Internal Controls

The Board ultimately has responsibility for internal compliance and control. The Board Audit and Risk Committee (BARC) has responsibility for ensuring that internal control systems are in place to monitor and manage risk.

• Policies and procedures
• Segregation of duties
• Reconciliation procedures
• User access restrictions
• Delegations of Authority and Transaction Limits
• System configuration and data integrity
• Compliance and training
• Clear roles and responsibilities
• Operational management review and oversight (including periodic reporting)
• Self assessment

• Enterprise risk management program
• Code of Conduct
• Organisational structure and reporting lines
• Reserved powers and Delegation of Authority
• Safety, health and environment functional oversight, training and audit
• Finance functional oversight
• Letters of assurance
• Treasury and taxation management
• Balance sheet reviews

• External audit: Financial reporting and associated controls are subject to examination during the annual audit and half-year review undertaken by the external auditor
• Specialist assurance providers
• Regulatory reviews and audits.