Skip to main content

Effectiveness of internal control and risk management

The GMC, as mandated by the Board, maintains a Group-wide system of internal control to manage significant Group risks. This system, which has been operating throughout the year and to the date of this report, supports the Board in discharging its responsibility for ensuring that the wide range of risks associated with the Group's diverse international operations is effectively managed in support of the creation and preservation of shareholder wealth. Where appropriate, necessary action has been or is being taken to remedy any failings or weaknesses identified from review of the effectiveness of the internal control system, including the lessons learned from the acquisition and development of the Amapá system.

Internal control

The system of internal control, which is embedded in all key operations, provides reasonable rather than absolute assurance that the Group's business objectives will be achieved within the risk tolerance levels defined by the Board. Regular management reporting, which provides a balanced assessment of key risks and controls, is an important component of Board assurance. In addition, certain Board committees focus on specific risks such as safety and capital investment and provide assurance to the Board on those matters. The chief financial officers provide confirmation, on a six-monthly basis, that financial and accounting control frameworks have operated satisfactorily. The Board also receives assurance from the Audit Committee, which derives its information, in part, from regular internal audit reports on risk and internal control throughout the Group and external audit reporting. The Group's internal audit function has a formal collaboration process in place with the external auditors to ensure efficient coverage of internal controls. The Anglo American internal audit function is responsible for providing independent assurance to executive management and the Board on the effectiveness of the risk management process throughout the Group.

Anglo American seeks to have a sound system of internal control, based on the Group's policies and guidelines, in all material associates and joint ventures. In those companies that are independently managed, as well as joint ventures, the directors who are represented on these organisations' boards seek assurance that significant risks are being managed.

Risk management

The Board's policy on risk management encompasses all significant business risks to the Group, including financial, operational and compliance risk, which could undermine the achievement of business objectives. This system of risk management is designed so that the different businesses are able to tailor and adapt their risk management processes to suit their specific circumstances. This flexible approach has the commitment of the Group's senior management. There is clear accountability for risk management, which is a key performance area of line managers throughout the Group. The requisite risk and control capability is assured through Board challenge and appropriate management selection and skills development. Managers are supported in giving effect to their risk responsibilities through policies and guidelines on risk and control management. Support through facilitated risk assessments is provided by a central team responsible for ensuring a robust process is implemented for risk management. During 2009, over 100 separate risk assessment workshops were conducted reviewing risk in business unit strategies, risks to achieving mine plans, risks in capital projects and risks to key change programmes. The results of these risk assessments were reported to senior management and the Audit Committee. The process of risk management is designed to identify internal and external threats to the business and to assist management in prioritising their response to those risks. Continuous monitoring of risk and control processes, across headline risk areas and other business-specific risk areas, provides the basis for regular and exception reporting to business management and boards, ExCo, the Audit Committee and the Board.

Some of the headline risk areas, which have been elaborated upon in the financial review are:

  • commodity price risk;
  • political risk;
  • legal and regulatory risk;
  • counterparty risk; and
  • infrastructure and operational performance risks.

The risk assessment and reporting criteria are designed to provide the Board with a consistent, Group-wide perspective of the key risks. The reports to the Board, which are submitted at least every six months, include an assessment of the likelihood and impact of risks materialising, as well as risk mitigation initiatives and their effectiveness.

In conducting its annual review of the effectiveness of risk management, the Board considers the key findings from the ongoing monitoring and reporting processes, management assertions and independent assurance reports. The Board also takes account of material changes and trends in the risk profile and considers whether the control system, including reporting, adequately supports the Board in achieving its risk management objectives.

During the course of the year the Board considered the Group's responsiveness to changes within its business environment. The Board is satisfied that there is an ongoing process, which has been operational during the year, and up to the date of approval of the Annual Report, for identifying, evaluating and managing the significant risks faced by the Group. This includes social, environmental and ethical risks as highlighted in the Disclosure Guidelines on Socially Responsible Investment issued by the Association of British Insurers. A detailed report on social, environmental and ethical issues is included in the Company's Report to Society 2009.

Accountability and audit

The Board is required to present a balanced and understandable assessment of Anglo American's financial position and prospects. Such assessment is provided in the Chairman's and Chief executive's statements and the Operating and financial review of this Annual Report. The respective responsibilities of the directors and external auditors are set out in the Statement of directors' responsibilities, Responsibility statements and the Independent auditors' report. As referred to in the Directors' report, the directors have expressed their view that Anglo American's business is a going concern.

Whistleblowing programme

The Group has had in place for a number of years a whistleblowing programme in all its managed operations. The programme, which is monitored by the Audit Committee, is designed to enable employees, customers, suppliers, managers or other stakeholders, on a confidential basis, to raise concerns in cases where conduct is deemed to be contrary to our values. It may include:

  • actions that may result in danger to the health and/or safety of people or damage to the environment;
  • unethical practice in accounting, internal accounting controls, financial reporting and auditing matters;
  • criminal offences, including money laundering, fraud, bribery and corruption;
  • failure to comply with any legal obligation;
  • miscarriage of justice;
  • any conduct contrary to the ethical principles embraced in our Business Principles or any similar policy;
  • any other legal or ethical concern; and
  • concealment of any of the above.

The programme makes available a selection of telephonic, e-mail, web-based and surface mail communication channels to any person in the world who has information about unethical practice in Anglo American and its managed operations. The multilingual communication facilities are operated by independent service providers who remove all indications from information received as to the identity of the callers before submission to designated persons in the Group.

During 2009, 313 reports were received via the global 'Speakup' facility, covering a broad spectrum of concerns, including ethical, criminal, supplier relationships, health and safety, and human resource-type issues. Reports received were kept strictly confidential and were referred to appropriate line managers within the Group for resolution. Where appropriate, action was taken to address the issues raised. The reports are analysed and monitored to ensure the process is effective.

Back to top

Annual Report 2009