by the Group in the Committee every six months. In doing so, the Committee response to the COVID-19 pandemic. This included reviewing the has ensured that the Plan is aligned to the Group’s key risks and to measures put in place in the last financial period to ensure that the assurance work being carried out by the Group’s second line appropriate controls have been maintained in response to changes functions and the external auditor. Any modifications to the Plan in working practices, and that assurance programmes have been are also approved by the Committee. realigned to focus on key control monitoring and support the business during exceptional circumstances. 86 Hargreaves Lansdown Report and Financial Statements 2021